From patchwork Tue Nov 5 20:52:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 178557 Delivered-To: patch@linaro.org Received: by 2002:a92:38d5:0:0:0:0:0 with SMTP id g82csp1300598ilf; Tue, 5 Nov 2019 13:08:45 -0800 (PST) X-Google-Smtp-Source: APXvYqz/00ULIseILaJ1J9y3PLKzxI7E87R0eXwg7S8xq2RsirzaqTbEh9bFjwecnDDu2uImWqIw X-Received: by 2002:ac8:7186:: with SMTP id w6mr20071108qto.220.1572988125431; Tue, 05 Nov 2019 13:08:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1572988125; cv=none; d=google.com; s=arc-20160816; b=wVoJKNvnKHqEqhD1yigUOzqGgYZyqcTITQcupCY3PpMWKNlZkvREcskusgrK1ausiG VD4D1KRhF0JEAAgNZEgsNTI6ykJCFXlNbp0lahKhmypdAuvYG1BUu1TmP/xePF4r9jQw M4orIatwopE4U8Ff0SF1HEh+LywOu7FJs5/MouYZujEVEvTDGefp+F1xLVowqij3HtC9 xidpTpuHG/PO3BsuIhQzHtkwvJbzfZ/uESm9+5iThZKDKqItJGaZEoXVsQ3x56ARW1Ts b+XxQbv14sq0KxxVVJTdLdeLRNda2serm1QQmv/5vJzj+croH21vV6W0fzFnT2rGJhrY I52w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from; bh=qZVdh0yL9CQgmaUVvOGHHGmeP+hu6oUlr115M5Ln3ms=; b=vnTuiht+Nuf6QfscbZTNeSaPDcrV2VhMdMd5R1Zc4WwJTGzpfR3c+Q17Ga42SBhY18 MublqucYT2PDm7cTG1iHwOYsXcVQpxhGOawx30hiITmZPL2A4dKf9WSfI6GNEqaRB0X5 FQA4a4N/FDevYO221/DuJNJDfHob69u1uw3MNvtWdrFxAvmO/zW7gXtWxsVtiKqYylPF 11bQTm2z4B60Vh0MTU3UV+KBx06iS1C1YpTlnWzSvNCa2a0UGEoP1dlaSnKpyo3cLYS+ MD+qJgE4C/BYYtdba5e79qZ222Xwhs+RV5EKYJrBtV86YNeqBe+tpCxJuIXt2U+hmw5O QyXA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id i5si16079669qkd.274.2019.11.05.13.08.45 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Nov 2019 13:08:45 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from localhost ([::1]:50084 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iS64C-00037U-En for patch@linaro.org; Tue, 05 Nov 2019 16:08:44 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:58283) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iS5p4-0000O2-6K for qemu-devel@nongnu.org; Tue, 05 Nov 2019 15:53:07 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iS5p2-0001yh-NZ for qemu-devel@nongnu.org; Tue, 05 Nov 2019 15:53:06 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:49908) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iS5oz-0001vT-SF; Tue, 05 Nov 2019 15:53:02 -0500 Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id xA5KpYn0027559; Tue, 5 Nov 2019 15:53:00 -0500 Received: from ppma04dal.us.ibm.com (7a.29.35a9.ip4.static.sl-reverse.com [169.53.41.122]) by mx0a-001b2d01.pphosted.com with ESMTP id 2w3g6dgk4u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 Nov 2019 15:52:59 -0500 Received: from pps.filterd (ppma04dal.us.ibm.com [127.0.0.1]) by ppma04dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id xA5KnuZo000943; Tue, 5 Nov 2019 20:52:57 GMT Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma04dal.us.ibm.com with ESMTP id 2w11e79ffw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 Nov 2019 20:52:57 +0000 Received: from b01ledav002.gho.pok.ibm.com (b01ledav002.gho.pok.ibm.com [9.57.199.107]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xA5KqvwF48693678 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 5 Nov 2019 20:52:57 GMT Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1BC5E124054; Tue, 5 Nov 2019 20:52:57 +0000 (GMT) Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0A198124052; Tue, 5 Nov 2019 20:52:57 +0000 (GMT) Received: from localhost (unknown [9.53.179.218]) by b01ledav002.