From e6d6734db2132b7dcca3a3e50093439f4f54e81f Mon Sep 17 00:00:00 2001
From: Ville Juven <ville.juven@unikie.com>
Date: Thu, 31 Mar 2022 14:59:06 +0300
Subject: [PATCH] ARCH_ADDRENV: Add guard against mis-configuration

When process a is switched to process b, the address environment is
swapped with a call to group_addrenv(). The stack upon entry will be
a's, and upon exit b's. This will fail, so a neutral stack is required,
either a kernel stack or an IRQ stack.

Infrastructure for an IRQ stack is already in place, so give a hint
that an interrupt stack should be provided if address environments
are enabled.
---
 .../src/common/riscv_exception_common.S       | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/arch/risc-v/src/common/riscv_exception_common.S b/arch/risc-v/src/common/riscv_exception_common.S
index a45441e4b9..5db9dbcb5f 100644
--- a/arch/risc-v/src/common/riscv_exception_common.S
+++ b/arch/risc-v/src/common/riscv_exception_common.S
@@ -27,6 +27,25 @@
 
 #include "riscv_internal.h"
 
+/****************************************************************************
+ * Pre-processor Definitions
+ ****************************************************************************/
+
+/* Using address environments currently require that a common interrupt stack
+ * is in place. This is needed because during context switch the procedure
+ * that swaps the active address environment is dependent on a stack, which
+ * must be a 'neutral' stack.
+ *
+ * Another option would be to use a per-process kernel stack, but full
+ * support for this is not yet in place, so use the common IRQ stack instead.
+ */
+
+#ifdef CONFIG_ARCH_ADDRENV
+#  if CONFIG_ARCH_INTERRUPTSTACK == 0 && !defined(CONFIG_ARCH_KERNEL_STACK)
+#    error "IRQ or kernel stack is needed for swapping address environments"
+#  endif
+#endif
+
 /****************************************************************************
  * Public Symbols
  ****************************************************************************/