Merge pull request #1901 from binno/cfi_fixes

aswaterman · web-flow · commit f6d41bca17ba · 2025-03-19T13:23:26.000-07:00
CFI fixes
diff --git a/riscv/csrs.cc b/riscv/csrs.cc
@@ -585,6 +585,7 @@ bool mnstatus_csr_t::unlogged_write(const reg_t val) noexcept {
   // NMIE can be set but not cleared
   const reg_t mask = (~read() & MNSTATUS_NMIE)
                    | (proc->extension_enabled('H') ? MNSTATUS_MNPV : 0)
+                   | (proc->extension_enabled(EXT_ZICFILP) ? MNSTATUS_MNPELP : 0)
                    | MNSTATUS_MNPP;
 
   const reg_t requested_mnpp = proc->legalize_privilege(get_field(val, MNSTATUS_MNPP));
diff --git a/riscv/insns/mnret.h b/riscv/insns/mnret.h
@@ -10,5 +10,11 @@ if (prev_prv != PRV_M) {
   STATE.mstatus->write(mstatus);
 }
 s = set_field(s, MNSTATUS_NMIE, 1);
+if (ZICFILP_xLPE(prev_virt, prev_prv)) {
+  STATE.elp = static_cast<elp_t>(get_field(s, MNSTATUS_MNPELP));
+}
+if (p->extension_enabled(EXT_ZICFILP)) {
+  s = set_field(s, MNSTATUS_MNPELP, elp_t::NO_LP_EXPECTED);
+}
 STATE.mnstatus->write(s);
 p->set_privilege(prev_prv, prev_virt);
diff --git a/riscv/insns/ssrdp.h b/riscv/insns/ssrdp.h
@@ -1,7 +1,7 @@
 #include "zicfiss.h"
 
 if (xSSE()) {
-  WRITE_RD(STATE.ssp->read());
+  WRITE_RD(sext_xlen(STATE.ssp->read()));
 } else {
   #include "mop_r_N.h"
 }
diff --git a/riscv/mmu.cc b/riscv/mmu.cc
@@ -215,7 +215,9 @@ void mmu_t::load_slow_path_intrapage(reg_t len, uint8_t* bytes, mem_access_info_
       refill_tlb(addr, paddr, host_addr, LOAD);
 
   } else if (!mmio_load(paddr, len, bytes)) {
-    throw trap_load_access_fault(access_info.effective_virt, transformed_addr, 0, 0);
+    (access_info.flags.ss_access)?
+      throw trap_store_access_fault(access_info.effective_virt, transformed_addr, 0, 0) :
+      throw trap_load_access_fault(access_info.effective_virt, transformed_addr, 0, 0);
   }
 
   if (access_info.flags.lr) {
diff --git a/riscv/zicfiss.h b/riscv/zicfiss.h
@@ -25,7 +25,7 @@
     shadow_return_addr = MMU.ss_load<uint32_t>(STATE.ssp->read()); \
   else \
     shadow_return_addr = MMU.ss_load<uint64_t>(STATE.ssp->read()); \
-  software_check(value == shadow_return_addr, SHADOW_STACK_FAULT); \
+  software_check(zext_xlen(value) == shadow_return_addr, SHADOW_STACK_FAULT); \
   STATE.ssp->write(STATE.ssp->read() + xlen / 8);
 
 #endif

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`#include "zicfiss.h"`
`2`	`2`
`3`	`3`	`if (xSSE()) {`
`4`		`- WRITE_RD(STATE.ssp->read());`
	`4`	`+ WRITE_RD(sext_xlen(STATE.ssp->read()));`
`5`	`5`	`} else {`
`6`	`6`	`#include "mop_r_N.h"`
`7`	`7`	`}`
Original file line number	Diff line number	Diff line change
`@@ -215,7 +215,9 @@ void mmu_t::load_slow_path_intrapage(reg_t len, uint8_t* bytes, mem_access_info_`
`215`	`215`	`refill_tlb(addr, paddr, host_addr, LOAD);`
`216`	`216`
`217`	`217`	`} else if (!mmio_load(paddr, len, bytes)) {`
`218`		`- throw trap_load_access_fault(access_info.effective_virt, transformed_addr, 0, 0);`
	`218`	`+ (access_info.flags.ss_access)?`
	`219`	`+ throw trap_store_access_fault(access_info.effective_virt, transformed_addr, 0, 0) :`
	`220`	`+ throw trap_load_access_fault(access_info.effective_virt, transformed_addr, 0, 0);`
`219`	`221`	`}`
`220`	`222`
`221`	`223`	`if (access_info.flags.lr) {`