From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:54195)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <serge.fdrv@gmail.com>) id 1acdyL-0004cV-Dn
	for qemu-devel@nongnu.org; Sun, 06 Mar 2016 14:04:10 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <serge.fdrv@gmail.com>) id 1acdyI-0006vx-8P
	for qemu-devel@nongnu.org; Sun, 06 Mar 2016 14:04:09 -0500
References: <20160222222554.GA11598@beta.comsecuris.com>
From: Sergey Fedorov <serge.fdrv@gmail.com>
Message-ID: <56DC7F23.8030104@gmail.com>
Date: Sun, 6 Mar 2016 22:04:03 +0300
MIME-Version: 1.0
In-Reply-To: <20160222222554.GA11598@beta.comsecuris.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [Qemu-arm] [PATCH] Fix bug: SRS instructions would
 trap to EL3 in Secure EL1 even if specified mode was not monitor mode.
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Ralf-Philipp Weinmann <ralf+devel@comsecuris.com>, qemu-arm@nongnu.org
Cc: qemu-devel@nongnu.org

On 23.02.2016 01:25, Ralf-Philipp Weinmann wrote:
> According to the ARMv8 Architecture reference manual [F6.1.203], ALL
> of the following conditions need to be met for SRS to trap to EL3:
> * It is executed at Secure PL1.
> * The specified mode is monitor mode.
> * EL3 is using AArch64.

The code changes in the patch looks good for me. But anyway, you should:
  (1) tweak the commit message title according to the requirements [1] and
  (2) add your "Singed-off-by:" line [2]

Actually, you'd better read the whole page [3] carefully.

[1] 
http://wiki.qemu.org/Contribute/SubmitAPatch#Write_a_meaningful_commit_message
[2] 
http://wiki.qemu.org/Contribute/SubmitAPatch#Patch_emails_must_include_a_Signed-off-by:_line
[3] http://wiki.qemu.org/Contribute/SubmitAPatch

Kind regards,
Sergey

> ---
>   target-arm/translate.c | 5 +++--
>   1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/target-arm/translate.c b/target-arm/translate.c
> index c29c47f..a7688bb 100644
> --- a/target-arm/translate.c
> +++ b/target-arm/translate.c
> @@ -7582,7 +7582,8 @@ static void gen_srs(DisasContext *s,
>       bool undef = false;
>   
>       /* SRS is:
> -     * - trapped to EL3 if EL3 is AArch64 and we are at Secure EL1
> +     * - trapped to EL3 if EL3 is AArch64 and we are at Secure EL1 and
> +     *   mode is monitor mode
>        * - UNDEFINED in Hyp mode
>        * - UNPREDICTABLE in User or System mode
>        * - UNPREDICTABLE if the specified mode is:
> @@ -7592,7 +7593,7 @@ static void gen_srs(DisasContext *s,
>        * -- Monitor, if we are Non-secure
>        * For the UNPREDICTABLE cases we choose to UNDEF.
>        */
> -    if (s->current_el == 1 && !s->ns) {
> +    if (s->current_el == 1 && !s->ns && mode == ARM_CPU_MODE_MON) {
>           gen_exception_insn(s, 4, EXCP_UDEF, syn_uncategorized(), 3);
>           return;
>       }