As per the Priv spec: "The R, W, and X fields form a collective WARL field for which the combinations with R=0 and W=1 are reserved." However currently such writes are not ignored as ought to be. The combinations with RW=01 are allowed only when the Smepmp extension is enabled and mseccfg.MML is set.
Signed-off-by: Mayuresh Chitale <mchit...@ventanamicro.com> Reviewed-by: Alistair Francis <alistair.fran...@wdc.com> --- Changes in v3: ==== - Rebase on latest riscv-to-apply.next - Add reviewed-by Changes in v2: ==== - Default RW to 00 in case of an illegal value target/riscv/pmp.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/target/riscv/pmp.c b/target/riscv/pmp.c index 4dfaa28fce2..162e88a90a6 100644 --- a/target/riscv/pmp.c +++ b/target/riscv/pmp.c @@ -123,6 +123,11 @@ static bool pmp_write_cfg(CPURISCVState *env, uint32_t pmp_index, uint8_t val) if (locked) { qemu_log_mask(LOG_GUEST_ERROR, "ignoring pmpcfg write - locked\n"); } else if (env->pmp_state.pmp[pmp_index].cfg_reg != val) { + /* If !mseccfg.MML then ignore writes with encoding RW=01 */ + if ((val & PMP_WRITE) && !(val & PMP_READ) && + !MSECCFG_MML_ISSET(env)) { + val &= ~(PMP_WRITE | PMP_READ); + } env->pmp_state.pmp[pmp_index].cfg_reg = val; pmp_update_rule_addr(env, pmp_index); return true; -- 2.34.1