From e382ca102a12f67376181ae1e4e208f6545bf9e3 Mon Sep 17 00:00:00 2001 From: lazymio Date: Sun, 13 Feb 2022 09:52:00 +0100 Subject: [PATCH] Fix the regression bug --- qemu/target/arm/helper.c | 4 +++- tests/unit/test_arm.c | 8 ++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/qemu/target/arm/helper.c b/qemu/target/arm/helper.c index 2b59d561..60c9db9e 100644 --- a/qemu/target/arm/helper.c +++ b/qemu/target/arm/helper.c @@ -7927,7 +7927,9 @@ void cpsr_write(CPUARMState *env, uint32_t val, uint32_t mask, * In a V8 implementation, it is permitted for privileged software to * change the CPSR A/F bits regardless of the SCR.AW/FW bits. */ - if (write_type != CPSRWriteRaw && !arm_feature(env, ARM_FEATURE_V8) && + if (write_type != CPSRWriteByUnicorn && + write_type != CPSRWriteRaw && + !arm_feature(env, ARM_FEATURE_V8) && arm_feature(env, ARM_FEATURE_EL3) && !arm_feature(env, ARM_FEATURE_EL2) && !arm_is_secure(env)) { diff --git a/tests/unit/test_arm.c b/tests/unit/test_arm.c index e1183a72..cd3e0b65 100644 --- a/tests/unit/test_arm.c +++ b/tests/unit/test_arm.c @@ -491,13 +491,13 @@ static void test_arm_not_allow_privilege_escalation() static void test_arm_mrc() { uc_engine *uc; - // mrc p15, #0, r0, c1, c1, #0 - char code[] = "\x11\x0F\x11\xEE"; + // mrc p15, #0, r1, c13, c0, #3 + char code[] = "\x1d\xee\x70\x1f"; - uc_common_setup(&uc, UC_ARCH_ARM, UC_MODE_ARM, code, sizeof(code) - 1, + uc_common_setup(&uc, UC_ARCH_ARM, UC_MODE_THUMB, code, sizeof(code) - 1, UC_CPU_ARM_MAX); - OK(uc_emu_start(uc, code_start, code_start + sizeof(code) - 1, 0, 0)); + OK(uc_emu_start(uc, code_start | 1, code_start + sizeof(code) - 1, 0, 0)); OK(uc_close(uc)); }