From patchwork Tue Aug 14 18:18:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 144232 Delivered-To: patch@linaro.org Received: by 2002:a2e:9754:0:0:0:0:0 with SMTP id f20-v6csp4727417ljj; Tue, 14 Aug 2018 11:59:32 -0700 (PDT) X-Google-Smtp-Source: AA+uWPx7Mge9YPz9ulL7kXZ3GHcXHCy4TCO65DdZhNVzlrB6DK1R+e3UBL2uxPVicXM7sUNCvbWV X-Received: by 2002:a37:4712:: with SMTP id u18-v6mr22050783qka.301.1534273172067; Tue, 14 Aug 2018 11:59:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534273172; cv=none; d=google.com; s=arc-20160816; b=p+L+UxlOctjXgfPmz3ErmGk+xEa8R6wAF+qg2W7JpKmaxhIHHE5kV5tiNrO5Zm0KTR f6hMSMTPnuF4dLwKqgreg4FxsLoK9JDXeKxR32OMuM14MxolvJCTHtoTcE3AumGU5iD4 6klW+bwY1+VH0SN19WKFrFwQLkTlTgYJGZUl86mDzgY3onTMV4SHsWowQR6TukBFut0P FNK9zLIngLumJh7X3Rdt9Q/hrKHbi6CWtC9zSwPK0mPjkndSHkte/M7AcKqcBzBB3G81 z8SrbZGmnH5ecZDuwgXnb++17z1iDMgqHOyPxDRoORqKLRuM9Fj6JLmZ7HyYPFM+zkSe pLzw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:arc-authentication-results; bh=2AB0DUzZSBwjjArEJ5wQm4so8g+8YN/YSynPJFIBaLM=; b=r7uhWdkVUsm2+rtg+AllP23fv5NFBzaoja9tMcqaNj1tiyMZw06lOowQ3Pj9ljPtiZ nzqPUlTsHeOBDt/l/dwa7V5RKcmaMKwhnTwZCv/9NxM940Yo9K5SAu34Y5nCNSH++TPr 10XM0rs0J8B8nx/68ZVWCntey4g5un2hz7ZAf8BONgjNqNB6jlFR97UIf8sSD8HcRNGY z1oRaL8LwGyi+Utr5QRwzOwHM786X4EL+dK+WrbX9u5EubH6Ekk/oR8DjDGZGMP6KJ8X HgygPu7bTZxiIGL/stsCRqOiI0EVKTGrGFiq9MdWE5zIOL+8uqUnC23Nr0MUbcF9JZsA sNTQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id r1-v6si10383143qkf.172.2018.08.14.11.59.31 for (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 14 Aug 2018 11:59:32 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:45814 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fpeXT-00019E-Gx for patch@linaro.org; Tue, 14 Aug 2018 14:59:31 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52842) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fpdvp-0005D8-Mq for qemu-devel@nongnu.org; Tue, 14 Aug 2018 14:22:21 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fpduK-0006rJ-EC for qemu-devel@nongnu.org; Tue, 14 Aug 2018 14:20:37 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:44430) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fpduK-0006oe-1Q for qemu-devel@nongnu.org; Tue, 14 Aug 2018 14:19:04 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1fpduI-0007Oh-4L for qemu-devel@nongnu.org; Tue, 14 Aug 2018 19:19:02 +0100 From: Peter Maydell To: qemu-devel@nongnu.org Date: Tue, 14 Aug 2018 19:18:10 +0100 Message-Id: <20180814181815.23348-41-peter.maydell@linaro.org> X-Mailer: git-send-email 2.18.0 In-Reply-To: <20180814181815.23348-1-peter.maydell@linaro.org> References: <20180814181815.23348-1-peter.maydell@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PULL 40/45] target/arm: Restore M-profile CONTROL.SPSEL before any tailchaining X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" On exception return for M-profile, we must restore the CONTROL.SPSEL bit from the EXCRET value before we do any kind of tailchaining, including for the derived exceptions on integrity check failures. Otherwise we will give the guest an incorrect EXCRET.SPSEL value on exception entry for the tailchained exception. Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20180720145647.8810-4-peter.maydell@linaro.org --- target/arm/helper.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) -- 2.18.0 diff --git a/target/arm/helper.c b/target/arm/helper.c index 9d908f1c663..559065131a4 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -7131,6 +7131,16 @@ static void do_v7m_exception_exit(ARMCPU *cpu) } } + /* + * Set CONTROL.SPSEL from excret.SPSEL. Since we're still in + * Handler mode (and will be until we write the new XPSR.Interrupt + * field) this does not switch around the current stack pointer. + * We must do this before we do any kind of tailchaining, including + * for the derived exceptions on integrity check failures, or we will + * give the guest an incorrect EXCRET.SPSEL value on exception entry. + */ + write_v7m_control_spsel_for_secstate(env, return_to_sp_process, exc_secure); + if (sfault) { env->v7m.sfsr |= R_V7M_SFSR_INVER_MASK; armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_SECURE, false); @@ -7152,12 +7162,6 @@ static void do_v7m_exception_exit(ARMCPU *cpu) return; } - /* Set CONTROL.SPSEL from excret.SPSEL. Since we're still in - * Handler mode (and will be until we write the new XPSR.Interrupt - * field) this does not switch around the current stack pointer. - */ - write_v7m_control_spsel_for_secstate(env, return_to_sp_process, exc_secure); - switch_v7m_security_state(env, return_to_secure); {