arm: provide a PCS-compliant setjmp implementation
authorPhilipp Tomsich <philipp.tomsich@theobroma-systems.com>
Tue, 10 Oct 2017 14:21:13 +0000 (16:21 +0200)
committerPhilipp Tomsich <philipp.tomsich@theobroma-systems.com>
Tue, 21 Nov 2017 22:57:22 +0000 (23:57 +0100)
The previous setjmp-implementation (as a static inline function that
contained an 'asm volatile' sequence) was extremely fragile: (some
versions of) GCC optimised the set of registers.  One critical example
was the removal of 'r9' from the clobber list, if -ffixed-reg9 was
supplied.

To increase robustness and ensure PCS-compliant behaviour, the setjmp
and longjmp implementation are now in assembly and closely match what
one would expect to find in a libc implementation.

Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com>
Tested-by: Andy Yan <andy.yan@rock-chips.com>
arch/arm/include/asm/setjmp.h
arch/arm/lib/Makefile
arch/arm/lib/setjmp.S [new file with mode: 0644]
arch/arm/lib/setjmp_aarch64.S [new file with mode: 0644]

index c3399a7e15ae042b596b0cd9b453f1d2c8f5cfbb..517beebdeab50fe5afcaad278a3a7086f4420dae 100644 (file)
@@ -1,6 +1,6 @@
 /*
- * (C) Copyright 2016
- * Alexander Graf <agraf@suse.de>
+ * (C) Copyright 2017 Theobroma Systems Design und Consulting GmbH
+ * (C) Copyright 2016 Alexander Graf <agraf@suse.de>
  *
  * SPDX-License-Identifier:    GPL-2.0+
  */
@@ -8,89 +8,21 @@
 #ifndef _SETJMP_H_
 #define _SETJMP_H_     1
 
+/*
+ * This really should be opaque, but the EFI implementation wrongly
+ * assumes that a 'struct jmp_buf_data' is defined.
+ */
 struct jmp_buf_data {
-       ulong target;
-       ulong regs[5];
-       int ret;
-};
-
-typedef struct jmp_buf_data jmp_buf[1];
-
-static inline int setjmp(jmp_buf jmp)
-{
-       jmp->ret = 0;
-
-#ifdef CONFIG_ARM64
-       asm volatile(
-               "adr x1, jmp_target\n"
-               "str x1, %0\n"
-               "stp x26, x27, %1\n"
-               "stp x28, x29, %2\n"
-               "mov x1, sp\n"
-               "str x1, %3\n"
-               "jmp_target: "
-               : "=m" (jmp->target), "=m" (jmp->regs[0]),
-                 "=m" (jmp->regs[2]), "=m" (jmp->regs[4])
-               :
-               : "x0", "x1", "x2", "x3", "x4", "x5", "x6", "x7",
-                 "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15",
-                 "x16", "x17", "x18", "x19", "x20", "x21", "x22",
-                 "x23", "x24", "x25", /* x26, x27, x28, x29, sp */
-                 "x30", "cc", "memory");
-#else
-       asm volatile(
-#if CONFIG_IS_ENABLED(SYS_THUMB_BUILD)
-               ".align 2\n"
-               "adr r0, jmp_target\n"
-               "add r0, r0, $1\n"
+#if defined(__aarch64__)
+       u64  regs[13];
 #else
-               "adr r0, jmp_target\n"
-#endif
-               "mov r1, %0\n"
-               "mov r2, sp\n"
-               "stm r1!, {r0, r2, r4, r5, r6, r7}\n"
-               ".align 2\n"
-               "jmp_target: \n"
-               :
-               : "l" (&jmp->target)
-               : "r0", "r1", "r2", "r3", /* "r4", "r5", "r6", "r7", */
-                 "r8", "r9", "r10", "r11", /* sp, */ "ip", "lr",
-                 "cc", "memory");
-#endif
-
-       return jmp->ret;
-}
-
-static inline __noreturn void longjmp(jmp_buf jmp, int ret)
-{
-       jmp->ret = ret;
-
-#ifdef CONFIG_ARM64
-       asm volatile(
-               "ldr x0, %0\n"
-               "ldr x1, %3\n"
-               "mov sp, x1\n"
-               "ldp x26, x27, %1\n"
-               "ldp x28, x25, %2\n"
-               "mov x29, x25\n"
-               "br x0\n"
-               :
-               : "m" (jmp->target), "m" (jmp->regs[0]), "m" (jmp->regs[2]),
-                 "m" (jmp->regs[4])
-               : "x0", "x1", "x25", "x26", "x27", "x28");
-#else
-       asm volatile(
-               "mov r1, %0\n"
-               "ldm r1!, {r0, r2, r4, r5, r6, r7}\n"
-               "mov sp, r2\n"
-               "bx r0\n"
-               :
-               : "l" (&jmp->target)
-               : "r1");
+       u32  regs[10];  /* r4-r9, sl, fp, sp, lr */
 #endif
+};
 
