diff --git a/target/e2k/helper.c b/target/e2k/helper.c
index 19fe8577b4..7c4f12454b 100644
--- a/target/e2k/helper.c
+++ b/target/e2k/helper.c
@@ -203,13 +203,6 @@ static inline void do_call(CPUE2KState *env, int wbs, target_ulong ret_ip)
     reset_ctprs(env);
 }
 
-void HELPER(syscall)(CPUE2KState *env)
-{
-    CPUState *cs = env_cpu(env);
-    cs->exception_index = EXCP_SYSCALL;
-    cpu_loop_exit(cs);
-}
-
 void HELPER(call)(CPUE2KState *env, uint64_t ctpr_raw, int call_wbs,
     target_ulong pc_next)
 {
@@ -249,7 +242,12 @@ uint64_t HELPER(prep_return)(CPUE2KState *env, int ipd)
     ret.ipd = ipd;
     ret.base = cr0_hi;
     ret.tag = CTPR_TAG_RETURN;
+#ifdef CONFIG_USER_ONLY
     ret.opc = cr0_hi == E2K_SIGRET_ADDR ? CTPR_OPC_SIGRET : 0;
+#else
+    // TODO: set ctpr.opc
+    ret.opc = 0;
+#endif
 
     return ret.raw;
 }
@@ -258,6 +256,7 @@ void HELPER(return)(CPUE2KState *env)
 {
     CtprOpc opc = env->ctprs[2].opc;
 
+#ifdef CONFIG_USER_ONLY
     if (opc == CTPR_OPC_SIGRET) {
         CPUState *cs = env_cpu(env);
         env->wd.psize = 2;
@@ -265,14 +264,15 @@ void HELPER(return)(CPUE2KState *env)
         env->tags[0] = E2K_TAG_NUMBER64;
         cs->exception_index = EXCP_SYSCALL;
         cpu_loop_exit(cs);
-    } else {
-        if (opc != 0) {
-            qemu_log(TARGET_FMT_lx ": unknown return ctpr opc %d\n", env->ip, opc);
-        }
-
-        e2k_proc_return(env, false);
-        reset_ctprs(env);
     }
+#endif
+
+    if (opc != 0) {
+        qemu_log(TARGET_FMT_lx ": unknown return ctpr opc %d\n", env->ip, opc);
+    }
+
+    e2k_proc_return(env, false);
+    reset_ctprs(env);
 }
 
 void G_NORETURN raise_exception(CPUE2KState *env, int exception_index)
@@ -285,6 +285,9 @@ void G_NORETURN raise_exception_ra(CPUE2KState *env, int exception_index,
 {
     CPUState *cs = env_cpu(env);
     switch (exception_index) {
+#ifdef CONFIG_USER_ONLY
+    case EXCP_SYSCALL:
+#endif
     case EXCP_PROC_STACK_BOUNDS:
     case EXCP_CHAIN_STACK_BOUNDS:
         /* ignore */
diff --git a/target/e2k/helper.h b/target/e2k/helper.h
index 593d382d1f..e14c322242 100644
--- a/target/e2k/helper.h
+++ b/target/e2k/helper.h
@@ -8,9 +8,10 @@
 #define dh_is_signed_f80 dh_is_signed_ptr
 
 DEF_HELPER_2(raise_exception, noreturn, env, int)
-DEF_HELPER_1(syscall, noreturn, env)
 DEF_HELPER_1(break_restore_state, void, env)
+#ifdef CONFIG_USER_ONLY
 DEF_HELPER_1(expand_stacks, void, env)
+#endif
 
 DEF_HELPER_4(call, void, env, i64, int, tl)
 DEF_HELPER_2(prep_return, i64, env, int)
diff --git a/target/e2k/translate.c b/target/e2k/translate.c
index a00a2a692f..f26dbee569 100644
--- a/target/e2k/translate.c
+++ b/target/e2k/translate.c
@@ -1,5 +1,4 @@
 #include "qemu/osdep.h"
-#include "qemu.h"
 #include "exec/log.h"
 #include "exec/translator.h"
 #include "tcg/tcg-op.h"
@@ -7367,11 +7366,15 @@ static inline void gen_cs0(DisasContext *ctx)
         break;
     }
     case CS0_SDISP: {
+#ifdef CONFIG_USER_ONLY
         // TODO: real sdisp target address
         target_ulong target = E2K_FAKE_KERN_START;
         target = deposit64(target, 11, 17, cs0->sdisp.disp);
         uint64_t ctpr = ctpr_new(CTPR_TAG_SDISP, 0, cs0->sdisp.ipd, target);
         gen_set_ctpr(cs0->sdisp.ctpr, ctpr);
+#else
+        e2k_todo(ctx, "sdisp");
+#endif
         break;
     }
     case CS0_RETURN: {
@@ -7930,7 +7933,7 @@ static void e2k_tr_translate_insn(DisasContextBase *db, CPUState *cs)
         ctx->base.is_jmp = DISAS_NORETURN;
         /* force non-zero tb size */
         pc_next = ctx->base.pc_next + 8;
-        gen_helper_syscall(cpu_env);
+        gen_tr_exception(ctx, EXCP_SYSCALL);
         tcg_gen_exit_tb(NULL, TB_EXIT_IDX0);
         break;
     case E2K_SYSRET_BACKTRACE_ADDR: