From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 153849849127517.61102188991788; Tue, 2 Oct 2018 09:41:31 -0700 (PDT) Received: from localhost ([::1]:44744 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Njm-0002xu-3C for importer@patchew.org; Tue, 02 Oct 2018 12:41:30 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34779) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Nea-0006cO-So for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7NeZ-00053a-Ih for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:08 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51546) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7NeV-0004yW-IQ; Tue, 02 Oct 2018 12:36:03 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7NeR-0007GU-W0; Tue, 02 Oct 2018 17:35:59 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:44 +0100 Message-Id: <20181002163556.10279-2-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 01/13] target/arm: Define new TBFLAG for v8M stack checking X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The Arm v8M architecture includes hardware stack limit checking. When certain instructions update the stack pointer, if the new value of SP is below the limit set in the associated limit register then an exception is taken. Add a TB flag that tracks whether the limit-checking code needs to be emitted. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/arm/cpu.h | 7 +++++++ target/arm/translate.h | 1 + target/arm/helper.c | 10 ++++++++++ target/arm/translate.c | 1 + 4 files changed, 19 insertions(+) diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 65c0fa0a659..d2c1d005ed7 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -1336,8 +1336,10 @@ FIELD(V7M_CCR, UNALIGN_TRP, 3, 1) FIELD(V7M_CCR, DIV_0_TRP, 4, 1) FIELD(V7M_CCR, BFHFNMIGN, 8, 1) FIELD(V7M_CCR, STKALIGN, 9, 1) +FIELD(V7M_CCR, STKOFHFNMIGN, 10, 1) FIELD(V7M_CCR, DC, 16, 1) FIELD(V7M_CCR, IC, 17, 1) +FIELD(V7M_CCR, BP, 18, 1) =20 /* V7M SCR bits */ FIELD(V7M_SCR, SLEEPONEXIT, 1, 1) @@ -2842,6 +2844,9 @@ static inline bool arm_cpu_data_is_big_endian(CPUARMS= tate *env) /* For M profile only, Handler (ie not Thread) mode */ #define ARM_TBFLAG_HANDLER_SHIFT 21 #define ARM_TBFLAG_HANDLER_MASK (1 << ARM_TBFLAG_HANDLER_SHIFT) +/* For M profile only, whether we should generate stack-limit checks */ +#define ARM_TBFLAG_STACKCHECK_SHIFT 22 +#define ARM_TBFLAG_STACKCHECK_MASK (1 << ARM_TBFLAG_STACKCHECK_SHIFT) =20 /* Bit usage when in AArch64 state */ #define ARM_TBFLAG_TBI0_SHIFT 0 /* TBI0 for EL0/1 or TBI for EL2/3 = */ @@ -2884,6 +2889,8 @@ static inline bool arm_cpu_data_is_big_endian(CPUARMS= tate *env) (((F) & ARM_TBFLAG_BE_DATA_MASK) >> ARM_TBFLAG_BE_DATA_SHIFT) #define ARM_TBFLAG_HANDLER(F) \ (((F) & ARM_TBFLAG_HANDLER_MASK) >> ARM_TBFLAG_HANDLER_SHIFT) +#define ARM_TBFLAG_STACKCHECK(F) \ + (((F) & ARM_TBFLAG_STACKCHECK_MASK) >> ARM_TBFLAG_STACKCHECK_SHIFT) #define ARM_TBFLAG_TBI0(F) \ (((F) & ARM_TBFLAG_TBI0_MASK) >> ARM_TBFLAG_TBI0_SHIFT) #define ARM_TBFLAG_TBI1(F) \ diff --git a/target/arm/translate.h b/target/arm/translate.h index 45f04244be8..c1b65f3efb0 100644 --- a/target/arm/translate.h +++ b/target/arm/translate.h @@ -38,6 +38,7 @@ typedef struct DisasContext { int vec_stride; bool v7m_handler_mode; bool v8m_secure; /* true if v8M and we're in Secure mode */ + bool v8m_stackcheck; /* true if we need to perform v8M stack limit che= cks */ /* Immediate value in AArch32 SVC insn; must be set if is_jmp =3D=3D D= ISAS_SWI * so that top level loop can generate correct syndrome information. */ diff --git a/target/arm/helper.c b/target/arm/helper.c index 5e721a65272..6ed8631dbee 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -12667,6 +12667,16 @@ void cpu_get_tb_cpu_state(CPUARMState *env, target= _ulong *pc, flags |=3D ARM_TBFLAG_HANDLER_MASK; } =20 + /* v8M always applies stack limit checks unless CCR.STKOFHFNMIGN is + * suppressing them because the requested execution priority is less t= han 0. + */ + if (arm_feature(env, ARM_FEATURE_V8) && + arm_feature(env, ARM_FEATURE_M) && + !((mmu_idx & ARM_MMU_IDX_M_NEGPRI) && + (env->v7m.ccr[env->v7m.secure] & R_V7M_CCR_STKOFHFNMIGN_MASK))) { + flags |=3D ARM_TBFLAG_STACKCHECK_MASK; + } + *pflags =3D flags; *cs_base =3D 0; } diff --git a/target/arm/translate.c b/target/arm/translate.c index c6a5d2ac444..751d5811cee 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -12451,6 +12451,7 @@ static void arm_tr_init_disas_context(DisasContextB= ase *dcbase, CPUState *cs) dc->v7m_handler_mode =3D ARM_TBFLAG_HANDLER(dc->base.tb->flags); dc->v8m_secure =3D arm_feature(env, ARM_FEATURE_M_SECURITY) && regime_is_secure(env, dc->mmu_idx); + dc->v8m_stackcheck =3D ARM_TBFLAG_STACKCHECK(dc->base.tb->flags); dc->cp_regs =3D cpu->cp_regs; dc->features =3D env->features; =20 --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 153849830920590.77267836222882; Tue, 2 Oct 2018 09:38:29 -0700 (PDT) Received: from localhost ([::1]:44719 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Ngq-00089W-0y for importer@patchew.org; Tue, 02 Oct 2018 12:38:28 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34722) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7NeZ-0006ay-DN for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7NeY-00051v-C3 for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:07 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51546) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7NeU-0004yW-Fu; Tue, 02 Oct 2018 12:36:02 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7NeS-0007Gj-TY; Tue, 02 Oct 2018 17:36:00 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:45 +0100 Message-Id: <20181002163556.10279-3-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 02/13] target/arm: Define new EXCP type for v8M stack overflows X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Define EXCP_STKOF, and arrange for it to cause us to take a UsageFault with CFSR.STKOF set. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/arm/cpu.h | 2 ++ target/arm/helper.c | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/target/arm/cpu.h b/target/arm/cpu.h index d2c1d005ed7..318792823b9 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -56,6 +56,7 @@ #define EXCP_SEMIHOST 16 /* semihosting call */ #define EXCP_NOCP 17 /* v7M NOCP UsageFault */ #define EXCP_INVSTATE 18 /* v7M INVSTATE UsageFault */ +#define EXCP_STKOF 19 /* v8M STKOF UsageFault */ /* NB: add new EXCP_ defines to the array in arm_log_exception() too */ =20 #define ARMV7M_EXCP_RESET 1 @@ -1380,6 +1381,7 @@ FIELD(V7M_CFSR, UNDEFINSTR, 16 + 0, 1) FIELD(V7M_CFSR, INVSTATE, 16 + 1, 1) FIELD(V7M_CFSR, INVPC, 16 + 2, 1) FIELD(V7M_CFSR, NOCP, 16 + 3, 1) +FIELD(V7M_CFSR, STKOF, 16 + 4, 1) FIELD(V7M_CFSR, UNALIGNED, 16 + 8, 1) FIELD(V7M_CFSR, DIVBYZERO, 16 + 9, 1) =20 diff --git a/target/arm/helper.c b/target/arm/helper.c index 6ed8631dbee..c303dc453f1 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -7511,6 +7511,7 @@ static void arm_log_exception(int idx) [EXCP_SEMIHOST] =3D "Semihosting call", [EXCP_NOCP] =3D "v7M NOCP UsageFault", [EXCP_INVSTATE] =3D "v7M INVSTATE UsageFault", + [EXCP_STKOF] =3D "v8M STKOF UsageFault", }; =20 if (idx >=3D 0 && idx < ARRAY_SIZE(excnames)) { @@ -7666,6 +7667,10 @@ void arm_v7m_cpu_do_interrupt(CPUState *cs) armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE, env->v7m.sec= ure); env->v7m.cfsr[env->v7m.secure] |=3D R_V7M_CFSR_INVSTATE_MASK; break; + case EXCP_STKOF: + armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE, env->v7m.sec= ure); + env->v7m.cfsr[env->v7m.secure] |=3D R_V7M_CFSR_STKOF_MASK; + break; case EXCP_SWI: /* The PC already points to the next instruction. */ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_SVC, env->v7m.secur= e); --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1538498307596931.0210114712777; Tue, 2 Oct 2018 09:38:27 -0700 (PDT) Received: from localhost ([::1]:44718 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Ngk-00083P-Ic for importer@patchew.org; Tue, 02 Oct 2018 12:38:22 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34723) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7NeZ-0006az-DO for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7NeY-00051r-C1 for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:07 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51552) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7NeU-0004zh-Qy; Tue, 02 Oct 2018 12:36:02 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7NeT-0007Gz-Ra; Tue, 02 Oct 2018 17:36:01 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:46 +0100 Message-Id: <20181002163556.10279-4-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 03/13] target/arm: Move v7m_using_psp() to internals.h X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" We're going to want v7m_using_psp() in op_helper.c in the next patch, so move it from helper.c to internals.h. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/arm/internals.h | 15 +++++++++++++++ target/arm/helper.c | 12 ------------ 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/target/arm/internals.h b/target/arm/internals.h index dc9357766c9..bc4c01ccd92 100644 --- a/target/arm/internals.h +++ b/target/arm/internals.h @@ -796,4 +796,19 @@ static inline uint32_t arm_debug_exception_fsr(CPUARMS= tate *env) } } =20 +/** + * v7m_using_psp: Return true if using process stack pointer + * Return true if the CPU is currently using the process stack + * pointer, or false if it is using the main stack pointer. + */ +static inline bool v7m_using_psp(CPUARMState *env) +{ + /* Handler mode always uses the main stack; for thread mode + * the CONTROL.SPSEL bit determines the answer. + * Note that in v7M it is not possible to be in Handler mode with + * CONTROL.SPSEL non-zero, but in v8M it is, so we must check both. + */ + return !arm_v7m_is_handler_mode(env) && + env->v7m.control[env->v7m.secure] & R_V7M_CONTROL_SPSEL_MASK; +} #endif diff --git a/target/arm/helper.c b/target/arm/helper.c index c303dc453f1..ef8c244fb84 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -6554,18 +6554,6 @@ pend_fault: return false; } =20 -/* Return true if we're using the process stack pointer (not the MSP) */ -static bool v7m_using_psp(CPUARMState *env) -{ - /* Handler mode always uses the main stack; for thread mode - * the CONTROL.SPSEL bit determines the answer. - * Note that in v7M it is not possible to be in Handler mode with - * CONTROL.SPSEL non-zero, but in v8M it is, so we must check both. - */ - return !arm_v7m_is_handler_mode(env) && - env->v7m.control[env->v7m.secure] & R_V7M_CONTROL_SPSEL_MASK; -} - /* Write to v7M CONTROL.SPSEL bit for the specified security bank. * This may change the current stack pointer between Main and Process * stack pointers if it is done for the CONTROL register for the current --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1538498493309233.45516308115577; Tue, 2 Oct 2018 09:41:33 -0700 (PDT) Received: from localhost ([::1]:44745 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Njn-0002zO-Vf for importer@patchew.org; Tue, 02 Oct 2018 12:41:32 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34844) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Ned-0006fN-5L for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:12 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Neb-00056S-RN for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:11 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51546) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7NeY-0004yW-DF; Tue, 02 Oct 2018 12:36:06 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7NeU-0007HH-RJ; Tue, 02 Oct 2018 17:36:02 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:47 +0100 Message-Id: <20181002163556.10279-5-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 04/13] target/arm: Add v8M stack checks on ADD/SUB/MOV of SP