projects / qemu.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8a2b76f)
target/arm: PSTATE.PAN should not clear exec bits
authorPeter Maydell <peter.maydell@linaro.org>
Mon, 30 Mar 2020 17:06:51 +0000 (18:06 +0100)
committerPeter Maydell <peter.maydell@linaro.org>
Fri, 3 Apr 2020 18:23:53 +0000 (19:23 +0100)
Our implementation of the PSTATE.PAN bit incorrectly cleared all
access permission bits for privileged access to memory which is
user-accessible.  It should only affect the privileged read and write
permissions; execute permission is dealt with via XN/PXN instead.

Fixes: 81636b70c226dc27d7ebc8d
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200330170651.20901-1-peter.maydell@linaro.org

target/arm/helper.c patch | blob | history

diff --git a/target/arm/helper.c b/target/arm/helper.c
index 163c91a1ccdde7914133cf9e93ce46d1daf3648b..ed7eb8ab54e2a60b7af1304318b1fc247862e1af 100644 (file)
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -10025,9 +10025,11 @@ static int get_S1prot(CPUARMState *env, ARMMMUIdx mmu_idx, bool is_aa64,
         prot_rw = user_rw;
     } else {
         if (user_rw && regime_is_pan(env, mmu_idx)) {
-            return 0;
+            /* PAN forbids data accesses but doesn't affect insn fetch */
+            prot_rw = 0;
+        } else {
+            prot_rw = simple_ap_to_rw_prot_is_user(ap, false);
         }
-        prot_rw = simple_ap_to_rw_prot_is_user(ap, false);
     }
 
     if (ns && arm_is_secure(env) && (env->cp15.scr_el3 & SCR_SIF)) {
Unnamed repository; edit this file 'description' to name the repository.