[12/19] nvic: In escalation to HardFault, support HF not being priority -1

Message ID 1505240046-11454-13-git-send-email-peter.maydell@linaro.org
State Superseded
Headers show
Series
  • ARMv8M: support security extn in the NVIC
Related show

Commit Message

Peter Maydell Sept. 12, 2017, 6:13 p.m.
When escalating to HardFault, we must go into Lockup if we
can't take the synchronous HardFault because the current
execution priority is already at or below the priority of
HardFault. In v7M HF is always priority -1 so a simple < 0
comparison sufficed; in v8M the priority of HardFault can
vary depending on whether it is a Secure or NonSecure
HardFault, so we must check against the priority of the
HardFault exception vector we're about to use.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

---
 hw/intc/armv7m_nvic.c | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

-- 
2.7.4

Comments

Richard Henderson Sept. 19, 2017, 6:50 p.m. | #1
On 09/12/2017 01:13 PM, Peter Maydell wrote:
> When escalating to HardFault, we must go into Lockup if we

> can't take the synchronous HardFault because the current

> execution priority is already at or below the priority of

> HardFault. In v7M HF is always priority -1 so a simple < 0

> comparison sufficed; in v8M the priority of HardFault can

> vary depending on whether it is a Secure or NonSecure

> HardFault, so we must check against the priority of the

> HardFault exception vector we're about to use.

> 

> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

> ---

>  hw/intc/armv7m_nvic.c | 23 ++++++++++++-----------

>  1 file changed, 12 insertions(+), 11 deletions(-)


Reviewed-by: Richard Henderson <richard.henderson@linaro.org>


r~

Patch

diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
index 3361a28..c4670f7 100644
--- a/hw/intc/armv7m_nvic.c
+++ b/hw/intc/armv7m_nvic.c
@@ -487,18 +487,8 @@  void armv7m_nvic_set_pending(void *opaque, int irq, bool secure)
         }
 
         if (escalate) {
-            if (running < 0) {
-                /* We want to escalate to HardFault but we can't take a
-                 * synchronous HardFault at this point either. This is a
-                 * Lockup condition due to a guest bug. We don't model
-                 * Lockup, so report via cpu_abort() instead.
-                 */
-                cpu_abort(&s->cpu->parent_obj,
-                          "Lockup: can't escalate %d to HardFault "
-                          "(current priority %d)\n", irq, running);
-            }
 
-            /* We can do the escalation, so we take HardFault instead.
+            /* We need to escalate this exception to a synchronous HardFault.
              * If BFHFNMINS is set then we escalate to the banked HF for
              * the target security state of the original exception; otherwise
              * we take a Secure HardFault.
@@ -511,6 +501,17 @@  void armv7m_nvic_set_pending(void *opaque, int irq, bool secure)
             } else {
                 vec = &s->vectors[irq];
             }
+            if (running <= vec->prio) {
+                /* We want to escalate to HardFault but we can't take the
+                 * synchronous HardFault at this point either. This is a
+                 * Lockup condition due to a guest bug. We don't model
+                 * Lockup, so report via cpu_abort() instead.
+                 */
+                cpu_abort(&s->cpu->parent_obj,
+                          "Lockup: can't escalate %d to HardFault "
+                          "(current priority %d)\n", irq, running);
+            }
+
             /* HF may be banked but there is only one shared HFSR */
             s->cpu->env.v7m.hfsr |= R_V7M_HFSR_FORCED_MASK;
         }