* [PATCHv2 0/4] target/arm: fix missing exception class
@ 2021-05-26 12:18 Jamie Iles
2021-05-26 12:18 ` [PATCHv2 1/4] " Jamie Iles
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Jamie Iles @ 2021-05-26 12:18 UTC (permalink / raw)
To: qemu-arm; +Cc: Jamie Iles, qemu-devel
Thanks Peter for the suggestions, I also added a patch to switch a
couple of cpu_restore_state+raise_exception pairs in stack limit
exception handling for both v7m and v8m.
v2:
- fix raise_exception_ra to restore state before raising exception
- remove redundant do_raise_exception
- remove now redundant open coded raise_exception_ra from MTE and stack
limit exception handling
Jamie Iles (4):
target/arm: fix missing exception class
target/arm: fold do_raise_exception into raise_exception
target/arm: use raise_exception_ra for MTE check failure
target/arm: use raise_exception_ra for stack limit exception
target/arm/m_helper.c | 5 +----
target/arm/mte_helper.c | 11 ++---------
target/arm/op_helper.c | 28 +++++++---------------------
3 files changed, 10 insertions(+), 34 deletions(-)
--
2.30.2
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCHv2 1/4] target/arm: fix missing exception class
2021-05-26 12:18 [PATCHv2 0/4] target/arm: fix missing exception class Jamie Iles
@ 2021-05-26 12:18 ` Jamie Iles
2021-05-26 12:18 ` [PATCHv2 2/4] target/arm: fold do_raise_exception into raise_exception Jamie Iles
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Jamie Iles @ 2021-05-26 12:18 UTC (permalink / raw)
To: qemu-arm; +Cc: Peter Maydell, Jamie Iles, Richard Henderson, qemu-devel
The DAIF and PAC checks used raise_exception_ra to raise an exception
and unwind CPU state but raise_exception_ra is currently designed for
handling data aborts as the syndrome is partially precomputed and
encoded in the TB and then merged in merge_syn_data_abort when handling
the data abort. Using raise_exception_ra for DAIF and PAC checks
results in an empty syndrome being retrieved from data[2] in
restore_state_to_opc and setting ESR to 0. This manifested as:
kvm [571]: Unknown exception class: esr: 0x000000 –
Unknown/Uncategorized
when launching a KVM guest when the host qemu used a CPU supporting
EL2+pointer authentication and enabling pointer authentication in the
guest.
Rework raise_exception_ra such that the state is restored before raising
the exception so that the exception is not clobbered by
restore_state_to_opc.
Fixes: 0d43e1a2d29a ("target/arm: Add PAuth helpers")
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jamie Iles <jamie@nuviainc.com>
---
target/arm/op_helper.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
index efcb60099277..078ed74ab962 100644
--- a/target/arm/op_helper.c
+++ b/target/arm/op_helper.c
@@ -63,8 +63,10 @@ void raise_exception(CPUARMState *env, uint32_t excp,
void raise_exception_ra(CPUARMState *env, uint32_t excp, uint32_t syndrome,
uint32_t target_el, uintptr_t ra)
{
- CPUState *cs = do_raise_exception(env, excp, syndrome, target_el);
- cpu_loop_exit_restore(cs, ra);
+ CPUState *cs = env_cpu(env);
+
+ cpu_restore_state(cs, ra, true);
+ raise_exception(env, excp, syndrome, target_el);
}
uint64_t HELPER(neon_tbl)(CPUARMState *env, uint32_t desc,
--
2.30.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCHv2 2/4] target/arm: fold do_raise_exception into raise_exception
2021-05-26 12:18 [PATCHv2 0/4] target/arm: fix missing exception class Jamie Iles
2021-05-26 12:18 ` [PATCHv2 1/4] " Jamie Iles
@ 2021-05-26 12:18 ` Jamie Iles
2021-05-26 12:18 ` [PATCHv2 3/4] target/arm: use raise_exception_ra for MTE check failure Jamie Iles
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Jamie Iles @ 2021-05-26 12:18 UTC (permalink / raw)
To: qemu-arm; +Cc: Peter Maydell, Jamie Iles, Richard Henderson, qemu-devel
Now that there are no other users of do_raise_exception, fold it into
raise_exception.
