arch: arc: enable stack check when arc is in secure mode

when arc is in secure mode, SSC bit of sec_stat,
not SC bit of status32,is used to enable stack check.

Signed-off-by: Wayne Ren <[email protected]>

Author: Wayne Ren

arch/arc/core/fast_irq.S

@@ -60,11 +60,19 @@ SECTION_FUNC(TEXT, _firq_enter)
  * This has already been done by _isr_wrapper.
  */
 #ifdef CONFIG_ARC_STACK_CHECKING
+#ifdef CONFIG_ARC_HAS_SECURE
+	lr r2, [_ARC_V2_SEC_STAT]
+	bclr r2, r2, _ARC_V2_SEC_STAT_SSC_BIT
+	/* sflag r2 */
+	/* sflag instruction is not supported in current ARC GNU */
+	.long 0x00bf302f
+#else
 	/* disable stack checking */
 	lr r2, [_ARC_V2_STATUS32]
 	bclr r2, r2, _ARC_V2_STATUS32_SC_BIT
 	kflag r2
 #endif
+#endif
 
 #if CONFIG_RGF_NUM_BANKS != 1
 #ifndef CONFIG_FIRQ_NO_LPCC

arch/arc/core/regular_irq.S

@@ -53,10 +53,18 @@ SECTION_FUNC(TEXT, _rirq_enter)
 
 
 #ifdef CONFIG_ARC_STACK_CHECKING
+#ifdef CONFIG_ARC_HAS_SECURE
+	lr r2, [_ARC_V2_SEC_STAT]
+	bclr r2, r2, _ARC_V2_SEC_STAT_SSC_BIT
+	/* sflag r2 */
+	/* sflag instruction is not supported in current ARC GNU */
+	.long 0x00bf302f
+#else
 	/* disable stack checking */
 	lr r2, [_ARC_V2_STATUS32]
 	bclr r2, r2, _ARC_V2_STATUS32_SC_BIT
 	kflag r2
+#endif
 #endif
 	clri
 	ld r1, [exc_nest_count]

arch/arc/core/swap.S

@@ -100,16 +100,25 @@ SECTION_FUNC(TEXT, __swap)
 	 */
 	lr r3, [_ARC_V2_STATUS32]
 	push_s r3
+
+#ifdef CONFIG_ARC_HAS_SECURE
+	lr r3, [_ARC_V2_SEC_STAT]
+	push_s r3
+#endif
+
 #ifdef CONFIG_ARC_STACK_CHECKING
+#ifdef CONFIG_ARC_HAS_SECURE
+	bclr r3, r3, _ARC_V2_SEC_STAT_SSC_BIT
+	/* sflag r3 */
+	/* sflag instruction is not supported in current ARC GNU */
+	.long 0x00ff302f
+#else
 	/* disable stack checking during swap */
 	bclr r3, r3, _ARC_V2_STATUS32_SC_BIT
 	kflag r3
 #endif
-
-#ifdef CONFIG_ARC_HAS_SECURE
-	lr r3, [_ARC_V2_SEC_STAT]
-	push_s r3
 #endif
+
 	push_s blink
 
 	_save_callee_saved_regs
@@ -155,6 +164,15 @@ _swap_return_from_coop:
 	pop_s blink /* pc into blink */
 #ifdef CONFIG_ARC_HAS_SECURE
 	pop_s r3    /* pop SEC_STAT */
+#endif
+	pop_s r2    /* status32 into r2 */
+/*
+ * the above pop may happen in the unprivileged stack, but now it's
+ * kernel mode, the write to status32/sec_stat before pop may cause
+ * stack check fail.
+ */
+	kflag r2    /* write status32 */
+#ifdef CONFIG_ARC_HAS_SECURE
 	/* sflag r3 */
 	/* sflag instruction is not supported in current ARC GNU */
 	.long 0x00ff302f
@@ -164,9 +182,6 @@ _swap_return_from_coop:
 #endif
 return_loc:
 
