qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] target/arm: fix smc incorrectly trapping to EL3

From: Peter Maydell
Subject: Re: [Qemu-devel] [PATCH] target/arm: fix smc incorrectly trapping to EL3 when secure is off
Date: Mon, 19 Nov 2018 14:22:06 +0000 
On 17 November 2018 at 16:02, Luc Michel <address@hidden> wrote:
> This commit fixes a case where the CPU would try to go to EL3 when
> executing an smc instruction, even though ARM_FEATURE_EL3 is false. This
> case is raised when the PSCI conduit is set to smc, but the smc
> instruction does not lead to a valid PSCI call.
>
> QEMU crashes with an assertion failure latter on because of incoherent
> mmu_idx.
>
> This commit refactors the pre_smc helper by enumerating all the possible
> way of handling an scm instruction, and covering the previously missing
> case leading to the crash.
>
> The following minimal test would crash before this commit:
>
> .global _start
>     .text
> _start:
>     ldr x0, =0xdeadbeef  ; invalid PSCI call
>     smc #0
>
> run with the following command line:
>
> aarch64-linux-gnu-gcc -nostdinc -nostdlib -Wl,-Ttext=40000000 \
>                       -o test test.s
>
> qemu-system-aarch64 -M virt,virtualization=on,secure=off \
>                     -cpu cortex-a57 -kernel test
>
> Signed-off-by: Luc Michel <address@hidden>

Thanks in particular for that helpful table summarising all
the cases -- that made this patch much easier to review.

Applied to target-arm.next, thanks.

-- PMM
reply via email to
[Prev in Thread] Current Thread [Next in Thread]