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 5 Nov 2019 20:52:56 +0000 (GMT) From: Michael Roth To: qemu-devel@nongnu.org Subject: [PATCH 18/55] target/arm: Free TCG temps in trans_VMOV_64_sp() Date: Tue, 5 Nov 2019 14:52:06 -0600 Message-Id: <20191105205243.3766-19-mdroth@linux.vnet.ibm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20191105205243.3766-1-mdroth@linux.vnet.ibm.com> References: <20191105205243.3766-1-mdroth@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-11-05_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=3 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1911050170 X-MIME-Autoconverted: from 8bit to quoted-printable by mx0a-001b2d01.pphosted.com id xA5KpYn0027559 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , qemu-stable@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" From: Peter Maydell The function neon_store_reg32() doesn't free the TCG temp that it is passed, so the caller must do that. We got this right in most places but forgot to free the TCG temps in trans_VMOV_64_sp(). Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé Message-id: 20190827121931.26836-1-peter.maydell@linaro.org (cherry picked from commit 342d27581bd3ecdb995e4fc55fcd383cf3242888) Signed-off-by: Michael Roth --- target/arm/translate-vfp.inc.c | 2 ++ 1 file changed, 2 insertions(+) -- 2.17.1 diff --git a/target/arm/translate-vfp.inc.c b/target/arm/translate-vfp.inc.c index 092eb5ec53..ef45cecbea 100644 --- a/target/arm/translate-vfp.inc.c +++ b/target/arm/translate-vfp.inc.c @@ -881,8 +881,10 @@ static bool trans_VMOV_64_sp(DisasContext *s, arg_VMOV_64_sp *a) /* gpreg to fpreg */ tmp = load_reg(s, a->rt); neon_store_reg32(tmp, a->vm); + tcg_temp_free_i32(tmp); tmp = load_reg(s, a->rt2); neon_store_reg32(tmp, a->vm + 1); + tcg_temp_free_i32(tmp); } return true; From patchwork Tue Nov 5 20:52:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 178556 Delivered-To: patch@linaro.org Received: by 2002:a92:38d5:0:0:0:0:0 with SMTP id g82csp1300092ilf; Tue, 5 Nov 2019 13:08:19 -0800 (PST) X-Google-Smtp-Source: APXvYqwbRyBc0KSCR6n1absOuArcUROHypA9O9q4Fl7QQQxGszykzSWz/FGOH1OUffrjxDYlLXlv X-Received: by 2002:ac8:ccf:: with SMTP id o15mr19886842qti.380.1572988099498; Tue, 05 Nov 2019 13:08:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1572988099; cv=none; d=google.com; s=arc-20160816; b=hzMwtbPRUvsUjcX+UEiAYSaEc4nlexSUMMRzhXRWfvAFcjbqnqEWnlKauEK59il2CI g1tpwjyJ5QFUQg6Uw2BpeOTv1dc3e/8MxmVvPRL0bED73B18G6OmyTSuSn1HdVzI9WZd yv+W249wCrCT+5bXzijjJG9CewLt3UlDUJL81GU7AU71LWCOzfEwwKx8qjww8itUwzGL KOpxYld29qH+pb+FZMpkyVLFgXpG5uArkXGhvVphpMXwZyH5ywV/leUxUEfAxzQ+He7Y rm1fTdewUTXiplRRHApZ98OB8oUB6+qn3mnJPyeHTI67+ZyMtAwx2VcCCPgqPF1Ao5Rf KVgg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:to:from; bh=RaKCg8iWBH/bBxx5nH4yPHjvJzsC4mcMr0lHsMrKa/w=; b=POrYB6yWPvrCJ/q3D2+FHLdUUg++KOBoDo8ucvlbsYTVlV008sYc3AbWOX0CXcfGLI FCWOrqP343PVwVsYsasCmkLlP8dBUqloe/BUMvm/O9Et98+/V9e9Wy6UxWfCD4huD1+U oiDyC/yQ2dghM7KVrzKAHS6d+gQkFgLuJuBMjjPxhViQOTbpgzPX9LXMR3vWGwP6iE+2 TUv3q0ggIQ8Rfbsfx1L05nd4S5pKyjxOJU3c9JW/B9rQ5qMXaRDr3DvpUR77+FhTv6w3 FvBK5xEkD/Kmi4VPJMn9eXQ/nyvyYDNhK9aWRG3cPK5F+4zodkaebiy6gzegd/O3/PC/ 3r7Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id p94si16219944qtd.261.2019.11.05.13.08.19 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Nov 2019 13:08:19 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from localhost ([::1]:50074 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iS63m-0002MA-EW for patch@linaro.org; Tue, 05 Nov 2019 16:08:18 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:58307) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iS5p4-0000P5-O3 for qemu-devel@nongnu.org; Tue, 