commit 4eba3f3e68c795fb738bfbfcf05f551d186fee0f
author Kathleen Capella <kathleen.capella@arm.com> Fri Dec 09 18:05:51 2022 -0500
committer Olivier Deprez <olivier.deprez@arm.com> Thu Feb 16 11:23:15 2023 +0100
tree 721876c401383e1036b9ea9f7a4555818646cde1
parent 7bec180c5679997723056d91b92d471c19662944

test(pauth) test PAuth fault in S-EL1

This test ensures that a pointer authentication fault
is triggered on a return instruction in S-EL1 if the link
register has been overwritten.

Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Change-Id: I99130bf9c59e660be277a36029b28b77e1b7d488

test/vmapi/common/exception_handler.c

diff --git a/test/vmapi/common/exception_handler.c b/test/vmapi/common/exception_handler.c
index 8a63355..23ff167 100644
--- a/test/vmapi/common/exception_handler.c
+++ b/test/vmapi/common/exception_handler.c
@@ -25,6 +25,12 @@
 static uint32_t last_serviced_interrupt = 0;
 
 /**
+ * Used to specify an instruction address to return to after exception
+ * is handled.
+ */
+static uint64_t exception_handler_return_addr = 0;
+
+/**
  * Sends the number of exceptions handled to the Primary VM.
  */
 void exception_handler_send_exception_count(void)
@@ -108,6 +114,48 @@
 }
 
 /**
+ * Warning: Intended to be used only in test code.
+ * The ability to jump to any address after an exception could
+ * possibily be exploited by malicious code.
+ *
+ * Sets the specified instruction address to return to after handler exits.
+ */
+void exception_handler_set_return_addr(uint64_t instr_addr)
+{
+	exception_handler_return_addr = instr_addr;
+}
+
+/**
+ * Returns the specified instruction address to return to after handler exits.
+ */
+static uint64_t exception_handler_get_return_addr(void)
+{
+	return exception_handler_return_addr;
+}
+
+/**
+ * EL1 exception handler to use in unit test VMs.
+ * Skips to the instruction address specified in general
+ * register x19.
+ */
+bool exception_handler_skip_to_instruction(void)
+{
+	dlog("%s function is triggered!\n", __func__);
+	++exception_handler_exception_count;
+
+	uint64_t instr_addr = exception_handler_get_return_addr();
+
+	if (instr_addr) {
+		write_msr(elr_el1, instr_addr);
+		/* Indicate that elr_el1 should not be restored. */
+		return true;
+	}
+
+	dlog_error("%s: Return address not set, restoring elr_el1\n", __func__);
+	return false;
+}
+
+/**
  * EL1 exception handler to use in unit test VMs.
  * Yields control back to the hypervisor and sends the number of exceptions.
  */