From nobody Tue May 7 23:04:44 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1564493176; cv=none; d=zoho.com; s=zohoarc; b=UPa0kCWom+teRctbwR2t5ofgbzv0s5zrqqcHRLQ/lwz9BFly99J6tglmfXLSzaDBcxXfm2ZN/opEMp3UrM5Ye3iQ770mU4/4qS+Zj0qONq8n5U7Y5OPi9xURRMsqte6sRSuR51cGogc2kKwzhMaUh1/yyx4X+8cMTHOUmhhqZfg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1564493176; h=Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To:ARC-Authentication-Results; bh=k60h7N7EIxaxf66BX3JejTtIWy6wazpW1QrSO9+z374=; b=U/UH9SWXPIP2otuDblKWcSE78sJT+Wl7/fAujcPdaN3aOvoCXbIPPmzFPB5y6/xIGZbvDh3FgcOTRKsQhDX+1In9yOmtlOegYruwkonexVGEIjb0L5V2kUZIT48IXZ7+AA7vjH6//j3UIJtg4M2EiOOBhg/mRIROGc7Xc3U2Ky4= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1564493176162502.8257167108941; Tue, 30 Jul 2019 06:26:16 -0700 (PDT) Received: from localhost ([::1]:32886 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hsS8q-0005J5-Hj for importer@patchew.org; Tue, 30 Jul 2019 09:26:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:47410) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hsS87-0004XE-N3 for qemu-devel@nongnu.org; Tue, 30 Jul 2019 09:25:28 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hsS86-0007qx-E2 for qemu-devel@nongnu.org; Tue, 30 Jul 2019 09:25:27 -0400 Received: from mail-wm1-x344.google.com ([2a00:1450:4864:20::344]:35181) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hsS86-0007pW-7d for qemu-devel@nongnu.org; Tue, 30 Jul 2019 09:25:26 -0400 Received: by mail-wm1-x344.google.com with SMTP id l2so56623883wmg.0 for ; Tue, 30 Jul 2019 06:25:26 -0700 (PDT) Received: from orth.archaic.org.uk (orth.archaic.org.uk. [81.2.115.148]) by smtp.gmail.com with ESMTPSA id f1sm44391896wml.28.2019.07.30.06.25.23 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Tue, 30 Jul 2019 06:25:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=k60h7N7EIxaxf66BX3JejTtIWy6wazpW1QrSO9+z374=; b=SqQsgaYn4x7sPE1mhDmtKxdm3DwOJylh7+/jy+3XPBr2Gd1ivE9/I2YWQpej8mLirR SdBnu9+SbHWq61lOdbFQDyh3XlqVtJMuVn7m0pZmUlrIyJTdmjLAtCaAIbQnU5ZjXNB5 C6QIw5OvyTIutOlN+pfvq/JNibzCBFdCmLkuH2Lto3VCqTIrbo8UeclYBN/oQA7XjuZA qAmrYFMi6qlfvuHyrIaXnzoFbNImm62lqvy0ZeXE63+OBr3uFlvI7pnY1Rou8T/05rZN LdMKwf8tVowaPordwBMPLdAdOQn+UjxzrRyA76EJOET6yvRzfyS6sVenSjK3mTy1FfKB EZhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=k60h7N7EIxaxf66BX3JejTtIWy6wazpW1QrSO9+z374=; b=TI+wj37XbcMszA2YAyF2NfCdivhBccjw2a55kB/WY+zhh+7YY4Wh9vaauv7w2JDVPC 1ofMibvZiIYBMVO1+30DS4iXSne+4WZKyFnqGm2ppe2aniDVzUP2HrYFkhXwchjA3xlw /J2+hZOTyNXsyicB3hBw4z5/I3Pe+5WtXMCb2eG4f/8vjU+p25Gt0dz8gtJOK2FI59f+ bFDjYX3tChoRBH2PycDYOCkEUvXXiHC37vAGYJm/MQA8uj97nOiUKGpuHZonwdtnjYYG 3x7xfZLPydcU/PiEzH4POOB7N1m80/FJxKPjsQkl7ErQHM3xjVB4jVwbFe3PmEugjXpy g64w== X-Gm-Message-State: APjAAAVkjD/d6FrVxQFKdx76cTs8+MDkIVewSRjRiT7PcG4NWLkf/wyu GFzKU49n1NihJkidv/8S4Kyz/Q== X-Google-Smtp-Source: APXvYqzYshGyq5SwwStPFWF3ni4qtOvANH3e9PhZZLi5q2xpbc0RegCMuSsFffg39y+/Fb+lcjxF3Q== X-Received: by 2002:a1c:b457:: with SMTP id d84mr111200322wmf.153.1564493124885; Tue, 30 Jul 2019 06:25:24 -0700 (PDT) From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 30 Jul 2019 14:25:22 +0100 Message-Id: <20190730132522.27086-1-peter.maydell@linaro.org> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::344 Subject: [Qemu-devel] [PATCH for-4.1?] target/arm: Deliver BKPT/BRK exceptions to correct exception level X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Alex=20Benn=C3=A9e?= , Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" Most Arm architectural debug exceptions (eg watchpoints) are ignored if the configured "debug exception level" is below the current exception level (so for example EL1 can't arrange to get debug exceptions for EL2 execution). Exceptions generated by the BRK or BPKT instructions are a special case -- they must always cause an exception, so if we're executing above the debug exception level then we must take them to the current exception level. This fixes a bug where executing BRK at EL2 could result in an exception being taken at EL1 (which is strictly forbidden by the architecture). Fixes: https://bugs.launchpad.net/qemu/+bug/1838277 Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- At this point in the release cycle I'm not sure we should put this into 4.1 -- it is definitely a bug but it's not a regression as we've been wrong like this for multiple releases, pretty much since we put in the debug handling code I suspect. target/arm/op_helper.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c index 1ab91f915e4..5e1625a1c8a 100644 --- a/target/arm/op_helper.c +++ b/target/arm/op_helper.c @@ -370,6 +370,9 @@ void HELPER(exception_with_syndrome)(CPUARMState *env, = uint32_t excp, */ void HELPER(exception_bkpt_insn)(CPUARMState *env, uint32_t syndrome) { + int debug_el =3D arm_debug_target_el(env); + int cur_el =3D arm_current_el(env); + /* FSR will only be used if the debug target EL is AArch32. */ env->exception.fsr =3D arm_debug_exception_fsr(env); /* FAR is UNKNOWN: clear vaddress to avoid potentially exposing @@ -377,7 +380,18 @@ void HELPER(exception_bkpt_insn)(CPUARMState *env, uin= t32_t syndrome) * exception/security level. */ env->exception.vaddress =3D 0; - raise_exception(env, EXCP_BKPT, syndrome, arm_debug_target_el(env)); + /* + * Other kinds of architectural debug exception are ignored if + * they target an exception level below the current one (in QEMU + * this is checked by arm_generate_debug_exceptions()). Breakpoint + * instructions are special because they always generate an exception + * to somewhere: if they can't go to the configured debug exception + * level they are taken to the current exception level. + */ + if (debug_el < cur_el) { + debug_el =3D cur_el; + } + raise_exception(env, EXCP_BKPT, syndrome, debug_el); } =20 uint32_t HELPER(cpsr_read)(CPUARMState *env) --=20 2.20.1