Add exception vector guards

This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe

Add exception vector guards
This patch adds guards so that an exception vector exceeding 32 instructions will generate a compile-time error. This keeps the exception handlers in check from spilling over. Change-Id: I7aa56dd0071a333664e2814c656d3896032046fe
a7934d69 · Jeenu Viswambharan · Dan Handley · ca823d2c · a7934d69 · a7934d69
Commit a7934d69 authored Feb 07, 2014 by Jeenu Viswambharan Committed by Dan Handley Feb 20, 2014
--- a/bl1/aarch64/early_exceptions.S
+++ b/bl1/aarch64/early_exceptions.S
@@ -33,6 +33,7 @@
 #include <bl1.h>
 #include <platform.h>
 #include <runtime_svc.h>
+#include <asm_macros.S>
 	.globl	early_exceptions
 	.weak	display_boot_progress
@@ -55,24 +56,28 @@ SynchronousExceptionSP0:
 	mov	x0, #SYNC_EXCEPTION_SP_EL0
 	bl	plat_report_exception
 	b	SynchronousExceptionSP0
+	check_vector_size SynchronousExceptionSP0
 	.align	7
 IrqSP0:
 	mov	x0, #IRQ_SP_EL0
 	bl	plat_report_exception
 	b	IrqSP0
+	check_vector_size IrqSP0
 	.align	7
 FiqSP0:
 	mov	x0, #FIQ_SP_EL0
 	bl	plat_report_exception
 	b	FiqSP0
+	check_vector_size FiqSP0
 	.align	7
 SErrorSP0:
 	mov	x0, #SERROR_SP_EL0
 	bl	plat_report_exception
 	b	SErrorSP0
+	check_vector_size SErrorSP0
 	/* -----------------------------------------------------
 	 * Current EL with SPx: 0x200 - 0x380
@@ -83,24 +88,28 @@ SynchronousExceptionSPx:
 	mov	x0, #SYNC_EXCEPTION_SP_ELX
 	bl	plat_report_exception
 	b	SynchronousExceptionSPx
+	check_vector_size SynchronousExceptionSPx
 	.align	7
 IrqSPx:
 	mov	x0, #IRQ_SP_ELX
 	bl	plat_report_exception
 	b	IrqSPx
+	check_vector_size IrqSPx
 	.align	7
 FiqSPx:
 	mov	x0, #FIQ_SP_ELX
 	bl	plat_report_exception
 	b	FiqSPx
+	check_vector_size FiqSPx
 	.align	7
 SErrorSPx:
 	mov	x0, #SERROR_SP_ELX
 	bl	plat_report_exception
 	b	SErrorSPx
+	check_vector_size SErrorSPx
 	/* -----------------------------------------------------
 	 * Lower EL using AArch64 : 0x400 - 0x580
@@ -115,24 +124,28 @@ SynchronousExceptionA64:
 	 * ---------------------------------------------
 	 */
 	b	process_exception
+	check_vector_size SynchronousExceptionA64
 	.align	7
 IrqA64:
 	mov	x0, #IRQ_AARCH64
 	bl	plat_report_exception
 	b	IrqA64
+	check_vector_size IrqA64
 	.align	7
 FiqA64:
 	mov	x0, #FIQ_AARCH64
 	bl	plat_report_exception
 	b	FiqA64
+	check_vector_size FiqA64
 	.align	7
 SErrorA64:
 	mov	x0, #SERROR_AARCH64
 	bl	plat_report_exception
 	b   	SErrorA64
+	check_vector_size SErrorA64
 	/* -----------------------------------------------------
 	 * Lower EL using AArch32 : 0x0 - 0x180
@@ -143,24 +156,28 @@ SynchronousExceptionA32:
 	mov	x0, #SYNC_EXCEPTION_AARCH32
 	bl	plat_report_exception
 	b	SynchronousExceptionA32
+	check_vector_size SynchronousExceptionA32
 	.align	7
 IrqA32:
 	mov	x0, #IRQ_AARCH32
 	bl	plat_report_exception
 	b	IrqA32
+	check_vector_size IrqA32
 	.align	7
 FiqA32:
 	mov	x0, #FIQ_AARCH32
 	bl	plat_report_exception
 	b	FiqA32
+	check_vector_size FiqA32
 	.align	7
 SErrorA32:
 	mov	x0, #SERROR_AARCH32
 	bl	plat_report_exception
 	b	SErrorA32
+	check_vector_size SErrorA32
 	.align	7

