From a897ee919b793b5698983d1284aa88e57a4f8e4c Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Sun, 4 Mar 2018 13:04:18 -0500 Subject: [PATCH] target-arm: v7M: ignore writes to CONTROL.SPSEL from Thread mode For v7M, writes to the CONTROL register are only permitted for privileged code. However even if the code is privileged, the write must not affect the SPSEL bit in the CONTROL register if the CPU is in Thread mode (as documented in the pseudocode for the MSR instruction). Implement this, instead of permitting SPSEL to be written in all cases. This was causing mbed applications not to run, because the RTX RTOS they use relies on this behaviour. Backports commit 792dac309c8660306557ba058b8b5a6a75ab3c1f from qemu --- qemu/target/arm/helper.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/qemu/target/arm/helper.c b/qemu/target/arm/helper.c index 4f26110b..80c4c354 100644 --- a/qemu/target/arm/helper.c +++ b/qemu/target/arm/helper.c @@ -8069,9 +8069,16 @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t maskreg, uint32_t val) env->v7m.faultmask = val & 1; break; case 20: /* CONTROL */ - switch_v7m_sp(env, (val & R_V7M_CONTROL_SPSEL_MASK) != 0); - env->v7m.control = val & (R_V7M_CONTROL_SPSEL_MASK | - R_V7M_CONTROL_NPRIV_MASK); + /* Writing to the SPSEL bit only has an effect if we are in + * thread mode; other bits can be updated by any privileged code. + * switch_v7m_sp() deals with updating the SPSEL bit in + * env->v7m.control, so we only need update the others. + */ + if (env->v7m.exception == 0) { + switch_v7m_sp(env, (val & R_V7M_CONTROL_SPSEL_MASK) != 0); + } + env->v7m.control &= ~R_V7M_CONTROL_NPRIV_MASK; + env->v7m.control |= val & R_V7M_CONTROL_NPRIV_MASK; break; default: qemu_log_mask(LOG_GUEST_ERROR, "Attempt to write unknown special"