• Marc Zyngier's avatar
    arm/arm64: smccc-1.1: Handle function result as parameters · 755a8bf5
    Marc Zyngier authored
    If someone has the silly idea to write something along those lines:
    
    	extern u64 foo(void);
    
    	void bar(struct arm_smccc_res *res)
    	{
    		arm_smccc_1_1_smc(0xbad, foo(), res);
    	}
    
    they are in for a surprise, as this gets compiled as:
    
    	0000000000000588 <bar>:
    	 588:   a9be7bfd        stp     x29, x30, [sp, #-32]!
    	 58c:   910003fd        mov     x29, sp
    	 590:   f9000bf3        str     x19, [sp, #16]
    	 594:   aa0003f3        mov     x19, x0
    	 598:   aa1e03e0        mov     x0, x30
    	 59c:   94000000        bl      0 <_mcount>
    	 5a0:   94000000        bl      0 <foo>
    	 5a4:   aa0003e1        mov     x1, x0
    	 5a8:   d4000003        smc     #0x0
    	 5ac:   b4000073        cbz     x19, 5b8 <bar+0x30>
    	 5b0:   a9000660        stp     x0, x1, [x19]
    	 5b4:   a9010e62        stp     x2, x3, [x19, #16]
    	 5b8:   f9400bf3        ldr     x19, [sp, #16]
    	 5bc:   a8c27bfd        ldp     x29, x30, [sp], #32
    	 5c0:   d65f03c0        ret
    	 5c4:   d503201f        nop
    
    The call to foo "overwrites" the x0 register for the return value,
    and we end up calling the wrong secure service.
    
    A solution is to evaluate all the parameters before assigning
    anything to specific registers, leading to the expected result:
    
    	0000000000000588 <bar>:
    	 588:   a9be7bfd        stp     x29, x30, [sp, #-32]!
    	 58c:   910003fd        mov     x29, sp
    	 590:   f9000bf3        str     x19, [sp, #16]
    	 594:   aa0003f3        mov     x19, x0
    	 598:   aa1e03e0        mov     x0, x30
    	 59c:   94000000        bl      0 <_mcount>
    	 5a0:   94000000        bl      0 <foo>
    	 5a4:   aa0003e1        mov     x1, x0
    	 5a8:   d28175a0        mov     x0, #0xbad
    	 5ac:   d4000003        smc     #0x0
    	 5b0:   b4000073        cbz     x19, 5bc <bar+0x34>
    	 5b4:   a9000660        stp     x0, x1, [x19]
    	 5b8:   a9010e62        stp     x2, x3, [x19, #16]
    	 5bc:   f9400bf3        ldr     x19, [sp, #16]
    	 5c0:   a8c27bfd        ldp     x29, x30, [sp], #32
    	 5c4:   d65f03c0        ret
    Reported-by: default avatarJulien Grall <julien.grall@arm.com>
    Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
    Signed-off-by: default avatarWill Deacon <will.deacon@arm.com>
    755a8bf5
arm-smccc.h 10.5 KB