RAS: Validate stack pointer after error handling

RAS handling flows might involve using setjmp/longjump calls introduced in earlier patches; therefore, it'd be good to make sure the stack has been unwound completely after the handling. This patch inserts ASM assertions on the RAS handling path to validate stack. Change-Id: I59d40d3122010c977cdeab3cce3160f3909e7e69 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2025-04-19 02:54:24 +00:00 · 2018-02-19 12:25:53 +00:00 · 2018-02-19 12:25:53 +00:00 · ee6ff1bb37
commit ee6ff1bb37
parent df8f3188d7
1 changed files with 16 additions and 0 deletions
--- a/bl31/aarch64/ea_delegate.S
+++ b/bl31/aarch64/ea_delegate.S
@ -6,6 +6,7 @@


 #include <asm_macros.S>
+#include <assert_macros.S>
 #include <context.h>
 #include <ea_handle.h>

@ -143,9 +144,24 @@ func ea_proceed
 	mov	sp, x5

 	mov	x29, x30
+#if ENABLE_ASSERTIONS
+	/* Stash the stack pointer */
+	mov	x28, sp
+#endif
 	bl	plat_ea_handler
 	mov	x30, x29

+#if ENABLE_ASSERTIONS
+	/*
+	 * Error handling flows might involve long jumps; so upon returning from
+	 * the platform error handler, validate that the we've completely
+	 * unwound the stack.
+	 */
+	mov	x27, sp
+	cmp	x28, x27
+	ASM_ASSERT(eq)
+#endif
+
 	/* Make SP point to context */
 	msr	spsel, #1