From patchwork Sat Oct 22 15:04:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015975 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 10D7DC433FE for ; Sat, 22 Oct 2022 15:04:42 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428299.678312 (Exim 4.92) (envelope-from ) id 1omG35-0005gl-KF; Sat, 22 Oct 2022 15:04:31 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428299.678312; Sat, 22 Oct 2022 15:04:31 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG35-0005gc-HT; Sat, 22 Oct 2022 15:04:31 +0000 Received: by outflank-mailman (input) for mailman id 428299; Sat, 22 Oct 2022 15:04:29 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG33-0005bG-Qk for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:04:29 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG33-0005EU-8k; Sat, 22 Oct 2022 15:04:29 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG33-00023n-0E; Sat, 22 Oct 2022 15:04:29 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=8yMgJ3Zo7YUfciDmg8O8H51lri8h2DniSD/vMf2ZgB0=; b=fA5FYHWKEQe3gYp/s4qosX/hwu pblmvc47+ckOeyAmI3mxJ1GPfHOcazR4Qtxw1Wvnhn1UuQ0sjjwD6jZHc/atbD6T+Q3Ua+RDi5oZl lBtcmIWSZ+LJBPnPXLZvq6q6tbTGP47Uxp809dtDetYsZdrRfmQCeyDwWGppF/PJAy3M=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 01/12] xen/arm: Clean-up the memory layout Date: Sat, 22 Oct 2022 16:04:11 +0100 Message-Id: <20221022150422.17707-2-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall In a follow-up patch, the base address for the common mappings will vary between arm32 and arm64. To avoid any duplication, define every mapping in the common region from the previous one. Take the opportunity to add missing *_SIZE for FIXMAP_VIRT_* and XEN_VIRT_*. Take the opportunity to add missing *_SIZE for some mappings. Signed-off-by: Julien Grall ---- Changes in v2: - Use _AT(vaddr_t, ...) to build on 32-bit. - Drop COMMON_VIRT_START Reviewed-by: Luca Fancellu --- xen/arch/arm/include/asm/config.h | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/xen/arch/arm/include/asm/config.h b/xen/arch/arm/include/asm/config.h index 0fefed1b8aa9..80d81f127f7e 100644 --- a/xen/arch/arm/include/asm/config.h +++ b/xen/arch/arm/include/asm/config.h @@ -107,14 +107,19 @@ * Unused */ -#define XEN_VIRT_START _AT(vaddr_t,0x00200000) -#define FIXMAP_ADDR(n) (_AT(vaddr_t,0x00400000) + (n) * PAGE_SIZE) +#define XEN_VIRT_START _AT(vaddr_t, MB(2)) +#define XEN_VIRT_SIZE _AT(vaddr_t, MB(2)) -#define BOOT_FDT_VIRT_START _AT(vaddr_t,0x00600000) -#define BOOT_FDT_VIRT_SIZE _AT(vaddr_t, MB(4)) +#define FIXMAP_VIRT_START (XEN_VIRT_START + XEN_VIRT_SIZE) +#define FIXMAP_VIRT_SIZE _AT(vaddr_t, MB(2)) + +#define FIXMAP_ADDR(n) (FIXMAP_VIRT_START + (n) * PAGE_SIZE) + +#define BOOT_FDT_VIRT_START (FIXMAP_VIRT_START + FIXMAP_VIRT_SIZE) +#define BOOT_FDT_VIRT_SIZE _AT(vaddr_t, MB(4)) #ifdef CONFIG_LIVEPATCH -#define LIVEPATCH_VMAP_START _AT(vaddr_t,0x00a00000) +#define LIVEPATCH_VMAP_START (BOOT_FDT_VIRT_START + BOOT_FDT_VIRT_SIZE) #define LIVEPATCH_VMAP_SIZE _AT(vaddr_t, MB(2)) #endif From patchwork Sat Oct 22 15:04:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015976 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 8D733C04A95 for ; Sat, 22 Oct 2022 15:04:43 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428300.678323 (Exim 4.92) (envelope-from ) id 1omG36-0005wf-Va; Sat, 22 Oct 2022 15:04:32 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428300.678323; Sat, 22 Oct 2022 15:04:32 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG36-0005wY-SZ; Sat, 22 Oct 2022 15:04:32 +0000 Received: by outflank-mailman (input) for mailman id 428300; Sat, 22 Oct 2022 15:04:30 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG34-0005gS-UH for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:04:30 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG34-0005Ej-KM; Sat, 22 Oct 2022 15:04:30 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG34-00023n-Bx; Sat, 22 Oct 2022 15:04:30 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=LrFyBh0VUTegwiGKJOtrjeyi3WyVFq/ISvEVIIaZGsA=; b=AAFJwHuto9C4duL4FSkEqoCtlP IE4EkzYWr1SxtkKMvT7OGYRG343lAdKaP/wBcQRdFz+M13Pa9uFisba+1GfigJnRj5lc2VLJz5z0d TLwtIjCXabD3CPG7IxsVCS3Ji0DWrrJmbeRL9PXpxPezJLCDCE6AV5F+su26hGS478S4=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 02/12] xen/arm32: head: Jump to the runtime mapping in enable_mmu() Date: Sat, 22 Oct 2022 16:04:12 +0100 Message-Id: <20221022150422.17707-3-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall At the moment, enable_mmu() will return to an address in the 1:1 mapping and each path are responsible to switch to the runtime mapping. In a follow-up patch, the behavior to switch to the runtime mapping will become more complex. So to avoid more code/comment duplication, move the switch in enable_mmu(). Lastly, take the opportunity to replace load from literal pool with mov_w. Signed-off-by: Julien Grall --- xen/arch/arm/arm32/head.S | 51 ++++++++++++++++++++++++--------------- 1 file changed, 31 insertions(+), 20 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index a558c2a6876e..163bd6596dec 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -167,19 +167,12 @@ past_zImage: bl check_cpu_mode bl cpu_init bl create_page_tables - bl enable_mmu - /* We are still in the 1:1 mapping. Jump to the runtime Virtual Address. */ - ldr r0, =primary_switched - mov pc, r0 + /* Address in the runtime mapping to jump to after the MMU is enabled */ + mov_w lr, primary_switched + b enable_mmu + primary_switched: - /* - * The 1:1 map may clash with other parts of the Xen virtual memory - * layout. As it is not used anymore, remove it completely to - * avoid having to worry about replacing existing mapping - * afterwards. - */ - bl remove_identity_mapping bl setup_fixmap #ifdef CONFIG_EARLY_PRINTK /* Use a virtual address to access the UART. */ @@ -223,12 +216,10 @@ GLOBAL(init_secondary) bl check_cpu_mode bl cpu_init bl create_page_tables - bl enable_mmu - - /* We are still in the 1:1 mapping. Jump to the runtime Virtual Address. */ - ldr r0, =secondary_switched - mov pc, r0 + /* Address in the runtime mapping to jump to after the MMU is enabled */ + mov_w lr, secondary_switched + b enable_mmu secondary_switched: /* * Non-boot CPUs need to move on to the proper pagetables, which were @@ -523,9 +514,12 @@ virtphys_clash: ENDPROC(create_page_tables) /* - * Turn on the Data Cache and the MMU. The function will return on the 1:1 - * mapping. In other word, the caller is responsible to switch to the runtime - * mapping. + * Turn on the Data Cache and the MMU. The function will return + * to the virtual address provided in LR (e.g. the runtime mapping). + * + * Inputs: + * r9 : paddr(start) + * lr : Virtual address to return to * * Clobbers r0 - r3 */ @@ -551,7 +545,24 @@ enable_mmu: dsb /* Flush PTE writes and finish reads */ mcr CP32(r0, HSCTLR) /* now paging is enabled */ isb /* Now, flush the icache */ - mov pc, lr + + /* + * The MMU is turned on and we are in the 1:1 mapping. Switch + * to the runtime mapping. + */ + mov_w r0, 1f + mov pc, r0 +1: + /* + * The 1:1 map may clash with other parts of the Xen virtual memory + * layout. As it is not used anymore, remove it completely to + * avoid having to worry about replacing existing mapping + * afterwards. + * + * On return this