The registers MVBAR and SCR should have the behaviour of trapping to
EL3 if accessed from Secure EL1, but we were incorrectly implementing
them to UNDEF (which would trap to EL1). Fix this by using the new
access_trap_aa32s_el1() access function.
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Reviewed-by: Alex Bennée <alex.ben...@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.igles...@xilinx.com>
Message-id: 1454506721-11843-4-git-send-email-peter.mayd...@linaro.org
---
target-arm/helper.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/target-arm/helper.c b/target-arm/helper.c
index 1efe304..98eccd6 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -3548,7 +3548,8 @@ static const ARMCPRegInfo el3_cp_reginfo[] = {
.resetvalue = 0, .writefn = scr_write },
{ .name = "SCR", .type = ARM_CP_ALIAS,
.cp = 15, .opc1 = 0, .crn = 1, .crm = 1, .opc2 = 0,
- .access = PL3_RW, .fieldoffset = offsetoflow32(CPUARMState,
cp15.scr_el3),
+ .access = PL1_RW, .accessfn = access_trap_aa32s_el1,
+ .fieldoffset = offsetoflow32(CPUARMState, cp15.scr_el3),
.writefn = scr_write },
{ .name = "MDCR_EL3", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 6, .crn = 1, .crm = 3, .opc2 = 1,
@@ -3571,7 +3572,8 @@ static const ARMCPRegInfo el3_cp_reginfo[] = {
.access = PL3_W | PL1_R, .resetvalue = 0,
.fieldoffset = offsetof(CPUARMState, cp15.nsacr) },
{ .name = "MVBAR", .cp = 15, .opc1 = 0, .crn = 12, .crm = 0, .opc2 = 1,
- .access = PL3_RW, .writefn = vbar_write, .resetvalue = 0,
+ .access = PL1_RW, .accessfn = access_trap_aa32s_el1,
+ .writefn = vbar_write, .resetvalue = 0,
.fieldoffset = offsetof(CPUARMState, cp15.mvbar) },
{ .name = "SCTLR_EL3", .state = ARM_CP_STATE_AA64,
.type = ARM_CP_ALIAS, /* reset handled by AArch32 view */
--
1.9.1
