[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 23/28] target/arm: Implement CCR_S.TRD behaviour for SG insns
From: |
Peter Maydell |
Subject: |
[PATCH v2 23/28] target/arm: Implement CCR_S.TRD behaviour for SG insns |
Date: |
Thu, 19 Nov 2020 21:56:12 +0000 |
v8.1M introduces a new TRD flag in the CCR register, which enables
checking for stack frame integrity signatures on SG instructions.
Add the code in the SG insn implementation for the new behaviour.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/m_helper.c | 86 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 86 insertions(+)
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
index 0bdd3cc10e9..643dcafb83d 100644
--- a/target/arm/m_helper.c
+++ b/target/arm/m_helper.c
@@ -1999,6 +1999,64 @@ static bool v7m_read_half_insn(ARMCPU *cpu, ARMMMUIdx
mmu_idx,
return true;
}
+static bool v7m_read_sg_stack_word(ARMCPU *cpu, ARMMMUIdx mmu_idx,
+ uint32_t addr, uint32_t *spdata)
+{
+ /*
+ * Read a word of data from the stack for the SG instruction,
+ * writing the value into *spdata. If the load succeeds, return
+ * true; otherwise pend an appropriate exception and return false.
+ * (We can't use data load helpers here that throw an exception
+ * because of the context we're called in, which is halfway through
+ * arm_v7m_cpu_do_interrupt().)
+ */
+ CPUState *cs = CPU(cpu);
+ CPUARMState *env = &cpu->env;
+ MemTxAttrs attrs = {};
+ MemTxResult txres;
+ target_ulong page_size;
+ hwaddr physaddr;
+ int prot;
+ ARMMMUFaultInfo fi = {};
+ ARMCacheAttrs cacheattrs = {};
+ uint32_t value;
+
+ if (get_phys_addr(env, addr, MMU_DATA_LOAD, mmu_idx, &physaddr,
+ &attrs, &prot, &page_size, &fi, &cacheattrs)) {
+ /* MPU/SAU lookup failed */
+ if (fi.type == ARMFault_QEMU_SFault) {
+ qemu_log_mask(CPU_LOG_INT,
+ "...SecureFault during stack word read\n");
+ env->v7m.sfsr |= R_V7M_SFSR_AUVIOL_MASK |
R_V7M_SFSR_SFARVALID_MASK;
+ env->v7m.sfar = addr;
+ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_SECURE, false);
+ } else {
+ qemu_log_mask(CPU_LOG_INT,
+ "...MemManageFault during stack word read\n");
+ env->v7m.cfsr[M_REG_S] |= R_V7M_CFSR_DACCVIOL_MASK |
+ R_V7M_CFSR_MMARVALID_MASK;
+ env->v7m.mmfar[M_REG_S] = addr;
+ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_MEM, false);
+ }
+ return false;
+ }
+ value = address_space_ldl(arm_addressspace(cs, attrs), physaddr,
+ attrs, &txres);
+ if (txres != MEMTX_OK) {
+ /* BusFault trying to read the data */
+ qemu_log_mask(CPU_LOG_INT,
+ "...BusFault during stack word read\n");
+ env->v7m.cfsr[M_REG_NS] |=
+ (R_V7M_CFSR_PRECISERR_MASK | R_V7M_CFSR_BFARVALID_MASK);
+ env->v7m.bfar = addr;
+ armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_BUS, false);
+ return false;
+ }
+
+ *spdata = value;
+ return true;
+}
+
static bool v7m_handle_execute_nsc(ARMCPU *cpu)
{
/*
@@ -2055,6 +2113,34 @@ static bool v7m_handle_execute_nsc(ARMCPU *cpu)
*/
qemu_log_mask(CPU_LOG_INT, "...really an SG instruction at 0x%08" PRIx32
", executing it\n", env->regs[15]);
+
+ if (cpu_isar_feature(aa32_m_sec_state, cpu) &&
+ !arm_v7m_is_handler_mode(env)) {
+ /*
+ * v8.1M exception stack frame integrity check. Note that we
+ * must perform the memory access even if CCR_S.TRD is zero
+ * and we aren't going to check what the data loaded is.
+ */
+ uint32_t spdata, sp;
+
+ /*
+ * We know we are currently NS, so the S stack pointers must be
+ * in other_ss_{psp,msp}, not in regs[13]/other_sp.
+ */
+ sp = v7m_using_psp(env) ? env->v7m.other_ss_psp :
env->v7m.other_ss_msp;
+ if (!v7m_read_sg_stack_word(cpu, mmu_idx, sp, &spdata)) {
+ /* Stack access failed and an exception has been pended */
+ return false;
+ }
+
+ if (env->v7m.ccr[M_REG_S] & R_V7M_CCR_TRD_MASK) {
+ if (((spdata & ~1) == 0xfefa125a) ||
+ !(env->v7m.control[M_REG_S] & 1)) {
+ goto gen_invep;
+ }
+ }
+ }
+
env->regs[14] &= ~1;
env->v7m.control[M_REG_S] &= ~R_V7M_CONTROL_SFPA_MASK;
switch_v7m_security_state(env, true);
--
2.20.1
- [PATCH v2 17/28] target/arm: In v8.1M, don't set HFSR.FORCED on vector table fetch failures, (continued)
- [PATCH v2 17/28] target/arm: In v8.1M, don't set HFSR.FORCED on vector table fetch failures, Peter Maydell, 2020/11/19
- [PATCH v2 16/28] target/arm: For v8.1M, always clear R0-R3, R12, APSR, EPSR on exception entry, Peter Maydell, 2020/11/19
- [PATCH v2 13/28] target/arm: Implement FPCXT_S fp system register, Peter Maydell, 2020/11/19
- [PATCH v2 18/28] target/arm: Implement v8.1M REVIDR register, Peter Maydell, 2020/11/19
- [PATCH v2 15/28] hw/intc/armv7m_nvic: Update FPDSCR masking for v8.1M, Peter Maydell, 2020/11/19
- [PATCH v2 22/28] hw/intc/armv7m_nvic: Support v8.1M CCR.TRD bit, Peter Maydell, 2020/11/19
- [PATCH v2 19/28] target/arm: Implement new v8.1M NOCP check for exception return, Peter Maydell, 2020/11/19
- [PATCH v2 20/28] target/arm: Implement new v8.1M VLLDM and VLSTM encodings, Peter Maydell, 2020/11/19
- [PATCH v2 14/28] target/arm: Implement FPCXT_NS fp system register, Peter Maydell, 2020/11/19
- [PATCH v2 21/28] hw/intc/armv7m_nvic: Correct handling of CCR.BFHFNMIGN, Peter Maydell, 2020/11/19
- [PATCH v2 23/28] target/arm: Implement CCR_S.TRD behaviour for SG insns,
Peter Maydell <=
- [PATCH v2 24/28] hw/intc/armv7m_nvic: Fix "return from inactive handler" check, Peter Maydell, 2020/11/19
- [PATCH v2 26/28] hw/intc/armv7m_nvic: Implement read/write for RAS register block, Peter Maydell, 2020/11/19
- [PATCH v2 28/28] target/arm: Implement Cortex-M55 model, Peter Maydell, 2020/11/19
- [PATCH v2 27/28] hw/arm/armv7m: Correct typo in QOM object name, Peter Maydell, 2020/11/19
- [PATCH v2 25/28] target/arm: Implement M-profile "minimal RAS implementation", Peter Maydell, 2020/11/19