will jump to the virtual address requested by + * the caller. + */ + b remove_identity_mapping ENDPROC(enable_mmu) /* From patchwork Sat Oct 22 15:04:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015978 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 90433FA373F for ; Sat, 22 Oct 2022 15:04:43 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428301.678328 (Exim 4.92) (envelope-from ) id 1omG37-00060B-Af; Sat, 22 Oct 2022 15:04:33 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428301.678328; Sat, 22 Oct 2022 15:04:33 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG37-0005yx-5D; Sat, 22 Oct 2022 15:04:33 +0000 Received: by outflank-mailman (input) for mailman id 428301; Sat, 22 Oct 2022 15:04:32 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG36-0005uq-GX for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:04:32 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG35-0005F3-VY; Sat, 22 Oct 2022 15:04:31 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG35-00023n-NO; Sat, 22 Oct 2022 15:04:31 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=Aq7wpCbgRD2Vz4E/mFWzygsJQJEQlpBo6MNpZAyyP2k=; b=jLrM12Dsvy2hP6/Yl/UU4IfHli tE/rnoYeF37V7m2umvUB3zJYTUwW2ycFg3Dh9a+uUuwC/1XhIOQx5i686vAmW4Lm9PfCJMpOOdXkl 4wPnCNAZ7uTkHvJi3hvDLKHliuNH1ALN8C9MGY+qh2VUzvbJ37/QrLcf9A6uQxGLAc7E=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 03/12] xen/arm32: head: Introduce an helper to flush the TLBs Date: Sat, 22 Oct 2022 16:04:13 +0100 Message-Id: <20221022150422.17707-4-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall The sequence for flushing the TLBs is 4 instruction long and often require an explanation how it works. So create an helper and use it in the boot code (switch_ttbr() is left alone for now). Note that in secondary_switched, we were also flushing the instruction cache and branch predictor. Neither of them was necessary because: * We are only supporting IVIPT cache on arm32, so the instruction cache flush is only necessary when executable code is modified. None of the boot code is doing that. * The instruction cache is not invalidated and misprediction is not a problem at boot. Signed-off-by: Julien Grall --- xen/arch/arm/arm32/head.S | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index 163bd6596dec..aeaa8d105aeb 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -66,6 +66,21 @@ add \rb, \rb, r10 .endm +/* + * Flush local TLBs + * + * tmp1: Scratch register + * + * See asm/arm32/flushtlb.h for the explanation of the sequence. + */ +.macro flush_xen_tlb_local tmp1 + /* See asm/arm32/flushtlb.h for the explanation of the sequence. */ + dsb nshst + mcr CP32(\tmp1, TLBIALLH) + dsb nsh + isb +.endm + /* * Common register usage in this file: * r0 - @@ -233,11 +248,7 @@ secondary_switched: mcrr CP64(r4, r5, HTTBR) dsb isb - mcr CP32(r0, TLBIALLH) /* Flush hypervisor TLB */ - mcr CP32(r0, ICIALLU) /* Flush I-cache */ - mcr CP32(r0, BPIALL) /* Flush branch predictor */ - dsb /* Ensure completion of TLB+BP flush */ - isb + flush_xen_tlb_local r0 #ifdef CONFIG_EARLY_PRINTK /* Use a virtual address to access the UART. */ @@ -530,8 +541,7 @@ enable_mmu: * The state of the TLBs is unknown before turning on the MMU. * Flush them to avoid stale one. */ - mcr CP32(r0, TLBIALLH) /* Flush hypervisor TLBs */ - dsb nsh + flush_xen_tlb_local r0 /* Write Xen's PT's paddr into the HTTBR */ load_paddr r0, boot_pgtable @@ -606,12 +616,7 @@ remove_identity_mapping: strd r2, r3, [r0, r1] identity_mapping_removed: - /* See asm/arm32/flushtlb.h for the explanation of the sequence. */ - dsb nshst - mcr CP32(r0, TLBIALLH) - dsb nsh - isb - + flush_xen_tlb_local r0 