On 02/12/16 13:41, Kyrill Tkachov wrote: > Hi Andre, > > On 02/12/16 13:36, Andre Vieira (lists) wrote: >> On 23/11/16 11:53, Andre Vieira (lists) wrote: >>> On 11/11/16 16:19, Kyrill Tkachov wrote: >>>> And CC'ing Ramana and Richard this time... >>>> >>> Hi, >>> >>> After some extra testing I found that the sibcall optimization was not >>> disabled for calls to function pointers with the cmse_nonsecure_call >>> attribute, causing the clearing and call to the function wrapper to be >>> skipped. This would result in an illegal branch into secure memory and >>> would HardFault. >>> >>> Added a test. >>> >>> Is this OK? >>> >>> Cheers, >>> Andre >>> >>> *** gcc/ChangeLog *** >>> 2016-11-xx Andre Vieira >>> Thomas Preud'homme >>> >>> * config/arm/arm.c (detect_cmse_nonsecure_call): New. >>> (cmse_nonsecure_call_clear_caller_saved): New. >>> (arm_reorg): Use cmse_nonsecure_call_clear_caller_saved. >>> (arm_function_ok_for_sibcall): Disable sibcalls for >>> cmse_nonsecure_call. >>> * config/arm/arm-protos.h (detect_cmse_nonsecure_call): New. >>> * config/arm/arm.md (call): Handle cmse_nonsecure_entry. >>> (call_value): Likewise. >>> (nonsecure_call_internal): New. >>> (nonsecure_call_value_internal): New. >>> * config/arm/thumb1.md (*nonsecure_call_reg_thumb1_v5): New. >>> (*nonsecure_call_value_reg_thumb1_v5): New. >>> * config/arm/thumb2.md (*nonsecure_call_reg_thumb2): New. >>> (*nonsecure_call_value_reg_thumb2): New. >>> * config/arm/unspecs.md (UNSPEC_NONSECURE_MEM): New. >>> >>> *** libgcc/ChangeLog *** >>> 2016-11-xx Andre Vieira >>> Thomas Preud'homme >>> >>> * config/arm/cmse_nonsecure_call.S: New. >>> * config/arm/t-arm: Compile cmse_nonsecure_call.S >>> >>> >>> *** gcc/testsuite/ChangeLog *** >>> 2016-11-xx Andre Vieira >>> Thomas Preud'homme >>> >>> * gcc.target/arm/cmse/cmse.exp: Run tests in mainline dir. >>> * gcc.target/arm/cmse/cmse-9.c: Added some extra tests. >>> * gcc.target/arm/cmse/cmse-14.c: New. >>> * gcc.target/arm/cmse/baseline/bitfield-4.c: New. >>> * gcc.target/arm/cmse/baseline/bitfield-5.c: New. >>> * gcc.target/arm/cmse/baseline/bitfield-6.c: New. >>> * gcc.target/arm/cmse/baseline/bitfield-7.c: New. >>> * gcc.target/arm/cmse/baseline/bitfield-8.c: New. >>> * gcc.target/arm/cmse/baseline/bitfield-9.c: New. >>> * gcc.target/arm/cmse/baseline/bitfield-and-union-1.c: New. >>> * gcc.target/arm/cmse/baseline/cmse-11.c: New. >>> * gcc.target/arm/cmse/baseline/cmse-13.c: New. >>> * gcc.target/arm/cmse/baseline/cmse-6.c: New. >>> * gcc/testsuite/gcc.target/arm/cmse/baseline/union-1.c: New. >>> * gcc/testsuite/gcc.target/arm/cmse/baseline/union-2.c: New. >>> * gcc.target/arm/cmse/mainline/hard-sp/cmse-13.c: New. >>> * gcc.target/arm/cmse/mainline/hard-sp/cmse-7.c: New. >>> * gcc.target/arm/cmse/mainline/hard-sp/cmse-8.c: New. >>> * gcc.target/arm/cmse/mainline/hard/cmse-13.c: New. >>> * gcc.target/arm/cmse/mainline/hard/cmse-7.c: New. >>> * gcc.target/arm/cmse/mainline/hard/cmse-8.c: New. >>> * gcc.target/arm/cmse/mainline/soft/cmse-13.c: New. >>> * gcc.target/arm/cmse/mainline/soft/cmse-7.c: New. >>> * gcc.target/arm/cmse/mainline/soft/cmse-8.c: New. >>> * gcc.target/arm/cmse/mainline/softfp-sp/cmse-7.c: New. >>> * gcc.target/arm/cmse/mainline/softfp-sp/cmse-8.c: New. >>> * gcc.target/arm/cmse/mainline/softfp/cmse-13.c: New. >>> * gcc.target/arm/cmse/mainline/softfp/cmse-7.c: New. >>> * gcc.target/arm/cmse/mainline/softfp/cmse-8.c: New. >>> >> Hi, >> >> To make the clearing of registers consistent between single and double >> precision I decided to clear all FP registers with 0. The callee-saved >> registers, saved, cleared and restored in the library wrapper we can do >> this without much penalty to performance. The caller-saved registers are >> compiler generated and currently generate a 'vldr' instruction, per >> cleared (sp or dp) register. This is