target/riscv/csr.c | 52 ++++++++++++++++++++++++++--------------------
1 file changed, 29 insertions(+), 23 deletions(-)
diff --git a/target/riscv/csr.c b/target/riscv/csr.c
index 735fb27be7..6d7a3dd9aa 100644
--- a/target/riscv/csr.c
+++ b/target/riscv/csr.c
@@ -1282,6 +1282,32 @@ static bool validate_vm(CPURISCVState *env, target_ulong
vm)
return get_field(mode_supported, (1 << vm));
}
+static target_ulong legalize_xatp(CPURISCVState *env, target_ulong old_xatp,
+ target_ulong val)
+{
+ target_ulong mask;
+ bool vm;
+ if (riscv_cpu_mxl(env) == MXL_RV32) {
+ vm = validate_vm(env, get_field(val, SATP32_MODE));
+ mask = (val ^ old_xatp) & (SATP32_MODE | SATP32_ASID | SATP32_PPN);
+ } else {
+ vm = validate_vm(env, get_field(val, SATP64_MODE));
+ mask = (val ^ old_xatp) & (SATP64_MODE | SATP64_ASID | SATP64_PPN);
+ }
+
+ if (vm && mask) {
+ /*
+ * The ISA defines SATP.MODE=Bare as "no translation", but we still
+ * pass these through QEMU's TLB emulation as it improves
+ * performance. Flushing the TLB on SATP writes with paging
+ * enabled avoids leaking those invalid cached mappings.
+ */
+ tlb_flush(env_cpu(env));
+ return val;
+ }
+ return old_xatp;
+}
+
static target_ulong legalize_mpp(CPURISCVState *env, target_ulong old_mpp,
target_ulong val)
{
@@ -2997,31 +3023,11 @@ static RISCVException read_satp(CPURISCVState *env, int
csrno,
static RISCVException write_satp(CPURISCVState *env, int csrno,
target_ulong val)
{
- target_ulong mask;
- bool vm;
-
if (!riscv_cpu_cfg(env)->mmu) {
return RISCV_EXCP_NONE;
}
- if (riscv_cpu_mxl(env) == MXL_RV32) {
- vm = validate_vm(env, get_field(val, SATP32_MODE));
- mask = (val ^ env->satp) & (SATP32_MODE | SATP32_ASID | SATP32_PPN);
- } else {
- vm = validate_vm(env, get_field(val, SATP64_MODE));
- mask = (val ^ env->satp) & (SATP64_MODE | SATP64_ASID | SATP64_PPN);
- }
-
- if (vm && mask) {
- /*
- * The ISA defines SATP.MODE=Bare as "no translation", but we still
- * pass these through QEMU's TLB emulation as it improves
- * performance. Flushing the TLB on SATP writes with paging
- * enabled avoids leaking those invalid cached mappings.
- */
- tlb_flush(env_cpu(env));
- env->satp = val;
- }
+ env->satp = legalize_xatp(env, env->satp, val);
return RISCV_EXCP_NONE;
}
@@ -3506,7 +3512,7 @@ static RISCVException read_hgatp(CPURISCVState *env, int csrno,
static RISCVException write_hgatp(CPURISCVState *env, int csrno,
target_ulong val)
{
- env->hgatp = val;
+ env->hgatp = legalize_xatp(env, env->hgatp, val);
return RISCV_EXCP_NONE;
}
@@ -3772,7 +3778,7 @@ static RISCVException read_vsatp(CPURISCVState *env, int csrno,
static RISCVException write_vsatp(CPURISCVState *env, int csrno,
target_ulong val)
{
- env->vsatp = val;
+ env->vsatp = legalize_xatp(env, env->vsatp, val);
return RISCV_EXCP_NONE;
}