ARMv8-A CurrentEL Register and PSTATE Bit Mapping Confusion
The ARMv8-A architecture introduces a sophisticated privilege model with four Exception Levels (ELs): EL0, EL1, EL2, and EL3. Each level corresponds to a different privilege and security context, with EL0 being the least privileged (user mode) and EL3 being the most privileged (secure monitor mode). The CurrentEL register is a system register that holds the current Exception Level of the processor. However, the definition of the CurrentEL register and its relationship with the PSTATE bits can be confusing, especially when trying to interpret the bitfields and their mappings.
The CurrentEL register is a 64-bit register, but only bits [3:2] are used to indicate the current Exception Level. These bits are directly mapped from the PSTATE[3:2] bits, which are part of the Processor State (PSTATE) in the ARMv8-A architecture. The PSTATE is a collection of fields that represent the current state of the processor, including the Exception Level, condition flags, and other control bits. The mapping between PSTATE[3:2] and CurrentEL[3:2] is critical for understanding how the processor transitions between different Exception Levels and how software can query the current privilege level.
The confusion often arises from the interpretation of the bitfields. For example, a value of 0x4 in the CurrentEL register corresponds to EL1, but this is not immediately obvious without understanding the bit mapping. The value 0x4 means that bit 2 is set (binary 100), which corresponds to EL1. This mapping is consistent across all ARMv8-A implementations, but the documentation can be unclear, leading to misinterpretation of the bitfields.
Misinterpretation of PSTATE[3:2] and CurrentEL[3:2] Bitfields
One of the primary causes of confusion is the misinterpretation of the PSTATE[3:2] and CurrentEL[3:2] bitfields. The PSTATE[3:2] bits represent the current Exception Level, and these bits are directly mapped to the CurrentEL[3:2] bits. However, the documentation does not always clearly explain this mapping, leading to errors in interpreting the CurrentEL register.
For example, a common mistake is to assume that PSTATE[3:2] maps to CurrentEL[1:0], which would imply that a value of 0x4 in CurrentEL corresponds to EL2 (binary 10). However, this is incorrect. The correct mapping is PSTATE[3:2] to CurrentEL[3:2], meaning that a value of 0x4 in CurrentEL corresponds to EL1 (binary 100). This misinterpretation can lead to significant issues in software that relies on querying the current Exception Level, as it may incorrectly assume a different privilege level than the one actually in use.
Another source of confusion is the lack of detailed documentation on the CurrentEL register in some ARMv8-A reference manuals. While the Cortex-A53 Technical Reference Manual (TRM) and the ARMv8-A Architecture Reference Manual provide information on the CurrentEL register, the details on the bit mapping are sometimes buried in dense technical descriptions, making it easy to overlook or misinterpret the information.
Correct Interpretation and Usage of CurrentEL and PSTATE Bits
To correctly interpret and use the CurrentEL register and PSTATE bits, it is essential to understand the bit mapping and how it relates to the Exception Levels. The following steps outline the correct approach to interpreting the CurrentEL register and PSTATE bits, along with solutions to common issues that may arise.
First, it is important to recognize that the CurrentEL register is a read-only register that reflects the current Exception Level of the processor. The register is 64 bits wide, but only bits [3:2] are used to indicate the Exception Level. These bits are directly mapped from the PSTATE[3:2] bits, which are part of the Processor State. The mapping is as follows:
- PSTATE[3:2] = 00: EL0 (User mode)
- PSTATE[3:2] = 01: EL1 (OS kernel mode)
- PSTATE[3:2] = 10: EL2 (Hypervisor mode)
- PSTATE[3:2] = 11: EL3 (Secure monitor mode)
The CurrentEL register mirrors these bits in its [3:2] positions. Therefore, a value of 0x4 in CurrentEL (binary 100) corresponds to EL1, as bit 2 is set. Similarly, a value of 0x8 (binary 1000) corresponds to EL2, and a value of 0xC (binary 1100) corresponds to EL3.
To avoid confusion, it is recommended to use the following table for quick reference:
| CurrentEL[3:2] | PSTATE[3:2] | Exception Level |
|---|---|---|
| 00 | 00 | EL0 |
| 01 | 01 | EL1 |
| 10 | 10 | EL2 |
| 11 | 11 | EL3 |
When writing or debugging software that interacts with the CurrentEL register, it is crucial to ensure that the correct bit mapping is used. For example, when checking the current Exception Level, the following code snippet can be used:
MRS X0, CurrentEL
AND X0, X0, #0xC
CMP X0, #0x4
BEQ EL1_Handler
In this example, the MRS instruction reads the CurrentEL register into register X0. The AND instruction masks out all bits except [3:2], and the CMP instruction checks if the value is 0x4, indicating EL1. If the condition is true, the branch instruction (BEQ) jumps to the EL1 handler.
Another common issue is the incorrect assumption that the CurrentEL register can be written to change the Exception Level. This is not possible, as the CurrentEL register is read-only. Changing the Exception Level requires executing an exception return (ERET) instruction or triggering an exception that causes a transition to a different Exception Level.
In summary, the key to correctly interpreting and using the CurrentEL register and PSTATE bits is to understand the bit mapping and to use the appropriate instructions to read and manipulate these bits. By following the guidelines outlined above, software developers can avoid common pitfalls and ensure that their code correctly handles Exception Level transitions in the ARMv8-A architecture.
