| Message ID | 20241028124547.1371867-6-ayan.kumar.halder@amd.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | Enable early bootup of AArch64 MPU systems | expand |
Hi Ayan, > On 28 Oct 2024, at 12:45, Ayan Kumar Halder <ayan.kumar.halder@amd.com> wrote: > > After the regions have been created, now we enable the MPU. For this we disable > the background region so that the new memory map created for the regions take > effect. Also, we treat all RW regions as non executable and the data cache is > enabled. > > As enable_mpu() is invoked from enable_boot_cpu_mm(), one needs to save and > restore the lr. > > Signed-off-by: Ayan Kumar Halder <ayan.kumar.halder@amd.com> > --- > It looks good to me: Reviewed-by: Luca Fancellu <luca.fancellu@arm.com>
Hi Ayan, On 28/10/2024 12:45, Ayan Kumar Halder wrote: > After the regions have been created, now we enable the MPU. For this we disable > the background region so that the new memory map created for the regions take > effect. Also, we treat all RW regions as non executable and the data cache is > enabled. > > As enable_mpu() is invoked from enable_boot_cpu_mm(), one needs to save and > restore the lr. > > Signed-off-by: Ayan Kumar Halder <ayan.kumar.halder@amd.com> > --- > Changes from :- > > v2 - 1. Extracted from the previous patch into a new one. > > 2. Disabled background region. > > v3 - 1. Removed dsb before setting SCTLR_EL2. The reason being > From ARM DDI 0487K.a D23-7349: > "Direct writes to these registers (includes SCTLR_EL2) are not allowed to affect > any instructions appearing in program order before the direct write." > So, we don't need a synchronization barrier before writing to SCTLR_EL2. > Further, we do have synchronization barriers after writing the MPU region > registers (which happens before we read SCTLR_EL2). So, SCTLR_EL2 is written > after the MPU registers are synchronized. And, thus adding a 'isb' to flush the > instruction pipeline ensures that the subsequent instructions are fetched after > the MPU has been enabled. > > 2. Saved and restored lr in enable_boot_cpu_mm(). > > xen/arch/arm/arm64/mpu/head.S | 30 ++++++++++++++++++-- > xen/arch/arm/include/asm/arm64/mpu/sysregs.h | 3 ++ > 2 files changed, 31 insertions(+), 2 deletions(-) > > diff --git a/xen/arch/arm/arm64/mpu/head.S b/xen/arch/arm/arm64/mpu/head.S > index 9377ae778c..0edadb009c 100644 > --- a/xen/arch/arm/arm64/mpu/head.S > +++ b/xen/arch/arm/arm64/mpu/head.S > @@ -68,6 +68,29 @@ FUNC_LOCAL(fail_insufficient_regions) > b 1b > END(fail_insufficient_regions) > > +/* > + * Enable EL2 MPU and data cache > + * If the Background region is enabled, then the MPU uses the default memory > + * map as the Background region for generating the memory > + * attributes when MPU is disabled. > + * Since the default memory map of the Armv8-R AArch64 architecture is > + * IMPLEMENTATION DEFINED, we intend to turn off the Background region here. > + * > + * Clobbers x0 > + * > + */ > +FUNC_LOCAL(enable_mpu) > + mrs x0, SCTLR_EL2 > + bic x0, x0, #SCTLR_ELx_BR /* Disable Background region */ > + orr x0, x0, #SCTLR_Axx_ELx_M /* Enable MPU */ > + orr x0, x0, #SCTLR_Axx_ELx_C /* Enable D-cache */ > + orr x0, x0, #SCTLR_Axx_ELx_WXN /* Enable WXN */ > + msr SCTLR_EL2, x0 > + isb > + > + ret > +END(enable_mpu) > + > /* > * Maps the various sections of Xen (described in xen.lds.S) as different MPU > * regions. > @@ -75,10 +98,11 @@ END(fail_insufficient_regions) > * Inputs: > * lr : Address to return to. > * > - * Clobbers x0 - x5 > + * Clobbers x0 - x6 > * > */ > FUNC(enable_boot_cpu_mm) > + mov x6, lr > > /* Get the number of regions specified in MPUIR_EL2 */ > mrs x5, MPUIR_EL2 > @@ -110,8 +134,10 @@ FUNC(enable_boot_cpu_mm) > ldr x2, =__bss_end > prepare_xen_region x0, x1, x2, x3, x4, x5 > > - ret > + bl enable_mpu > > + mov lr, x6 > + ret You should not need to save/restore 'lr'. You could write: b enable_mpu So when enable_mpu returns, it will go back to the caller of enable_boot_cpu_mm. With that fixed: Acked-by: Julien Grall <jgrall@amazon.com> Cheers,
