diff options
Diffstat (limited to 'target/riscv/csr.c')
| -rw-r--r-- | target/riscv/csr.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/target/riscv/csr.c b/target/riscv/csr.c index 0606cd0ea8..341c2e6f23 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -1844,7 +1844,7 @@ static RISCVException read_satp(CPURISCVState *env, int csrno, static RISCVException write_satp(CPURISCVState *env, int csrno, target_ulong val) { - target_ulong vm, mask, asid; + target_ulong vm, mask; if (!riscv_feature(env, RISCV_FEATURE_MMU)) { return RISCV_EXCP_NONE; @@ -1853,20 +1853,22 @@ static RISCVException write_satp(CPURISCVState *env, int csrno, if (riscv_cpu_mxl(env) == MXL_RV32) { vm = validate_vm(env, get_field(val, SATP32_MODE)); mask = (val ^ env->satp) & (SATP32_MODE | SATP32_ASID | SATP32_PPN); - asid = (val ^ env->satp) & SATP32_ASID; } else { vm = validate_vm(env, get_field(val, SATP64_MODE)); mask = (val ^ env->satp) & (SATP64_MODE | SATP64_ASID | SATP64_PPN); - asid = (val ^ env->satp) & SATP64_ASID; } if (vm && mask) { if (env->priv == PRV_S && get_field(env->mstatus, MSTATUS_TVM)) { return RISCV_EXCP_ILLEGAL_INST; } else { - if (asid) { - tlb_flush(env_cpu(env)); - } + /* + * The ISA defines SATP.MODE=Bare as "no translation", but we still + * pass these through QEMU's TLB emulation as it improves + * performance. Flushing the TLB on SATP writes with paging + * enabled avoids leaking those invalid cached mappings. + */ + tlb_flush(env_cpu(env)); env->satp = val; } } |