From patchwork Tue Sep 9 16:23:04 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ian Campbell X-Patchwork-Id: 37141 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-oa0-f69.google.com (mail-oa0-f69.google.com [209.85.219.69]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 3AB7020566 for ; Tue, 9 Sep 2014 16:27:16 +0000 (UTC) Received: by mail-oa0-f69.google.com with SMTP id i7sf84843268oag.0 for ; Tue, 09 Sep 2014 09:27:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:mime-version:cc:subject:precedence:list-id :list-unsubscribe:list-post:list-help:list-subscribe:sender :errors-to:x-original-sender:x-original-authentication-results :mailing-list:list-archive:content-type:content-transfer-encoding; bh=kUtIhOl1x6eSO3nyR9sht0KFgqUVUfoMtPdnPypqntM=; b=Q79rWzvEcJDTKDof/dBOw6QADtwhPOL9X6Cm/BwrU1UvslboyLWvd7TPzBhUQ+mmCs Rvl3H4R0CQC9hJn8u1/0I5C+j5+abBymN2oLd6T7Qtf3oGwvrGNW389Jk0gUbFw/KTgC DV1w+/1lTfvODal94HeKbYv5fYJxGtuNA7hOsOHgc8NPGc48wBUJDL7afOVe9LmSVxPR FvoNPEjvl3A/A+gl16cV4G+k8VTwSGREd0FCQsogJp/3yr0WaRZecAWDN08ut15Enczs n1CO75pSKttptj8H9JyzYQKYGxCjdqGPuWjFQXsSTBLXrsDJFpclqkNO9Ds7zKEP8nzj vw1w== X-Gm-Message-State: ALoCoQk/q3ek/V4MUxXSqXIUPeouNPCeoiSGIg/9n+Th9TuuOaCW8XHEr20YzJkB12BwrA3r3ZhB X-Received: by 10.182.29.65 with SMTP id i1mr20837126obh.30.1410280034891; Tue, 09 Sep 2014 09:27:14 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.140.88.203 with SMTP id t69ls2243736qgd.30.gmail; Tue, 09 Sep 2014 09:27:14 -0700 (PDT) X-Received: by 10.220.86.193 with SMTP id t1mr31536431vcl.22.1410280034815; Tue, 09 Sep 2014 09:27:14 -0700 (PDT) Received: from mail-vc0-f170.google.com (mail-vc0-f170.google.com [209.85.220.170]) by mx.google.com with ESMTPS id l1si5357442vca.33.2014.09.09.09.27.14 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 09 Sep 2014 09:27:14 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.220.170 as permitted sender) client-ip=209.85.220.170; Received: by mail-vc0-f170.google.com with SMTP id hy4so2630640vcb.1 for ; Tue, 09 Sep 2014 09:27:14 -0700 (PDT) X-Received: by 10.52.163.52 with SMTP id yf20mr5358706vdb.40.1410280034725; Tue, 09 Sep 2014 09:27:14 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.221.45.67 with SMTP id uj3csp310469vcb; Tue, 9 Sep 2014 09:27:14 -0700 (PDT) X-Received: by 10.52.160.10 with SMTP id xg10mr26519667vdb.1.1410280033991; Tue, 09 Sep 2014 09:27:13 -0700 (PDT) Received: from lists.xen.org (lists.xen.org. [50.57.142.19]) by mx.google.com with ESMTPS id fd7si5342466vcb.71.2014.09.09.09.27.13 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 09 Sep 2014 09:27:13 -0700 (PDT) Received-SPF: none (google.com: xen-devel-bounces@lists.xen.org does not designate permitted sender hosts) client-ip=50.57.142.19; Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XROF1-0003u3-7W; Tue, 09 Sep 2014 16:26:03 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XROEz-0003rd-Ay for xen-devel@lists.xen.org; Tue, 09 Sep 2014 16:26:01 +0000 Received: from [85.158.139.211:38759] by server-3.bemta-5.messagelabs.com id 8F/1E-13873-81A2F045; Tue, 09 Sep 2014 16:26:00 +0000 X-Env-Sender: Ian.Campbell@citrix.com X-Msg-Ref: server-7.tower-206.messagelabs.com!1410279955!13474798!3 X-Originating-IP: [66.165.176.89] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogNjYuMTY1LjE3Ni44OSA9PiAyMDMwMDc=\n X-StarScan-Received: X-StarScan-Version: 6.11.3; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27711 invoked from network); 9 Sep 2014 16:25:59 -0000 Received: from smtp.citrix.com (HELO SMTP.CITRIX.COM) (66.165.176.89) by server-7.tower-206.messagelabs.com with RC4-SHA encrypted SMTP; 9 Sep 2014 16:25:59 -0000 X-IronPort-AV: E=Sophos;i="5.04,492,1406592000"; d="scan'208";a="169814318" Received: from ukmail1.uk.xensource.com (10.80.16.128) by smtprelay.citrix.com (10.13.107.78) with Microsoft SMTP Server id 14.3.181.6; Tue, 9 Sep 2014 12:23:14 -0400 Received: from drall.uk.xensource.com ([10.80.16.71]) by ukmail1.uk.xensource.com with smtp (Exim 4.69) (envelope-from ) id 1XROCH-0001uT-5D; Tue, 09 Sep 2014 17:23:14 +0100 Received: by drall.uk.xensource.com (sSMTP sendmail emulation); Tue, 09 Sep 2014 17:23:13 +0100 From: Ian Campbell To: Date: Tue, 9 Sep 2014 17:23:04 +0100 Message-ID: <1410279788-27167-5-git-send-email-ian.campbell@citrix.com> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1410279730.8217.238.camel@kazak.uk.xensource.com> References: <1410279730.8217.238.camel@kazak.uk.xensource.com> MIME-Version: 1.0 X-DLP: MIA1 Cc: julien.grall@linaro.org, tim@xen.org, Ian Campbell , stefano.stabellini@eu.citrix.com Subject: [Xen-devel] [PATCH 5/9] xen: arm: Handle CP15 register traps from userspace X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Post: , List-Help: , List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: ian.campbell@citrix.com X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.220.170 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 List-Archive: Previously userspace access to PM* would have been incorrectly (but benignly) implemented as RAZ/WI when running on a 32-bit kernel and would cause a hypervisor exception (host crash) when running a 64-bit kernel (this was already solved via the fix to XSA-102). CLIDR, CCSIDR, DCCISW, ACTLR, PMINTENSET, PMINTENCLR are EL1 only, attempts to access from EL0 will trap to EL1 not to us, hence BUG_ON is appropriate now. PMUSERENR is R/O at EL0 and we implement as RAZ/WI at EL1 as before. The remaining PM* registers are accessible to EL0 only if PMUSERENR_EL0.EN is set, since we emulate this as RAZ/WI the bit is never set so we inject a trap on attempted access. We weren't previously handling PMCCNTR. Signed-off-by: Ian Campbell --- xen/arch/arm/traps.c | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 46ed21d..e7a2791 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -1446,6 +1446,7 @@ static void do_cp15_32(struct cpu_user_regs *regs, switch ( hsr.bits & HSR_CP32_REGS_MASK ) { case HSR_CPREG32(CLIDR): + BUG_ON(psr_mode_is_user(regs)); if ( !cp32.read ) { dprintk(XENLOG_ERR, @@ -1455,6 +1456,7 @@ static void do_cp15_32(struct cpu_user_regs *regs, *r = READ_SYSREG32(CLIDR_EL1); break; case HSR_CPREG32(CCSIDR): + BUG_ON(psr_mode_is_user(regs)); if ( !cp32.read ) { dprintk(XENLOG_ERR, @@ -1464,6 +1466,7 @@ static void do_cp15_32(struct cpu_user_regs *regs, *r = READ_SYSREG32(CCSIDR_EL1); break; case HSR_CPREG32(DCCISW): + BUG_ON(psr_mode_is_user(regs)); if ( cp32.read ) { dprintk(XENLOG_ERR, @@ -1481,6 +1484,7 @@ static void do_cp15_32(struct cpu_user_regs *regs, goto undef_cp15_32; case HSR_CPREG32(ACTLR): + BUG_ON(psr_mode_is_user(regs)); if ( cp32.read ) *r = v->arch.actlr; break; @@ -1493,6 +1497,18 @@ static void do_cp15_32(struct cpu_user_regs *regs, * always support PMCCNTR (the cyle counter): we just RAZ/WI for all * PM register, which doesn't crash the kernel at least */ + case HSR_CPREG32(PMUSERENR): + /* RO at EL0. RAZ/WI at EL1 */ + if ( psr_mode_is_user(regs) && !hsr.cp32.read ) + goto undef_cp15_32; + goto cp15_32_raz_wi; + + case HSR_CPREG32(PMINTENSET): + case HSR_CPREG32(PMINTENCLR): + /* EL1 only */ + BUG_ON(psr_mode_is_user(regs)); + goto cp15_32_raz_wi; + case HSR_CPREG32(PMCR): case HSR_CPREG32(PMCNTENSET): case HSR_CPREG32(PMCNTENCLR): @@ -1504,12 +1520,19 @@ static void do_cp15_32(struct cpu_user_regs *regs, case HSR_CPREG32(PMCCNTR): case HSR_CPREG32(PMXEVTYPER): case HSR_CPREG32(PMXEVCNTR): - case HSR_CPREG32(PMUSERENR): - case HSR_CPREG32(PMINTENSET): - case HSR_CPREG32(PMINTENCLR): case HSR_CPREG32(PMOVSSET): + /* + * Accessible at EL0 only if PMUSERENR_EL0.EN is set. We + * emulate that register as 0 above. + */ + if ( psr_mode_is_user(regs) ) + goto undef_cp15_32; + /* Fall thru */ + + cp15_32_raz_wi: if ( cp32.read ) *r = 0; + /* else: write ignored */ break; default: @@ -1908,8 +1931,7 @@ asmlinkage void do_trap_hypervisor(struct cpu_user_regs *regs) advance_pc(regs, hsr); break; case HSR_EC_CP15_32: - if ( !is_32bit_domain(current->domain) ) - goto bad_trap; + BUG_ON(!psr_mode_is_32bit(regs->cpsr)); do_cp15_32(regs, hsr); break; case HSR_EC_CP15_64: