From patchwork Tue Sep 9 16:23:06 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Campbell X-Patchwork-Id: 37144 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-pa0-f70.google.com (mail-pa0-f70.google.com [209.85.220.70]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 7166E20566 for ; Tue, 9 Sep 2014 16:27:58 +0000 (UTC) Received: by mail-pa0-f70.google.com with SMTP id lj1sf21920066pab.9 for ; Tue, 09 Sep 2014 09:27:57 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:mime-version:cc:subject:precedence:list-id :list-unsubscribe:list-post:list-help:list-subscribe:sender :errors-to:x-original-sender:x-original-authentication-results :mailing-list:list-archive:content-type:content-transfer-encoding; bh=VImKFTndjyG4QSCSlNNkBccUZ79dDOf3EJ70in9svIc=; b=RrWAIGkzzYTvvKOKF6T2ui2Z3XCH2shkp3GcBEp99duaoU1UT02Pqp7Rz1EKq8vUlx XtT0cW+0AjHfli4xe+EgrXA4ma7I50ViUTLlGX0nVhO5J5zQDvAooSwqLounrWihbR2T XZo2tX2dQJipU23RYle3l0K2Ix4dWkRaXKIhB7ATMd5z8p9+7tTx7kWzNj7ETNp6wwo3 0xdoxQ0c5bilTJwDXlSee+TJqFE3qo+B3mi7ppUnXu4ucxoXU14nf3bnSBlj2xc1/L1/ jt3tut5tXRUHM1elkkI4WFy4E3wXLhwu2i0YwAQy4MbQyWoJoMo2mCNNK3MO59jNfPUh Gmbg== X-Gm-Message-State: ALoCoQlzqBcEjiqXQeXXNGeOZnJCRFED7Nyms10py5vR+6gQsx2zNeEYsEVT2BGQ2lZccqw1Sf++ X-Received: by 10.68.99.225 with SMTP id et1mr9208909pbb.0.1410280077793; Tue, 09 Sep 2014 09:27:57 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.18.193 with SMTP id 59ls2282802qgf.7.gmail; Tue, 09 Sep 2014 09:27:57 -0700 (PDT) X-Received: by 10.221.64.205 with SMTP id xj13mr22930400vcb.18.1410280077654; Tue, 09 Sep 2014 09:27:57 -0700 (PDT) Received: from mail-vc0-f171.google.com (mail-vc0-f171.google.com [209.85.220.171]) by mx.google.com with ESMTPS id og1si2173241vcb.83.2014.09.09.09.27.57 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 09 Sep 2014 09:27:57 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.220.171 as permitted sender) client-ip=209.85.220.171; Received: by mail-vc0-f171.google.com with SMTP id id10so17340961vcb.16 for ; Tue, 09 Sep 2014 09:27:57 -0700 (PDT) X-Received: by 10.220.97.5 with SMTP id j5mr31962982vcn.16.1410280077522; Tue, 09 Sep 2014 09:27:57 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.221.45.67 with SMTP id uj3csp310560vcb; Tue, 9 Sep 2014 09:27:57 -0700 (PDT) X-Received: by 10.220.17.145 with SMTP id s17mr1183666vca.77.1410280076772; Tue, 09 Sep 2014 09:27:56 -0700 (PDT) Received: from lists.xen.org (lists.xen.org. [50.57.142.19]) by mx.google.com with ESMTPS id dr6si3086001vcb.67.2014.09.09.09.27.56 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 09 Sep 2014 09:27:56 -0700 (PDT) Received-SPF: none (google.com: xen-devel-bounces@lists.xen.org does not designate permitted sender hosts) client-ip=50.57.142.19; Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XROF0-0003sB-4q; Tue, 09 Sep 2014 16:26:02 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XROEy-0003qu-DR for