05 Nov 2019 15:53:08 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iS5p2-0001yn-UT for qemu-devel@nongnu.org; Tue, 05 Nov 2019 15:53:06 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:43478) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iS5oz-0001us-0h; Tue, 05 Nov 2019 15:53:01 -0500 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id xA5KpcYW028474; Tue, 5 Nov 2019 15:52:59 -0500 Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0a-001b2d01.pphosted.com with ESMTP id 2w3dd0xuw9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 Nov 2019 15:52:59 -0500 Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id xA5Knt3B031285; Tue, 5 Nov 2019 20:52:58 GMT Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma01dal.us.ibm.com with ESMTP id 2w11e7hh8m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 Nov 2019 20:52:58 +0000 Received: from b01ledav002.gho.pok.ibm.com (b01ledav002.gho.pok.ibm.com [9.57.199.107]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xA5Kqv6O48693684 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 5 Nov 2019 20:52:57 GMT Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9F587124054; Tue, 5 Nov 2019 20:52:57 +0000 (GMT) Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8C569124052; Tue, 5 Nov 2019 20:52:57 +0000 (GMT) Received: from localhost (unknown [9.53.179.218]) by b01ledav002.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 5 Nov 2019 20:52:57 +0000 (GMT) From: Michael Roth To: qemu-devel@nongnu.org Subject: [PATCH 19/55] target/arm: Don't abort on M-profile exception return in linux-user mode Date: Tue, 5 Nov 2019 14:52:07 -0600 Message-Id: <20191105205243.3766-20-mdroth@linux.vnet.ibm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20191105205243.3766-1-mdroth@linux.vnet.ibm.com> References: <20191105205243.3766-1-mdroth@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-11-05_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1911050170 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , qemu-stable@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" From: Peter Maydell An attempt to do an exception-return (branch to one of the magic addresses) in linux-user mode for M-profile should behave like a normal branch, because linux-user mode is always going to be in 'handler' mode. This used to work, but we broke it when we added support for the M-profile security extension in commit d02a8698d7ae2bfed. In that commit we allowed even handler-mode calls to magic return values to be checked for and dealt with by causing an EXCP_EXCEPTION_EXIT exception to be taken, because this is needed for the FNC_RETURN return-from-non-secure-function-call handling. For system mode we added a check in do_v7m_exception_exit() to make any spurious calls from Handler mode behave correctly, but forgot that linux-user mode would also be affected. How an attempted return-from-non-secure-function-call in linux-user mode should be handled is not clear -- on real hardware it would result in return to secure code (not to the Linux kernel) which could then handle the error in any way it chose. For QEMU we take the simple approach of treating this erroneous return the same way it would be handled on a CPU without the security extensions -- treat it as a normal branch. The upshot of all this is that for linux-user mode we should never do any of the bx_excret magic, so the code change is simple. This ought to be a weird corner case that only affects broken guest code (because Linux user