--- a/bl31/aarch64/runtime_exceptions.S
+++ b/bl31/aarch64/runtime_exceptions.S
@@ -32,6 +32,7 @@
 #include <runtime_svc.h>
 #include <platform.h>
 #include <context.h>
+#include "asm_macros.S"
 #include "cm_macros.S"
 	.globl	runtime_exceptions
@@ -53,6 +54,7 @@ sync_exception_sp_el0:
 	 */
 	wfi
 	b	sync_exception_sp_el0
+	check_vector_size sync_exception_sp_el0
 	.align	7
 	/* -----------------------------------------------------
@@ -63,16 +65,19 @@ sync_exception_sp_el0:
 irq_sp_el0:
 	handle_async_exception IRQ_SP_EL0
 	b	irq_sp_el0
+	check_vector_size irq_sp_el0
 	.align	7
 fiq_sp_el0:
 	handle_async_exception FIQ_SP_EL0
 	b	fiq_sp_el0
+	check_vector_size fiq_sp_el0
 	.align	7
 serror_sp_el0:
 	handle_async_exception SERROR_SP_EL0
 	b	serror_sp_el0
+	check_vector_size serror_sp_el0
 	/* -----------------------------------------------------
 	 * Current EL with SPx: 0x200 - 0x380
@@ -93,6 +98,7 @@ sync_exception_sp_elx:
 	 */
 	wfi
 	b	sync_exception_sp_elx
+	check_vector_size sync_exception_sp_elx
 	/* -----------------------------------------------------
 	 * As mentioned in the previous comment, all bets are
@@ -103,12 +109,17 @@ sync_exception_sp_elx:
 	.align	7
 irq_sp_elx:
 	b	irq_sp_elx
+	check_vector_size irq_sp_elx
 	.align	7
 fiq_sp_elx:
 	b	fiq_sp_elx
+	check_vector_size fiq_sp_elx
 	.align	7
 serror_sp_elx:
 	b	serror_sp_elx
+	check_vector_size serror_sp_elx
 	/* -----------------------------------------------------
 	 * Lower EL using AArch64 : 0x400 - 0x580
@@ -125,6 +136,7 @@ sync_exception_aarch64:
 	 * -----------------------------------------------------
 	 */
 	handle_sync_exception
+	check_vector_size sync_exception_aarch64
 	.align	7
 	/* -----------------------------------------------------
@@ -135,16 +147,19 @@ sync_exception_aarch64:
 irq_aarch64:
 	handle_async_exception IRQ_AARCH64
 	b	irq_aarch64
+	check_vector_size irq_aarch64
 	.align	7
 fiq_aarch64:
 	handle_async_exception FIQ_AARCH64
 	b	fiq_aarch64
+	check_vector_size fiq_aarch64
 	.align	7
 serror_aarch64:
 	handle_async_exception SERROR_AARCH64
 	b	serror_aarch64
+	check_vector_size serror_aarch64
 	/* -----------------------------------------------------
 	 * Lower EL using AArch32 : 0x600 - 0x780
@@ -161,6 +176,7 @@ sync_exception_aarch32:
 	 * -----------------------------------------------------
 	 */
 	handle_sync_exception
+	check_vector_size sync_exception_aarch32
 	.align	7
 	/* -----------------------------------------------------
@@ -171,16 +187,20 @@ sync_exception_aarch32:
 irq_aarch32:
 	handle_async_exception IRQ_AARCH32
 	b	irq_aarch32
+	check_vector_size irq_aarch32
 	.align	7
 fiq_aarch32:
 	handle_async_exception FIQ_AARCH32
 	b	fiq_aarch32
+	check_vector_size fiq_aarch32
 	.align	7
 serror_aarch32:
 	handle_async_exception SERROR_AARCH32
 	b	serror_aarch32
+	check_vector_size serror_aarch32
 	.align	7
 	.section	.text, "ax"

--- a/include/asm_macros.S
+++ b/include/asm_macros.S
@@ -68,3 +68,15 @@
 	ubfx	\end_level, \clidr, \shift, \fw
 	lsl	\end_level, \end_level, \ls
 	.endm
+	/*
+	 * This macro verifies that the a given vector doesn't exceed the
+	 * architectural limit of 32 instructions. This is meant to be placed
+	 * immedately after the last instruction in the vector. It takes the
+	 * vector entry as the parameter
+	 */
+	.macro check_vector_size since
+	  .if (. - \since) > (32 * 4)
+	    .error "Vector exceeds 32 instructions"
+	  .endif
+	.endm