From c2271e301dc441944dfc4c19ac932ea4f926a863 Mon Sep 17 00:00:00 2001
From: Dylan Johnson <Dylan.Johnson@ARM.com>
Date: Tue, 2 Aug 2016 10:38:02 +0100
Subject: [PATCH] arm: Fix secure state checking in various places

Faults that could potentially be routed to the hypervisor checked
whether or not they were in a secure state without checking if security
was enabled or not. This caused faults not to be routed correctly. This
patch causes secure state checking to first ask if security is enabled.

Change-Id: I179e9b181b27f552734c9bab2b18d05ac579a119
---
 src/arch/arm/faults.cc     | 13 ++++++-------
 src/arch/arm/interrupts.cc |  4 ++--
 src/arch/arm/interrupts.hh |  8 +++-----
 3 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/src/arch/arm/faults.cc b/src/arch/arm/faults.cc
index d195d1a14..621076fe5 100644
--- a/src/arch/arm/faults.cc
+++ b/src/arch/arm/faults.cc
@@ -1116,7 +1116,7 @@ PrefetchAbort::routeToHyp(ThreadContext *tc) const
     toHyp |= (stage2 ||
                 ( (source ==               DebugEvent) && hdcr.tde && (cpsr.mode !=  MODE_HYP)) ||
                 ( (source == SynchronousExternalAbort) && hcr.tge  && (cpsr.mode == MODE_USER))
-             ) && !inSecureState(scr, cpsr);
+             ) && !inSecureState(tc);
     return toHyp;
 }
 
@@ -1182,7 +1182,7 @@ DataAbort::routeToHyp(ThreadContext *tc) const
                   ((source == AlignmentFault)            ||
                    (source == SynchronousExternalAbort))
                 )
-             ) && !inSecureState(scr, cpsr);
+             ) && !inSecureState(tc);
     return toHyp;
 }
 
@@ -1272,7 +1272,7 @@ Interrupt::routeToHyp(ThreadContext *tc) const
     HCR  hcr  = tc->readMiscRegNoEffect(MISCREG_HCR);
     CPSR cpsr = tc->readMiscRegNoEffect(MISCREG_CPSR);
     // Determine whether IRQs are routed to Hyp mode.
-    toHyp = (!scr.irq && hcr.imo && !inSecureState(scr, cpsr)) ||
+    toHyp = (!scr.irq && hcr.imo && !inSecureState(tc)) ||
             (cpsr.mode == MODE_HYP);
     return toHyp;
 }
@@ -1311,7 +1311,7 @@ FastInterrupt::routeToHyp(ThreadContext *tc) const
     HCR  hcr  = tc->readMiscRegNoEffect(MISCREG_HCR);
     CPSR cpsr = tc->readMiscRegNoEffect(MISCREG_CPSR);
     // Determine whether IRQs are routed to Hyp mode.
-    toHyp = (!scr.fiq && hcr.fmo && !inSecureState(scr, cpsr)) ||
+    toHyp = (!scr.fiq && hcr.fmo && !inSecureState(tc)) ||
             (cpsr.mode == MODE_HYP);
     return toHyp;
 }
@@ -1380,10 +1380,9 @@ SystemError::routeToHyp(ThreadContext *tc) const
 
     SCR scr = tc->readMiscRegNoEffect(MISCREG_SCR_EL3);
     HCR hcr  = tc->readMiscRegNoEffect(MISCREG_HCR);
-    CPSR cpsr = tc->readMiscRegNoEffect(MISCREG_CPSR);
 
-    toHyp = (!scr.ea && hcr.amo && !inSecureState(scr, cpsr)) ||
-            (!scr.ea && !scr.rw && !hcr.amo && !inSecureState(scr,cpsr));
+    toHyp = (!scr.ea && hcr.amo && !inSecureState(tc)) ||
+            (!scr.ea && !scr.rw && !hcr.amo && !inSecureState(tc));
     return toHyp;
 }
 
diff --git a/src/arch/arm/interrupts.cc b/src/arch/arm/interrupts.cc
index 4f57ecc51..d3ba16142 100644
--- a/src/arch/arm/interrupts.cc
+++ b/src/arch/arm/interrupts.cc
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009, 2012-2013 ARM Limited
+ * Copyright (c) 2009, 2012-2013, 2016 ARM Limited
  * All rights reserved.
  *
  * The license below extends only to copyright in the software and shall
@@ -65,7 +65,7 @@ ArmISA::Interrupts::takeInt(ThreadContext *tc, InterruptTypes int_type) const
     else
         scr = tc->readMiscReg(MISCREG_SCR_EL3);
 
-    bool is_secure = inSecureState(scr, cpsr);
+    bool is_secure = inSecureState(tc);
 
     switch(int_type) {
       case INT_FIQ:
diff --git a/src/arch/arm/interrupts.hh b/src/arch/arm/interrupts.hh
index d09176ca9..77287e6dd 100644
--- a/src/arch/arm/interrupts.hh
+++ b/src/arch/arm/interrupts.hh
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2012-2013 ARM Limited
+ * Copyright (c) 2010, 2012-2013, 2016 ARM Limited
  * All rights reserved
  *
  * The license below extends only to copyright in the software and shall
@@ -141,10 +141,9 @@ class Interrupts : public SimObject
             return false;
 
         CPSR cpsr = tc->readMiscReg(MISCREG_CPSR);
-        SCR  scr  = tc->readMiscReg(MISCREG_SCR);
 
         bool isHypMode   = cpsr.mode == MODE_HYP;
-        bool isSecure    = inSecureState(scr, cpsr);
+        bool isSecure    = inSecureState(tc);
         bool allowVIrq   = !cpsr.i && hcr.imo && !isSecure && !isHypMode;
         bool allowVFiq   = !cpsr.f && hcr.fmo && !isSecure && !isHypMode;
         bool allowVAbort = !cpsr.a && hcr.amo && !isSecure && !isHypMode;
@@ -229,13 +228,12 @@ class Interrupts : public SimObject
 
         HCR  hcr  = tc->readMiscReg(MISCREG_HCR);
         CPSR cpsr = tc->readMiscReg(MISCREG_CPSR);
-        SCR  scr  = tc->readMiscReg(MISCREG_SCR);
 
         // Calculate a few temp vars so we can work out if there's a pending
         // virtual interrupt, and if its allowed to happen
         // ARM ARM Issue C section B1.9.9, B1.9.11, and B1.9.13
         bool isHypMode   = cpsr.mode == MODE_HYP;
-        bool isSecure    = inSecureState(scr, cpsr);
+        bool isSecure    = inSecureState(tc);
         bool allowVIrq   = !cpsr.i && hcr.imo && !isSecure && !isHypMode;
         bool allowVFiq   = !cpsr.f && hcr.fmo && !isSecure && !isHypMode;
         bool allowVAbort = !cpsr.a && hcr.amo && !isSecure && !isHypMode;