On Wed, 11 Sep 2019 at 14:14, Alex Bennée <alex.ben...@linaro.org> wrote: > It does seem a bit weird that userspace linux-user does do semihosting > whereas EL0 in softmmu doesn't. Is that because we are effectively > short-circuiting what a real ARM kernel would be doing for EL0?
It's because the "not for EL0" is a rather bogus attempt at 'security' by not allowing userspace in a system emulator to access the semihosting API, reserving it instead for the guest OS (its EL1). This concept doesn't apply for linux-user mode, where there is no guest EL1, and where in any case the semihosting API doesn't allow the guest code to do anything it couldn't do by directly making host OS syscalls. I suspect this "not for EL0" thing is not something anybody else's semihosting implementation does (though I haven't checked). One idea I've vaguely thought about is an idea of a more 'safe' semihosting mode, where we only provide the calls which we think are reasonable for a not-really-trusted guest: so you could write to stdout but not read/write arbitrary files on the filesystem, for instance. thanks -- PMM