far from optimal, but it works and >> it is "safer". I have some ideas to improve this, for instance using >> r0-r1 to clear the FP registers, since they will either contain the >> address of the callback function or an argument value, either way they >> will never contain secret information. I will address this at a later >> time. >> >> Changed the tests to reflect these changes. No changes to the ChangeLog. >> >> Is this OK? > > Thanks, I much prefer the consistency. > This is ok. > I believe all patches in this series have been approved now, so you can > go ahead and commit them. > Please keep an eye out for fallout over the next week. > > Kyrill > >> Cheers, >> Andre >> > Hi, Backported this to the embedded-6-branch in revision r243252. Cheers, Andre gcc/ChangeLog.arm: 2016-12-05 Andre Vieira Backport from mainline 2016-12-02 Andre Vieira Thomas Preud'homme * config/arm/arm.c (detect_cmse_nonsecure_call): New. (cmse_nonsecure_call_clear_caller_saved): New. (arm_reorg): Use cmse_nonsecure_call_clear_caller_saved. (arm_function_ok_for_sibcall): Disable sibcalls for cmse_nonsecure_call. * config/arm/arm-protos.h (detect_cmse_nonsecure_call): New. * config/arm/arm.md (call): Handle cmse_nonsecure_entry. (call_value): Likewise. (nonsecure_call_internal): New. (nonsecure_call_value_internal): New. * config/arm/thumb1.md (*nonsecure_call_reg_thumb1_v5): New. (*nonsecure_call_value_reg_thumb1_v5): New. * config/arm/thumb2.md (*nonsecure_call_reg_thumb2): New. (*nonsecure_call_value_reg_thumb2): New. * config/arm/unspecs.md (UNSPEC_NONSECURE_MEM): New. gcc/testsuite/ChangeLog.arm: 2016-12-05 Andre Vieira Backport from mainline 2016-12-02 Andre Vieira Thomas Preud'homme * gcc.target/arm/cmse/cmse.exp: Run tests in mainline dir. * gcc.target/arm/cmse/cmse-9.c: Added some extra tests. * gcc.target/arm/cmse/cmse-14.c: New. * gcc.target/arm/cmse/baseline/bitfield-4.c: New. * gcc.target/arm/cmse/baseline/bitfield-5.c: New. * gcc.target/arm/cmse/baseline/bitfield-6.c: New. * gcc.target/arm/cmse/baseline/bitfield-7.c: New. * gcc.target/arm/cmse/baseline/bitfield-8.c: New. * gcc.target/arm/cmse/baseline/bitfield-9.c: New. * gcc.target/arm/cmse/baseline/bitfield-and-union-1.c: New. * gcc.target/arm/cmse/baseline/cmse-11.c: New. * gcc.target/arm/cmse/baseline/cmse-13.c: New. * gcc.target/arm/cmse/baseline/cmse-6.c: New. * gcc.target/arm/cmse/baseline/union-1.c: New. * gcc.target/arm/cmse/baseline/union-2.c: New. * gcc.target/arm/cmse/mainline/bitfield-4.c: New. * gcc.target/arm/cmse/mainline/bitfield-5.c: New. * gcc.target/arm/cmse/mainline/bitfield-6.c: New. * gcc.target/arm/cmse/mainline/bitfield-7.c: New. * gcc.target/arm/cmse/mainline/bitfield-8.c: New. * gcc.target/arm/cmse/mainline/bitfield-9.c: New. * gcc.target/arm/cmse/mainline/bitfield-and-union-1.c: New. * gcc.target/arm/cmse/mainline/union-1.c: New. * gcc.target/arm/cmse/mainline/union-2.c: New. * gcc.target/arm/cmse/mainline/hard-sp/cmse-13.c: New. * gcc.target/arm/cmse/mainline/hard-sp/cmse-7.c: New. * gcc.target/arm/cmse/mainline/hard-sp/cmse-8.c: New. * gcc.target/arm/cmse/mainline/hard/cmse-13.c: New. * gcc.target/arm/cmse/mainline/hard/cmse-7.c: New. * gcc.target/arm/cmse/mainline/hard/cmse-8.c: New. * gcc.target/arm/cmse/mainline/soft/cmse-13.c: New. * gcc.target/arm/cmse/mainline/soft/cmse-7.c: New. * gcc.target/arm/cmse/mainline/soft/cmse-8.c: New. * gcc.target/arm/cmse/mainline/softfp-sp/cmse-7.c: New. * gcc.target/arm/cmse/mainline/softfp-sp/cmse-8.c: New. * gcc.target/arm/cmse/mainline/softfp/cmse-13.c: New. * gcc.target/arm/cmse/mainline/softfp/cmse-7.c: New. * gcc.target/arm/cmse/mainline/softfp/cmse-8.c: New. libgcc/ChangeLog.arm: 2016-12-05 Andre Vieira Backport from mainline 2016-12-02 Andre Vieira Thomas Preud'homme * config/arm/cmse_nonsecure_call.S: New. * config/arm/t-arm: Compile cmse_nonsecure_call.S