diff options
| author | Peter Maydell | 2016-01-21 15:15:09 +0100 |
|---|---|---|
| committer | Peter Maydell | 2016-01-21 15:15:09 +0100 |
| commit | e393f339af87da7210f6c86902b321df6a2e8bf5 (patch) | |
| tree | da8a3f17655a7ea1db766a434bc2a800e10253b4 /target-arm/op_helper.c | |
| parent | target-arm: Handle exception return from AArch64 to non-EL0 AArch32 (diff) | |
| download | qemu-e393f339af87da7210f6c86902b321df6a2e8bf5.tar.gz qemu-e393f339af87da7210f6c86902b321df6a2e8bf5.tar.xz qemu-e393f339af87da7210f6c86902b321df6a2e8bf5.zip | |
target-arm: Implement remaining illegal return event checks
We already implement almost all the checks for the illegal
return events from AArch64 state described in the ARM ARM section
D1.11.2. Add the two missing ones:
* return to EL2 when EL3 is implemented and SCR_EL3.NS is 0
* return to Non-secure EL1 when EL2 is implemented and HCR_EL2.TGE is 1
(We don't implement external debug, so the case of "debug state exit
from EL0 using AArch64 state to EL0 using AArch32 state" doesn't apply
for QEMU.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Diffstat (limited to 'target-arm/op_helper.c')
| -rw-r--r-- | target-arm/op_helper.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/target-arm/op_helper.c b/target-arm/op_helper.c index b9f51e0822..40224a8dfa 100644 --- a/target-arm/op_helper.c +++ b/target-arm/op_helper.c @@ -719,6 +719,16 @@ void HELPER(exception_return)(CPUARMState *env) goto illegal_return; } + if (new_el == 2 && arm_is_secure_below_el3(env)) { + /* Return to the non-existent secure-EL2 */ + goto illegal_return; + } + + if (new_el == 1 && (env->cp15.hcr_el2 & HCR_TGE) + && !arm_is_secure_below_el3(env)) { + goto illegal_return; + } + if (!return_to_aa64) { env->aarch64 = 0; env->uncached_cpsr = spsr & CPSR_M; |