-	pop_s r3    /* status32 into r3 */
-	kflag r3    /* write status32 */
-
 	j_s.d [blink] /* always execute delay slot */
 	seti r1       /* delay slot */
 

arch/arc/core/thread.c

@@ -141,8 +141,13 @@ void _new_thread(struct k_thread *thread, k_thread_stack_t *stack,
 	 * value.
 	 */
 #ifdef CONFIG_ARC_STACK_CHECKING
+#ifdef CONFIG_ARC_HAS_SECURE
+	pInitCtx->sec_stat |= _ARC_V2_SEC_STAT_SSC;
+	pInitCtx->status32 = _ARC_V2_STATUS32_E(_ARC_V2_DEF_IRQ_LEVEL);
+#else
 	pInitCtx->status32 = _ARC_V2_STATUS32_SC |
 		 _ARC_V2_STATUS32_E(_ARC_V2_DEF_IRQ_LEVEL);
+#endif
 #ifdef CONFIG_USERSPACE
 	if (options & K_USER) {
 		thread->arch.u_stack_top = (u32_t)pStackMem;

arch/arc/core/userspace.S

@@ -60,7 +60,7 @@ SECTION_FUNC(TEXT, _user_thread_entry_wrapper)
 	/* sp the  user stack pointer,  r0-r4 are in stack */
 	mov r5, sp
 	/* start of privilege stack */
-	add blink, r5, CONFIG_PRIVILEGED_STACK_SIZE+16
+	add blink, r5, CONFIG_PRIVILEGED_STACK_SIZE+STACK_GUARD_SIZE+16
 
 	/* r4<- start  of user stack region */
 	mov r0, _kernel
@@ -87,15 +87,23 @@ SECTION_FUNC(TEXT, _arc_userspace_enter)
 	 * In ARCv2, the U bit can only be set through exception return
 	 */
 #ifdef CONFIG_ARC_STACK_CHECKING
-	/* disable stack checking during swap */
+	/* disable stack checking as the stack should be initialized */
+#ifdef CONFIG_ARC_HAS_SECURE
+	lr blink, [_ARC_V2_SEC_STAT]
+	bclr blink, blink, _ARC_V2_SEC_STAT_SSC_BIT
+	/* sflag blink */
+	/* sflag instruction is not supported in current ARC GNU */
+	.long 0x07ff302f
+#else
 	lr blink, [_ARC_V2_STATUS32]
 	bclr blink, blink, _ARC_V2_STATUS32_SC_BIT
 	kflag blink
+#endif
 #endif
 	/* the end of user stack in r5 */
 	add r5, r4, r5
 	/* start of privilege stack */
-	add blink, r5, CONFIG_PRIVILEGED_STACK_SIZE
+	add blink, r5, CONFIG_PRIVILEGED_STACK_SIZE+STACK_GUARD_SIZE
 	mov sp, r5
 
 	push_s r0
@@ -121,10 +129,18 @@ _clear_user_stack:
 
 	_load_stack_check_regs
 
+#ifdef CONFIG_ARC_HAS_SECURE
+	lr r0, [_ARC_V2_SEC_STAT]
+	bset r0, r0, _ARC_V2_SEC_STAT_SSC_BIT
+	/* sflag r0 */
+	/* sflag instruction is not supported in current ARC GNU */
+	.long 0x003f302f
+#else
 	lr r0, [_ARC_V2_STATUS32]
 	bset r0, r0, _ARC_V2_STATUS32_SC_BIT
 	kflag r0
 #endif
+#endif
 
 _arc_go_to_user_space:
 	lr r0, [_ARC_V2_STATUS32]

include/arch/arc/v2/aux_regs.h

@@ -128,6 +128,20 @@ extern "C" {
 #define _ARC_V2_STATUS32_US (1 << _ARC_V2_STATUS32_US_BIT)
 #define _ARC_V2_STATUS32_IE (1 << 31)
 
+/* SEC_STAT bits */
+#define _ARC_V2_SEC_STAT_SSC_BIT 0
+#define _ARC_V2_SEC_STAT_SSC (1 << _ARC_V2_SEC_STAT_SSC_BIT)
+#define _ARC_V2_SEC_STAT_NSRT_BIT 1
+#define _ARC_V2_SEC_STAT_NSRT (1 << _ARC_V2_SEC_STAT_NSRT_BIT)
+#define _ARC_V2_SEC_STAT_NSRU_BIT 2
+#define _ARC_V2_SEC_STAT_NSRU (1 << _ARC_V2_SEC_STAT_NSRU_BIT)
+#define _ARC_V2_SEC_STAT_IRM_BIT 3
+#define _ARC_V2_SEC_STAT_IRM (1 << _ARC_V2_SEC_STAT_IRM_BIT)
+#define _ARC_V2_SEC_STAT_SUE_BIT 4
+#define _ARC_V2_SEC_STAT_SUE (1 << _ARC_V2_SEC_STAT_SUE_BIT)
+#define _ARC_V2_SEC_STAT_NIC_BIT 5
+#define _ARC_V2_SEC_STAT_NIC (1 << _ARC_V2_SEC_STAT_NIC_BIT)
+
 /* interrupt related bits */
 #define _ARC_V2_IRQ_PRIORITY_SECURE 0x100