processes should never be attempting to do exception returns or NS function returns), except that the code that assigns addresses in RAM for the process and stack in our linux-user code does not attempt to avoid this magic address range, so legitimate code attempting to return to a trampoline routine on the stack can fall into this case. This change fixes those programs, but we should also look at restricting the range of memory we use for M-profile linux-user guests to the area that would be real RAM in hardware. Cc: qemu-stable@nongnu.org Reported-by: Christophe Lyon Reviewed-by: Richard Henderson Signed-off-by: Peter Maydell Message-id: 20190822131534.16602-1-peter.maydell@linaro.org Fixes: https://bugs.launchpad.net/qemu/+bug/1840922 Signed-off-by: Peter Maydell (cherry picked from commit 5e5584c89f36b302c666bc6db535fd3f7ff35ad2) Signed-off-by: Michael Roth --- target/arm/translate.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) -- 2.17.1 diff --git a/target/arm/translate.c b/target/arm/translate.c index 7853462b21..24cb4ba075 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -952,10 +952,27 @@ static inline void gen_bx(DisasContext *s, TCGv_i32 var) store_cpu_field(var, thumb); } -/* Set PC and Thumb state from var. var is marked as dead. +/* + * Set PC and Thumb state from var. var is marked as dead. * For M-profile CPUs, include logic to detect exception-return * branches and handle them. This is needed for Thumb POP/LDM to PC, LDR to PC, * and BX reg, and no others, and happens only for code in Handler mode. + * The Security Extension also requires us to check for the FNC_RETURN + * which signals a function return from non-secure state; this can happen + * in both Handler and Thread mode. + * To avoid having to do multiple comparisons in inline generated code, + * we make the check we do here loose, so it will match for EXC_RETURN + * in Thread mode. For system emulation do_v7m_exception_exit() checks + * for these spurious cases and returns without doing anything (giving + * the same behaviour as for a branch to a non-magic address). + * + * In linux-user mode it is unclear what the right behaviour for an + * attempted FNC_RETURN should be, because in real hardware this will go + * directly to Secure code (ie not the Linux kernel) which will then treat + * the error in any way it chooses. For QEMU we opt to make the FNC_RETURN + * attempt behave the way it would on a CPU without the security extension, + * which is to say "like a normal branch". That means we can simply treat + * all branches as normal with no magic address behaviour. */ static inline void gen_bx_excret(DisasContext *s, TCGv_i32 var) { @@ -963,10 +980,12 @@ static inline void gen_bx_excret(DisasContext *s, TCGv_i32 var) * s->base.is_jmp that we need to do the rest of the work later. */ gen_bx(s, var); +#ifndef CONFIG_USER_ONLY if (arm_dc_feature(s, ARM_FEATURE_M_SECURITY) || (s->v7m_handler_mode && arm_dc_feature(s, ARM_FEATURE_M))) { s->base.is_jmp = DISAS_BX_EXCRET; } +#endif } static inline void gen_bx_excret_final_code(DisasContext *s) From patchwork Tue Nov 5 20:52:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 178558 Delivered-To: patch@linaro.org Received: by 2002:a92:38d5:0:0:0:0:0 with SMTP id g82csp1302418ilf; Tue, 5 Nov 2019 13:10:27 -0800 (PST) X-Google-Smtp-Source: APXvYqxhTezFyp+ZKo2+YjU4CCo0Z2yzCGn/JzFGk2FF1UGzIhnCGbekPxwHB9WMimlqqtc1CEi9 X-Received: by 2002:a17:906:12d3:: with SMTP id l19mr3940396ejb.165.1572988227343; Tue, 05 Nov 2019 13:10:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1572988227; cv=none; d=google.com; s=arc-20160816; b=Qr9jn0HfP3/CAHgMyZPCKexwlyAxrt3z5WNuy1lxiMZ1rzvIEuIKSnY3rK+uKYK2Bl 6n3hWZuL5uJzpyFDZaZf7zeGy/MnYWtBLKpffpqC959qh4GEmp3DlbVW5PW49ZDiYRei +/v1IOlFT/7GQ0LLBxwy0N/LSO+pEav62mwjsK8KcPNe2k6cVDy395E52APuwnyhcUsI HCFyW/RGQDnm9NRR2jyS/QpSWwDV+1gUIPqr3Jdy/+usz75lAfjlUaCSZ2L3LaNRkJEj XkfW3wj/6ijCxmERNKzUkVGfjTDfcq025rNEdREc0QVKXxnwgMemoBsFbFU/SU1RrHRU h7Zg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:to:from; bh=eIS7F+FZaKSWXKNnpV01VaXFEjfq/HmiS/eWWeIXRzM=; b=PWAzGUC1HBbU99Cy4dLcFyP//rOVkY/O74rpL6mxHLQDOYSBuYAe3xuodoQ/xbISKd 720dipxMeVOqb6NgZGK9MAcKBNnzq0LVRb7aTMRZsHw0lOHLkN3JxRHK3eRXQh8PetWC 2Nrn4wgkJdLA65JxoEB0696GkrS93wWYTsrLkv+yIJFWKyx5jbUQU9OX0877oBMQkVLR GZvNAIqsxy9cOc4l665NgW/umXQdp987n3EpS3qvDp0ulZu15jkSPZMy2DZldPGmCoXZ jN8ToFXzSB8HNcGZvfDouxItjDuR1rNokjx+3Ang9yydFiOvqtHZsJT/Ybq5y2dzLz1B CkEg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id q20si15099574ejt.360.2019.11.05.13.10.27 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Nov 2019 13:10:27 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from localhost ([::1]:50098 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iS65p-0005nb-PE for patch@linaro.org; Tue, 05 Nov 2019 16:10:25 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:58751) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iS5pX-0001Du-Rj for qemu-devel@nongnu.org; Tue, 05 Nov 2019 15:53:37 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iS5pW-0002Pq-G3 for qemu-devel@nongnu.org; Tue, 05 Nov 2019 15:53:35 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:11280) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iS5pT-00023C-HD; Tue, 05 Nov 2019 15:53:31 -0500 Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id xA5KpY9B078175; Tue, 5 Nov 2019 15:53:10 -0500 Received: from ppma01wdc.us.ibm.com (fd.55.37a9.ip4.static.sl-reverse.com [169.55.85.253]) by mx0a-001b2d01.pphosted.com with ESMTP id 2w3eh7bw57-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 Nov 2019 15:53:09 -0500 Received: from pps.filterd (ppma01wdc.us.ibm.com [127.0.0.1]) by ppma01wdc.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id xA5KnxfU018313; Tue, 5 Nov 2019 20:53:11 GMT Received: from b01cxnp23033.gho.pok.ibm.com (b01cxnp23033.gho.pok.ibm.com [9.57.198.28]) by ppma01wdc.us.ibm.com with ESMTP id 2w11e71772-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 Nov 2019 20:53:11 +0000 Received: from b01ledav002.gho.pok.ibm.com (b01ledav002.gho.pok.ibm.com [9.57.199.107]) by b01cxnp23033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xA5Kr7WA12779976 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 5 Nov 2019 20:53:07 GMT Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1DAC412405B; Tue, 5 Nov 2019 20:53:07 +0000 (GMT) Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0B1FA124062; Tue, 5 Nov 2019 20:53:07 +0000 (GMT) Received: from localhost (unknown [9.53.179.218]) by b01ledav002.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 5 Nov 2019 20:53:07 +0000 (GMT) From: Michael Roth To: qemu-devel@nongnu.org Subject: [PATCH 35/55] hw/arm/boot.c: Set NSACR.