xen-devel@lists.xen.org; Tue, 09 Sep 2014 16:26:00 +0000 Received: from [85.158.143.35:20661] by server-2.bemta-4.messagelabs.com id 73/08-04525-71A2F045; Tue, 09 Sep 2014 16:25:59 +0000 X-Env-Sender: Ian.Campbell@citrix.com X-Msg-Ref: server-3.tower-21.messagelabs.com!1410279957!12355182!1 X-Originating-IP: [66.165.176.89] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni44OSA9PiAyMDMwMDc=\n X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 6036 invoked from network); 9 Sep 2014 16:25:59 -0000 Received: from smtp.citrix.com (HELO SMTP.CITRIX.COM) (66.165.176.89) by server-3.tower-21.messagelabs.com with RC4-SHA encrypted SMTP; 9 Sep 2014 16:25:59 -0000 X-IronPort-AV: E=Sophos;i="5.04,492,1406592000"; d="scan'208";a="169814332" Received: from ukmail1.uk.xensource.com (10.80.16.128) by smtprelay.citrix.com (10.13.107.78) with Microsoft SMTP Server id 14.3.181.6; Tue, 9 Sep 2014 12:23:16 -0400 Received: from drall.uk.xensource.com ([10.80.16.71]) by ukmail1.uk.xensource.com with smtp (Exim 4.69) (envelope-from ) id 1XROCJ-0001uZ-7q; Tue, 09 Sep 2014 17:23:16 +0100 Received: by drall.uk.xensource.com (sSMTP sendmail emulation); Tue, 09 Sep 2014 17:23:15 +0100 From: Ian Campbell To: Date: Tue, 9 Sep 2014 17:23:06 +0100 Message-ID: <1410279788-27167-7-git-send-email-ian.campbell@citrix.com> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1410279730.8217.238.camel@kazak.uk.xensource.com> References: <1410279730.8217.238.camel@kazak.uk.xensource.com> MIME-Version: 1.0 X-DLP: MIA1 Cc: julien.grall@linaro.org, tim@xen.org, Ian Campbell , stefano.stabellini@eu.citrix.com Subject: [Xen-devel] [PATCH 7/9] xen: arm: correctly handle sysreg accesses from userspace X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Post: , List-Help: , List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: ian.campbell@citrix.com X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.220.171 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 List-Archive: Previously we implemented all registers as RAZ/WI even if they shouldn't be accessible to userspace. Accesses to the *_EL1 registers from EL0 are trapped to EL1 by the hardware, so add a BUG_ON. Likewise accesses from 32-bit EL1 cannot happen. PMUSERENR_EL0 and MDCCSR_EL0 are R/O to EL0. Other PM*_EL0 registers are accessible at EL0 only if PMUSERENR_EL0.EN is set, since we emulate that as RAZ/WI we know that bit cannot be set. Signed-off-by: Ian Campbell --- xen/arch/arm/traps.c | 54 +++++++++++++++++++++++++++++++---------- xen/include/asm-arm/sysregs.h | 1 + 2 files changed, 42 insertions(+), 13 deletions(-) diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 01cc3c0..be02c68 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -1726,11 +1726,40 @@ static void do_sysreg(struct cpu_user_regs *regs, switch ( hsr.bits & HSR_SYSREG_REGS_MASK ) { /* RAZ/WI registers: */ + /* - Debug */ case HSR_SYSREG_MDSCR_EL1: /* - Perf