From 009f77a9f06bcb5a3a6252b3333171adb8c84512 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= <rkrcmar@ventanamicro.com>
Date: Tue, 29 Apr 2025 16:25:45 +0200
Subject: [PATCH] lib: sbi_hart: reset hstatus
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

hstatus.HU must be cleared, because U-mode could otherwise use the
HLS/HSV instructions.  This would allow U-mode to read physical memory
directly if vgatp and vsatp was 0.

The remaining fields don't seem like a security vulnerability now, but
clearing the whole CSR is not an issue, so do that be safe.

Reviewed-by: Anup Patel <anup@brainfault.org>
Signed-off-by: Radim Krčmář <rkrcmar@ventanamicro.com>
Link: https://lore.kernel.org/r/20250429142549.3673976-5-rkrcmar@ventanamicro.com
Signed-off-by: Anup Patel <anup@brainfault.org>
---
 lib/sbi/sbi_hart.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/sbi/sbi_hart.c b/lib/sbi/sbi_hart.c
index 26d746d3..5ea7328a 100644
--- a/lib/sbi/sbi_hart.c
+++ b/lib/sbi/sbi_hart.c
@@ -85,6 +85,9 @@ static void mstatus_init(struct sbi_scratch *scratch)
 #endif
 	}
 
+	if (misa_extension('H'))
+		csr_write(CSR_HSTATUS, 0);
+
 	if (sbi_hart_has_extension(scratch, SBI_HART_EXT_SMSTATEEN)) {
 		mstateen_val = csr_read64(CSR_MSTATEEN0);
 		mstateen_val |= SMSTATEEN_STATEN;