From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] [PULL 05/30] target/arm: Make v7m_push_callee_stack() honour MPU
Date: Fri, 9 Feb 2018 11:02:49 +0000 [thread overview]
Message-ID: <20180209110314.11766-6-peter.maydell@linaro.org> (raw)
In-Reply-To: <20180209110314.11766-1-peter.maydell@linaro.org>
Make v7m_push_callee_stack() honour the MPU by using the
new v7m_stack_write() function. We return a flag to indicate
whether the pushes failed, which we can then use in
v7m_exception_taken() to cause us to handle the derived
exception correctly.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 1517324542-6607-6-git-send-email-peter.maydell@linaro.org
---
target/arm/helper.c | 64 ++++++++++++++++++++++++++++++++++++++++-------------
1 file changed, 49 insertions(+), 15 deletions(-)
diff --git a/target/arm/helper.c b/target/arm/helper.c
index f31472a044..614162dd1e 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -6473,7 +6473,7 @@ static uint32_t arm_v7m_load_vector(ARMCPU *cpu, int exc, bool targets_secure)
return addr;
}
-static void v7m_push_callee_stack(ARMCPU *cpu, uint32_t lr, bool dotailchain,
+static bool v7m_push_callee_stack(ARMCPU *cpu, uint32_t lr, bool dotailchain,
bool ignore_faults)
{
/* For v8M, push the callee-saves register part of the stack frame.
@@ -6481,31 +6481,55 @@ static void v7m_push_callee_stack(ARMCPU *cpu, uint32_t lr, bool dotailchain,
* In the tailchaining case this may not be the current stack.
*/
CPUARMState *env = &cpu->env;
- CPUState *cs = CPU(cpu);
uint32_t *frame_sp_p;
uint32_t frameptr;
+ ARMMMUIdx mmu_idx;
+ bool stacked_ok;
if (dotailchain) {
- frame_sp_p = get_v7m_sp_ptr(env, true,
- lr & R_V7M_EXCRET_MODE_MASK,
+ bool mode = lr & R_V7M_EXCRET_MODE_MASK;
+ bool priv = !(env->v7m.control[M_REG_S] & R_V7M_CONTROL_NPRIV_MASK) ||
+ !mode;
+
+ mmu_idx = arm_v7m_mmu_idx_for_secstate_and_priv(env, M_REG_S, priv);
+ frame_sp_p = get_v7m_sp_ptr(env, M_REG_S, mode,
lr & R_V7M_EXCRET_SPSEL_MASK);
} else {
+ mmu_idx = core_to_arm_mmu_idx(env, cpu_mmu_index(env, false));
frame_sp_p = &env->regs[13];
}
frameptr = *frame_sp_p - 0x28;
- stl_phys(cs->as, frameptr, 0xfefa125b);
- stl_phys(cs->as, frameptr + 0x8, env->regs[4]);
- stl_phys(cs->as, frameptr + 0xc, env->regs[5]);
- stl_phys(cs->as, frameptr + 0x10, env->regs[6]);
- stl_phys(cs->as, frameptr + 0x14, env->regs[7]);
- stl_phys(cs->as, frameptr + 0x18, env->regs[8]);
- stl_phys(cs->as, frameptr + 0x1c, env->regs[9]);
- stl_phys(cs->as, frameptr + 0x20, env->regs[10]);
- stl_phys(cs->as, frameptr + 0x24, env->regs[11]);
+ /* Write as much of the stack frame as we can. A write failure may
+ * cause us to pend a derived exception.
+ */
+ stacked_ok =
+ v7m_stack_write(cpu, frameptr, 0xfefa125b, mmu_idx, ignore_faults) &&
+ v7m_stack_write(cpu, frameptr + 0x8, env->regs[4], mmu_idx,
+ ignore_faults) &&
+ v7m_stack_write(cpu, frameptr + 0xc, env->regs[5], mmu_idx,
+ ignore_faults) &&
+ v7m_stack_write(cpu, frameptr + 0x10, env->regs[6], mmu_idx,
+ ignore_faults) &&
+ v7m_stack_write(cpu, frameptr + 0x14, env->regs[7], mmu_idx,
+ ignore_faults) &&
+ v7m_stack_write(cpu, frameptr + 0x18, env->regs[8], mmu_idx,
+ ignore_faults) &&
+ v7m_stack_write(cpu, frameptr + 0x1c, env->regs[9], mmu_idx,
+ ignore_faults) &&
+ v7m_stack_write(cpu, frameptr + 0x20, env->regs[10], mmu_idx,
+ ignore_faults) &&
+ v7m_stack_write(cpu, frameptr + 0x24, env->regs[11], mmu_idx,
+ ignore_faults);
+ /* Update SP regardless of whether any of the stack accesses failed.
