| Message ID | 20180709124535.1116-1-peter.maydell@linaro.org |
|---|---|
| State | New |
| Headers | show |
| Series | [for-3.0] target/arm: Use correct mmu_idx for exception-return unstacking | expand |
On 07/09/2018 05:45 AM, Peter Maydell wrote: > For M-profile exception returns, the mmu index to use for exception > return unstacking is supposed to be that of wherever we are returning to: > * if returning to handler mode, privileged > * if returning to thread mode, privileged or unprivileged depending on > CONTROL.nPRIV for the destination security state > > We were passing the wrong thing as the 'priv' argument to > arm_v7m_mmu_idx_for_secstate_and_priv(). The effect was that guests > which programmed the MPU to behave differently for privileged and > unprivileged code could get spurious MemManage Unstack exceptions. > > Reported-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com> > Signed-off-by: Peter Maydell <peter.maydell@linaro.org> > --- > target/arm/helper.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) Reviewed-by: Richard Henderson <richard.henderson@linaro.org> r~
On 9 July 2018 at 15:30, Richard Henderson <richard.henderson@linaro.org> wrote: > On 07/09/2018 05:45 AM, Peter Maydell wrote: >> For M-profile exception returns, the mmu index to use for exception >> return unstacking is supposed to be that of wherever we are returning to: >> * if returning to handler mode, privileged >> * if returning to thread mode, privileged or unprivileged depending on >> CONTROL.nPRIV for the destination security state >> >> We were passing the wrong thing as the 'priv' argument to >> arm_v7m_mmu_idx_for_secstate_and_priv(). The effect was that guests >> which programmed the MPU to behave differently for privileged and >> unprivileged code could get spurious MemManage Unstack exceptions. >> >> Reported-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com> >> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> >> --- >> target/arm/helper.c | 4 +++- >> 1 file changed, 3 insertions(+), 1 deletion(-) > > Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Thanks; applied to master for 3.0-rc0. -- PMM
diff --git a/target/arm/helper.c b/target/arm/helper.c index a2ac96084e7..0604a0efbe2 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -7171,9 +7171,11 @@ static void do_v7m_exception_exit(ARMCPU *cpu) uint32_t frameptr = *frame_sp_p; bool pop_ok = true; ARMMMUIdx mmu_idx; + bool return_to_priv = return_to_handler || + !(env->v7m.control[return_to_secure] & R_V7M_CONTROL_NPRIV_MASK); mmu_idx = arm_v7m_mmu_idx_for_secstate_and_priv(env, return_to_secure, - !return_to_handler); + return_to_priv); if (!QEMU_IS_ALIGNED(frameptr, 8) && arm_feature(env, ARM_FEATURE_V8)) {
For M-profile exception returns, the mmu index to use for exception return unstacking is supposed to be that of wherever we are returning to: * if returning to handler mode, privileged * if returning to thread mode, privileged or unprivileged depending on CONTROL.nPRIV for the destination security state We were passing the wrong thing as the 'priv' argument to arm_v7m_mmu_idx_for_secstate_and_priv(). The effect was that guests which programmed the MPU to behave differently for privileged and unprivileged code could get spurious MemManage Unstack exceptions. Reported-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> --- target/arm/helper.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)