Question about Cortex-M exceptions and ES bit value

qemu-arm

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Question about Cortex-M exceptions and ES bit value

From:	Igor Kotrasinski/Security (PLT) /SRPOL/Engineer/Samsung Electronics
Subject:	Question about Cortex-M exceptions and ES bit value
Date:	Wed, 14 Dec 2022 14:10:36 +0100
User-agent:	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0

Hi,

I'm playing around with hacking in support for a custom Cortex-M board, 
and I noticed something strange in exception entry code. The 
av7m_exception_taken function has a bit like this:

 > if (arm_feature(env, ARM_FEATURE_V8)) {
 >     ...
 >     lr &= ~R_V7M_EXCRET_ES_MASK;
 >     if (targets_secure || !arm_feature(env, ARM_FEATURE_M_SECURITY)) {
 >         lr |= R_V7M_EXCRET_ES_MASK;
 >     }
 > }

Meaning that, if Cortex-M security extensions are NOT present, the ES 
bit is set. However, in the reference manual for Armv8-M the roughly 
equivalent ExceptionTaken() function does something like this:

 > assert(HaveSecurityExt() || !excIsSecure);
 > ...
 > if excIsSecure then
 >     LR<2> = CONTROL_S.SPSEL;
 >     LR<0> = '1';
 > else
 >     LR<2> = CONTROL_NS.SPSEL;
 >     LR<0> = '0';

That looks to me like the ES bit (LR<0>) should NOT be set if security 
extensions are NOT present. Am I correct, is it a bug?

Thanks,
Igor

[Prev in Thread]

Current Thread

[Next in Thread]

Question about Cortex-M exceptions and ES bit value, Igor Kotrasinski/Security (PLT) /SRPOL/Engineer/Samsung Electronics <=
- Re: Question about Cortex-M exceptions and ES bit value, Peter Maydell, 2022/12/14

Prev by Date: Re: [PATCH 0/6] target/arm: general cleanups
Next by Date: Re: Question about Cortex-M exceptions and ES bit value
Previous by thread: Re: [PATCH v2 for-8.0 0/2] pci: drop redundant PCIDeviceClass::is_bridge field
Next by thread: Re: Question about Cortex-M exceptions and ES bit value
Index(es):
- Date
- Thread