From 1e274425bdc199081d53c72c6b6e5c6352b846ec Mon Sep 17 00:00:00 2001 From: Changbin Du Date: Thu, 30 Apr 2020 06:57:29 -0400 Subject: [PATCH] target/arm: fix incorrect current EL bug in aarch32 exception emulation The arm_current_el() should be invoked after mode switching. Otherwise, we get a wrong current EL value, since current EL is also determined by current mode. Fixes: 4a2696c0d4 ("target/arm: Set PAN bit as required on exception entry") Backports commit 88828bf133b64b7a860c166af3423ef1a47c5d3b from qemu --- qemu/target/arm/helper.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/qemu/target/arm/helper.c b/qemu/target/arm/helper.c index 2ff48ca7..a08b6962 100644 --- a/qemu/target/arm/helper.c +++ b/qemu/target/arm/helper.c @@ -8851,7 +8851,6 @@ static void take_aarch32_exception(CPUARMState *env, int new_mode, /* Change the CPU state so as to actually take the exception. */ switch_mode(env, new_mode); - new_el = arm_current_el(env); /* * For exceptions taken to AArch32 we must clear the SS bit in both @@ -8863,6 +8862,10 @@ static void take_aarch32_exception(CPUARMState *env, int new_mode, env->condexec_bits = 0; /* Switch to the new mode, and to the correct instruction set. */ env->uncached_cpsr = (env->uncached_cpsr & ~CPSR_M) | new_mode; + + /* This must be after mode switching. */ + new_el = arm_current_el(env); + /* Set new mode endianness */ env->uncached_cpsr &= ~CPSR_E; if (env->cp15.sctlr_el[new_el] & SCTLR_EE) {