WIP: ARM exception 小记

Exception entry

On taking an exception to AArch64 state:

发生异常时根据异常的种类，有不同的行为。
通常程序状态字会保存到异常的目标异常级别 SPSR_ELx
返回地址则保存到对应的 ELR_ELx
自动屏蔽中断。All of PSTATE {D, A, I, F} are set to 1.
堆栈指针切换到对应的 SP_ELx
某些异常会保存出错的虚拟地址到 FAR_ELx

• An Instruction Abort exception.
• A Data Abort exception.
• A PC alignment fault exception.
• A Watchpoint exception.

…

之后执行流进入异常向量表里指定的位置开始执行。
Execution moves to the target Exception level, and starts at the address defined by the exception vector. Which exception vector is used is also an indicator of whether the exception came from a lower Exception level or the current Exception level.

返回地址

• For asynchronous exceptions, it is the address of the instruction following the instruction boundary at which the interrupt occurs. Therefore, it is the address of the first instruction that did not execute, or did not complete execution, as a result of taking the interrupt. 由于发生中断而未执行或未完成执行的第一条指令的地址。
• For synchronous exceptions other than system calls, it is the address of the instruction that generates the exception. 不包括 syscall，指令自身地址。
• For exception generating instructions, it is the address of the instruction that follows the exception generating instruction. 下一条指令地址。

PSTATE

In the ARMv8-A architecture, Process state or PSTATE is an abstraction of process state information.

Execution state & Secure state

Synchronous & Asynchronous exception

CTLR reg

SCTLR_EL3.NS

Non-secure bit.
0 Indicates that EL0 and EL1 are in Secure state, and so memory accesses from those
Exception levels can access Secure memory.

1 Indicates that EL0 and EL1 are in Non-secure state, and so memory accesses from those
Exception levels cannot access Secure memory.

EL2 is not supported in the Secure state. When SCR_EL3.NS==0, it is not possible to enter EL2,
and the EL2 state has no effect on execution.

Hypervisor Configuration Register
HCR_EL2.TGE Trap General Exceptions, from Non-secure EL0.

0 This control has no effect on execution at EL0.
1 When the value of SCR_EL3.NS is 0, this control has no effect on execution at EL0.
When the value of SCR_EL3.NS is 1, in all cases:
• All exceptions that would be routed to EL1 are routed to EL2.
• The SCTLR_EL1.M field, or the SCTLR.M field if EL1 is using AArch32, is
treated as being 0 for all purposes other than returning the result of a direct read
of SCTLR_EL1 or SCTLR.
• All virtual interrupts are disabled.
• Any IMPLEMENTATION DEFINED mechanisms for signaling virtual interrupts are
disabled.
• An exception return to EL1 is treated as an illegal exception return.
When the value of SCR_EL3.NS is 1 and the value of HCR_EL2.E2H is 0, additionally:
• The HCR_EL2.{FMO, IMO, AMO} fields are treated as being 1 for all purposes
other than a direct read or write access of HCR_EL2.
• The MDCR_EL2.{TDRA,TDOSA,TDA, TDE} fields are treated as being 1 for
all purposes other than returning the result of a direct read of MDCR_EL2.
For information on the behavior of this bit when E2H is 1, see Behavior of
HCR_EL2.E2H on page D4-2183.
HCR_EL2.TGE must not be cached in a TLB.
In an implementation that includes EL3, when the value of SCR_EL3.NS is 0 the PE behaves as if
this field is 0 for all purposes other than a direct read or write access of HCR_EL2.