-       while (1) { }
-}
+typedef struct jmp_buf_data jmp_buf[1];
 
+int setjmp(jmp_buf jmp);
+void longjmp(jmp_buf jmp, int ret);
 
 #endif /* _SETJMP_H_ */
index 6e1c43693340f3a59b465f24be600b56aa837092..abffa10c8508434b95be89e5671333ae16b7d18d 100644 (file)
@@ -17,6 +17,12 @@ else
 obj-y  += vectors.o crt0.o
 endif
 
+ifdef CONFIG_ARM64
+obj-y   += setjmp_aarch64.o
+else
+obj-y   += setjmp.o
+endif
+
 ifndef CONFIG_SPL_BUILD
 ifdef CONFIG_ARM64
 obj-y  += relocate_64.o
diff --git a/arch/arm/lib/setjmp.S b/arch/arm/lib/setjmp.S
new file mode 100644 (file)
index 0000000..6746e5e
--- /dev/null
@@ -0,0 +1,37 @@
+/*
+ * (C) 2017 Theobroma Systems Design und Consulting GmbH
+ *
+ * SPDX-License-Identifier:    GPL-2.0+
+ */
+
+#include <config.h>
+#include <asm/assembler.h>
+#include <linux/linkage.h>
+
+.pushsection .text.setjmp, "ax"
+ENTRY(setjmp)
+       /*
+        * A subroutine must preserve the contents of the registers
+        * r4-r8, r10, r11 (v1-v5, v7 and v8) and SP (and r9 in PCS
+        * variants that designate r9 as v6).
+        */
+       mov  ip, sp
+       stm  a1, {v1-v8, ip, lr}
+       mov  a1, #0
+       bx   lr
+ENDPROC(setjmp)
+.popsection
+
+.pushsection .text.longjmp, "ax"
+ENTRY(longjmp)
+       ldm  a1, {v1-v8, ip, lr}
+       mov  sp, ip
+       mov  a1, a2
+       /* If we were passed a return value of zero, return one instead */
+       cmp  a1, #0
+       bne  1f
+       mov  a1, #1
+1:
+       bx   lr
+ENDPROC(longjmp)
+.popsection
diff --git a/arch/arm/lib/setjmp_aarch64.S b/arch/arm/lib/setjmp_aarch64.S
new file mode 100644 (file)
index 0000000..b68edb8
--- /dev/null
@@ -0,0 +1,42 @@
+/*
+ * (C) 2017 Theobroma Systems Design und Consulting GmbH
+ *
+ * SPDX-License-Identifier:    GPL-2.0+
+ */
+
+#include <config.h>
+#include <asm/macro.h>
+#include <linux/linkage.h>
+
+.pushsection .text.setjmp, "ax"
+ENTRY(setjmp)
+       /* Preserve all callee-saved registers and the SP */
+       stp  x19, x20, [x0,#0]
+       stp  x21, x22, [x0,#16]
+       stp  x23, x24, [x0,#32]
+       stp  x25, x26, [x0,#48]
+       stp  x27, x28, [x0,#64]
+       stp  x29, x30, [x0,#80]
+       mov  x2, sp
+       str  x2, [x0, #96]
+       mov  x0, #0
+       ret
+ENDPROC(setjmp)
+.popsection
+
+.pushsection .text.longjmp, "ax"
+ENTRY(longjmp)
+       ldp  x19, x20, [x0,#0]
+       ldp  x21, x22, [x0,#16]
+       ldp  x23, x24, [x0,#32]
+       ldp  x25, x26, [x0,#48]
+       ldp  x27, x28, [x0,#64]
+       ldp  x29, x30, [x0,#80]
+       ldr  x2, [x0,#96]
+       mov  sp, x2
+       /* Move the return value in place, but return 1 if passed 0. */
+       adds x0, xzr, x1
+       csinc x0, x0, xzr, ne
+       ret
+ENDPROC(longjmp)
+.popsection