diff --git a/xen/arch/arm/arm64/mpu/head.S b/xen/arch/arm/arm64/mpu/head.S index 9377ae778c..0edadb009c 100644 --- a/xen/arch/arm/arm64/mpu/head.S +++ b/xen/arch/arm/arm64/mpu/head.S @@ -68,6 +68,29 @@ FUNC_LOCAL(fail_insufficient_regions) b 1b END(fail_insufficient_regions) +/* + * Enable EL2 MPU and data cache + * If the Background region is enabled, then the MPU uses the default memory + * map as the Background region for generating the memory + * attributes when MPU is disabled. + * Since the default memory map of the Armv8-R AArch64 architecture is + * IMPLEMENTATION DEFINED, we intend to turn off the Background region here. + * + * Clobbers x0 + * + */ +FUNC_LOCAL(enable_mpu) + mrs x0, SCTLR_EL2 + bic x0, x0, #SCTLR_ELx_BR /* Disable Background region */ + orr x0, x0, #SCTLR_Axx_ELx_M /* Enable MPU */ + orr x0, x0, #SCTLR_Axx_ELx_C /* Enable D-cache */ + orr x0, x0, #SCTLR_Axx_ELx_WXN /* Enable WXN */ + msr SCTLR_EL2, x0 + isb + + ret +END(enable_mpu) + /* * Maps the various sections of Xen (described in xen.lds.S) as different MPU * regions. @@ -75,10 +98,11 @@ END(fail_insufficient_regions) * Inputs: * lr : Address to return to. * - * Clobbers x0 - x5 + * Clobbers x0 - x6 * */ FUNC(enable_boot_cpu_mm) + mov x6, lr /* Get the number of regions specified in MPUIR_EL2 */ mrs x5, MPUIR_EL2 @@ -110,8 +134,10 @@ FUNC(enable_boot_cpu_mm) ldr x2, =__bss_end prepare_xen_region x0, x1, x2, x3, x4, x5 - ret + bl enable_mpu + mov lr, x6 + ret END(enable_boot_cpu_mm) /* diff --git a/xen/arch/arm/include/asm/arm64/mpu/sysregs.h b/xen/arch/arm/include/asm/arm64/mpu/sysregs.h index b0c31a58ec..3769d23c80 100644 --- a/xen/arch/arm/include/asm/arm64/mpu/sysregs.h +++ b/xen/arch/arm/include/asm/arm64/mpu/sysregs.h @@ -15,6 +15,9 @@ /* MPU Protection Region Selection Register encode */ #define PRSELR_EL2 S3_4_C6_C2_1 +/* Backgroud region enable/disable */ +#define SCTLR_ELx_BR BIT(17, UL) + #endif /* __ASM_ARM_ARM64_MPU_SYSREGS_H */ /*
After the regions have been created, now we enable the MPU. For this we disable the background region so that the new memory map created for the regions take effect. Also, we treat all RW regions as non executable and the data cache is enabled. As enable_mpu() is invoked from enable_boot_cpu_mm(), one needs to save and restore the lr. Signed-off-by: Ayan Kumar Halder <ayan.kumar.halder@amd.com> --- Changes from :- v2 - 1. Extracted from the previous patch into a new one. 2. Disabled background region. v3 - 1. Removed dsb before setting SCTLR_EL2. The reason being From ARM DDI 0487K.a D23-7349: "Direct writes to these registers (includes SCTLR_EL2) are not allowed to affect any instructions appearing in program order before the direct write." So, we don't need a synchronization barrier before writing to SCTLR_EL2. Further, we do have synchronization barriers after writing the MPU region registers (which happens before we read SCTLR_EL2). So, SCTLR_EL2 is written after the MPU registers are synchronized. And, thus adding a 'isb' to flush the instruction pipeline ensures that the subsequent instructions are fetched after the MPU has been enabled. 2. Saved and restored lr in enable_boot_cpu_mm(). xen/arch/arm/arm64/mpu/head.S | 30 ++++++++++++++++++-- xen/arch/arm/include/asm/arm64/mpu/sysregs.h | 3 ++ 2 files changed, 31 insertions(+), 2 deletions(-)