On 12/16/22 07:24, Peter Maydell wrote:
> In v7m_exception_taken(), for v8M we set the EXC_RETURN.ES bit if
> either the exception targets Secure or if the CPU doesn't implement
> the Security Extension. This is incorrect: the v8M Arm ARM specifies
> that the ES bit should be RES0 if the Security Extension is not
> implemented, and the pseudocode agrees.
>
> Remove the incorrect condition, so that we leave the ES bit 0
> if the Security Extension isn't implemented.
>
> This doesn't have any guest-visible effects for our current set of
> emulated CPUs, because all our v8M CPUs implement the Security
> Extension; but it's worth fixing in case we add a v8M CPU without
> the extension in future.
>
> Reported-by: Igor Kotrasinski <i.kotrasinsk@samsung.com>
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
> ---
> target/arm/m_helper.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
> index 355cd4d60a7..2b55e90ea9d 100644
> --- a/target/arm/m_helper.c
> +++ b/target/arm/m_helper.c
> @@ -895,7 +895,7 @@ static void v7m_exception_taken(ARMCPU *cpu, uint32_t lr, bool dotailchain,
> }
>
> lr &= ~R_V7M_EXCRET_ES_MASK;
> - if (targets_secure || !arm_feature(env, ARM_FEATURE_M_SECURITY)) {
> + if (targets_secure) {
> lr |= R_V7M_EXCRET_ES_MASK;
> }
> lr &= ~R_V7M_EXCRET_SPSEL_MASK;