On 4 July 2018 at 21:36, Julia Suvorova <jus...@mail.ru> wrote:
> MSR handling is the only place where CONTROL.nPRIV is modified.
>
> Signed-off-by: Julia Suvorova <jus...@mail.ru>
> ---
> target/arm/helper.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/target/arm/helper.c b/target/arm/helper.c
> index 5ee229eb35..83cca554ad 100644
> --- a/target/arm/helper.c
> +++ b/target/arm/helper.c
> @@ -10781,8 +10781,10 @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t
> maskreg, uint32_t val)
> !arm_v7m_is_handler_mode(env)) {
> write_v7m_control_spsel(env, (val & R_V7M_CONTROL_SPSEL_MASK) !=
> 0);
> }
> - env->v7m.control[env->v7m.secure] &= ~R_V7M_CONTROL_NPRIV_MASK;
> - env->v7m.control[env->v7m.secure] |= val & R_V7M_CONTROL_NPRIV_MASK;
> + if (arm_feature(env, ARM_FEATURE_M_MAIN)) {
> + env->v7m.control[env->v7m.secure] &= ~R_V7M_CONTROL_NPRIV_MASK;
> + env->v7m.control[env->v7m.secure] |= val &
> R_V7M_CONTROL_NPRIV_MASK;
> + }
> break;
> default:
> bad_reg:
> --
Could you also guard the similar code in the CONTROL_NS case a
little earlier, in the function, please?
env->v7m.control[M_REG_NS] &= ~R_V7M_CONTROL_NPRIV_MASK;
env->v7m.control[M_REG_NS] |= val & R_V7M_CONTROL_NPRIV_MASK;
That won't be executed for v6M but for v8M it matters.
Otherwise I agree this is all we need to do to avoid the guest
incorrectly getting into nonpriviliged mode.
thanks
-- PMM
