| Message ID | 20180704203639.29553-1-jusual@mail.ru (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 4 July 2018 at 21:36, Julia Suvorova <jusual@mail.ru> wrote: > MSR handling is the only place where CONTROL.nPRIV is modified. > > Signed-off-by: Julia Suvorova <jusual@mail.ru> > --- > target/arm/helper.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/target/arm/helper.c b/target/arm/helper.c > index 5ee229eb35..83cca554ad 100644 > --- a/target/arm/helper.c > +++ b/target/arm/helper.c > @@ -10781,8 +10781,10 @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t maskreg, uint32_t val) > !arm_v7m_is_handler_mode(env)) { > write_v7m_control_spsel(env, (val & R_V7M_CONTROL_SPSEL_MASK) != 0); > } > - env->v7m.control[env->v7m.secure] &= ~R_V7M_CONTROL_NPRIV_MASK; > - env->v7m.control[env->v7m.secure] |= val & R_V7M_CONTROL_NPRIV_MASK; > + if (arm_feature(env, ARM_FEATURE_M_MAIN)) { > + env->v7m.control[env->v7m.secure] &= ~R_V7M_CONTROL_NPRIV_MASK; > + env->v7m.control[env->v7m.secure] |= val & R_V7M_CONTROL_NPRIV_MASK; > + } > break; > default: > bad_reg: > -- Could you also guard the similar code in the CONTROL_NS case a little earlier, in the function, please? env->v7m.control[M_REG_NS] &= ~R_V7M_CONTROL_NPRIV_MASK; env->v7m.control[M_REG_NS] |= val & R_V7M_CONTROL_NPRIV_MASK; That won't be executed for v6M but for v8M it matters. Otherwise I agree this is all we need to do to avoid the guest incorrectly getting into nonpriviliged mode. thanks -- PMM
On 05.07.2018 13:33, Peter Maydell wrote: > On 4 July 2018 at 21:36, Julia Suvorova <jusual@mail.ru> wrote: >> MSR handling is the only place where CONTROL.nPRIV is modified. >> >> Signed-off-by: Julia Suvorova <jusual@mail.ru> >> --- >> target/arm/helper.c | 6 ++++-- >> 1 file changed, 4 insertions(+), 2 deletions(-) >> >> diff --git a/target/arm/helper.c b/target/arm/helper.c >> index 5ee229eb35..83cca554ad 100644 >> --- a/target/arm/helper.c >> +++ b/target/arm/helper.c >> @@ -10781,8 +10781,10 @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t maskreg, uint32_t val) >> !arm_v7m_is_handler_mode(env)) { >> write_v7m_control_spsel(env, (val & R_V7M_CONTROL_SPSEL_MASK) != 0); >> } >> - env->v7m.control[env->v7m.secure] &= ~R_V7M_CONTROL_NPRIV_MASK; >> - env->v7m.control[env->v7m.secure] |= val & R_V7M_CONTROL_NPRIV_MASK; >> + if (arm_feature(env, ARM_FEATURE_M_MAIN)) { >> + env->v7m.control[env->v7m.secure] &= ~R_V7M_CONTROL_NPRIV_MASK; >> + env->v7m.control[env->v7m.secure] |= val & R_V7M_CONTROL_NPRIV_MASK; >> + } >> break; >> default: >> bad_reg: >> -- > > Could you also guard the similar code in the CONTROL_NS case a > little earlier, in the function, please? > > env->v7m.control[M_REG_NS] &= ~R_V7M_CONTROL_NPRIV_MASK; > env->v7m.control[M_REG_NS] |= val & R_V7M_CONTROL_NPRIV_MASK; > > That won't be executed for v6M but for v8M it matters. Sure, I'll send v2. Best regards, Julia Suvorova.
diff --git a/target/arm/helper.c b/target/arm/helper.c index 5ee229eb35..83cca554ad 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -10781,8 +10781,10 @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t maskreg, uint32_t val) !arm_v7m_is_handler_mode(env)) { write_v7m_control_spsel(env, (val & R_V7M_CONTROL_SPSEL_MASK) != 0); } - env->v7m.control[env->v7m.secure] &= ~R_V7M_CONTROL_NPRIV_MASK; - env->v7m.control[env->v7m.secure] |= val & R_V7M_CONTROL_NPRIV_MASK; + if (arm_feature(env, ARM_FEATURE_M_MAIN)) { + env->v7m.control[env->v7m.secure] &= ~R_V7M_CONTROL_NPRIV_MASK; + env->v7m.control[env->v7m.secure] |= val & R_V7M_CONTROL_NPRIV_MASK; + } break; default: bad_reg:
MSR handling is the only place where CONTROL.nPRIV is modified. Signed-off-by: Julia Suvorova <jusual@mail.ru> --- target/arm/helper.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)