X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add code to insert calls to a helper function to do the stack limit checking when we handle these forms of instruction that write to SP: * ADD (SP plus immediate) * ADD (SP plus register) * SUB (SP minus immediate) * SUB (SP minus register) * MOV (register) Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- target/arm/helper.h | 2 ++ target/arm/internals.h | 14 ++++++++ target/arm/op_helper.c | 19 ++++++++++ target/arm/translate.c | 80 +++++++++++++++++++++++++++++++++++++----- 4 files changed, 106 insertions(+), 9 deletions(-) diff --git a/target/arm/helper.h b/target/arm/helper.h index 59e8c3bd1b9..8c9590091b0 100644 --- a/target/arm/helper.h +++ b/target/arm/helper.h @@ -69,6 +69,8 @@ DEF_HELPER_2(v7m_blxns, void, env, i32) =20 DEF_HELPER_3(v7m_tt, i32, env, i32, i32) =20 +DEF_HELPER_2(v8m_stackcheck, void, env, i32) + DEF_HELPER_4(access_check_cp_reg, void, env, ptr, i32, i32) DEF_HELPER_3(set_cp_reg, void, env, ptr, i32) DEF_HELPER_2(get_cp_reg, i32, env, ptr) diff --git a/target/arm/internals.h b/target/arm/internals.h index bc4c01ccd92..966a8131623 100644 --- a/target/arm/internals.h +++ b/target/arm/internals.h @@ -811,4 +811,18 @@ static inline bool v7m_using_psp(CPUARMState *env) return !arm_v7m_is_handler_mode(env) && env->v7m.control[env->v7m.secure] & R_V7M_CONTROL_SPSEL_MASK; } + +/** + * v7m_sp_limit: Return SP limit for current CPU state + * Return the SP limit value for the current CPU security state + * and stack pointer. + */ +static inline uint32_t v7m_sp_limit(CPUARMState *env) +{ + if (v7m_using_psp(env)) { + return env->v7m.psplim[env->v7m.secure]; + } else { + return env->v7m.msplim[env->v7m.secure]; + } +} #endif diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c index 952b8d122b7..38f885b290f 100644 --- a/target/arm/op_helper.c +++ b/target/arm/op_helper.c @@ -238,6 +238,25 @@ void arm_cpu_do_transaction_failed(CPUState *cs, hwadd= r physaddr, =20 #endif /* !defined(CONFIG_USER_ONLY) */ =20 +void HELPER(v8m_stackcheck)(CPUARMState *env, uint32_t newvalue) +{ + /* + * Perform the v8M stack limit check for SP updates from translated co= de, + * raising an exception if the limit is breached. + */ + if (newvalue < v7m_sp_limit(env)) { + CPUState *cs =3D CPU(arm_env_get_cpu(env)); + + /* + * Stack limit exceptions are a rare case, so rather than syncing + * PC/condbits before the call, we use cpu_restore_state() to + * get them right before raising the exception. + */ + cpu_restore_state(cs, GETPC(), true); + raise_exception(env, EXCP_STKOF, 0, 1); + } +} + uint32_t HELPER(add_setq)(CPUARMState *env, uint32_t a, uint32_t b) { uint32_t res =3D a + b; diff --git a/target/arm/translate.c b/target/arm/translate.c index 751d5811cee..25a8fe672f5 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -239,6 +239,23 @@ static void store_reg(DisasContext *s, int reg, TCGv_i= 32 var) tcg_temp_free_i32(var); } =20 +/* + * Variant of store_reg which applies v8M stack-limit checks before updati= ng + * SP. If the check fails this will result in an exception being taken. + * We disable the stack checks for CONFIG_USER_ONLY because we have + * no idea what the stack limits should be in that case. + * If stack checking is not being done this just acts like store_reg(). + */ +static void store_sp_checked(DisasContext *s, TCGv_i32 var) +{ +#ifndef CONFIG_USER_ONLY + if (s->v8m_stackcheck) { + gen_helper_v8m_stackcheck(cpu_env, var); + } +#endif + store_reg(s, 13, var); +} + /* Value extensions. */ #define gen_uxtb(var) tcg_gen_ext8u_i32(var, var) #define gen_uxth(var) tcg_gen_ext16u_i32(var, var) @@ -10583,7 +10600,13 @@ static void disas_thumb2_insn(DisasContext *s, uin= t32_t insn) if (gen_thumb2_data_op(s, op, conds, 0, tmp, tmp2)) goto illegal_op; tcg_temp_free_i32(tmp2); - if (rd !=3D 15) { + if (rd =3D=3D 13 && + ((op =3D=3D 2 && rn =3D=3D 15) || + (op =3D=3D 8 && rn =3D=3D 13) || + (op =3D=3D 13 && rn =3D=3D 13))) { + /* MOV SP, ... or ADD SP, SP, ... or SUB SP, SP, ... */ + store_sp_checked(s, tmp); + } else if (rd !=3D 15) { store_reg(s, rd, tmp); } else { tcg_temp_free_i32(tmp); @@ -11267,8 +11290,15 @@ static void disas_thumb2_insn(DisasContext *s, uin= t32_t insn) gen_jmp(s, s->pc + offset); } } else { - /* Data processing immediate. */ + /* + * 0b1111_0xxx_xxxx_0xxx_xxxx_xxxx + * - Data-processing (modified immediate, plain binary immedi= ate) + */ if (insn & (1 << 25)) { + /* + * 0b1111_0x1x_xxxx_0xxx_xxxx_xxxx + * - Data-processing (plain binary immediate) + */ if (insn & (1 << 24)) { if (insn & (1 << 20)) goto illegal_op; @@ -11364,6 +11394,7 @@ static void disas_thumb2_insn(DisasContext *s, uint= 32_t insn) tmp =3D tcg_temp_new_i32(); tcg_gen_movi_i32(tmp, imm); } + store_reg(s, rd, tmp); } else { /* Add/sub 12-bit immediate. */ if (rn =3D=3D 15) { @@ -11374,17 +11405,27 @@ static void disas_thumb2_insn(DisasContext *s, ui= nt32_t insn) offset +=3D imm; tmp =3D tcg_temp_new_i32(); tcg_gen_movi_i32(tmp, offset); + store_reg(s, rd, tmp); } else { tmp =3D load_reg(s, rn); if (insn & (1 << 23)) tcg_gen_subi_i32(tmp, tmp, imm); else tcg_gen_addi_i32(tmp, tmp, imm); + if (rn =3D=3D 13 && rd =3D=3D 13) { + /* ADD SP, SP, imm or SUB SP, SP, imm */ + store_sp_checked(s, tmp); + } else { + store_reg(s, rd, tmp); + } } } - store_reg(s, rd, tmp); } } else { + /* + * 0b1111_0x0x_xxxx_0xxx_xxxx_xxxx + * - Data-processing (modified immediate) + */ int shifter_out =3D 0; /* modified 12-bit immediate. */ shift =3D ((insn & 0x04000000) >> 23) | ((insn & 0x7000) >= > 12); @@ -11426,7 +11467,11 @@ static void disas_thumb2_insn(DisasContext *s, uin= t32_t insn) goto illegal_op; tcg_temp_free_i32(tmp2); rd =3D (insn >> 8) & 0xf; - if (rd !=3D 15) { + if (rd =3D=3D 13 && rn =3D=3D 13 + && (op =3D=3D 8 || op =3D=3D 13)) { + /* ADD(S) SP, SP, imm or SUB(S) SP, SP, imm */ + store_sp_checked(s, tmp); + } else if (rd !