diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c index 0515f9aec8..b15a60d8a2 100644 --- a/target/riscv/cpu_helper.c +++ b/target/riscv/cpu_helper.c @@ -368,7 +368,11 @@ static int get_physical_address(CPURISCVState *env, hwaddr *physical, use_background = true; } - if (mode == PRV_M && access_type != MMU_INST_FETCH) { + /* MPRV does not affect the virtual-machine load/store + instructions, HLV, HLVX, and HSV. */ + if (riscv_cpu_two_stage_lookup(mmu_idx)) { + mode = get_field(env->hstatus, HSTATUS_SPVP); + } else if (mode == PRV_M && access_type != MMU_INST_FETCH) { if (get_field(env->mstatus, MSTATUS_MPRV)) { mode = get_field(env->mstatus, MSTATUS_MPP); } @@ -741,19 +745,18 @@ bool riscv_cpu_tlb_fill(CPUState *cs, vaddr address, int size, qemu_log_mask(CPU_LOG_MMU, "%s ad %" VADDR_PRIx " rw %d mmu_idx %d\n", __func__, address, access_type, mmu_idx); - if (mode == PRV_M && access_type != MMU_INST_FETCH) { - if (get_field(env->mstatus, MSTATUS_MPRV)) { - mode = get_field(env->mstatus, MSTATUS_MPP); + /* MPRV does not affect the virtual-machine load/store + instructions, HLV, HLVX, and HSV. */ + if (riscv_cpu_two_stage_lookup(mmu_idx)) { + mode = get_field(env->hstatus, HSTATUS_SPVP); + } else if (mode == PRV_M && access_type != MMU_INST_FETCH && + get_field(env->mstatus, MSTATUS_MPRV)) { + mode = get_field(env->mstatus, MSTATUS_MPP); + if (riscv_has_ext(env, RVH) && get_field(env->mstatus, MSTATUS_MPV)) { + two_stage_lookup = true; } } - if (riscv_has_ext(env, RVH) && env->priv == PRV_M && - access_type != MMU_INST_FETCH && - get_field(env->mstatus, MSTATUS_MPRV) && - get_field(env->mstatus, MSTATUS_MPV)) { - two_stage_lookup = true; - } - if (riscv_cpu_virt_enabled(env) || ((riscv_cpu_two_stage_lookup(mmu_idx) || two_stage_lookup) && access_type != MMU_INST_FETCH)) {