{CP11, CP10} for NS kernel boots Date: Tue, 5 Nov 2019 14:52:23 -0600 Message-Id: <20191105205243.3766-36-mdroth@linux.vnet.ibm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20191105205243.3766-1-mdroth@linux.vnet.ibm.com> References: <20191105205243.3766-1-mdroth@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-11-05_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1911050170 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , qemu-stable@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" From: Peter Maydell If we're booting a Linux kernel directly into Non-Secure state on a CPU which has Secure state, then make sure we set the NSACR CP11 and CP10 bits, so that Non-Secure is allowed to access the FPU. Otherwise an AArch32 kernel will UNDEF as soon as it tries to use the FPU. It used to not matter that we didn't do this until commit fc1120a7f5f2d4b6, where we implemented actually honouring these NSACR bits. The problem only exists for CPUs where EL3 is AArch32; the equivalent AArch64 trap bits are in CPTR_EL3 and are "0 to not trap, 1 to trap", so the reset value of the register permits NS access, unlike NSACR. Fixes: fc1120a7f5 Fixes: https://bugs.launchpad.net/qemu/+bug/1844597 Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20190920174039.3916-1-peter.maydell@linaro.org (cherry picked from commit ece628fcf69cbbd4b3efb6fbd203af07609467a2) Signed-off-by: Michael Roth --- hw/arm/boot.c | 2 ++ 1 file changed, 2 insertions(+) -- 2.17.1 diff --git a/hw/arm/boot.c b/hw/arm/boot.c index c2b89b3bb9..fc4e021a38 100644 --- a/hw/arm/boot.c +++ b/hw/arm/boot.c @@ -754,6 +754,8 @@ static void do_cpu_reset(void *opaque) (cs != first_cpu || !info->secure_board_setup)) { /* Linux expects non-secure state */ env->cp15.scr_el3 |= SCR_NS; + /* Set NSACR.{CP11,CP10} so NS can access the FPU */ + env->cp15.nsacr |= 3 << 10; } } From patchwork Tue Nov 5 20:52:40 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 178559 Delivered-To: patch@linaro.org Received: by 2002:a92:38d5:0:0:0:0:0 with SMTP id g82csp1318679ilf; Tue, 5 Nov 2019 13:26:01 -0800 (PST) X-Google-Smtp-Source: APXvYqwjP/MWez502ogz5rr8cd9o/WH2pcUci4sVr7UjvGYNqDEb5s39IO9bXpsmsbwdqHwDYzKz X-Received: by 2002:aed:228b:: with SMTP id p11mr20244960qtc.196.1572989161124; Tue, 05 Nov 2019 13:26:01 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1572989161; cv=none; d=google.com; s=arc-20160816; b=r84wEZ/18B7E/EkAHFXhiTtW1vYuGNJtQ++OJjWCo0U34lg/LpV77wTEeqO/Fjcxhe hj25QQ3kBJg4Eqitkfd0EOl2jiURRbLZR5ful1qNGf7BxKJVcqW4T3FrYZO9wHDZDBCb AM6/vjdZ9v8YY8/svv7LwfAzAk989dJk4vqWuoAAwsNG9IB2n3ea7A/XLNy3NACFu/UJ VlOKZpuVaseVRdgGYosUFVWN+txh07sVyq4cm6z07ZQjhDx3iCFPi0c+Kwc42UYAQQ0E 2o7Oq7sbaE6XTA5dJdwtEd6jzod/WHk77RhA7rJQkm4KnLhShIihkGov1/g1k/P8wy50 ZgHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:to:from; bh=AQJ48Ra9N6dujU2RHP4cwW4oAhIO2xXgVH3ReujLXDI=; b=DZEqwy6vbFle7fkBRlwXMB1mTS3JG7xDELScxuXDmRdWhXhizHq7ck3G8bAI42WJ2k NDTO4rd2G0HxZzADAKXgd/yk7/n8RK96yCpdp/3+aeo1+O41pCWur2xvRUF0RBNpEDLd yq1IkPErjhw92oS97Ma7sBhvq6nc4i4FMuZjw+jZWG3D4p0GCYXB62q1x+fSbMfbuu1f J0PoPD+jzCCCh52uHT7qs36RxoKd4C1Ip/oysFdt176docNrp4+lpeMNWwYKYz+3gHeV oQRpuxPA95IWfc4r2DfBeJd79vPpLi5bFhYAOD498n8nPumcaDJjYz+Kh5Y3NJuTuLSL pA9Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id dt6si16505765qvb.78.2019.11.05.13.26.01 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 05 Nov 2019 13:26:01 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: from localhost ([::1]:50304 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iS6Ku-0001B9-Cr for patch@linaro.org; Tue, 05 Nov 2019 16:26:00 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:59028) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iS5ph-0001Su-S6 for qemu-devel@nongnu.org; Tue, 05 Nov 2019 15:53:47 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iS5pg-0002Vh-6v for qemu-devel@nongnu.org; Tue, 05 Nov 2019 15:53:45 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:39218 helo=mx0a-001b2d01.pphosted.