On 8/20/24 10:01, Deepak Gupta wrote:
zicfilp protects forward control flow (if enabled) by enforcing all
indirect call and jmp must land on a landing pad instruction `lpad`. If
target of an indirect call or jmp is not `lpad` then cpu/hart must raise
a sw check exception with tval = 2.
This patch implements the mechanism using TCG. Target architecture branch
instruction must define the end of a TB. Using this property, during
translation of branch instruction, TB flag = FCFI_LP_EXPECTED can be set.
Translation of target TB can check if FCFI_LP_EXPECTED flag is set and a
flag (fcfi_lp_expected) can be set in DisasContext. If `lpad` gets
translated, fcfi_lp_expected flag in DisasContext can be cleared. Else
it'll fault.
Signed-off-by: Deepak Gupta<de...@rivosinc.com>
Co-developed-by: Jim Shu<jim....@sifive.com>
Co-developed-by: Andy Chiu<andy.c...@sifive.com>
Suggested-by: Richard Henderson<richard.hender...@linaro.org>
---
target/riscv/cpu.h | 3 +++
target/riscv/cpu_bits.h | 3 +++
target/riscv/cpu_helper.c | 12 ++++++++++++
target/riscv/translate.c | 21 ++++++++++++++++++++-
4 files changed, 38 insertions(+), 1 deletion(-)
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
@@ -1265,11 +1270,25 @@ static void riscv_tr_translate_insn(DisasContextBase
*dcbase, CPUState *cpu)
DisasContext *ctx = container_of(dcbase, DisasContext, base);
CPURISCVState *env = cpu_env(cpu);
uint16_t opcode16 = translator_lduw(env, &ctx->base, ctx->base.pc_next);
-
ctx->ol = ctx->xl;
decode_opc(env, ctx, opcode16);
ctx->base.pc_next += ctx->cur_insn_len;
Watch the unrelated whitespace changes.
r~
