target-arm: Make Monitor->NS PL1 mode changes illegal if HCR.TGE is 1

If HCR.TGE is 1 then mode changes via CPS and MSR from Monitor to NonSecure PL1 modes are illegal mode changes. Implement this check in bad_mode_switch(). (We don't currently implement HCR.TGE, but this is the only missing check from the v8 ARM ARM G1.9.3 and so it's worth adding now; the rest of the HCR.TGE checks can be added later as necessary.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com> Message-id: 1455556977-3644-12-git-send-email-peter.maydell@linaro.org
2016-02-23 15:36:44 +00:00 · 2016-02-23 15:36:44 +00:00 · 10eacda787
parent af393ffc6d
commit 10eacda787
1 changed files with 10 additions and 0 deletions
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@ -5216,6 +5216,7 @@ static int bad_mode_switch(CPUARMState *env, int mode, CPSRWriteType write_type)

    switch (mode) {
    case ARM_CPU_MODE_USR:
+        return 0;
    case ARM_CPU_MODE_SYS:
    case ARM_CPU_MODE_SVC:
    case ARM_CPU_MODE_ABT:
@ -5225,6 +5226,15 @@ static int bad_mode_switch(CPUARMState *env, int mode, CPSRWriteType write_type)
        /* Note that we don't implement the IMPDEF NSACR.RFR which in v7
         * allows FIQ mode to be Secure-only. (In v8 this doesn't exist.)
         */
+        /* If HCR.TGE is set then changes from Monitor to NS PL1 via MSR
+         * and CPS are treated as illegal mode changes.
+         */
+        if (write_type == CPSRWriteByInstr &&
+            (env->cp15.hcr_el2 & HCR_TGE) &&
+            (env->uncached_cpsr & CPSR_M) == ARM_CPU_MODE_MON &&
+            !arm_is_secure_below_el3(env)) {
+            return 1;
+        }
        return 0;
    case ARM_CPU_MODE_HYP:
        return !arm_feature(env, ARM_FEATURE_EL2)