| Message ID | 20160222224251.GA11654@beta.comsecuris.com |
|---|---|
| State | New |
| Headers | show |
On 22 February 2016 at 22:42, Ralf-Philipp Weinmann <ralf+devel@comsecuris.com> wrote: > According to the ARMv8 Architecture reference manual [F6.1.203], ALL > of the following conditions need to be met for SRS to trap to EL3: > * It is executed at Secure PL1. > * The specified mode is monitor mode. > * EL3 is using AArch64. > > Signed-off-by: Ralf-Philipp Weinmann <ralf+devel@comsecuris.com> Thanks, nice catch. Did you find this by code inspection or by some sort of test program or real guest code? > /* SRS is: > - * - trapped to EL3 if EL3 is AArch64 and we are at Secure EL1 > + * - trapped to EL3 if EL3 is AArch64 and we are at Secure EL1 and > + * mode is monitor mode I tweaked this to say "specified mode is monitor mode" just to be slightly clearer that we're not testing the mode we're currently in. I have applied it to target-arm.next; thanks! -- PMM
diff --git a/target-arm/translate.c b/target-arm/translate.c index c29c47f..a7688bb 100644 --- a/target-arm/translate.c +++ b/target-arm/translate.c @@ -7582,7 +7582,8 @@ static void gen_srs(DisasContext *s, bool undef = false; /* SRS is: - * - trapped to EL3 if EL3 is AArch64 and we are at Secure EL1 + * - trapped to EL3 if EL3 is AArch64 and we are at Secure EL1 and + * mode is monitor mode * - UNDEFINED in Hyp mode * - UNPREDICTABLE in User or System mode * - UNPREDICTABLE if the specified mode is: @@ -7592,7 +7593,7 @@ static void gen_srs(DisasContext *s, * -- Monitor, if we are Non-secure * For the UNPREDICTABLE cases we choose to UNDEF. */ - if (s->current_el == 1 && !s->ns) { + if (s->current_el == 1 && !s->ns && mode == ARM_CPU_MODE_MON) { gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(), 3); return; }
According to the ARMv8 Architecture reference manual [F6.1.203], ALL of the following conditions need to be met for SRS to trap to EL3: * It is executed at Secure PL1. * The specified mode is monitor mode. * EL3 is using AArch64. Signed-off-by: Ralf-Philipp Weinmann <ralf+devel@comsecuris.com> --- target-arm/translate.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)