mov pc, lr ENDPROC(remove_identity_mapping) From patchwork Sat Oct 22 15:04:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015980 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D67DEFA3740 for ; Sat, 22 Oct 2022 15:04:43 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428302.678345 (Exim 4.92) (envelope-from ) id 1omG38-0006SN-NO; Sat, 22 Oct 2022 15:04:34 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428302.678345; Sat, 22 Oct 2022 15:04:34 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG38-0006Rj-GT; Sat, 22 Oct 2022 15:04:34 +0000 Received: by outflank-mailman (input) for mailman id 428302; Sat, 22 Oct 2022 15:04:33 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG37-0006ER-Oi for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:04:33 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG37-0005FJ-E9; Sat, 22 Oct 2022 15:04:33 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG37-00023n-2c; Sat, 22 Oct 2022 15:04:33 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=COY44H32x9kH/5zABdsyCdrltsywfscNwpMjZ93lTes=; b=SmHLcaOwqGyhAlfIGviJS/KwBm EJ8Wz2gTn2egYr/gUfOxOQKXs8Da+z+8+NZm5T4kIcf9BGpviwGMgO155jS2t2O9lDR7JBJv24KKP YcvjbHHVunJUFWlShjTni5953qd5nt7wmhC9qhKfuOw4IMKA3qXkOmD6DchhN/3yIBTA=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 04/12] xen/arm32: head: Remove restriction where to load Xen Date: Sat, 22 Oct 2022 16:04:14 +0100 Message-Id: <20221022150422.17707-5-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall At the moment, bootloaders can load Xen anywhere in memory but the region 2MB - 4MB. While I am not aware of any issue, we have no way to tell the bootloader to avoid that region. In addition to that, in the future, Xen may grow over 2MB if we enable feature like UBSAN or GCOV. To avoid widening the restriction on the load address, it would be better to get rid of it. When the identity mapping is clashing with the Xen runtime mapping, we need an extra indirection to be able to replace the identity mapping with the Xen runtime mapping. Reserve a new memory region that will be used to temporarily map Xen. For convenience, the new area is re-using the same first slot as the domheap which is used for per-cpu temporary mapping after a CPU has booted. Furthermore, directly map boot_second (which cover Xen and more) to the temporary area. This will avoid to allocate an extra page-table for the second-level and will helpful for follow-up patches (we will want to use the fixmap whilst in the temporary mapping). Lastly, some part of the code now needs to know whether the temporary mapping was created. So reserve r12 to store this information. Signed-off-by: Julien Grall ---- Changes in v2: - Patch added --- xen/arch/arm/arm32/head.S | 139 ++++++++++++++++++++++++++---- xen/arch/arm/domain_page.c | 9 ++ xen/arch/arm/include/asm/config.h | 14 +++ xen/arch/arm/mm.c | 14 +++ 4 files changed, 161 insertions(+), 15 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index aeaa8d105aeb..54725c90993c 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -35,6 +35,9 @@ #define XEN_FIRST_SLOT first_table_offset(XEN_VIRT_START) #define XEN_SECOND_SLOT second_table_offset(XEN_VIRT_START) +/* Offset between the early boot xen mapping and the runtime xen mapping */ +#define XEN_TEMPORARY_OFFSET (TEMPORARY_XEN_VIRT_START - XEN_VIRT_START) + #if defined(CONFIG_EARLY_PRINTK) && defined(CONFIG_EARLY_PRINTK_INC) #include CONFIG_EARLY_PRINTK_INC #endif @@ -95,7 +98,7 @@ * r9 - paddr(start) * r10 - phys offset * r11 - UART address - * r12 - + * r12 - Temporary mapping created * r13 - SP * r14 - LR * r15 - PC @@ -447,6 +450,9 @@ ENDPROC(cpu_init) * r9 : paddr(start) * r10: phys offset * + * Output: + * r12: Was a temporary mapping created? + * * Clobbers r0 - r4, r6 * * Register usage within this function: @@ -486,7 +492,11 @@ create_page_tables: /* * Setup the 1:1 mapping so we can turn the MMU on. Note that * only the first page of Xen will be part of the 1:1 mapping. + * + * In all the cases, we will link boot_third_id. So create the + * mapping in advance. */ + create_mapping_entry boot_third_id, r9, r9 /* * Find the first slot used. If the slot is not XEN_FIRST_SLOT, @@ -503,8 +513,7 @@ create_page_tables: /* * Find the second slot used. If the slot is XEN_SECOND_SLOT, then the * 1:1 mapping will use its own set of page-tables from the - * third level. For slot XEN_SECOND_SLOT, Xen is not yet able to handle - * it. + * third level. */ get_table_slot r1, r9, 2 /* r1 := second slot */ cmp r1, #XEN_SECOND_SLOT @@ -515,13 +524,33 @@ create_page_tables: link_from_second_id: create_table_entry boot_second_id, boot_third_id, r9, 2 link_from_third_id: - create_mapping_entry boot_third_id, r9, r9 + /* Good news, we are not clashing with Xen virtual mapping */ + mov r12, #0 /* r12 := temporary mapping not created */ mov pc, lr virtphys_clash: - /* Identity map clashes with boot_third, which we cannot handle yet */ - PRINT("- Unable to build boot page tables - virt and phys addresses clash. -\r\n") - b fail + /* + * The identity map clashes with boot_third. Link boot_first_id and + * map Xen to a temporary mapping. See switch_to_runtime_mapping + * for more details. + */ + PRINT("- Virt and Phys addresses clash -\r\n") + PRINT("- Create temporary mapping -\r\n") + + /* + * This will override the link to boot_second in XEN_FIRST_SLOT. + * The page-tables are not live yet. So no need to use + * break-before-make. + */ + create_table_entry boot_pgtable, boot_second_id, r9, 1 + create_table_entry boot_second_id, boot_third_id, r9, 2 + + /* Map boot_second (cover Xen mappings) to the temporary 1st slot */ + mov_w r0, TEMPORARY_XEN_VIRT_START + create_table_entry boot_pgtable, boot_second, r0, 1 + + mov r12, #1 /* r12 := temporary mapping created */ + mov pc, lr ENDPROC(create_page_tables) /* @@ -530,9 +559,10 @@ ENDPROC(create_page_tables) * * Inputs: * r9 : paddr(start) + * r12 : Was the temporary mapping created? * lr : Virtual address to return to * - * Clobbers r0 - r3 + * Clobbers r0 - r5 */ enable_mmu: PRINT("- Turning on paging -\r\n") @@ -560,21 +590,79 @@ enable_mmu: * The MMU is turned on and we are in the 1:1 mapping. Switch * to the runtime mapping. */ - mov_w r0, 1f - mov pc, r0 + mov r5, lr /* Save LR before overwritting it */ + mov_w lr, 1f /* Virtual address in the runtime mapping */ + b switch_to_runtime_mapping 1: + mov lr, r5 /* Restore LR */ /* - * The 1:1 map may clash with other parts of the Xen virtual memory - * layout. As it is not used anymore, remove it completely to - * avoid having to worry about replacing existing mapping - * afterwards. + * At this point, either the 1:1 map or the temporary mapping + * will be present. The former may clash with other parts of the + * Xen virtual memory layout. As both of them are not used + * anymore, remove them completely to avoid having to worry + * about replacing existing mapping afterwards. * * On return this will jump to the virtual address requested by * the caller. */ - b remove_identity_mapping + teq r12, #0 + beq remove_identity_mapping + b remove_temporary_mapping ENDPROC(enable_mmu) +/* + * Switch to the runtime mapping. The logic depends on whether the + * runtime virtual region is clashing with the physical address + * + * - If it is not clashing, we can