From 81636b70c226dc27d7ebc8dedbcec26166d23085 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Sat, 8 Feb 2020 12:58:09 +0000 Subject: target/arm: Enforce PAN semantics in get_S1prot MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If we have a PAN-enforcing mmu_idx, set prot == 0 if user_rw != 0. Reviewed-by: Alex Bennée Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson Message-id: 20200208125816.14954-14-richard.henderson@linaro.org Signed-off-by: Peter Maydell --- target/arm/helper.c | 3 +++ target/arm/internals.h | 13 +++++++++++++ 2 files changed, 16 insertions(+) diff --git a/target/arm/helper.c b/target/arm/helper.c index f6a600aa00..178757d271 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -9569,6 +9569,9 @@ static int get_S1prot(CPUARMState *env, ARMMMUIdx mmu_idx, bool is_aa64, if (is_user) { prot_rw = user_rw; } else { + if (user_rw && regime_is_pan(env, mmu_idx)) { + return 0; + } prot_rw = simple_ap_to_rw_prot_is_user(ap, false); } diff --git a/target/arm/internals.h b/target/arm/internals.h index f6709a2b08..4a139644b5 100644 --- a/target/arm/internals.h +++ b/target/arm/internals.h @@ -893,6 +893,19 @@ static inline bool regime_is_secure(CPUARMState *env, ARMMMUIdx mmu_idx) } } +static inline bool regime_is_pan(CPUARMState *env, ARMMMUIdx mmu_idx) +{ + switch (mmu_idx) { + case ARMMMUIdx_Stage1_E1_PAN: + case ARMMMUIdx_E10_1_PAN: + case ARMMMUIdx_E20_2_PAN: + case ARMMMUIdx_SE10_1_PAN: + return true; + default: + return false; + } +} + /* Return the FSR value for a debug exception (watchpoint, hardware * breakpoint or BKPT insn) targeting the specified exception level. */ -- cgit v1.2.3