[PATCH v2][GDB][ARM]: gdb cannot step across CMSE secure entry function code.
Simon Marchi
simark@simark.ca
Fri Jul 19 16:24:00 GMT 2019
Hi Srinath,
I looked at the patch in more details, I just have some minor comments about formatting.
> gdb/ChangeLog:
>
> 2019-07-19 Srinath Parvathaneni <srinath.parvathaneni@arm.com>
>
> * gdb/arm-tdep.c (arm_skip_cmse_entry):New function. When gdb
> encounters a "step" command on cmse secure entry function (eg:func),
> this function return an address of "__acle_se_<func>" to PC instead
> of secure gateaway (sg) address which is present in ".gnu.sgstubs"
> section.
You can use this ChangeLog entry:
* arm-tdep.c (arm_skip_cmse_entry): New function.
Note:
- Keep the entry succinct, about what changed ("New function." is typical). You explained well what the code does in the commit message, which is good.
- Remove gdb/, as you want the filename to be relative to the location of the ChangeLog file (gdb/ChangeLog)
- Space after the colon.
> (arm_is_sgstubs_section):New function. To check the current section is
> ".gnu.sgstubs".
Here too, just "New function.".
> (arm_skip_stub):Add call to arm_skip_cmse_entry function.
> * gdb/arm-tdep.h (arm_is_sgstubs_section):New function declaration.
>
> gdb/testsuite/ChangeLog:
>
> 2019-07-19 Srinath Parvathaneni <srinath.parvathaneni@arm.com>
>
> * gdb.arch/arm-cmse-sgstubs.c: New test.
> * gdb.arch/arm-cmse-sgstubs.exp: New file.
>
>
>
> ############### Attachment also inlined for ease of reply ###############
>
>
> diff --git a/gdb/arm-tdep.h b/gdb/arm-tdep.h
> index
> 23dd40ea8beb1b00289a4cd4e65647399d351580..9482e765a7fc5bb58676096f6b879eae2a7c858e
> 100644
> --- a/gdb/arm-tdep.h
> +++ b/gdb/arm-tdep.h
> @@ -259,6 +259,7 @@ ULONGEST
> arm_get_next_pcs_read_memory_unsigned_integer (CORE_ADDR memaddr,
>
> CORE_ADDR arm_get_next_pcs_addr_bits_remove (struct arm_get_next_pcs *self,
> CORE_ADDR val);
> +bool arm_is_sgstubs_section (struct obj_section *);
>
> int arm_get_next_pcs_is_thumb (struct arm_get_next_pcs *self);
>
> diff --git a/gdb/arm-tdep.c b/gdb/arm-tdep.c
> index
> d244707210628ab045f677c0cbad3d8b0c6d6269..e3b7ab6f096eb91da067d772b8798ffd0737e3d6
> 100644
> --- a/gdb/arm-tdep.c
> +++ b/gdb/arm-tdep.c
> @@ -8211,6 +8211,53 @@ arm_get_longjmp_target (struct frame_info
> *frame, CORE_ADDR *pc)
> *pc = extract_unsigned_integer (buf, INT_REGISTER_SIZE, byte_order);
> return 1;
> }
> +/* A call to cmse secure entry function "foo" at "a" is modified by
> + GNU ld as "b".
> + a) bl xxxx <foo>
> +
> + <foo>
> + xxxx:
> +
> + b) bl yyyy <__acle_se_foo>
> +
> + section .gnu.sgstubs:
> + <foo>
> + yyyy: sg // secure gateway
> + b.w xxxx <__acle_se_foo> // original_branch_dest
> +
> + <__acle_se_foo>
> + xxxx:
> +
> + When the control at "b", the pc contains "yyyy" (sg address) which is a
> + trampoline and does not exist in source code. This function returns the
> + target pc "xxxx". For more details please refer to section 5.4
> + (Entry functions) and section 3.4.4 (C level development flow of secure code)
> + of
> "armv8-m-security-extensions-requirements-on-development-tools-engineering-specification"
> + document on www.developer.arm.com. */
> +
> +static CORE_ADDR
> +arm_skip_cmse_entry (CORE_ADDR pc, const char *name, struct objfile *objfile)
> +{
> + struct bound_minimal_symbol minsym;
> + int target_len = strlen (name) + strlen ("__acle_se_") + 1;
> + char *target_name = (char *) alloca (target_len);
Extra space before the equal sign.
> + xsnprintf (target_name, target_len, "%s%s", "__acle_se_",name);
Space after comma.
> + minsym = lookup_minimal_symbol (target_name, NULL, objfile);
> + if (minsym.minsym != nullptr)
> + return BMSYMBOL_VALUE_ADDRESS (minsym);
> + return 0;
> +}
Not a strict rule, but my personal taste would be to add a few empty lines between logical blocks in the
function above, to space things a bit. I think it would help readability. Something like:
static CORE_ADDR
arm_skip_cmse_entry (CORE_ADDR pc, const char *name, struct objfile *objfile)
{
int target_len = strlen (name) + strlen ("__acle_se_") + 1;
char *target_name = (char *) alloca (target_len);
xsnprintf (target_name, target_len, "%s%s", "__acle_se_", name);
bound_minimal_symbol minsym
= lookup_minimal_symbol (target_name, NULL, objfile);
if (minsym.minsym != nullptr)
return BMSYMBOL_VALUE_ADDRESS (minsym);
return 0;
}
> +
> +/* Return true when sec points to ".gnu.sgstubs" section. */
> +bool
> +arm_is_sgstubs_section (struct obj_section *sec)
> +{
> + if (sec != nullptr && sec->the_bfd_section != nullptr
> + && sec->the_bfd_section->name != nullptr
> + && streq (sec->the_bfd_section->name,".gnu.sgstubs"))
> + return true;
> + return false;
> +}
For non-static functions, what we do is, in the .c file:
/* See arm-tdep.h. */
bool
arm_is_sgstubs_section (struct obj_section *sec)
{
...
