Setting sp_el2 causes trap while in EL3 (arm64 virt, cortex-a72)

[ckim]

Hello, experts,

 

When I run a bare-metal program on virt, cortex-a72 using command below, (beginning of pflash.img containing .bin file objcopy’ed from .elf)

${QEMU_DIR}/qemu-system-aarch64 -machine type=virt,gic-version=3,secure=true -cpu cortex-a72 -nographic -smp 1 -m 2048 -drive if=pflash,file=pflash.img,format=raw,readonly=on -s -S

The “msr sp_el2, x0” instruction causes trap to addr 0x200(synch, from same EL while using SP_Ex). I checked I was still in EL3 and the spsel reg was 1 just before the trap.

 

Below is the code with the trapped instruction marked.

 

// Zero the stack pointers, link registers and status registers

                mov     sp,       x0

                msr     sp_el0,   x0

                msr     sp_el1,   x0

msr     sp_el2,   x0   ç trap

                msr     elr_el1,  x0

                msr     elr_el2,  x0

                msr     elr_el3,  x0

                msr     spsr_el1, x0

                msr     spsr_el2, x0

                msr     spsr_el3, x0

 

Why does it cause trap when I set sp_el2 while in EL3? By the way, RTL simulation for the chip (armv8.4 based) doesn’t cause trap.

What difference can make this difference in trap behavior?

Thanks in advance.

 

Chan Kim