[PATCH 5/9] xen: arm: Handle CP15 register traps from userspace

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

From: Ian Campbell <ian.campbell@citrix.com>
To: xen-devel@lists.xen.org
Cc: julien.grall@linaro.org, tim@xen.org,
	Ian Campbell <ian.campbell@citrix.com>,
	stefano.stabellini@eu.citrix.com
Subject: [PATCH 5/9] xen: arm: Handle CP15 register traps from userspace
Date: Tue, 9 Sep 2014 17:23:04 +0100	[thread overview]
Message-ID: <1410279788-27167-5-git-send-email-ian.campbell@citrix.com> (raw)
In-Reply-To: <1410279730.8217.238.camel@kazak.uk.xensource.com>

Previously userspace access to PM* would have been incorrectly (but benignly)
implemented as RAZ/WI when running on a 32-bit kernel and would cause a
hypervisor exception (host crash) when running a 64-bit kernel (this was
already solved via the fix to XSA-102).

CLIDR, CCSIDR, DCCISW, ACTLR, PMINTENSET, PMINTENCLR are EL1 only, attempts to
access from EL0 will trap to EL1 not to us, hence BUG_ON is appropriate now.

PMUSERENR is R/O at EL0 and we implement as RAZ/WI at EL1 as before.

The remaining PM* registers are accessible to EL0 only if PMUSERENR_EL0.EN is
set, since we emulate this as RAZ/WI the bit is never set so we inject a trap
on attempted access. We weren't previously handling PMCCNTR.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
---
 xen/arch/arm/traps.c |   32 +++++++++++++++++++++++++++-----
 1 file changed, 27 insertions(+), 5 deletions(-)

diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c
index 46ed21d..e7a2791 100644
--- a/xen/arch/arm/traps.c
+++ b/xen/arch/arm/traps.c
@@ -1446,6 +1446,7 @@ static void do_cp15_32(struct cpu_user_regs *regs,
     switch ( hsr.bits & HSR_CP32_REGS_MASK )
     {
     case HSR_CPREG32(CLIDR):
+        BUG_ON(psr_mode_is_user(regs));
         if ( !cp32.read )
         {
             dprintk(XENLOG_ERR,
@@ -1455,6 +1456,7 @@ static void do_cp15_32(struct cpu_user_regs *regs,
         *r = READ_SYSREG32(CLIDR_EL1);
         break;
     case HSR_CPREG32(CCSIDR):
+        BUG_ON(psr_mode_is_user(regs));
         if ( !cp32.read )
         {
             dprintk(XENLOG_ERR,
@@ -1464,6 +1466,7 @@ static void do_cp15_32(struct cpu_user_regs *regs,
         *r = READ_SYSREG32(CCSIDR_EL1);
         break;
     case HSR_CPREG32(DCCISW):
+        BUG_ON(psr_mode_is_user(regs));
         if ( cp32.read )
         {
             dprintk(XENLOG_ERR,
@@ -1481,6 +1484,7 @@ static void do_cp15_32(struct cpu_user_regs *regs,
         goto undef_cp15_32;
 
     case HSR_CPREG32(ACTLR):
+        BUG_ON(psr_mode_is_user(regs));
         if ( cp32.read )
            *r = v->arch.actlr;
         break;
@@ -1493,6 +1497,18 @@ static void do_cp15_32(struct cpu_user_regs *regs,
      * always support PMCCNTR (the cyle counter): we just RAZ/WI for all
      * PM register, which doesn't crash the kernel at least
      */
+    case HSR_CPREG32(PMUSERENR):
+        /* RO at EL0. RAZ/WI at EL1 */
+        if ( psr_mode_is_user(regs) && !hsr.cp32.read )
+            goto undef_cp15_32;
+        goto cp15_32_raz_wi;
+
+    case HSR_CPREG32(PMINTENSET):
+    case HSR_CPREG32(PMINTENCLR):
+        /* EL1 only */
+        BUG_ON(psr_mode_is_user(regs));
+        goto cp15_32_raz_wi;
+
     case HSR_CPREG32(PMCR):
     case HSR_CPREG32(PMCNTENSET):
     case HSR_CPREG32(PMCNTENCLR):
@@ -1504,12 +1520,19 @@ static void do_cp15_32(struct cpu_user_regs *regs,
     case HSR_CPREG32(PMCCNTR):
     case HSR_CPREG32(PMXEVTYPER):
     case HSR_CPREG32(PMXEVCNTR):
-    case HSR_CPREG32(PMUSERENR):
-    case HSR_CPREG32(PMINTENSET):
-    case HSR_CPREG32(PMINTENCLR):
     case HSR_CPREG32(PMOVSSET):
+        /*
+         * Accessible at EL0 only if PMUSERENR_EL0.EN is set. We
+         * emulate that register as 0 above.
+         */
+        if ( psr_mode_is_user(regs) )
+            goto undef_cp15_32;
+        /* Fall thru */
+
+ cp15_32_raz_wi:
         if ( cp32.read )
             *r = 0;
+        /* else: write ignored */
         break;
 
