fix bug of pmpcfg_csr_read

[wxjstz]

related code:

target_ulong cfg_val = 0;
uint8_t val = 0;
cfg_val |= (val << (i * 8));

C language automatic type promotion to int. The length of the int under RV64 may be small with target_ulong, and the upper 32 bits can't be read.

[michaeljclark]

All three of your changes are merged in the (default) integration branch

• https://github.com/riscv/riscv-qemu/commits/riscv-all

We can move them from:

• https://github.com/riscv/riscv-qemu/commits/qemu-for-testing

to:

• https://github.com/riscv/riscv-qemu/commits/qemu-for-upstream

once we have tests (before/after fail/pass) for the changes...

I will help with some open source tests, so that we can put them into regression testing. We also will need to rebase qemu-for-testing with Signed-Off-By tags and links to these PRs and tests (minimal reproducers) so we can post them to upstream QEMU, the changes can be verified. We also need to verify the granularity behavior (as mentioned) due to QEMU's TLB limiting permission checks to 4K granules.

[michaeljclark]

thanks again

[wxjstz]

This needs to be merged. When reading pmpcfg0 / pmpcfg2 under RV64, this bug will cause the upper 32 bits to be zero.