target/riscv: Do not allow sfence.vma from user mode

The 'sfence.vma' instruction is privileged, and should only ever be allowed when executing in supervisor mode or higher. Signed-off-by: N Jonathan Behrens <fintelia@gmail.com> Reviewed-by: N Richard Henderson <richard.henderson@linaro.org> Reviewed-by: N Alistair Francis <alistair.francis@wdc.com> Signed-off-by: N Palmer Dabbelt <palmer@sifive.com>

target/riscv: Do not allow sfence.vma from user mode
The 'sfence.vma' instruction is privileged, and should only ever be allowed when executing in supervisor mode or higher. Signed-off-by: N Jonathan Behrens <fintelia@gmail.com> Reviewed-by: N Richard Henderson <richard.henderson@linaro.org> Reviewed-by: N Alistair Francis <alistair.francis@wdc.com> Signed-off-by: N Palmer Dabbelt <palmer@sifive.com>
b86f4167 · Jonathan Behrens · Palmer Dabbelt · 30efbf33 · b86f4167
隐藏空白更改
内联并排

Showing with 4 addition and 3 deletion

target/riscv/op_helper.c target/riscv/op_helper.c +4 -3

未找到文件。
--- a/target/riscv/op_helper.c
+++ b/target/riscv/op_helper.c
@@ -145,9 +145,10 @@ void helper_tlb_flush(CPURISCVState *env)
 {
    RISCVCPU *cpu = riscv_env_get_cpu(env);
    CPUState *cs = CPU(cpu);
-    if (env->priv == PRV_S &&
-        env->priv_ver >= PRIV_VERSION_1_10_0 &&
-        get_field(env->mstatus, MSTATUS_TVM)) {
+    if (!(env->priv >= PRV_S) ||
+        (env->priv == PRV_S &&
+         env->priv_ver >= PRIV_VERSION_1_10_0 &&
+         get_field(env->mstatus, MSTATUS_TVM))) {
        riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC());
    } else {
        tlb_flush(cs);