diff --git a/hw/arm/boot.c b/hw/arm/boot.c index 52ebd8be9bbafce83583d95c571c7d157f3ef1ad..a48d1b28d46ca01d009c13183ba26e93a925c838 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -463,8 +463,26 @@ static void do_cpu_reset(void *opaque) * (SCR.NS = 0), we change that here if non-secure boot has been * requested. */ - if (arm_feature(env, ARM_FEATURE_EL3) && !info->secure_boot) { - env->cp15.scr_el3 |= SCR_NS; + if (arm_feature(env, ARM_FEATURE_EL3)) { + /* AArch64 is defined to come out of reset into EL3 if enabled. + * If we are booting Linux then we need to adjust our EL as + * Linux expects us to be in EL2 or EL1. AArch32 resets into + * SVC, which Linux expects, so no privilege/exception level to + * adjust. + */ + if (env->aarch64) { + if (arm_feature(env, ARM_FEATURE_EL2)) { + env->pstate = PSTATE_MODE_EL2h; + } else { + env->pstate = PSTATE_MODE_EL1h; + } + } + + /* Set to non-secure if not a secure boot */ + if (!info->secure_boot) { + /* Linux expects non-secure state */ + env->cp15.scr_el3 |= SCR_NS; + } } if (CPU(cpu) == first_cpu) { diff --git a/target-arm/cpu.c b/target-arm/cpu.c index 285947f911e4cd1270846c9dfc54bf42a71abf6f..f43e2de137bd68f9e1d291591133789bbfc2c7af 100644 --- a/target-arm/cpu.c +++ b/target-arm/cpu.c @@ -113,7 +113,14 @@ static void arm_cpu_reset(CPUState *s) /* and to the FP/Neon instructions */ env->cp15.c1_coproc = deposit64(env->cp15.c1_coproc, 20, 2, 3); #else - env->pstate = PSTATE_MODE_EL1h; + /* Reset into the highest available EL */ + if (arm_feature(env, ARM_FEATURE_EL3)) { + env->pstate = PSTATE_MODE_EL3h; + } else if (arm_feature(env, ARM_FEATURE_EL2)) { + env->pstate = PSTATE_MODE_EL2h; + } else { + env->pstate = PSTATE_MODE_EL1h; + } env->pc = cpu->rvbar; #endif } else {