目錄

• • • • 1、在linux中的異常向量表
      • • (1)、arm64的異常向量表-(irq,fiq,svc......)
        • (2)、arm32的異常向量表-(irq,fiq,swi......)
      • 2、在optee中的異常向量表
      • 3、在ATF中的異常向量表
      • • (1)、同步異常向量表-(smc)
        • • handle_sync_exception調用smc_handler64處理同步異常
        • (2)、異類步異常向量表-(irq,fiq...)
        • • get_interrupt_type_handler獲取ATF注冊的中斷處理函數
          • handle_interrupt_exception調用ATF中注冊的handler函數

1、在linux中的異常向量表

(1)、arm64的異常向量表-(irq,fiq,svc…)

armv8-arch64架構下，linux kernel的異常量表，再entry.S中:

/** Exception vectors.*/.align 11 ENTRY(vectors)kernel_ventry 1, sync_invalid // Synchronous EL1tkernel_ventry 1, irq_invalid // IRQ EL1tkernel_ventry 1, fiq_invalid // FIQ EL1tkernel_ventry 1, error_invalid // Error EL1tkernel_ventry 1, sync // Synchronous EL1hkernel_ventry 1, irq // IRQ EL1hkernel_ventry 1, fiq_invalid // FIQ EL1hkernel_ventry 1, error_invalid // Error EL1hkernel_ventry 0, sync // Synchronous 64-bit EL0kernel_ventry 0, irq // IRQ 64-bit EL0kernel_ventry 0, fiq_invalid // FIQ 64-bit EL0kernel_ventry 0, error_invalid // Error 64-bit EL0#ifdef CONFIG_COMPATkernel_ventry 0, sync_compat, 32 // Synchronous 32-bit EL0kernel_ventry 0, irq_compat, 32 // IRQ 32-bit EL0kernel_ventry 0, fiq_invalid_compat, 32 // FIQ 32-bit EL0kernel_ventry 0, error_invalid_compat, 32 // Error 32-bit EL0 #elsekernel_ventry 0, sync_invalid, 32 // Synchronous 32-bit EL0kernel_ventry 0, irq_invalid, 32 // IRQ 32-bit EL0kernel_ventry 0, fiq_invalid, 32 // FIQ 32-bit EL0kernel_ventry 0, error_invalid, 32 // Error 32-bit EL0 #endif END(vectors)

我們這里講解如下四行:

kernel_ventry 1, irq // IRQ EL1h kernel_ventry 0, irq // IRQ 64-bit EL0 kernel_ventry 1, sync // Synchronous EL1h kernel_ventry 0, sync // Synchronous 64-bit EL0

kernel_ventry是宏，翻譯后的函數名分別是：
el1_irq
el0_riq
el1_sync
el0_sync
對應的函數入口我們就找到了，也就是說，當觸發irq異常、或svc異常時會跳轉到這幾個函數中。

(2)、arm32的異常向量表-(irq,fiq,swi…)

在arch架構下，linux kernel的同步異常向量表__stubs_start 和 異步異常向量表__vectors_start，在entry-armv.S中:

.section .stubs, "ax", %progbits __stubs_start:@ This must be the first word.word vector_swi.section .vectors, "ax", %progbits __vectors_start:W(b) vector_rstW(b) vector_undW(ldr) pc, __vectors_start + 0x1000W(b) vector_pabtW(b) vector_dabtW(b) vector_addrexcptnW(b) vector_irqW(b) vector_fiq

2、在optee中的異常向量表

optee中的異常向量表thread_excp_vect
其中el0_sync_a64和el0_sync_a32是同步異常處理函數，當執行svc指令是會調用該函數;

#define INV_INSN 0.section .text.thread_excp_vect.align 11, INV_INSN FUNC thread_excp_vect , :/* -----------------------------------------------------* EL1 with SP0 : 0x0 - 0x180* -----------------------------------------------------*/.align 7, INV_INSN el1_sync_sp0:store_xregs sp, THREAD_CORE_LOCAL_X0, 0, 3b el1_sync_abortcheck_vector_size el1_sync_sp0.align 7, INV_INSN el1_irq_sp0:store_xregs sp, THREAD_CORE_LOCAL_X0, 0, 3b elx_irqcheck_vector_size el1_irq_sp0.align 7, INV_INSN el1_fiq_sp0:store_xregs sp, THREAD_CORE_LOCAL_X0, 0, 3b elx_fiqcheck_vector_size el1_fiq_sp0.align 7, INV_INSN el1_serror_sp0:b el1_serror_sp0check_vector_size el1_serror_sp0/* -----------------------------------------------------* Current EL with SP1: 0x200 - 0x380* -----------------------------------------------------*/.align 7, INV_INSN el1_sync_sp1:b el1_sync_sp1check_vector_size el1_sync_sp1.align 7, INV_INSN el1_irq_sp1:b el1_irq_sp1check_vector_size el1_irq_sp1.align 7, INV_INSN el1_fiq_sp1:b el1_fiq_sp1check_vector_size el1_fiq_sp1.align 7, INV_INSN el1_serror_sp1:b el1_serror_sp1check_vector_size el1_serror_sp1/* -----------------------------------------------------* Lower EL using AArch64 : 0x400 - 0x580* -----------------------------------------------------*/.align 7, INV_INSN el0_sync_a64:restore_mappingmrs x2, esr_el1mrs x3, sp_el0lsr x2, x2, #ESR_EC_SHIFTcmp x2, #ESR_EC_AARCH64_SVCb.eq el0_svcb el0_sync_abortcheck_vector_size el0_sync_a64.align 7, INV_INSN el0_irq_a64:restore_mappingb elx_irqcheck_vector_size el0_irq_a64.align 7, INV_INSN el0_fiq_a64:restore_mappingb elx_fiqcheck_vector_size el0_fiq_a64.align 7, INV_INSN el0_serror_a64:b el0_serror_a64check_vector_size el0_serror_a64/* -----------------------------------------------------* Lower EL using AArch32 : 0x0 - 0x180* -----------------------------------------------------*/.align 7, INV_INSN el0_sync_a32:restore_mappingmrs x2, esr_el1mrs x3, sp_el0lsr x2, x2, #ESR_EC_SHIFTcmp x2, #ESR_EC_AARCH32_SVCb.eq el0_svcb el0_sync_abortcheck_vector_size el0_sync_a32.align 7, INV_INSN el0_irq_a32:restore_mappingb elx_irqcheck_vector_size el0_irq_a32.align 7, INV_INSN el0_fiq_a32:restore_mappingb elx_fiqcheck_vector_size el0_fiq_a32.align 7, INV_INSN el0_serror_a32:b el0_serror_a32check_vector_size el0_serror_a32

