From 9690ed8236c0882b7ee5f60422a1d8b3423a1ceb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9mi=20Denis-Courmont?= Date: Thu, 4 Mar 2021 14:56:58 -0500 Subject: [PATCH] target/arm: revector to run-time pick target EL On ARMv8-A, accesses by 32-bit secure EL1 to monitor registers trap to the upper (64-bit) EL. With Secure EL2 support, we can no longer assume that that is always EL3, so make room for the value to be computed at run-time. Backports 6b340aeb48e4f7f983e1c38790de65ae93079840 --- qemu/target/arm/translate.c | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/qemu/target/arm/translate.c b/qemu/target/arm/translate.c index 81b2d7e8..92f54e5c 100644 --- a/qemu/target/arm/translate.c +++ b/qemu/target/arm/translate.c @@ -1138,6 +1138,23 @@ static void unallocated_encoding(DisasContext *s) default_exception_el(s)); } +static void gen_exception_el(DisasContext *s, int excp, uint32_t syn, + TCGv_i32 tcg_el) +{ + TCGContext *tcg_ctx = s->uc->tcg_ctx; + TCGv_i32 tcg_excp; + TCGv_i32 tcg_syn; + + gen_set_condexec(s); + gen_set_pc_im(s, s->pc_curr); + tcg_excp = tcg_const_i32(tcg_ctx, excp); + tcg_syn = tcg_const_i32(tcg_ctx, syn); + gen_helper_exception_with_syndrome(tcg_ctx, tcg_ctx->cpu_env, tcg_excp, tcg_syn, tcg_el); + tcg_temp_free_i32(tcg_ctx, tcg_syn); + tcg_temp_free_i32(tcg_ctx, tcg_excp); + s->base.is_jmp = DISAS_NORETURN; +} + /* Force a TB lookup after an instruction that changes the CPU state. */ static inline void gen_lookup_tb(DisasContext *s) { @@ -2778,6 +2795,7 @@ static int gen_set_psr_im(DisasContext *s, uint32_t mask, int spsr, uint32_t val static bool msr_banked_access_decode(DisasContext *s, int r, int sysm, int rn, int *tgtmode, int *regno) { + TCGContext *tcg_ctx = s->uc->tcg_ctx; /* Decode the r and sysm fields of MSR/MRS banked accesses into * the target mode and register number, and identify the various * unpredictable cases. @@ -2914,8 +2932,11 @@ static bool msr_banked_access_decode(DisasContext *s, int r, int sysm, int rn, /* If we're in Secure EL1 (which implies that EL3 is AArch64) * then accesses to Mon registers trap to EL3 */ - exc_target = 3; - goto undef; + TCGv_i32 tcg_el = tcg_const_i32(tcg_ctx, 3); + + gen_exception_el(s, EXCP_UDEF, syn_uncategorized(), tcg_el); + tcg_temp_free_i32(tcg_ctx, tcg_el); + return false; } break; case ARM_CPU_MODE_HYP: