qemu/target
Peter Maydell 659f042ba8 target/arm: Use correct SP in M-profile exception return
When an M-profile CPU is restoring registers from the stack on
exception return, the stack pointer to use is determined based on
bits in the magic exception return type value.  We were not getting
this logic entirely correct.

Whether we use one of the Secure stack pointers or one of the
Non-Secure stack pointers depends on the EXCRET.S bit.  However,
whether we use the MSP or the PSP then depends on the SPSEL bit in
either the CONTROL_S or CONTROL_NS register.  We were incorrectly
selecting MSP vs PSP based on the EXCRET.SPSEL bit.

(In the pseudocode this is in the PopStack() function, which calls
LookUpSp_with_security_mode() which in turn looks at the relevant
CONTROL.SPSEL bit.)

The buggy behaviour wasn't noticeable in most cases, because we write
EXCRET.SPSEL to the CONTROL.SPSEL bit for the S/NS register selected
by EXCRET.ES, so we only do the wrong thing when EXCRET.S and
EXCRET.ES are different.  This will happen when secure code takes a
secure exception, which then tail-chains to a non-secure exception
which finally returns to the original secure code.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210520130905.2049-1-peter.maydell@linaro.org
2021-05-25 16:01:43 +01:00
..
alpha target/alpha: fix icount handling for timer instructions 2021-04-05 07:32:56 -07:00
arm target/arm: Use correct SP in M-profile exception return 2021-05-25 16:01:43 +01:00
avr target/avr: Ignore unimplemented WDR opcode 2021-05-13 19:18:42 +02:00
cris target/cris: Plug leakage of TCG temporaries 2021-02-22 09:04:58 +01:00
hexagon Trivial patches pull request 20210503 2021-05-05 13:52:00 +01:00
hppa exec: Use cpu_untagged_addr in g2h; split out g2h_untagged 2021-02-16 11:04:53 +00:00
i386 s390x fixes and cleanups; also related fixes in xtensa, 2021-05-20 18:42:00 +01:00
m68k Prepare MacOS ROM support: 2021-03-12 18:56:56 +00:00
microblaze cpu: tcg_ops: move to tcg-cpu-ops.h, keep a pointer in CPUClass 2021-02-05 10:24:15 -10:00
mips target/mips: Set set_default_nan_mode with set_snan_bit_is_one 2021-05-16 07:13:51 -05:00
nios2 semihosting: Move include/hw/semihosting/ -> include/semihosting/ 2021-03-10 15:34:12 +00:00
openrisc Do not include sysemu/sysemu.h if it's not really necessary 2021-05-02 17:24:50 +02:00
ppc target/ppc: Remove type argument for mmubooke206_get_physical_address 2021-05-19 12:52:07 +10:00
riscv target/riscv: Fix the RV64H decode comment 2021-05-11 20:02:07 +10:00
rx Do not include sysemu/sysemu.h if it's not really necessary 2021-05-02 17:24:50 +02:00
s390x target/s390x: Fix translation exception on illegal instruction 2021-05-20 14:19:30 +02:00
sh4 target/sh4: Return error if CPUClass::get_phys_page_debug() fails 2021-05-13 19:00:50 +02:00
sparc hw/sparc*: Move cpu_check_irqs() to target/sparc/ 2021-05-04 22:45:53 +01:00
tricore target/tricore: Fix OPC2_32_RRPW_EXTR for width=0 2021-03-14 14:49:01 +01:00
xtensa target/xtensa: clean up unaligned access 2021-05-20 13:02:58 -07:00
meson.build Drop the deprecated unicore32 target 2021-05-12 18:20:52 +02:00