From nobody Tue Nov 4 18:52:27 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1531140411349550.9680139367525; Mon, 9 Jul 2018 05:46:51 -0700 (PDT) Received: from localhost ([::1]:41511 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fcVZ3-0002CF-UG for importer@patchew.org; Mon, 09 Jul 2018 08:46:49 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57028) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fcVYC-0001q5-77 for qemu-devel@nongnu.org; Mon, 09 Jul 2018 08:45:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fcVYB-0006XX-Au for qemu-devel@nongnu.org; Mon, 09 Jul 2018 08:45:56 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:43332) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fcVY9-0006RV-05; Mon, 09 Jul 2018 08:45:53 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1fcVXs-0000cm-Lw; Mon, 09 Jul 2018 13:45:36 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Mon, 9 Jul 2018 13:45:35 +0100 Message-Id: <20180709124535.1116-1-peter.maydell@linaro.org> X-Mailer: git-send-email 2.17.1 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH for-3.0] target/arm: Use correct mmu_idx for exception-return unstacking X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Adithya Baglody , patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" For M-profile exception returns, the mmu index to use for exception return unstacking is supposed to be that of wherever we are returning to: * if returning to handler mode, privileged * if returning to thread mode, privileged or unprivileged depending on CONTROL.nPRIV for the destination security state We were passing the wrong thing as the 'priv' argument to arm_v7m_mmu_idx_for_secstate_and_priv(). The effect was that guests which programmed the MPU to behave differently for privileged and unprivileged code could get spurious MemManage Unstack exceptions. Reported-by: Adithya Baglody Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- target/arm/helper.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/target/arm/helper.c b/target/arm/helper.c index a2ac96084e7..0604a0efbe2 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -7171,9 +7171,11 @@ static void do_v7m_exception_exit(ARMCPU *cpu) uint32_t frameptr =3D *frame_sp_p; bool pop_ok =3D true; ARMMMUIdx mmu_idx; + bool return_to_priv =3D return_to_handler || + !(env->v7m.control[return_to_secure] & R_V7M_CONTROL_NPRIV_MAS= K); =20 mmu_idx =3D arm_v7m_mmu_idx_for_secstate_and_priv(env, return_to_s= ecure, - !return_to_handler= ); + return_to_priv); =20 if (!QEMU_IS_ALIGNED(frameptr, 8) && arm_feature(env, ARM_FEATURE_V8)) { --=20 2.17.1