qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-arm@nongnu.org, qemu-devel@nongnu.org
Subject: [PATCH v2 23/28] target/arm: Implement CCR_S.TRD behaviour for SG insns
Date: Thu, 19 Nov 2020 21:56:12 +0000	[thread overview]
Message-ID: <20201119215617.29887-24-peter.maydell@linaro.org> (raw)
In-Reply-To: <20201119215617.29887-1-peter.maydell@linaro.org>

v8.1M introduces a new TRD flag in the CCR register, which enables
checking for stack frame integrity signatures on SG instructions.
Add the code in the SG insn implementation for the new behaviour.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target/arm/m_helper.c | 86 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 86 insertions(+)

diff --git a/target/arm/m_helper.c b/target/arm/m_helper.c
index 0bdd3cc10e9..643dcafb83d 100644
--- a/target/arm/m_helper.c
+++ b/target/arm/m_helper.c
@@ -1999,6 +1999,64 @@ static bool v7m_read_half_insn(ARMCPU *cpu, ARMMMUIdx mmu_idx,
     return true;
 }
 
+static bool v7m_read_sg_stack_word(ARMCPU *cpu, ARMMMUIdx mmu_idx,
+                                   uint32_t addr, uint32_t *spdata)
+{
+    /*
+     * Read a word of data from the stack for the SG instruction,
+     * writing the value into *spdata. If the load succeeds, return
+     * true; otherwise pend an appropriate exception and return false.
+     * (We can't use data load helpers here that throw an exception
+     * because of the context we're called in, which is halfway through
+     * arm_v7m_cpu_do_interrupt().)
+     */
+    CPUState *cs = CPU(cpu);
+    CPUARMState *env = &cpu->env;
+    MemTxAttrs attrs = {};
+    MemTxResult txres;
+    target_ulong page_size;
+    hwaddr physaddr;
+    int prot;
+    ARMMMUFaultInfo fi = {};
+    ARMCacheAttrs cacheattrs = {};
+    uint32_t value;
+
+    if (get_phys_addr(env, addr, MMU_DATA_LOAD, mmu_idx, &physaddr,
+                      &attrs, &prot, &page_size, &fi, &cacheattrs)) {
+        /* MPU/SAU lookup failed */
+        if (fi.type == ARMFault_QEMU_SFault) {
+            qemu_log_mask(CPU_LOG_INT,
+                          "...SecureFault during stack word read\n");
+            env->v7m.sfsr |= R_V7M_SFSR_AUVIOL_MASK | R_V7M_SFSR_SFARVALID_MASK;
+            env->v7m.sfar = addr;
+            armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_SECURE, false);
+        } else {
+            qemu_log_mask(CPU_LOG_INT,
+                          "...MemManageFault during stack word read\n");
+            env->v7m.cfsr[M_REG_S] |= R_V7M_CFSR_DACCVIOL_MASK |
+                R_V7M_CFSR_MMARVALID_MASK;
+            env->v7m.mmfar[M_REG_S] = addr;
+            armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_MEM, false);
+        }
+        return false;
+    }
+    value = address_space_ldl(arm_addressspace(cs, attrs), physaddr,
+                              attrs, &txres);
+    if (txres != MEMTX_OK) {
+        /* BusFault trying to read the data */
+        qemu_log_mask(CPU_LOG_INT,
+                      "...BusFault during stack word read\n");
+        env->v7m.cfsr[M_REG_NS] |=
+            (R_V7M_CFSR_PRECISERR_MASK | R_V7M_CFSR_BFARVALID_MASK);
+        env->v7m.bfar = addr;
+        armv7m_nvic_set_pending(env->nvic, ARMV7M_EXCP_BUS, false);
+        return false;
+    }
+
+    *spdata = value;
+    return true;
+}
+
 static bool v7m_handle_execute_nsc(ARMCPU *cpu)
 {
     /*
@@ -2055,6 +2113,34 @@ static bool v7m_handle_execute_nsc(ARMCPU *cpu)
      */
     qemu_log_mask(CPU_LOG_INT, "...really an SG instruction at 0x%08" PRIx32
                   ", executing it\n", env->regs[15]);
+
+    if (cpu_isar_feature(aa32_m_sec_state, cpu) &&
+        !arm_v7m_is_handler_mode(env)) {
+        /*
+         * v8.1M exception stack frame integrity check. Note that we
+         * must perform the memory access even if CCR_S.TRD is zero
+         * and we aren't going to check what the data loaded is.
+         */
+        uint32_t spdata, sp;
+
+        /*
+         * We know we are currently NS, so the S stack pointers must be
+         * in other_ss_{psp,msp}, not in regs[13]/other_sp.
+         */
+        sp = v7m_using_psp(env) ? env->v7m.other_ss_psp : env->v7m.other_ss_msp;
+        if (!v7m_read_sg_stack_word(cpu, mmu_idx, sp, &spdata)) {
+            /* Stack access failed and an exception has been pended */
+            return false;
+        }
+
+        if (env->v7m.ccr[M_REG_S] & R_V7M_CCR_TRD_MASK) {
+            if (((spdata & ~1) == 0xfefa125a) ||
+                !(env->v7m.control[M_REG_S] & 1)) {
+                goto gen_invep;
+            }
+        }
+    }
+
     env->regs[14] &= ~1;
     env->v7m.control[M_REG_S] &= ~R_V7M_CONTROL_SFPA_MASK;
     switch_v7m_security_state(env, true);
-- 
2.20.1



  parent reply	other threads:[~2020-11-19 22:24 UTC|newest]

Thread overview: 54+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-19 21:55 [PATCH v2 00/28] target/arm: Implement v8.1M and Cortex-M55 Peter Maydell
2020-11-19 21:55 ` [PATCH v2 01/28] hw/intc/armv7m_nvic: Make all of system PPB range be RAZWI/BusFault Peter Maydell
2020-11-19 21:55 ` [PATCH v2 02/28] target/arm: Implement v8.1M PXN extension Peter Maydell
2020-11-19 21:55 ` [PATCH v2 03/28] target/arm: Don't clobber ID_PFR1.Security on M-profile cores Peter Maydell
2020-11-19 21:55 ` [PATCH v2 04/28] target/arm: Implement VSCCLRM insn Peter Maydell
2020-11-19 21:55 ` [PATCH v2 05/28] target/arm: Implement CLRM instruction Peter Maydell
2020-11-19 21:55 ` [PATCH v2 06/28] target/arm: Enforce M-profile VMRS/VMSR register restrictions Peter Maydell
2020-11-19 21:55 ` [PATCH v2 07/28] target/arm: Refactor M-profile VMSR/VMRS handling Peter Maydell
2020-12-01 12:54   ` Richard Henderson
2020-11-19 21:55 ` [PATCH v2 08/28] target/arm: Move general-use constant expanders up in translate.c Peter Maydell
2020-11-19 21:55 ` [PATCH v2 09/28] target/arm: Implement VLDR/VSTR system register Peter Maydell
2020-12-01 13:11   ` Richard Henderson
2020-12-03 11:39     ` Peter Maydell
2020-12-03 16:14       ` Richard Henderson
2020-11-19 21:55 ` [PATCH v2 10/28] target/arm: Implement M-profile FPSCR_nzcvqc Peter Maydell
2020-12-01 13:16   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 11/28] target/arm: Use new FPCR_NZCV_MASK constant Peter Maydell
2020-11-19 21:56 ` [PATCH v2 12/28] target/arm: Factor out preserve-fp-state from full_vfp_access_check() Peter Maydell
2020-11-19 22:18   ` Philippe Mathieu-Daudé
2020-11-19 21:56 ` [PATCH v2 13/28] target/arm: Implement FPCXT_S fp system register Peter Maydell
2020-12-01 13:40   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 14/28] target/arm: Implement FPCXT_NS " Peter Maydell
2020-12-01 14:05   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 15/28] hw/intc/armv7m_nvic: Update FPDSCR masking for v8.1M Peter Maydell
2020-12-01 14:28   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 16/28] target/arm: For v8.1M, always clear R0-R3, R12, APSR, EPSR on exception entry Peter Maydell
2020-12-01 14:33   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 17/28] target/arm: In v8.1M, don't set HFSR.FORCED on vector table fetch failures Peter Maydell
2020-12-01 14:41   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 18/28] target/arm: Implement v8.1M REVIDR register Peter Maydell
2020-12-01 14:43   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 19/28] target/arm: Implement new v8.1M NOCP check for exception return Peter Maydell
2020-12-01 14:49   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 20/28] target/arm: Implement new v8.1M VLLDM and VLSTM encodings Peter Maydell
2020-12-01 15:09   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 21/28] hw/intc/armv7m_nvic: Correct handling of CCR.BFHFNMIGN Peter Maydell
2020-12-01 15:16   ` Richard Henderson
2020-12-01 15:22     ` Peter Maydell
2020-11-19 21:56 ` [PATCH v2 22/28] hw/intc/armv7m_nvic: Support v8.1M CCR.TRD bit Peter Maydell
2020-12-01 15:19   ` Richard Henderson
2020-11-19 21:56 ` Peter Maydell [this message]
2020-12-01 15:53   ` [PATCH v2 23/28] target/arm: Implement CCR_S.TRD behaviour for SG insns Richard Henderson
2020-11-19 21:56 ` [PATCH v2 24/28] hw/intc/armv7m_nvic: Fix "return from inactive handler" check Peter Maydell
2020-12-01 15:58   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 25/28] target/arm: Implement M-profile "minimal RAS implementation" Peter Maydell
2020-12-01 16:04   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 26/28] hw/intc/armv7m_nvic: Implement read/write for RAS register block Peter Maydell
2020-12-01 16:11   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 27/28] hw/arm/armv7m: Correct typo in QOM object name Peter Maydell
2020-11-19 22:19   ` Philippe Mathieu-Daudé
2020-12-01 16:12   ` Richard Henderson
2020-11-19 21:56 ` [PATCH v2 28/28] target/arm: Implement Cortex-M55 model Peter Maydell
2020-12-01 16:24   ` Richard Henderson
2020-12-03 12:02 ` [PATCH v2 00/28] target/arm: Implement v8.1M and Cortex-M55 Peter Maydell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20201119215617.29887-24-peter.maydell@linaro.org \
    --to=peter.maydell@linaro.org \
    --cc=qemu-arm@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).