directly jump to the address in + * the runtime mapping. + * - If it is clashing, create_page_tables() would have mapped Xen to + * a temporary virtual address. We need to switch to the temporary + * mapping so we can remove the identity mapping and map Xen at the + * correct position. + * + * Inputs + * r9: paddr(start) + * r12: Was a temporary mapping created? + * lr: Address in the runtime mapping to jump to + * + * Clobbers r0 - r4 + */ +switch_to_runtime_mapping: + /* + * Jump to the runtime mapping if the virt and phys are not + * clashing + */ + teq r12, #0 + beq ready_to_switch + + /* We are still in the 1:1 mapping. Jump to the temporary Virtual address. */ + mov_w r0, 1f + add r0, r0, #XEN_TEMPORARY_OFFSET /* r0 := address in temporary mapping */ + mov pc, r0 + +1: + /* Remove boot_second_id */ + mov r2, #0 + mov r3, #0 + adr_l r0, boot_pgtable + get_table_slot r1, r9, 1 /* r1 := first slot */ + lsl r1, r1, #3 /* r1 := first slot offset */ + strd r2, r3, [r0, r1] + + flush_xen_tlb_local r0 + + /* Map boot_second into boot_pgtable */ + mov_w r0, XEN_VIRT_START + create_table_entry boot_pgtable, boot_second, r0, 1 + + /* Ensure any page table updates are visible before continuing */ + dsb nsh + +ready_to_switch: + mov pc, lr +ENDPROC(switch_to_runtime_mapping) + /* * Remove the 1:1 map from the page-tables. It is not easy to keep track * where the 1:1 map was mapped, so we will look for the top-level entry @@ -620,6 +708,27 @@ identity_mapping_removed: mov pc, lr ENDPROC(remove_identity_mapping) +/* + * Remove the temporary mapping of Xen starting at TEMPORARY_XEN_VIRT_START. + * + * Clobbers r0 - r1 + */ +remove_temporary_mapping: + /* r2:r3 := invalid page-table entry */ + mov r2, #0 + mov r3, #0 + + adr_l r0, boot_pgtable + mov_w r1, TEMPORARY_XEN_VIRT_START + get_table_slot r1, r1, 1 /* r1 := first slot */ + lsl r1, r1, #3 /* r1 := first slot offset */ + strd r2, r3, [r0, r1] + + flush_xen_tlb_local r0 + + mov pc, lr +ENDPROC(remove_temporary_mapping) + /* * Map the UART in the fixmap (when earlyprintk is used) and hook the * fixmap table in the page tables. diff --git a/xen/arch/arm/domain_page.c b/xen/arch/arm/domain_page.c index 71182575f95a..3c59db697f26 100644 --- a/xen/arch/arm/domain_page.c +++ b/xen/arch/arm/domain_page.c @@ -58,7 +58,16 @@ bool init_domheap_mappings(unsigned int cpu) first_idx = first_table_offset(DOMHEAP_VIRT_START); for ( i = 0; i < DOMHEAP_SECOND_PAGES; i++ ) { + lpae_t *entry = &root[first_idx + i]; lpae_t pte = mfn_to_xen_entry(mfn_add(mfn, i), MT_NORMAL); + + /* + * The domheap is overlapping with the temporary Xen mapping and + * the boot code is responsible to remove the latter mapping. + * So we can avoid break-before-make here. + */ + ASSERT(!lpae_is_valid(*entry)); + pte.pt.table = 1; write_pte(&root[first_idx + i], pte); } diff --git a/xen/arch/arm/include/asm/config.h b/xen/arch/arm/include/asm/config.h index 80d81f127f7e..f381c471f67a 100644 --- a/xen/arch/arm/include/asm/config.h +++ b/xen/arch/arm/include/asm/config.h @@ -148,6 +148,20 @@ /* Number of domheap pagetable pages required at the second level (2MB mappings) */ #define DOMHEAP_SECOND_PAGES (DOMHEAP_VIRT_SIZE >> FIRST_SHIFT) +/* + * The temporary area is overlapping with the domheap area. This may + * be used to create an alias of the first slot containing Xen mappings + * when turning on/off the MMU. + */ +#define TEMPORARY_AREA_FIRST_SLOT (first_table_offset(DOMHEAP_VIRT_START)) + +/* Calculate the address in the temporary area */ +#define TEMPORARY_AREA_ADDR(addr) \ + (((addr) & ~XEN_PT_LEVEL_MASK(1)) | \ + (TEMPORARY_AREA_FIRST_SLOT << XEN_PT_LEVEL_SHIFT(1))) + +#define