Commit:8205bc1 ("target/riscv: introduce ssp and enabling controls for
zicfiss") introduced CSR_SSP but it mis-interpreted the spec on access
to CSR_SSP in M-mode. Gated to CSR_SSP is not gated via `xSSE`. But
rather rules clearly specified in section "2.2.4. Shadow Stack Pointer"
of `zicfiss` specification. Thanks to Adam Zabrocki for bringing this
to attention.
Fixes: 8205bc127a83 ("target/riscv: introduce ssp and enabling controls
for zicfiss"
Reported-by: Adam Zabrocki <azabro...@nvidia.com>
Signed-off-by: Deepak Gupta <de...@rivosinc.com>
---
target/riscv/csr.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/target/riscv/csr.c b/target/riscv/csr.c
index afb7544f07..75c661d2a1 100644
--- a/target/riscv/csr.c
+++ b/target/riscv/csr.c
@@ -191,6 +191,11 @@ static RISCVException cfi_ss(CPURISCVState *env, int csrno)
return RISCV_EXCP_ILLEGAL_INST;
}
+ /* If ext implemented, M-mode always have access to SSP CSR */
+ if (env->priv == PRV_M) {
+ return RISCV_EXCP_NONE;
+ }
+
/* if bcfi not active for current env, access to csr is illegal */
if (!cpu_get_bcfien(env)) {
#if !defined(CONFIG_USER_ONLY)
--
2.34.1