+ * When we implement v8M stack limit checking then this attempt to
+ * update SP might also fail and result in a derived exception.
+ */
*frame_sp_p = frameptr;
+
+ return !stacked_ok;
}
static void v7m_exception_taken(ARMCPU *cpu, uint32_t lr, bool dotailchain,
@@ -6519,6 +6543,7 @@ static void v7m_exception_taken(ARMCPU *cpu, uint32_t lr, bool dotailchain,
uint32_t addr;
bool targets_secure;
int exc;
+ bool push_failed = false;
armv7m_nvic_get_pending_irq_info(env->nvic, &exc, &targets_secure);
@@ -6546,8 +6571,8 @@ static void v7m_exception_taken(ARMCPU *cpu, uint32_t lr, bool dotailchain,
*/
if (lr & R_V7M_EXCRET_DCRS_MASK &&
!(dotailchain && (lr & R_V7M_EXCRET_ES_MASK))) {
- v7m_push_callee_stack(cpu, lr, dotailchain,
- ignore_stackfaults);
+ push_failed = v7m_push_callee_stack(cpu, lr, dotailchain,
+ ignore_stackfaults);
}
lr |= R_V7M_EXCRET_DCRS_MASK;
}
@@ -6589,6 +6614,15 @@ static void v7m_exception_taken(ARMCPU *cpu, uint32_t lr, bool dotailchain,
}
}
+ if (push_failed && !ignore_stackfaults) {
+ /* Derived exception on callee-saves register stacking:
+ * we might now want to take a different exception which
+ * targets a different security state, so try again from the top.
+ */
+ v7m_exception_taken(cpu, lr, true, true);
+ return;
+ }
+
addr = arm_v7m_load_vector(cpu, exc, targets_secure);
/* Now we've done everything that might cause a derived exception
--
2.16.1
next prev parent reply other threads:[~2018-02-09 11:03 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-09 11:02 [Qemu-devel] [PULL 00/30] target-arm queue Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 01/30] target/arm: Add armv7m_nvic_set_pending_derived() Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 02/30] target/arm: Split "get pending exception info" from "acknowledge it" Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 03/30] target/arm: Add ignore_stackfaults argument to v7m_exception_taken() Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 04/30] target/arm: Make v7M exception entry stack push check MPU Peter Maydell
2018-02-09 11:02 ` Peter Maydell [this message]
2018-02-09 11:02 ` [Qemu-devel] [PULL 06/30] target/arm: Make exception vector loads honour the SAU Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 07/30] target/arm: Handle exceptions during exception stack pop Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 08/30] target/arm: implement SHA-512 instructions Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 09/30] target/arm: implement SHA-3 instructions Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 10/30] target/arm: implement SM3 instructions Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 11/30] target/arm: implement SM4 instructions Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 12/30] target/arm: enable user-mode SHA-3, SM3, SM4 and SHA-512 instruction support Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 13/30] sdhci: Add i.MX specific subtype of SDHCI Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 14/30] hw: i.MX: Convert i.MX6 to use TYPE_IMX_USDHC Peter Maydell
2018-02-09 11:02 ` [Qemu-devel] [PULL 15/30] i.MX: Add code to emulate i.MX7 CCM, PMU and ANALOG IP blocks Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 16/30] i.MX: Add code to emulate i.MX2 watchdog IP block Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 17/30] i.MX: Add code to emulate i.MX7 SNVS IP-block Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 18/30] i.MX: Add code to emulate GPCv2 IP block Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 19/30] i.MX: Add i.MX7 GPT variant Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 20/30] i.MX: Add implementation of i.MX7 GPR IP block Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 21/30] usb: Add basic code to emulate Chipidea USB IP Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 22/30] hw/arm: Move virt's PSCI DT fixup code to arm/boot.c Peter Maydell
2018-03-27 14:22 ` [Qemu-devel] [PULL, " Marc Zyngier
2018-02-09 11:03 ` [Qemu-devel] [PULL 23/30] target/arm: Expand vector registers for SVE Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 24/30] target/arm: Add predicate " Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 25/30] target/arm: Add SVE to migration state Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 26/30] target/arm: Add ZCR_ELx Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 27/30] target/arm: Add SVE state to TB->FLAGS Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 28/30] target/arm/kvm: gic: Prevent creating userspace GICv3 with KVM Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 29/30] target/arm/translate.c: Fix missing 'break' for TT insns Peter Maydell
2018-02-09 11:03 ` [Qemu-devel] [PULL 30/30] hw/core/generic-loader: Allow PC to be set on command line Peter Maydell
2018-02-09 14:38 ` [Qemu-devel] [PULL 00/30] target-arm queue Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180209110314.11766-6-peter.maydell@linaro.org \
--to=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).