From patchwork Fri Feb 9 11:02:50 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 127790 Delivered-To: patch@linaro.org Received: by 10.46.124.24 with SMTP id x24csp503781ljc; Fri, 9 Feb 2018 03:13:27 -0800 (PST) X-Google-Smtp-Source: AH8x225ycOoH1rFVZs8vraY35CMzsmfXSIkQpWZVotxvPyQNnweYkIIHtbUgN0KwvaU0t4gJ5mdW X-Received: by 10.37.113.70 with SMTP id m67mr1514609ybc.307.1518174807562; Fri, 09 Feb 2018 03:13:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518174807; cv=none; d=google.com; s=arc-20160816; b=zLi125IAuOuTU5G2/4MTdHYbak/BxRRistcoDeZFOe/T9xPdfUzPOJXDjl9VTlPH60 kxC+QLvAOC2JHn29mrVh64uyxk3xb0LwHFHq2mdjhnwKEACUsMFndLWSo1UGBpMkvE9t PH/5+OeqclxeQwwRCfA2E0MB7czoHNY3Cph/ooR6EitU+j6ZzrbSetkAAthbqPTkz4dw n88fCAAmGL8CloIe4D5olvMJBb3cm9KCaBouPrYmRrcJlZM34gyVNhjUCkeKsf3alSXY Kx3xsahWbypdPhch4Yqd2dQC2e4ELjh3za3R0s0PBgt7G7eus4yPAocZTgDsVuuVBiLu r/fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:arc-authentication-results; bh=hkWb013X36fGmA4eL2+a38gh6PDmZxfoCMAMrvqFxoI=; b=OgLznM6tPaLKxnNiUwFZX6zolObpSbxub5bQwk4/HfOcBxTjVUEWi60fUWqhnXLZgR 4sqC738o89fOpDoGP+RsZMI+Z0mYaNwc0PygctTMhpSHEUjM/FRzKyeFqmSF+yEoHA5R D4w4F0tWG3v6tHePtPb/3YjAtk2uluozxY1cCamMDELcZmVAKqg/f5E4qWMDcxR0fZLJ BhfPa40skSqxtR1nyzRN7ux6HyqbTRIpBG91slHedOP6kzk2+wN0ab94DVZWt06PCevv z8iIcir2c4j91zOY84JWtUZUTMkGFCWyr4R3UXAXiKKDop1IFVrcZJfLARvw0Ep3/zJG 0peA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id a8si366745ybc.171.2018.02.09.03.13.27 for (version=TLS1 cipher=AES128-SHA bits=128/128); Fri, 09 Feb 2018 03:13:27 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:34902 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ek6cQ-0000zQ-N0 for patch@linaro.org; Fri, 09 Feb 2018 06:13:26 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:39714) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ek6Sm-0000z4-Tk for qemu-devel@nongnu.org; Fri, 09 Feb 2018 06:03:36 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ek6Sl-0001vj-RC for qemu-devel@nongnu.org; Fri, 09 Feb 2018 06:03:28 -0500 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:46252) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ek6Sl-0001sW-Kg for qemu-devel@nongnu.org; Fri, 09 Feb 2018 06:03:27 -0500 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1ek6Sd-0002Ym-Kj for qemu-devel@nongnu.org; Fri, 09 Feb 2018 11:03:19 +0000 From: Peter Maydell To: qemu-devel@nongnu.org Date: Fri, 9 Feb 2018 11:02:50 +0000 Message-Id: <20180209110314.11766-7-peter.maydell@linaro.org> X-Mailer: git-send-email 2.16.1 In-Reply-To: <20180209110314.11766-1-peter.maydell@linaro.org> References: <20180209110314.11766-1-peter.maydell@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PULL 06/30] target/arm: Make exception vector loads honour the SAU X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Make the load of the exception vector from the vector table honour the SAU and any bus error on the load (possibly provoking a derived exception), rather than simply aborting if the load fails. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 1517324542-6607-7-git-send-email-peter.maydell@linaro.org --- target/arm/helper.c | 71 +++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 55 insertions(+), 16 deletions(-) -- 2.16.1 diff --git a/target/arm/helper.c b/target/arm/helper.c index 614162dd1e..c74f076d9d 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -6449,28 +6449,63 @@ static uint32_t *get_v7m_sp_ptr(CPUARMState *env, bool secure, bool threadmode, } } -static uint32_t arm_v7m_load_vector(ARMCPU *cpu, int exc, bool targets_secure) +static bool arm_v7m_load_vector(ARMCPU *cpu, int exc, bool targets_secure, + uint32_t *pvec) { CPUState *cs = CPU(cpu); CPUARMState *env = &cpu->env; MemTxResult result; - hwaddr vec = env->v7m.vecbase[targets_secure] + exc * 4; - uint32_t addr; + uint32_t addr = env->v7m.vecbase[targets_secure] + exc * 4; + uint32_t vector_entry; + MemTxAttrs attrs = {}; + ARMMMUIdx mmu_idx; + bool exc_secure; + + mmu_idx = arm_v7m_mmu_idx_for_secstate_and_priv(env, targets_secure, true); - addr = address_space_ldl(cs->as, vec, - MEMTXATTRS_UNSPECIFIED, &result); + /* We don't do a get_phys_addr() here because the rules for vector + * loads are special: they always use the default memory map, and + * the default memory map permits reads from all addresses. + * Since there's no easy way to pass through to pmsav8_mpu_lookup() + * that we want this special case which would always say "yes", + * we just do the SAU lookup here followed by a direct physical load. + */ + attrs.secure = targets_secure; + attrs.user = false; + + if (arm_feature(env, ARM_FEATURE_M_SECURITY)) { + V8M_SAttributes sattrs = {}; + + v8m_security_lookup(env, addr, MMU_DATA_LOAD, mmu_idx, &sattrs); + if (sattrs.ns) { + attrs.secure = false; + } else if (!targets_secure) { + /* NS access to S memory */ + goto load_fail; + } + } + + vector_entry = address_space_ldl(arm_addressspace(cs, attrs), addr, + attrs, &result); if (result != MEMTX_OK) { - /* Architecturally this should cause a HardFault setting HSFR.VECTTBL, - * which would then be immediately followed by our failing to load - * the entry vector for that HardFault, which is a Lockup case. - * Since we don't model Lockup, we just report this guest error - * via cpu_abort(). - */ - cpu_abort(cs, "Failed to read from %s exception vector table " - "entry %08x\n", targets_secure ? "secure" : "nonsecure", - (unsigned)vec); + goto load_fail; } - return addr; + *pvec = vector_entry; + return true; + +load_fail: + /* All vector table fetch fails are reported as HardFault, with + * HFSR.VECTTBL and .FORCED set. (FORCED is set because + * technically the underlying exception is a MemManage or BusFault + * that is escalated to HardFault.) This is a terminal exception, + * so we will either take the HardFault immediately or else enter + * lockup (the latter case is handled in armv7m_nvic_set_pending_derived()). + */ + exc_secure = targets_secure || + !(cpu->env.v7m.aircr & R_V7M_AIRCR_BFHFNMINS_MASK); + env->v7m.hfsr |= R_V7M_HFSR_VECTTBL_MASK | R_V7M_HFSR_FORCED_MASK; + armv7m_nvic_set_pending_derived(env->nvic, ARMV7M_EXCP_HARD, exc_secure); + return false; } static bool v7m_push_callee_stack(ARMCPU *cpu, uint32_t lr, bool dotailchain, @@ -6623,7 +6658,11 @@ static void v7m_exception_taken(ARMCPU *cpu, uint32_t lr, bool dotailchain, return; } - addr = arm_v7m_load_vector(cpu, exc, targets_secure); + if (!arm_v7m_load_vector(cpu, exc, targets_secure, &addr)) { + /* Vector load failed: derived exception */ + v7m_exception_taken(cpu, lr, true, true); + return; + } /* Now we've done everything that might cause a derived exception * we can go ahead and activate whichever exception we're going to