target/arm: PSTATE.PAN should not clear exec bits
Our implementation of the PSTATE.PAN bit incorrectly cleared all
access permission bits for privileged access to memory which is
user-accessible. It should only affect the privileged read and write
permissions; execute permission is dealt with via XN/PXN instead.
Fixes: 81636b70c2
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200330170651.20901-1-peter.maydell@linaro.org
This commit is contained in:
parent
8a2b76ffc9
commit
f4e1dbc578
@ -10025,10 +10025,12 @@ static int get_S1prot(CPUARMState *env, ARMMMUIdx mmu_idx, bool is_aa64,
|
||||
prot_rw = user_rw;
|
||||
} else {
|
||||
if (user_rw && regime_is_pan(env, mmu_idx)) {
|
||||
return 0;
|
||||
}
|
||||
/* PAN forbids data accesses but doesn't affect insn fetch */
|
||||
prot_rw = 0;
|
||||
} else {
|
||||
prot_rw = simple_ap_to_rw_prot_is_user(ap, false);
|
||||
}
|
||||
}
|
||||
|
||||
if (ns && arm_is_secure(env) && (env->cp15.scr_el3 & SCR_SIF)) {
|
||||
return prot_rw;
|
||||
|
Loading…
Reference in New Issue
Block a user