From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52601) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Zvb1Y-0001cW-AG for qemu-devel@nongnu.org; Sun, 08 Nov 2015 20:13:33 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Zvb1T-00082g-IK for qemu-devel@nongnu.org; Sun, 08 Nov 2015 20:13:32 -0500 From: Michael Davidsaver Date: Sun, 8 Nov 2015 20:11:45 -0500 Message-Id: <1447031505-12477-19-git-send-email-mdavidsaver@gmail.com> In-Reply-To: <1447031505-12477-1-git-send-email-mdavidsaver@gmail.com> References: <1447031505-12477-1-git-send-email-mdavidsaver@gmail.com> Subject: [Qemu-devel] [PATCH 18/18] armv7m: prevent unprivileged write to STIR List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: Peter Maydell , Peter Crosthwaite , qemu-arm@nongnu.org, Michael Davidsaver Prevent unprivileged from writing to the Software Triggered Interrupt register Signed-off-by: Michael Davidsaver --- hw/intc/armv7m_nvic.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c index ca8c93c..b744cd5 100644 --- a/hw/intc/armv7m_nvic.c +++ b/hw/intc/armv7m_nvic.c @@ -654,7 +654,9 @@ static void nvic_writel(nvic_state *s, uint32_t offset, uint32_t value) "NVIC: fault status registers unimplemented\n"); break; case 0xf00: /* Software Triggered Interrupt Register */ - if ((value & 0x1ff) < NVIC_MAX_IRQ) { + /* STIR write allowed if privlaged or USERSETMPEND set */ + if ((arm_current_el(&cpu->env) || (cpu->env.v7m.ccr&2)) + && ((value & 0x1ff) < NVIC_MAX_IRQ)) { armv7m_nvic_set_pending(s, (value&0x1ff)+16); } break; -- 2.1.4