From: Richard Henderson <richard.henderson@linaro.org>
To: Peter Maydell <peter.maydell@linaro.org>,
qemu-arm@nongnu.org, qemu-devel@nongnu.org
Subject: Re: [PATCH] target/arm: Use correct SP in M-profile exception return
Date: Mon, 24 May 2021 06:40:11 -0700 [thread overview]
Message-ID: <6f9ac2a7-3a69-5a91-007a-72a38373daf9@linaro.org> (raw)
In-Reply-To: <20210520130905.2049-1-peter.maydell@linaro.org>
On 5/20/21 6:09 AM, Peter Maydell wrote:
> When an M-profile CPU is restoring registers from the stack on
> exception return, the stack pointer to use is determined based on
> bits in the magic exception return type value. We were not getting
> this logic entirely correct.
>
> Whether we use one of the Secure stack pointers or one of the
> Non-Secure stack pointers depends on the EXCRET.S bit. However,
> whether we use the MSP or the PSP then depends on the SPSEL bit in
> either the CONTROL_S or CONTROL_NS register. We were incorrectly
> selecting MSP vs PSP based on the EXCRET.SPSEL bit.
>
> (In the pseudocode this is in the PopStack() function, which calls
> LookUpSp_with_security_mode() which in turn looks at the relevant
> CONTROL.SPSEL bit.)
>
> The buggy behaviour wasn't noticeable in most cases, because we write
> EXCRET.SPSEL to the CONTROL.SPSEL bit for the S/NS register selected
> by EXCRET.ES, so we only do the wrong thing when EXCRET.S and
> EXCRET.ES are different. This will happen when secure code takes a
> secure exception, which then tail-chains to a non-secure exception
> which finally returns to the original secure code.
>
> Signed-off-by: Peter Maydell<peter.maydell@linaro.org>
> ---
> This was noticed by the Arm TF-M folks, who have a pending change
> to their code which will run into the situation we mishandle.
> ---
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
prev parent reply other threads:[~2021-05-24 13:41 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-20 13:09 [PATCH] target/arm: Use correct SP in M-profile exception return Peter Maydell
2021-05-24 13:40 ` Richard Henderson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6f9ac2a7-3a69-5a91-007a-72a38373daf9@linaro.org \
--to=richard.henderson@linaro.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.