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iS5pb-00029b-Mt; Tue, 05 Nov 2019 15:53:40 -0500 Received: from pps.filterd (m0098421.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id xA5KpXcT040528; Tue, 5 Nov 2019 15:53:19 -0500 Received: from ppma02dal.us.ibm.com (a.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.10]) by mx0a-001b2d01.pphosted.com with ESMTP id 2w3eegm8ur-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 Nov 2019 15:53:18 -0500 Received: from pps.filterd (ppma02dal.us.ibm.com [127.0.0.1]) by ppma02dal.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id xA5Ko1uQ006047; Tue, 5 Nov 2019 20:53:18 GMT Received: from b01cxnp22035.gho.pok.ibm.com (b01cxnp22035.gho.pok.ibm.com [9.57.198.25]) by ppma02dal.us.ibm.com with ESMTP id 2w11e7hged-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 05 Nov 2019 20:53:18 +0000 Received: from b01ledav002.gho.pok.ibm.com (b01ledav002.gho.pok.ibm.com [9.57.199.107]) by b01cxnp22035.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xA5KrHlG53215626 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 5 Nov 2019 20:53:17 GMT Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2BE6112405B; Tue, 5 Nov 2019 20:53:17 +0000 (GMT) Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 15B96124052; Tue, 5 Nov 2019 20:53:17 +0000 (GMT) Received: from localhost (unknown [9.53.179.218]) by b01ledav002.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 5 Nov 2019 20:53:17 +0000 (GMT) From: Michael Roth To: qemu-devel@nongnu.org Subject: [PATCH 52/55] target/arm: Allow reading flags from FPSCR for M-profile Date: Tue, 5 Nov 2019 14:52:40 -0600 Message-Id: <20191105205243.3766-53-mdroth@linux.vnet.ibm.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20191105205243.3766-1-mdroth@linux.vnet.ibm.com> References: <20191105205243.3766-1-mdroth@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-11-05_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1911050170 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.158.5 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Christophe Lyon , qemu-stable@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" From: Christophe Lyon rt==15 is a special case when reading the flags: it means the destination is APSR. This patch avoids rejecting vmrs apsr_nzcv, fpscr as illegal instruction. Cc: qemu-stable@nongnu.org Signed-off-by: Christophe Lyon Message-id: 20191025095711.10853-1-christophe.lyon@linaro.org [PMM: updated the comment] Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell (cherry picked from commit 2529ab43b8a05534494704e803e0332d111d8b91) Signed-off-by: Michael Roth --- target/arm/translate-vfp.inc.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) -- 2.17.1 diff --git a/target/arm/translate-vfp.inc.c b/target/arm/translate-vfp.inc.c index ef45cecbea..75406fd9db 100644 --- a/target/arm/translate-vfp.inc.c +++ b/target/arm/translate-vfp.inc.c @@ -704,9 +704,10 @@ static bool trans_VMSR_VMRS(DisasContext *s, arg_VMSR_VMRS *a) if (arm_dc_feature(s, ARM_FEATURE_M)) { /* * The only M-profile VFP vmrs/vmsr sysreg is FPSCR. - * Writes to R15 are UNPREDICTABLE; we choose to undef. + * Accesses to R15 are UNPREDICTABLE; we choose to undef. + * (FPSCR -> r15 is a special case which writes to the PSR flags.) */ - if (a->rt == 15 || a->reg != ARM_VFP_FPSCR) { + if (a->rt == 15 && (!a->l || a->reg != ARM_VFP_FPSCR)) { return false; } }