Open kokas-a opened 1 year ago
For what it's worth, auxiliary registers suffer the same. I re-iterate what has been submitted on a now-private repo:
At the moment, in user mode, most auxiliary registers are readable/writable; while
according to PRM (section 4.2.3.2 Privileged Registers), only these should be accessible:
PC
STATS32
LP_START
LP_END
I consider this ...
The fix should look like this:
op_helper.c
-----------
target_ulong
arc_status_regs_get(const struct arc_aux_reg_detail *aux_reg_detail,
void *data)
{
...
case AUX_ID_erstatus:
if (is_user_mode(env)) {
arc_raise_exception(env, GETPC(), EXCP_PRIVILEGEV);
}
reg = pack_status32(&env->stat_er);
break;
...
}
ilink
is a GPR. In case of a GPR, every instructions that uses it, should take care of it. This requires adaptation to the decoder to insert the checking routine in place if one of the operands is ilink
. By "checking routine" I mean the tcg code to check against status32.u
, and raise an exception if indeed it is set. Something like seti
and clri
do.
Hi,
ARCv2 documentation contains the following: "The ILINK register is not accessible in user mode. Illegal accesses from user mode to ILINK raise a Privilege Violation exception". But QEMU allows ILINK access form user mode.
Examples are based on Zephyr. The following is executed in userspace:
Expected behavior - raising exception
Current behavior - continuing execution
How to reproduce
Download example and run it on recent version of qemu
Routine that contains example code with ILINK access is
user_function()
zephyr_user_ilink.zip