[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 5/9] target/arm: v8M: Check state of exception being
From: |
Peter Maydell |
Subject: |
[Qemu-devel] [PULL 5/9] target/arm: v8M: Check state of exception being returned from |
Date: |
Thu, 4 Jul 2019 17:07:58 +0100 |
In v8M, an attempt to return from an exception which is not
active is an illegal exception return. For this purpose,
exceptions which can configurably target either Secure or
NonSecure are not considered to be active if they are
configured for the opposite security state for the one
we're trying to return from (eg attempt to return from
an NS NMI but NMI targets Secure). In the pseudocode this
is handled by IsActiveForState().
Detect this case rather than counting an active exception
possibly of the wrong security state as being sufficient.
Signed-off-by: Peter Maydell <address@hidden>
Reviewed-by: Richard Henderson <address@hidden>
Message-id: address@hidden
---
hw/intc/armv7m_nvic.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/hw/intc/armv7m_nvic.c b/hw/intc/armv7m_nvic.c
index 330eb728dd5..9f8f0d3ff55 100644
--- a/hw/intc/armv7m_nvic.c
+++ b/hw/intc/armv7m_nvic.c
@@ -860,7 +860,19 @@ int armv7m_nvic_complete_irq(void *opaque, int irq, bool
secure)
return -1;
}
- ret = nvic_rettobase(s);
+ /*
+ * If this is a configurable exception and it is currently
+ * targeting the opposite security state from the one we're trying
+ * to complete it for, this counts as an illegal exception return.
+ * We still need to deactivate whatever vector the logic above has
+ * selected, though, as it might not be the same as the one for the
+ * requested exception number.
+ */
+ if (!exc_is_banked(irq) && exc_targets_secure(s, irq) != secure) {
+ ret = -1;
+ } else {
+ ret = nvic_rettobase(s);
+ }
vec->active = 0;
if (vec->level) {
--
2.20.1
- [Qemu-devel] [PULL 0/9] target-arm queue, Peter Maydell, 2019/07/04
- [Qemu-devel] [PULL 2/9] target/arm: Restrict semi-hosting to TCG, Peter Maydell, 2019/07/04
- [Qemu-devel] [PULL 1/9] target/arm: Move debug routines to debug_helper.c, Peter Maydell, 2019/07/04
- [Qemu-devel] [PULL 6/9] target/arm: Use _ra versions of cpu_stl_data() in v7M helpers, Peter Maydell, 2019/07/04
- [Qemu-devel] [PULL 5/9] target/arm: v8M: Check state of exception being returned from,
Peter Maydell <=
- [Qemu-devel] [PULL 7/9] hw/timer/armv7m_systick: Forbid non-privileged accesses, Peter Maydell, 2019/07/04
- [Qemu-devel] [PULL 8/9] target/arm: Execute Thumb instructions when their condbits are 0xf, Peter Maydell, 2019/07/04
- [Qemu-devel] [PULL 9/9] target/arm: Correct VMOV_imm_dp handling of short vectors, Peter Maydell, 2019/07/04
- [Qemu-devel] [PULL 4/9] arm v8M: Forcibly clear negative-priority exceptions on deactivate, Peter Maydell, 2019/07/04
- [Qemu-devel] [PULL 3/9] target/arm/helper: Move M profile routines to m_helper.c, Peter Maydell, 2019/07/04
- Re: [Qemu-devel] [PULL 0/9] target-arm queue, Peter Maydell, 2019/07/04
- Re: [Qemu-devel] [PULL 0/9] target-arm queue, no-reply, 2019/07/05