     default:
@@ -1908,8 +1931,7 @@ asmlinkage void do_trap_hypervisor(struct cpu_user_regs *regs)
         advance_pc(regs, hsr);
         break;
     case HSR_EC_CP15_32:
-        if ( !is_32bit_domain(current->domain) )
-            goto bad_trap;
+        BUG_ON(!psr_mode_is_32bit(regs->cpsr));
         do_cp15_32(regs, hsr);
         break;
     case HSR_EC_CP15_64:
-- 
1.7.10.4

next prev parent reply	other threads:[~2014-09-09 16:23 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-09-09 16:22 [RFC PATCH 0/9] xen: arm: reenable support for 32-bit userspace running in 64-bit guest Ian Campbell
2014-09-09 16:23 ` [PATCH 1/9] xen: arm: Correct PMXEV cp register definitions Ian Campbell
2014-09-09 23:04   ` Julien Grall
2014-09-09 16:23 ` [PATCH 2/9] xen: arm: Factor out psr_mode_is_user Ian Campbell
2014-09-09 23:08   ` Julien Grall
2014-09-09 16:23 ` [PATCH 3/9] xen: arm: Handle 32-bit EL0 on 64-bit EL1 when advancing PC after trap Ian Campbell
2014-09-09 23:12   ` Julien Grall
2014-09-09 16:23 ` [PATCH 4/9] xen: arm: turn vtimer traps for cp32/64 and sysreg into #undef Ian Campbell
2014-09-09 23:31   ` Julien Grall
2014-09-10  9:46     ` Ian Campbell
2014-09-10 18:54       ` Julien Grall
2014-09-11  8:43         ` Ian Campbell
2015-01-14 16:33           ` Ian Campbell
2015-01-14 16:57             ` Julien Grall
2015-01-15 10:26               ` Ian Campbell
2015-01-15 12:27                 ` Julien Grall
2015-01-15 12:35                   ` Ian Campbell
2014-09-09 16:23 ` Ian Campbell [this message]
2014-09-09 23:42   ` [PATCH 5/9] xen: arm: Handle CP15 register traps from userspace Julien Grall
2014-09-10  9:48     ` Ian Campbell
2014-09-10 18:56       ` Julien Grall
2014-09-18  1:31         ` Ian Campbell
2014-09-09 16:23 ` [PATCH 6/9] xen: arm: Handle CP14 32-bit register accesses " Ian Campbell
2014-09-09 23:45   ` Julien Grall
2014-09-10  9:48     ` Ian Campbell
2015-02-10  3:40       ` Ian Campbell
2015-02-10  4:14         ` Julien Grall
2014-09-09 16:23 ` [PATCH 7/9] xen: arm: correctly handle sysreg " Ian Campbell
2014-09-09 16:23 ` [PATCH 8/9] xen: arm: handle remaining traps " Ian Campbell
2014-09-09 16:23 ` [PATCH 9/9] xen: arm: Allow traps from 32 bit userspace on 64 bit hypervisors again Ian Campbell
2014-09-09 16:23 ` [RFC PATCH 0/9] xen: arm: reenable support for 32-bit userspace running in 64-bit guest Ian Campbell

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:46ed21d dfblob:e7a2791 )
 OR (
bs:"[PATCH 5/9] xen: arm: Handle CP15 register traps from userspace" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1410279788-27167-5-git-send-email-ian.campbell@citrix.com \
    --to=ian.campbell@citrix.com \
    --cc=julien.grall@linaro.org \
    --cc=stefano.stabellini@eu.citrix.com \
    --cc=tim@xen.org \
    --cc=xen-devel@lists.xen.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).