To ensure our TLB isn't out-of-date we flush it on all virt mode
changes. Unlike priv mode this isn't saved in the mmu_idx as all
guests share V=1. The easiest option is just to flush on all changes.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 target/riscv/cpu_helper.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
index afb3e8579e..8e8b156fc0 100644
--- a/target/riscv/cpu_helper.c
+++ b/target/riscv/cpu_helper.c
@@ -203,6 +203,11 @@ void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable)
         return;
     }
 
+    /* Flush the TLB on all virt mode changes. */
+    if (((env->virt & VIRT_MODE_MASK) >> VIRT_MODE_SHIFT) != enable) {
+        tlb_flush(env_cpu(env));
+    }
+
     env->virt &= ~VIRT_MODE_MASK;
     env->virt |= enable << VIRT_MODE_SHIFT;
 }
-- 
2.22.0

On Fri, 23 Aug 2019 16:38:23 PDT (-0700), Alistair Francis wrote:
> To ensure our TLB isn't out-of-date we flush it on all virt mode
> changes. Unlike priv mode this isn't saved in the mmu_idx as all
> guests share V=1. The easiest option is just to flush on all changes.
>
> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
> ---
>  target/riscv/cpu_helper.c | 5 +++++
>  1 file changed, 5 insertions(+)
>
> diff --git a/target/riscv/cpu_helper.c b/target/riscv/cpu_helper.c
> index afb3e8579e..8e8b156fc0 100644
> --- a/target/riscv/cpu_helper.c
> +++ b/target/riscv/cpu_helper.c
> @@ -203,6 +203,11 @@ void riscv_cpu_set_virt_enabled(CPURISCVState *env, bool enable)
>          return;
>      }
>
> +    /* Flush the TLB on all virt mode changes. */
> +    if (((env->virt & VIRT_MODE_MASK) >> VIRT_MODE_SHIFT) != enable) {
> +        tlb_flush(env_cpu(env));
> +    }
> +
>      env->virt &= ~VIRT_MODE_MASK;
>      env->virt |= enable << VIRT_MODE_SHIFT;
>  }

Reviewed-by: Palmer Dabbelt <palmer@sifive.com>