=3D 15) { store_reg(s, rd, tmp); } else { tcg_temp_free_i32(tmp); @@ -11732,7 +11777,12 @@ static void disas_thumb_insn(DisasContext *s, uint= 32_t insn) tmp2 =3D load_reg(s, rm); tcg_gen_add_i32(tmp, tmp, tmp2); tcg_temp_free_i32(tmp2); - store_reg(s, rd, tmp); + if (rd =3D=3D 13) { + /* ADD SP, SP, reg */ + store_sp_checked(s, tmp); + } else { + store_reg(s, rd, tmp); + } break; case 1: /* cmp */ tmp =3D load_reg(s, rd); @@ -11743,7 +11793,12 @@ static void disas_thumb_insn(DisasContext *s, uint= 32_t insn) break; case 2: /* mov/cpy */ tmp =3D load_reg(s, rm); - store_reg(s, rd, tmp); + if (rd =3D=3D 13) { + /* MOV SP, reg */ + store_sp_checked(s, tmp); + } else { + store_reg(s, rd, tmp); + } break; case 3: { @@ -12071,7 +12126,10 @@ static void disas_thumb_insn(DisasContext *s, uint= 32_t insn) break; =20 case 10: - /* add to high reg */ + /* + * 0b1010_xxxx_xxxx_xxxx + * - Add PC/SP (immediate) + */ rd =3D (insn >> 8) & 7; if (insn & (1 << 11)) { /* SP */ @@ -12091,13 +12149,17 @@ static void disas_thumb_insn(DisasContext *s, uin= t32_t insn) op =3D (insn >> 8) & 0xf; switch (op) { case 0: - /* adjust stack pointer */ + /* + * 0b1011_0000_xxxx_xxxx + * - ADD (SP plus immediate) + * - SUB (SP minus immediate) + */ tmp =3D load_reg(s, 13); val =3D (insn & 0x7f) * 4; if (insn & (1 << 7)) val =3D -(int32_t)val; tcg_gen_addi_i32(tmp, tmp, val); - store_reg(s, 13, tmp); + store_sp_checked(s, tmp); break; =20 case 2: /* sign/zero extend. */ --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1538498307376945.961725069673; Tue, 2 Oct 2018 09:38:27 -0700 (PDT) Received: from localhost ([::1]:44716 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Ngf-00080F-7q for importer@patchew.org; Tue, 02 Oct 2018 12:38:17 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34810) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Neb-0006dc-Ri for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Neb-00055r-1B for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:09 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51558) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7NeY-00051B-EI; Tue, 02 Oct 2018 12:36:06 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7NeW-0007Hc-JH; Tue, 02 Oct 2018 17:36:04 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:48 +0100 Message-Id: <20181002163556.10279-6-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 05/13] target/arm: Add some comments in Thumb decode X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add some comments to the Thumb decoder indicating what bits of the instruction have been decoded at various points in the code. This is not an exhaustive set of comments; we're gradually adding comments as we work with particular bits of the code. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- Specifically, I figured these out as I was going through looking for the insns which write SP. These comments turn out not to be relevant to those instructions, but I don't want to throw them away. --- target/arm/translate.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/target/arm/translate.c b/target/arm/translate.c index 25a8fe672f5..fcb33b8a503 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -10623,6 +10623,10 @@ static void disas_thumb2_insn(DisasContext *s, uin= t32_t insn) tmp2 =3D load_reg(s, rm); if ((insn & 0x70) !=3D 0) goto illegal_op; + /* + * 0b1111_1010_0xxx_xxxx_1111_xxxx_0000_xxxx: + * - MOV, MOVS (register-shifted register), flagsetting + */ op =3D (insn >> 21) & 3; logic_cc =3D (insn & (1 << 20)) !=3D 0; gen_arm_shift_reg(tmp, op, tmp2, logic_cc); @@ -11674,7 +11678,11 @@ static void disas_thumb_insn(DisasContext *s, uint= 32_t insn) rd =3D insn & 7; op =3D (insn >> 11) & 3; if (op =3D=3D 3) { - /* add/subtract */ + /* + * 0b0001_1xxx_xxxx_xxxx + * - Add, subtract (three low registers) + * - Add, subtract (two low registers and immediate) + */ rn =3D (insn >> 3) & 7; tmp =3D load_reg(s, rn); if (insn & (1 << 10)) { @@ -11711,7 +11719,10 @@ static void disas_thumb_insn(DisasContext *s, uint= 32_t insn) } break; case 2: case 3: - /* arithmetic large immediate */ + /* + * 0b001x_xxxx_xxxx_xxxx + * - Add, subtract, compare, move (one low register and immediate) + */ op =3D (insn >> 11) & 3; rd =3D (insn >> 8) & 0x7; if (op =3D=3D 0) { /* mov */ @@ -11848,7 +11859,10 @@ static void disas_thumb_insn(DisasContext *s, uint= 32_t insn) break; } =20 - /* data processing register */ + /* + * 0b0100_00xx_xxxx_xxxx + * - Data-processing (two low registers) + */ rd =3D insn & 7; rm =3D (insn >> 3) & 7; op =3D (insn >> 6) & 0xf; --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1538498659326856.9976558738865; Tue, 2 Oct 2018 09:44:19 -0700 (PDT) Received: from localhost ([::1]:44758 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7NmO-00065o-Qc for importer@patchew.org; Tue, 02 Oct 2018 12:44:12 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34858) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Ned-0006g7-K1 for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:12 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Nec-000574-FU for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:11 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51546) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7NeZ-0004yW-MQ; Tue, 02 Oct 2018 12:36:07 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7NeY-0007Hr-9O; Tue, 02 Oct 2018 17:36:06 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:49 +0100 Message-Id: <20181002163556.10279-7-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 06/13] target/arm: Add v8M stack checks on exception entry X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add checks for breaches of the v8M stack limit when the stack pointer is decremented to push the exception frame for exception entry. Note that the exception-entry case is unique in that the stack pointer is updated to be the limit value if the limit is hit (per rule R_ZLZG). Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/arm/helper.c | 54 ++++++++++++++++++++++++++++++++++++++------- 1 file changed, 46 insertions(+), 8 deletions(-) diff --git a/target/arm/helper.c b/target/arm/helper.c index ef8c244fb84..a10dff01a90 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -6839,6 +6839,8 @@ static bool v7m_push_callee_stack(ARMCPU *cpu, uint32= _t lr, bool dotailchain, uint32_t frameptr; ARMMMUIdx mmu_idx; bool stacked_ok; + uint32_t limit; + bool want_psp; =20 if (dotailchain) { bool mode =3D lr & R_V7M_EXCRET_MODE_MASK; @@ -6848,12 +6850,34 @@ static bool v7m_push_callee_stack(ARMCPU *cpu, uint= 32_t lr, bool dotailchain, mmu_idx =3D arm_v7m_mmu_idx_for_secstate_and_priv(env, M_REG_S, pr= iv); frame_sp_p =3D get_v7m_sp_ptr(env, M_REG_S, mode, lr & R_V7M_EXCRET_SPSEL_MASK); + want_psp =3D mode && (lr & R_V7M_EXCRET_SPSEL_MASK); + if (want_psp) { + limit =3D env->v7m.psplim[M_REG_S]; + } else { + limit =3D env->v7m.msplim[M_REG_S]; + } } else { mmu_idx =3D core_to_arm_mmu_idx(env, cpu_mmu_index(env, false)); frame_sp_p =3D &env->regs[13]; + limit =3D v7m_sp_limit(env); } =20 frameptr =3D *frame_sp_p - 0x28; + if (frameptr < limit) { + /* + * Stack limit failure: set SP to the limit value, and generate + * STKOF UsageFault. Stack pushes below the limit must not be + * performed. It is IMPDEF whether pushes above the limit are + * performed; we choose not to. + */ + qemu_log_mask(CPU_LOG_INT, + "...STKOF during callee-saves register stacking\n"); + env->v7m.cfsr[env->v7m.secure] |=3D R_V7M_CFSR_STKOF_MASK; + armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE, + env->v7m.secure); + *frame_sp_p =3D limit; + return true; + } =20 /* Write as much of the stack frame as we can. A write failure may * cause us to pend a derived exception. @@ -6877,10 +6901,7 @@ static bool v7m_push_callee_stack(ARMCPU *cpu, uint3= 2_t lr, bool dotailchain, v7m_stack_write(cpu, frameptr + 0x24, env->regs[11], mmu_idx, ignore_faults); =20 - /* Update SP regardless of whether any of the stack accesses failed. - * When we implement v8M stack limit checking then this attempt to - * update SP might also fail and result in a derived exception. - */ + /* Update SP regardless of whether any of the stack accesses failed. */ *frame_sp_p =3D frameptr; =20 return !stacked_ok; @@ -7028,6 +7049,26 @@ static bool v7m_push_stack(ARMCPU *cpu) =20 frameptr -=3D 0x20; =20 + if (arm_feature(env, ARM_FEATURE_V8)) { + uint32_t limit =3D v7m_sp_limit(env); + + if (frameptr < limit) { + /* + * Stack limit failure: set SP to the limit value, and generate + * STKOF UsageFault. Stack pushes below the limit must not be + * performed. It is IMPDEF whether pushes above the limit are + * performed; we choose not to. + */ + qemu_log_mask(CPU_LOG_INT, + "...STKOF during stacking\n"); + env->v7m.cfsr[env->v7m.secure] |=3D R_V7M_CFSR_STKOF_MASK; + armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_USAGE, + env->v7m.secure); + env->regs[13] =3D limit; + return true; + } + } + /* Write as much of the stack frame as we can. If we fail a stack * write this will result in a derived exception being pended * (which may be taken in preference to the one we started with @@ -7043,10 +7084,7 @@ static bool v7m_push_stack(ARMCPU *cpu) v7m_stack_write(cpu, frameptr + 24, env->regs[15], mmu_idx, false)= && v7m_stack_write(cpu, frameptr + 28, xpsr, mmu_idx, false); =20 - /* Update SP regardless of whether any of the stack accesses failed. - * When we implement v8M stack limit checking then this attempt to - * update SP might also fail and result in a derived exception. - */ + /* Update SP regardless of whether any of the stack accesses failed. */ env->regs[13] =3D frameptr; =20 return !stacked_ok; --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1538498489758489.18470249377253; Tue, 2 Oct 2018 09:41:29 -0700 (PDT) Received: from localhost ([::1]:44743 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Njk-0002vG-Ey for importer@patchew.org; Tue, 02 Oct 2018 12:41:28 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34908) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Nef-0006hx-3F for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Nee-00058I-5G for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:12 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51564) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7Nea-00053V-7W; Tue, 02 Oct 2018 12:36:08 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7NeZ-0007I8-6o; Tue, 02 Oct 2018 17:36:07 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:50 +0100 Message-Id: <20181002163556.10279-8-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 07/13] target/arm: Add v8M stack limit checks on NS function calls X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Check the v8M stack limits when pushing the frame for a non-secure function call via BLXNS. In order to be able to generate the exception we need to promote raise_exception() from being local to op_helper.c so we can call it from helper.c. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/arm/internals.h | 9 +++++++++ target/arm/helper.c | 4 ++++ target/arm/op_helper.c | 4 ++-- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/target/arm/internals.h b/target/arm/internals.h index 966a8131623..aa124a06a9d 100644 --- a/target/arm/internals.h +++ b/target/arm/internals.h @@ -94,6 +94,15 @@ FIELD(V7M_EXCRET, RES1, 7, 25) /* including the must-be-= 1 prefix */ #define M_FAKE_FSR_NSC_EXEC 0xf /* NS executing in S&NSC memory */ #define M_FAKE_FSR_SFAULT 0xe /* SecureFault INVTRAN, INVEP or AUVIOL */ =20 +/** + * raise_exception: Raise the specified exception. + * Raise a guest exception with the specified value, syndrome register + * and target exception level. This should be called from helper functions, + * and never returns because we will longjump back up to the CPU main loop. + */ +void QEMU_NORETURN raise_exception(CPUARMState *env, uint32_t excp, + uint32_t syndrome, uint32_t target_el); + /* * For AArch64, map a given