3、在ATF中的異常向量表

(1)、同步異常向量表-(smc)

smc同步異常調用的都是handle_sync_exception

sync_exception_aarch64:/* -----------------------------------------------------* This exception vector will be the entry point for* SMCs and traps that are unhandled at lower ELs most* commonly. SP_EL3 should point to a valid cpu context* where the general purpose and system register state* can be saved.* -----------------------------------------------------*/handle_sync_exceptioncheck_vector_size sync_exception_aarch64 sync_exception_aarch32:/* -----------------------------------------------------* This exception vector will be the entry point for* SMCs and traps that are unhandled at lower ELs most* commonly. SP_EL3 should point to a valid cpu context* where the general purpose and system register state* can be saved.* -----------------------------------------------------*/handle_sync_exceptioncheck_vector_size sync_exception_aarch32

handle_sync_exception調用smc_handler64處理同步異常

.macro handle_sync_exception /* Enable the SError interrupt */ msr daifclr, #DAIF_ABT_BITstr x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR] mrs x30, esr_el3 ubfx x30, x30, #ESR_EC_SHIFT, #ESR_EC_LENGTHcmp x30, #EC_AARCH32_SMC b.eq smc_handler32cmp x30, #EC_AARCH64_SMC b.eq smc_handler64/* -----------------------------------------------------* The following code handles any synchronous exception* that is not an SMC.* -----------------------------------------------------*/bl report_unhandled_exception .endm

(2)、異類步異常向量表-(irq,fiq…)

irq/fiq異步異常調用的是handle_interrupt_exception

irq_aarch64:handle_interrupt_exception irq_aarch64check_vector_size irq_aarch64.align 7 fiq_aarch64:handle_interrupt_exception fiq_aarch64check_vector_size fiq_aarch64

get_interrupt_type_handler獲取ATF注冊的中斷處理函數

interrupt_type_handler_t get_interrupt_type_handler(uint32_t type) {if (validate_interrupt_type(type))return NULL;return intr_type_descs[type].handler; }

handle_interrupt_exception調用ATF中注冊的handler函數

.macro handle_interrupt_exception label/* Enable the SError interrupt */msr daifclr, #DAIF_ABT_BITstr x30, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_LR]bl save_gp_registers/** Save the EL3 system registers needed to return from* this exception.*/mrs x0, spsr_el3mrs x1, elr_el3stp x0, x1, [sp, #CTX_EL3STATE_OFFSET + CTX_SPSR_EL3]/* Switch to the runtime stack i.e. SP_EL0 */ldr x2, [sp, #CTX_EL3STATE_OFFSET + CTX_RUNTIME_SP]mov x20, spmsr spsel, #0mov sp, x2/** Find out whether this is a valid interrupt type. If the* interrupt controller reports a spurious interrupt then* return to where we came from.*/bl plat_ic_get_pending_interrupt_typecmp x0, #INTR_TYPE_INVALb.eq interrupt_exit_\label/** Get the registered handler for this interrupt type. A* NULL return value could be 'cause of the following* conditions:** a. An interrupt of a type was routed correctly but a* handler for its type was not registered.** b. An interrupt of a type was not routed correctly so* a handler for its type was not registered.** c. An interrupt of a type was routed correctly to EL3,* but was deasserted before its pending state could* be read. Another interrupt of a different type pended* at the same time and its type was reported as pending* instead. However, a handler for this type was not* registered.** a. and b. can only happen due to a programming error.* The occurrence of c. could be beyond the control of* Trusted Firmware. It makes sense to return from this* exception instead of reporting an error.*/bl get_interrupt_type_handlercbz x0, interrupt_exit_\labelmov x21, x0mov x0, #INTR_ID_UNAVAILABLE/* Set the current security state in the 'flags' parameter */mrs x2, scr_el3ubfx x1, x2, #0, #1/* Restore the reference to the 'handle' i.e. SP_EL3 */mov x2, x20/* x3 will point to a cookie (not used now) */mov x3, xzr/* Call the interrupt type handler */blr x21interrupt_exit_\label:/* Return from exception, possibly in a different security state */b el3_exit.endm

剖析該段匯編的關鍵代碼：

bl get_interrupt_type_handler //獲取注冊的中斷處理函數, 返回函數地址，保存在X0中 cbz x0, interrupt_exit_\label mov x21, x0 //X0保存到了X21中 ..... blr x21 //跳轉到X21，就是跳轉到ATF中的中斷處理函數

總結

以上是生活随笔為你收集整理的在linux、optee、ATF中的中断异常向量表的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。