diff --git a/qemu/target/arm/helper.c b/qemu/target/arm/helper.c
index 2829489d..22025035 100644
--- a/qemu/target/arm/helper.c
+++ b/qemu/target/arm/helper.c
@@ -12556,7 +12556,7 @@ void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc,
             if (FIELD_EX32(flags, TBFLAG_A64, UNPRIV)
                 && tbid
                 && !(env->pstate & PSTATE_TCO)
-                && (sctlr & SCTLR_TCF0)
+                && (sctlr & SCTLR_TCF)
                 && allocation_tag_access_enabled(env, 0, sctlr)) {
                 flags = FIELD_DP32(flags, TBFLAG_A64, MTE0_ACTIVE, 1);
             }