TEMPORARY_XEN_VIRT_START TEMPORARY_AREA_ADDR(XEN_VIRT_START) + #else /* ARM_64 */ #define SLOT0_ENTRY_BITS 39 diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index 6ccffeaea57d..726211c77917 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -176,6 +176,9 @@ static void __init __maybe_unused build_assertions(void) #define CHECK_SAME_SLOT(level, virt1, virt2) \ BUILD_BUG_ON(level##_table_offset(virt1) != level##_table_offset(virt2)) +#define CHECK_DIFFERENT_SLOT(level, virt1, virt2) \ + BUILD_BUG_ON(level##_table_offset(virt1) == level##_table_offset(virt2)) + #ifdef CONFIG_ARM_64 CHECK_SAME_SLOT(zeroeth, XEN_VIRT_START, FIXMAP_ADDR(0)); CHECK_SAME_SLOT(zeroeth, XEN_VIRT_START, BOOT_FDT_VIRT_START); @@ -183,7 +186,18 @@ static void __init __maybe_unused build_assertions(void) CHECK_SAME_SLOT(first, XEN_VIRT_START, FIXMAP_ADDR(0)); CHECK_SAME_SLOT(first, XEN_VIRT_START, BOOT_FDT_VIRT_START); + /* + * For arm32, the temporary mapping will re-use the domheap + * first slot and the second slots will match. + */ +#ifdef CONFIG_ARM_32 + CHECK_SAME_SLOT(first, TEMPORARY_XEN_VIRT_START, DOMHEAP_VIRT_START); + CHECK_DIFFERENT_SLOT(first, XEN_VIRT_START, TEMPORARY_XEN_VIRT_START); + CHECK_SAME_SLOT(second, XEN_VIRT_START, TEMPORARY_XEN_VIRT_START); +#endif + #undef CHECK_SAME_SLOT +#undef CHECK_DIFFERENT_SLOT } void dump_pt_walk(paddr_t ttbr, paddr_t addr, From patchwork Sat Oct 22 15:04:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015981 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id EAE90C04A95 for ; Sat, 22 Oct 2022 15:04:45 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428303.678356 (Exim 4.92) (envelope-from ) id 1omG3B-0006oc-0g; Sat, 22 Oct 2022 15:04:37 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428303.678356; Sat, 22 Oct 2022 15:04:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3A-0006oC-SU; Sat, 22 Oct 2022 15:04:36 +0000 Received: by outflank-mailman (input) for mailman id 428303; Sat, 22 Oct 2022 15:04:35 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG39-0006dX-68 for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:04:35 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG38-0005Fe-PM; Sat, 22 Oct 2022 15:04:34 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG38-00023n-HR; Sat, 22 Oct 2022 15:04:34 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=U7Bs1tv4lv2AoxbGaVwYFTs7PIaGixTCOovZNTpsEgM=; b=kK2i5xvpxX4Nmrs+NH1/2f+vlF R9lXFaAX6GoByLqMYcRmDC3Kch4F3R2zRMWAApxMuBofLeluTGCXpFYoW6dqUsGUcwJ5wsQwVXeYk hn7odKv8glHnWN6+aNt+tvNzYf/GgL6hXIZ2SUtsciItctg04CgpSXONjBAymjX280rU=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 05/12] xen/arm32: head: Widen the use of the temporary mapping Date: Sat, 22 Oct 2022 16:04:15 +0100 Message-Id: <20221022150422.17707-6-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall At the moment, the temporary mapping is only used when the virtual runtime region of Xen is clashing with the physical region. In follow-up patches, we will rework how secondary CPU bring-up works and it will be convenient to use the fixmap area for accessing the root page-table (it is per-cpu). Rework the code to use temporary mapping when the Xen physical address is not overlapping with the temporary mapping. This also has the advantage to simplify the logic to identity map Xen. Signed-off-by: Julien Grall ---- Even if this patch is rewriting part of the previous patch, I decided to keep them separated to help the review. The "folow-up patches" are still in draft at the moment. I still haven't find a way to split them nicely and not require too much more work in the coloring side. I have provided some