monitors */ case HSR_SYSREG_PMINTENSET_EL1: case HSR_SYSREG_PMINTENCLR_EL1: + /* - Breakpoints */ + HSR_SYSREG_DBG_CASES(DBGBVR): + HSR_SYSREG_DBG_CASES(DBGBCR): + /* - Watchpoints */ + HSR_SYSREG_DBG_CASES(DBGWVR): + HSR_SYSREG_DBG_CASES(DBGWCR): + /* - Double Lock Register */ + case HSR_SYSREG_OSDLR_EL1: + /* EL1 only */ + BUG_ON(psr_mode_is_user(regs)); + goto sysreg_raz_wi; + + case HSR_SYSREG_PMUSERENR_EL0: + /* RO at EL0. RAZ/WI at EL1 */ + if ( psr_mode_is_user(regs) && !hsr.sysreg.read ) + goto undef_sysreg; + goto sysreg_raz_wi; + + case HSR_SYSREG_MDCCSR_EL0: + /* + * Accessible at EL0 only if MDSCR_EL1.TDCC is set to 0. We emulate that + * register as RAZ/WI above. So RO at both EL0 and EL1. + */ + if ( !hsr.sysreg.read ) + goto undef_sysreg; + + *x = 0; + break; case HSR_SYSREG_PMCR_EL0: case HSR_SYSREG_PMCNTENSET_EL0: case HSR_SYSREG_PMCNTENCLR_EL0: @@ -1742,16 +1771,16 @@ static void do_sysreg(struct cpu_user_regs *regs, case HSR_SYSREG_PMCCNTR_EL0: case HSR_SYSREG_PMXEVTYPER_EL0: case HSR_SYSREG_PMXEVCNTR_EL0: - case HSR_SYSREG_PMUSERENR_EL0: case HSR_SYSREG_PMOVSSET_EL0: - /* - Breakpoints */ - HSR_SYSREG_DBG_CASES(DBGBVR): - HSR_SYSREG_DBG_CASES(DBGBCR): - /* - Watchpoints */ - HSR_SYSREG_DBG_CASES(DBGWVR): - HSR_SYSREG_DBG_CASES(DBGWCR): - /* - Double Lock Register */ - case HSR_SYSREG_OSDLR_EL1: + /* + * Accessible at EL0 only if PMUSERENR_EL0.EN is set. We + * emulate that register as 0 above. + */ + if ( psr_mode_is_user(regs) ) + goto undef_sysreg; + /* Fall thru */ + + sysreg_raz_wi: if ( hsr.sysreg.read ) *x = 0; /* else: write ignored */ @@ -1759,8 +1788,9 @@ static void do_sysreg(struct cpu_user_regs *regs, /* Write only, Write ignore registers: */ case HSR_SYSREG_OSLAR_EL1: + BUG_ON(psr_mode_is_user(regs)); if ( hsr.sysreg.read ) - goto bad_sysreg; + goto undef_sysreg; /* else: write ignored */ break; case HSR_SYSREG_CNTP_CTL_EL0: @@ -1768,7 +1798,6 @@ static void do_sysreg(struct cpu_user_regs *regs, case HSR_SYSREG_CNTPCT_EL0: goto undef_sysreg; default: - bad_sysreg: { #ifndef NDEBUG struct hsr_sysreg sysreg = hsr.sysreg; @@ -1999,8 +2028,7 @@ asmlinkage void do_trap_hypervisor(struct cpu_user_regs *regs) inject_undef64_exception(regs, hsr.len); break; case HSR_EC_SYSREG: - if ( is_32bit_domain(current->domain) ) - goto bad_trap; + BUG_ON(psr_mode_is_32bit(regs->cpsr)); do_sysreg(regs, hsr); break; #endif diff --git a/xen/include/asm-arm/sysregs.h b/xen/include/asm-arm/sysregs.h index b00871c..0e8c497 100644 --- a/xen/include/asm-arm/sysregs.h +++ b/xen/include/asm-arm/sysregs.h @@ -43,6 +43,7 @@ #define HSR_SYSREG_MDSCR_EL1 HSR_SYSREG(2,0,c0,c2,2) #define HSR_SYSREG_OSLAR_EL1 HSR_SYSREG(2,0,c1,c0,4) #define HSR_SYSREG_OSDLR_EL1 HSR_SYSREG(2,0,c1,c3,4) +#define HSR_SYSREG_MDCCSR_EL0 HSR_SYSREG(2,3,c0,c1,0) #define HSR_SYSREG_DBGBVRn_EL1(n) HSR_SYSREG(2,0,c0,c##n,4) #define HSR_SYSREG_DBGBCRn_EL1(n) HSR_SYSREG(2,0,c0,c##n,5)