}
And in the .h file, put the doc:
/* Return true when SEC points to the ".gnu.sgstubs" section. */
bool arm_is_sgstubs_section (struct obj_section *);
I know the current code in arm-tdep.h/arm-tdep.c is not all like that, but we try to be
consistent for new code or code that we modify.
Note: when referring to a parameter name, we put it in caps (SEC).
But actually, I think this function doesn't need to be visible to other files, as it's only
used in arm-tdep.c. So should it be static?
Watch the indentation, the function body is indented with a single space, it should be two.
Also, it can be simplified to a single return statement:
return (sec != nullptr
&& sec->the_bfd_section != nullptr
&& sec->the_bfd_section->name != nullptr
&& streq (sec->the_bfd_section->name,".gnu.sgstubs"));
> /* Recognize GCC and GNU ld's trampolines. If we are in a trampoline,
> return the target PC. Otherwise return 0. */
> @@ -8221,6 +8268,7 @@ arm_skip_stub (struct frame_info *frame, CORE_ADDR pc)
> const char *name;
> int namelen;
> CORE_ADDR start_addr;
> + struct obj_section *section;
You can declare this variable at the point where you use it.
>
> /* Find the starting address and name of the function containing the PC. */
> if (find_pc_partial_function (pc, &name, &start_addr, NULL) == 0)
> @@ -8290,6 +8338,10 @@ arm_skip_stub (struct frame_info *frame, CORE_ADDR pc)
> return 0;
> }
>
> + section = find_pc_section (pc);
> + /* checks whether address pc holds belows to ".gnu.sgstubs" section. */
Capital C to "checks". Also, I don't really understand the sentence, could it be
clarified? Alan, maybe you can help with this?
> + if (arm_is_sgstubs_section (section))
> + return arm_skip_cmse_entry (pc, name, section->objfile);
> return 0; /* not a stub */
> }
>
> diff --git a/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.c
> b/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.c
> new file mode 100644
> index
> 0000000000000000000000000000000000000000..7f3b40f20c67abfdd2410614e7ee29ae77d37966
> --- /dev/null
> +++ b/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.c
> @@ -0,0 +1,29 @@
> +#include <stdio.h>
> +extern void func();
> +void __acle_se_func ()
> +{
> + printf("__acle_se_func\n");
> +}
> +
> +/* The following code is written using asm so that the instructions in function
> + * "func" will be placed in .gnu.sgstubs section of the executable. */
> +asm ("\t.section .gnu.sgstubs,\"ax\",%progbits\n"
> + "\t.global func\n"
> + "\t.type func, %function\n"
> + "func:\n"
> + "\tnop @sg\n"
> + "\tb __acle_se_func @b.w");
> +
> +void fun1 ()
> +{
> + printf("In fun1\n");
> +}
> +
> +int main (void)
> +{
> + func();
> + fun1();
> + __acle_se_func();
> + func();
> + return 0;
> +}
We try to format the test source files according to GNU standards, just like our source files. That means:
- Return type on its own line
- Space before parenthesis in declarations, definitions and calls
- Copyright header at the top
> diff --git a/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.exp
> b/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.exp
> new file mode 100644
> index
> 0000000000000000000000000000000000000000..3416e887d9ebe5ebc52336eff15ba83a6d16df21
> --- /dev/null
> +++ b/gdb/testsuite/gdb.arch/arm-cmse-sgstubs.exp
> @@ -0,0 +1,60 @@
> +# Copyright 2019 Free Software Foundation, Inc.
> +
> +# This program is free software; you can redistribute it and/or modify
> +# it under the terms of the GNU General Public License as published by
> +# the Free Software Foundation; either version 3 of the License, or
> +# (at your option) any later version.
> +#
> +# This program is distributed in the hope that it will be useful,
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> +# GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License
> +# along with this program. If not, see <http://www.gnu.org/licenses/>.
> +
> +# This file is part of the gdb testsuite.
> +
> +if { ![istarget "arm*-*-*"]} {
> + return 1
> +}
> +
> +standard_testfile
> +if { [prepare_for_testing "failed to prepare" $testfile $srcfile ]} {
> + return -1
> +}
> +
> +if ![runto_main] {
> + untested "could not run to main"
> + return -1
> +}
> +
> +set test "branch to func from main"
> +gdb_test "si" "0x.*" "$test"
I would suggest just putting the test name on the gdb_test line, as we do everywhere:
gdb_test "si" "0x.*" "branch to func from main"
If the same test name is used at multiple places, then it's worth putting it in a variable
to avoid duplicating it.
Thanks,
Simon
More information about the Gdb-patches
mailing list