EL to an index in the banked_spsr array. * Note that this mapping and the AArch32 mapping defined in bank_number() diff --git a/target/arm/helper.c b/target/arm/helper.c index a10dff01a90..074f7616272 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -6710,6 +6710,10 @@ void HELPER(v7m_blxns)(CPUARMState *env, uint32_t de= st) "BLXNS with misaligned SP is UNPREDICTABLE\n"); } =20 + if (sp < v7m_sp_limit(env)) { + raise_exception(env, EXCP_STKOF, 0, 1); + } + saved_psr =3D env->v7m.exception; if (env->v7m.control[M_REG_S] & R_V7M_CONTROL_SFPA_MASK) { saved_psr |=3D XPSR_SFPA; diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c index 38f885b290f..de0d3984ea4 100644 --- a/target/arm/op_helper.c +++ b/target/arm/op_helper.c @@ -28,8 +28,8 @@ #define SIGNBIT (uint32_t)0x80000000 #define SIGNBIT64 ((uint64_t)1 << 63) =20 -static void raise_exception(CPUARMState *env, uint32_t excp, - uint32_t syndrome, uint32_t target_el) +void raise_exception(CPUARMState *env, uint32_t excp, + uint32_t syndrome, uint32_t target_el) { CPUState *cs =3D CPU(arm_env_get_cpu(env)); =20 --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 153849881418740.836574608482806; Tue, 2 Oct 2018 09:46:54 -0700 (PDT) Received: from localhost ([::1]:44790 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Noz-0000Ku-3E for importer@patchew.org; Tue, 02 Oct 2018 12:46:53 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34938) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Neg-0006jd-7C for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:15 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Nef-00059B-AE for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:14 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51570) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7Ned-000565-4Y; Tue, 02 Oct 2018 12:36:11 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7Nea-0007IO-4Y; Tue, 02 Oct 2018 17:36:08 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:51 +0100 Message-Id: <20181002163556.10279-9-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 08/13] target/arm: Add v8M stack checks for LDRD/STRD (imm) X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add the v8M stack checks for: * LDRD (immediate) * STRD (immediate) Loads and stores are more complicated than ADD/SUB/MOV, because we must ensure that memory accesses below the stack limit are not performed, so we can't simply do the check when we actually update SP. For these instructions, if the stack limit check triggers we must not: * perform any memory access below the SP limit * update PC, SP or the load/store base register but it is IMPDEF whether we: * perform any accesses above or equal to the SP limit * update destination registers for loads For QEMU we choose to always check the limit before doing any other part of the load or store, so we won't update any registers or perform any memory accesses. It is UNKNOWN whether the limit check triggers for a load or store where the initial SP value is below the limit and one of the stores would be below the limit, but the writeback moves SP to above the limit. For QEMU we choose to trigger the check in this situation. Note that limit checks happen only for loads and stores which update SP via writeback; they do not happen for loads and stores which simply use SP as a base register. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/arm/translate.c | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/target/arm/translate.c b/target/arm/translate.c index fcb33b8a503..c16d6075d94 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -10278,6 +10278,8 @@ static void disas_thumb2_insn(DisasContext *s, uint= 32_t insn) * 0b1111_1001_x11x_xxxx_xxxx_xxxx_xxxx_xxxx * - load/store dual (pre-indexed) */ + bool wback =3D extract32(insn, 21, 1); + if (rn =3D=3D 15) { if (insn & (1 << 21)) { /* UNPREDICTABLE */ @@ -10289,8 +10291,29 @@ static void disas_thumb2_insn(DisasContext *s, uin= t32_t insn) addr =3D load_reg(s, rn); } offset =3D (insn & 0xff) * 4; - if ((insn & (1 << 23)) =3D=3D 0) + if ((insn & (1 << 23)) =3D=3D 0) { offset =3D -offset; + } + + if (s->v8m_stackcheck && rn =3D=3D 13 && wback) { + /* + * Here 'addr' is the current SP; if offset is +ve we'= re + * moving SP up, else down. It is UNKNOWN whether the = limit + * check triggers when SP starts below the limit and e= nds + * up above it; check whichever of the current and fin= al + * SP is lower, so QEMU will trigger in that situation. + */ + if ((int32_t)offset < 0) { + TCGv_i32 newsp =3D tcg_temp_new_i32(); + + tcg_gen_addi_i32(newsp, addr, offset); + gen_helper_v8m_stackcheck(cpu_env, newsp); + tcg_temp_free_i32(newsp); + } else { + gen_helper_v8m_stackcheck(cpu_env, addr); + } + } + if (insn & (1 << 24)) { tcg_gen_addi_i32(addr, addr, offset); offset =3D 0; @@ -10314,7 +10337,7 @@ static void disas_thumb2_insn(DisasContext *s, uint= 32_t insn) gen_aa32_st32(s, tmp, addr, get_mem_index(s)); tcg_temp_free_i32(tmp); } - if (insn & (1 << 21)) { + if (wback) { /* Base writeback. */ tcg_gen_addi_i32(addr, addr, offset - 4); store_reg(s, rn, addr); --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 15384985001351012.7957686917446; Tue, 2 Oct 2018 09:41:40 -0700 (PDT) Received: from localhost ([::1]:44746 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Njr-00032S-5z for importer@patchew.org; Tue, 02 Oct 2018 12:41:35 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34898) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Nee-0006hX-Rh for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:13 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Nee-000585-1O for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:12 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51570) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7Nec-000565-1O; Tue, 02 Oct 2018 12:36:10 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7Neb-0007Ie-1r; Tue, 02 Oct 2018 17:36:09 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:52 +0100 Message-Id: <20181002163556.10279-10-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 09/13] target/arm: Add v8M stack checks for Thumb2 LDM/STM X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add the v8M stack checks for: * LDM (T2 encoding) * STM (T2 encoding) This includes the 32-bit encodings of the instructions listed in v8M ARM ARM rule R_YVWT as * LDM, LDMIA, LDMFD * LDMDB, LDMEA * POP (multiple registers) * PUSH (muliple registers) * STM, STMIA, STMEA * STMDB, STMFD We perform the stack limit before doing any other part of the load or store. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/arm/translate.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/target/arm/translate.c b/target/arm/translate.c index c16d6075d94..3fb378a492d 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -10524,6 +10524,7 @@ static void disas_thumb2_insn(DisasContext *s, uint= 32_t insn) } else { int i, loaded_base =3D 0; TCGv_i32 loaded_var; + bool wback =3D extract32(insn, 21, 1); /* Load/store multiple. */ addr =3D load_reg(s, rn); offset =3D 0; @@ -10531,10 +10532,26 @@ static void disas_thumb2_insn(DisasContext *s, ui= nt32_t insn) if (insn & (1 << i)) offset +=3D 4; } + if (insn & (1 << 24)) { tcg_gen_addi_i32(addr, addr, -offset); } =20 + if (s->v8m_stackcheck && rn =3D=3D 13 && wback) { + /* + * If the writeback is incrementing SP rather than + * decrementing it, and the initial SP is below the + * stack limit but the final written-back SP would + * be above, then then we must not perform any memory + * accesses, but it is IMPDEF whether we generate + * an exception. We choose to do so in this case. + * At this point 'addr' is the lowest address, so + * either the original SP (if incrementing) or our + * final SP (if decrementing), so that's what we check. + */ + gen_helper_v8m_stackcheck(cpu_env, addr); + } + loaded_var =3D NULL; for (i =3D 0; i < 16; i++) { if ((insn & (1 << i)) =3D=3D 0) @@ -10562,7 +10579,7 @@ static void disas_thumb2_insn(DisasContext *s, uint= 32_t insn) if (loaded_base) { store_reg(s, rn, loaded_var); } - if (insn & (1 << 21)) { + if (wback) { /* Base register writeback. */ if (insn & (1 << 24)) { tcg_gen_addi_i32(addr, addr, -offset); --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1538498960875537.2576321387681; Tue, 2 Oct 2018 09:49:20 -0700 (PDT) Received: from localhost ([::1]:44808 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7NrL-0002CB-O5 for importer@patchew.org; Tue, 02 Oct 2018 12:49:19 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34960) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Neq-0006vR-GP for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:25 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Nek-0005B6-0N for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:20 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51570) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7Nee-000565-8I; Tue, 02 Oct 2018 12:36:12 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7Nec-0007It-22; Tue, 02 Oct 2018 17:36:10 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:53 +0100 Message-Id: <20181002163556.10279-11-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 10/13] target/arm: Add v8M stack checks for T32 load/store single X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add v8M stack checks for the instructions in the T32 "load/store single" encoding class: these are the "immediate pre-indexed" and "immediate, post-indexed" LDR and STR instructions. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/arm/translate.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/target/arm/translate.c b/target/arm/translate.c index 3fb378a492d..65df8d6975c 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -11624,7 +11624,6 @@ static void disas_thumb2_insn(DisasContext *s, uint= 32_t insn) imm =3D -imm; /* Fall through. */ case 0xf: /* Pre-increment. */ - tcg_gen_addi_i32(addr, addr, imm); writeback =3D 1; break; default: @@ -11636,6 +11635,28 @@ static void disas_thumb2_insn(DisasContext *s, uin= t32_t insn) =20 issinfo =3D writeback ? ISSInvalid : rs; =20 + if (s->v8m_stackcheck && rn =3D=3D 13 && writeback) { + /* + * Stackcheck. Here we know 'addr' is the current SP; + * if imm is +ve we're moving SP up, else down. It is + * UNKNOWN whether the limit check triggers when SP starts + * below the limit and ends up above it; we chose to do so. + */ + if ((int32_t)imm < 0) { + TCGv_i32 newsp =3D tcg_temp_new_i32(); + + tcg_gen_addi_i32(newsp, addr, imm); + gen_helper_v8m_stackcheck(cpu_env, newsp); + tcg_temp_free_i32(newsp); + } else { + gen_helper_v8m_stackcheck(cpu_env, addr); + } + } + + if (writeback && !postinc) { + tcg_gen_addi_i32(addr, addr, imm); + } + if (insn & (1 << 20)) { /* Load. */ tmp =3D tcg_temp_new_i32(); --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1538498661575655.7581159738282; Tue, 2 Oct 2018 09:44:21 -0700 (PDT) Received: from localhost ([::1]:44759 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7NmR-0006F4-Ob for importer@patchew.org; Tue, 02 Oct 2018 12:44:15 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34948) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Nek-0006oQ-20 for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:18 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Nef-00059j-Vn for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:15 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51576) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7Ned-00057W-T0; Tue, 02 Oct 2018 12:36:12 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7Nec-0007JB-Vn; Tue, 02 Oct 2018 17:36:10 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:54 +0100 Message-Id: <20181002163556.10279-12-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 11/13] target/arm: Add v8M stack checks for Thumb push/pop X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add v8M stack checks for the 16-bit Thumb push/pop encodings: STMDB, STMFD, LDM, LDMIA, LDMFD. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/arm/translate.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/target/arm/translate.c b/target/arm/translate.c index 65df8d6975c..ef64d2559de 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -12251,7 +12251,10 @@ static void disas_thumb_insn(DisasContext *s, uint= 32_t insn) store_reg(s, rd, tmp); break; case 4: case 5: case 0xc: case 0xd: - /* push/pop */ + /* + * 0b1011_x10x_xxxx_xxxx + * - push/pop + */ addr =3D load_reg(s, 13); if (insn & (1 << 8)) offset =3D 4; @@ -12264,6 +12267,17 @@ static void disas_thumb_insn(DisasContext *s, uint= 32_t insn) if ((insn & (1 << 11)) =3D=3D 0) { tcg_gen_addi_i32(addr, addr, -offset); } + + if (s->v8m_stackcheck) { + /* + * Here 'addr' is the lower of "old SP" and "new SP"; + * if this is a pop that starts below the limit and ends + * above it, it is UNKNOWN whether the limit check trigger= s; + * we choose to trigger. + */ + gen_helper_v8m_stackcheck(cpu_env, addr); + } + for (i =3D 0; i < 8; i++) { if (insn & (1 << i)) { if (insn & (1 << 11)) { --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1538498663717964.4468966948729; Tue, 2 Oct 2018 09:44:23 -0700 (PDT) Received: from localhost ([::1]:44761 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7NmY-0006LP-M2 for importer@patchew.org; Tue, 02 Oct 2018 12:44:22 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35055) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Nf9-00079R-9Z for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:44 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Nf8-0005Jq-Ge for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:43 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51570) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7Nf6-000565-R4; Tue, 02 Oct 2018 12:36:40 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7Ned-0007JT-Vp; Tue, 02 Oct 2018 17:36:11 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:55 +0100 Message-Id: <20181002163556.10279-13-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 12/13] target/arm: Add v8M stack checks for VLDM/VSTM X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Add the v8M stack checks for the VLDM/VSTM (aka VPUSH/VPOP) instructions. This code is currently unreachable because we haven't yet implemented M profile floating point support, but since the change is simple, we add it now because otherwise we're likely to forget to do it later. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 --- target/arm/translate.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/target/arm/translate.c b/target/arm/translate.c index ef64d2559de..2d3a1be518b 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -4229,6 +4229,18 @@ static int disas_vfp_insn(DisasContext *s, uint32_t = insn) if (insn & (1 << 24)) /* pre-decrement */ tcg_gen_addi_i32(addr, addr, -((insn & 0xff) << 2)); =20 + if (rn =3D=3D 13 && w && s->v8m_stackcheck) { + /* + * Here 'addr' is the lowest address we will store to, + * and is either the old SP (if post-increment) or + * the new SP (if pre-decrement). For post-increment + * where the old value is below the limit and the new + * value is above, it is UNKNOWN whether the limit che= ck + * triggers; we choose to trigger. + */ + gen_helper_v8m_stackcheck(cpu_env, addr); + } + if (dp) offset =3D 8; else --=20 2.19.0 From nobody Sat May 4 06:34:36 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1538498802113594.3137614621687; Tue, 2 Oct 2018 09:46:42 -0700 (PDT) Received: from localhost ([::1]:44789 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Non-0000G3-4X for importer@patchew.org; Tue, 02 Oct 2018 12:46:41 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35037) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g7Nf8-00078L-BL for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:42 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g7Nf7-0005JO-IM for qemu-devel@nongnu.org; Tue, 02 Oct 2018 12:36:42 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51582) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g7Nf5-000596-Pq; Tue, 02 Oct 2018 12:36:39 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g7Nee-0007Jk-Sl; Tue, 02 Oct 2018 17:36:12 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 2 Oct 2018 17:35:56 +0100 Message-Id: <20181002163556.10279-14-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181002163556.10279-1-peter.maydell@linaro.org> References: <20181002163556.10279-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 13/13] target/arm: Add v8M stack checks for MSR to SP_NS X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Updating the NS stack pointer via MSR to SP_NS should include a check whether the new SP value is below the stack limit. No other kinds of update to the various stack pointer and limit registers via MSR should perform a check. Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 --- target/arm/helper.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/target/arm/helper.c b/target/arm/helper.c index 074f7616272..712828674fa 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -10963,11 +10963,23 @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t m= askreg, uint32_t val) * currently in handler mode or not, using the NS CONTROL.SPSE= L. */ bool spsel =3D env->v7m.control[M_REG_NS] & R_V7M_CONTROL_SPSE= L_MASK; + bool is_psp =3D !arm_v7m_is_handler_mode(env) && spsel; + uint32_t limit; =20 if (!env->v7m.secure) { return; } - if (!arm_v7m_is_handler_mode(env) && spsel) { + + limit =3D is_psp ? env->v7m.psplim[false] : env->v7m.msplim[fa= lse]; + + if (val < limit) { + CPUState *cs =3D CPU(arm_env_get_cpu(env)); + + cpu_restore_state(cs, GETPC(), true); + raise_exception(env, EXCP_STKOF, 0, 1); + } + + if (is_psp) { env->v7m.other_ss_psp =3D val; } else { env->v7m.other_ss_msp =3D val; --=20 2.19.0