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jamie Iles <jamie@nuviainc.com>
---
target/arm/op_helper.c | 12 ++----------
1 file changed, 2 insertions(+), 10 deletions(-)
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
index 078ed74ab962..3b3daa955598 100644
--- a/target/arm/op_helper.c
+++ b/target/arm/op_helper.c
@@ -27,8 +27,8 @@
#define SIGNBIT (uint32_t)0x80000000
#define SIGNBIT64 ((uint64_t)1 << 63)
-static CPUState *do_raise_exception(CPUARMState *env, uint32_t excp,
- uint32_t syndrome, uint32_t target_el)
+void raise_exception(CPUARMState *env, uint32_t excp,
+ uint32_t syndrome, uint32_t target_el)
{
CPUState *cs = env_cpu(env);
@@ -49,14 +49,6 @@ static CPUState *do_raise_exception(CPUARMState *env, uint32_t excp,
cs->exception_index = excp;
env->exception.syndrome = syndrome;
env->exception.target_el = target_el;
-
- return cs;
-}
-
-void raise_exception(CPUARMState *env, uint32_t excp,
- uint32_t syndrome, uint32_t target_el)
-{
- CPUState *cs = do_raise_exception(env, excp, syndrome, target_el);
cpu_loop_exit(cs);
}
--
2.30.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCHv2 3/4] target/arm: use raise_exception_ra for MTE check failure
2021-05-26 12:18 [PATCHv2 0/4] target/arm: fix missing exception class Jamie Iles
2021-05-26 12:18 ` [PATCHv2 1/4] " Jamie Iles
2021-05-26 12:18 ` [PATCHv2 2/4] target/arm: fold do_raise_exception into raise_exception Jamie Iles
@ 2021-05-26 12:18 ` Jamie Iles
2021-05-26 12:18 ` [PATCHv2 4/4] target/arm: use raise_exception_ra for stack limit exception Jamie Iles
2021-06-03 10:30 ` [PATCHv2 0/4] target/arm: fix missing exception class Peter Maydell
4 siblings, 0 replies; 6+ messages in thread
From: Jamie Iles @ 2021-05-26 12:18 UTC (permalink / raw)
To: qemu-arm; +Cc: Peter Maydell, Jamie Iles, Richard Henderson, qemu-devel
Now that raise_exception_ra restores the state before raising the
exception we can use restore_exception_ra to perform the state restore +
exception raising without clobbering the syndrome.
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jamie Iles <jamie@nuviainc.com>
---
target/arm/mte_helper.c | 11 ++---------
1 file changed, 2 insertions(+), 9 deletions(-)
diff --git a/target/arm/mte_helper.c b/target/arm/mte_helper.c
index a6fccc6e69e2..d48419583747 100644
--- a/target/arm/mte_helper.c
+++ b/target/arm/mte_helper.c
@@ -563,20 +563,13 @@ static void mte_check_fail(CPUARMState *env, uint32_t desc,
switch (tcf) {
case 1:
- /*
- * Tag check fail causes a synchronous exception.
- *
- * In restore_state_to_opc, we set the exception syndrome
- * for the load or store operation. Unwind first so we
- * may overwrite that with the syndrome for the tag check.
- */
- cpu_restore_state(env_cpu(env), ra, true);
env->exception.vaddress = dirty_ptr;
is_write = FIELD_EX32(desc, MTEDESC, WRITE);
syn = syn_data_abort_no_iss(arm_current_el(env) != 0, 0, 0, 0, 0,
is_write, 0x11);
- raise_exception(env, EXCP_DATA_ABORT, syn, exception_target_el(env));
+ raise_exception_ra(env, EXCP_DATA_ABORT, syn,
+ exception_target_el(env), ra);
/* noreturn, but fall through to the assert anyway */
case 0:
--
2.30.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCHv2 4/4] target/arm: use raise_exception_ra for stack limit exception
2021-05-26 12:18 [PATCHv2 0/4] target/arm: fix missing exception class Jamie Iles
` (2 preceding siblings ...)
2021-05-26 12:18 ` [PATCHv2 3/4] target/arm: use raise_exception_ra for MTE check failure Jamie Iles
@ 2021-05-26 12:18 ` Jamie Iles
2021-06-03 10:30 ` [PATCHv2 0/4] target/arm: fix missing exception class Peter Maydell
4 siblings, 0 replies; 6+ messages in thread
From: Jamie Iles @ 2021-05-26 12:18 UTC (permalink / raw)
To: qemu-arm; +Cc: Peter Maydell, Jamie Iles, Richard Henderson, qemu-devel
Now that raise_exception_ra restores the state before raising the
exception we can use restore_exception_ra to perform the state restore +
exception raising without clobbering the PC/condbits.
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jamie Iles <jamie@nuviainc.com>
---
target/arm/m_helper.c | 5 +----
target/arm/op_helper.c | 10 +---------
2 files changed, 2 insertions(+), 13 deletions(-)
diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
index d63ae465e1e7..c793dc486f0d 100644
--- a/target/arm/m_helper.c
+++ b/target/arm/m_helper.c
@@ -2600,10 +2600,7 @@ void HELPER(v7m_msr)(CPUARMState *env, uint32_t maskreg, uint32_t val)
limit = is_psp ? env->v7m.psplim[false] : env->v7m.msplim[false];
if (val < limit) {
- CPUState *cs = env_cpu(env);
-
- cpu_restore_state(cs, GETPC(), true);
- raise_exception(env, EXCP_STKOF, 0, 1);
+ raise_exception_ra(env, EXCP_STKOF, 0, 1, GETPC());
}
if (is_psp) {
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
index 3b3daa955598..23365b33feac 100644
--- a/target/arm/op_helper.c
+++ b/target/arm/op_helper.c
@@ -90,15 +90,7 @@ void HELPER(v8m_stackcheck)(CPUARMState *env, uint32_t newvalue)
* raising an exception if the limit is breached.
*/
if (newvalue < v7m_sp_limit(env)) {
- CPUState *cs = env_cpu(env);
-
- /*
- * Stack limit exceptions are a rare case, so rather than syncing
- * PC/condbits before the call, we use cpu_restore_state() to
- * get them right before raising the exception.
- */
- cpu_restore_state(cs, GETPC(), true);
- raise_exception(env, EXCP_STKOF, 0, 1);
+ raise_exception_ra(env, EXCP_STKOF, 0, 1, GETPC());
}
}
--
2.30.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCHv2 0/4] target/arm: fix missing exception class
2021-05-26 12:18 [PATCHv2 0/4] target/arm: fix missing exception class Jamie Iles
` (3 preceding siblings ...)
2021-05-26 12:18 ` [PATCHv2 4/4] target/arm: use raise_exception_ra for stack limit exception Jamie Iles
@ 2021-06-03 10:30 ` Peter Maydell
4 siblings, 0 replies; 6+ messages in thread
From: Peter Maydell @ 2021-06-03 10:30 UTC (permalink / raw)
To: Jamie Iles; +Cc: qemu-arm, QEMU Developers
On Wed, 26 May 2021 at 13:24, Jamie Iles <jamie@nuviainc.com> wrote:
>
> Thanks Peter for the suggestions, I also added a patch to switch a
> couple of cpu_restore_state+raise_exception pairs in stack limit
> exception handling for both v7m and v8m.
>
> v2:
> - fix raise_exception_ra to restore state before raising exception
> - remove redundant do_raise_exception
> - remove now redundant open coded raise_exception_ra from MTE and stack
> limit exception handling
Applied to target-arm.next, thanks. (I tweaked a couple of comments
and commit messages.)
-- PMM
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-06-03 10:31 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-26 12:18 [PATCHv2 0/4] target/arm: fix missing exception class Jamie Iles
2021-05-26 12:18 ` [PATCHv2 1/4] " Jamie Iles
2021-05-26 12:18 ` [PATCHv2 2/4] target/arm: fold do_raise_exception into raise_exception Jamie Iles
2021-05-26 12:18 ` [PATCHv2 3/4] target/arm: use raise_exception_ra for MTE check failure Jamie Iles
2021-05-26 12:18 ` [PATCHv2 4/4] target/arm: use raise_exception_ra for stack limit exception Jamie Iles
2021-06-03 10:30 ` [PATCHv2 0/4] target/arm: fix missing exception class Peter Maydell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.