medium-term goal in the cover letter. Changes in v2: - Patch added --- xen/arch/arm/arm32/head.S | 82 +++++++-------------------------------- 1 file changed, 15 insertions(+), 67 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index 54725c90993c..e5df7cf757db 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -461,7 +461,6 @@ ENDPROC(cpu_init) create_page_tables: /* Prepare the page-tables for mapping Xen */ ldr r0, =XEN_VIRT_START - create_table_entry boot_pgtable, boot_second, r0, 1 create_table_entry boot_second, boot_third, r0, 2 /* Setup boot_third: */ @@ -481,67 +480,37 @@ create_page_tables: cmp r1, #(XEN_PT_LPAE_ENTRIES<<3) /* 512*8-byte entries per page */ blo 1b - /* - * If Xen is loaded at exactly XEN_VIRT_START then we don't - * need an additional 1:1 mapping, the virtual mapping will - * suffice. - */ - cmp r9, #XEN_VIRT_START - moveq pc, lr - /* * Setup the 1:1 mapping so we can turn the MMU on. Note that * only the first page of Xen will be part of the 1:1 mapping. - * - * In all the cases, we will link boot_third_id. So create the - * mapping in advance. */ + create_table_entry boot_pgtable, boot_second_id, r9, 1 + create_table_entry boot_second_id, boot_third_id, r9, 2 create_mapping_entry boot_third_id, r9, r9 /* - * Find the first slot used. If the slot is not XEN_FIRST_SLOT, - * then the 1:1 mapping will use its own set of page-tables from - * the second level. + * Find the first slot used. If the slot is not the same + * as XEN_TMP_FIRST_SLOT, then we will want to switch + * to the temporary mapping before jumping to the runtime + * virtual mapping. */ get_table_slot r1, r9, 1 /* r1 := first slot */ - cmp r1, #XEN_FIRST_SLOT - beq 1f - create_table_entry boot_pgtable, boot_second_id, r9, 1 - b link_from_second_id - -1: - /* - * Find the second slot used. If the slot is XEN_SECOND_SLOT, then the - * 1:1 mapping will use its own set of page-tables from the - * third level. - */ - get_table_slot r1, r9, 2 /* r1 := second slot */ - cmp r1, #XEN_SECOND_SLOT - beq virtphys_clash - create_table_entry boot_second, boot_third_id, r9, 2 - b link_from_third_id + cmp r1, #TEMPORARY_AREA_FIRST_SLOT + bne use_temporary_mapping -link_from_second_id: - create_table_entry boot_second_id, boot_third_id, r9, 2 -link_from_third_id: - /* Good news, we are not clashing with Xen virtual mapping */ + mov_w r0, XEN_VIRT_START + create_table_entry boot_pgtable, boot_second, r0, 1 mov r12, #0 /* r12 := temporary mapping not created */ mov pc, lr -virtphys_clash: +use_temporary_mapping: /* - * The identity map clashes with boot_third. Link boot_first_id and - * map Xen to a temporary mapping. See switch_to_runtime_mapping - * for more details. + * The identity mapping is not using the first slot + * TEMPORARY_AREA_FIRST_SLOT. Create a temporary mapping. + * See switch_to_runtime_mapping for more details. */ - PRINT("- Virt and Phys addresses clash -\r\n") PRINT("- Create temporary mapping -\r\n") - /* - * This will override the link to boot_second in XEN_FIRST_SLOT. - * The page-tables are not live yet. So no need to use - * break-before-make. - */ create_table_entry boot_pgtable, boot_second_id, r9, 1 create_table_entry boot_second_id, boot_third_id, r9, 2 @@ -677,33 +646,12 @@ remove_identity_mapping: /* r2:r3 := invalid page-table entry */ mov r2, #0x0 mov r3, #0x0 - /* - * Find the first slot used. Remove the entry for the first - * table if the slot is not XEN_FIRST_SLOT. - */ + /* Find the first slot used and remove it */ get_table_slot r1, r9, 1 /* r1 := first slot */ - cmp r1, #XEN_FIRST_SLOT - beq 1f - /* It is not in slot 0, remove the entry */ ldr r0, =boot_pgtable /* r0 := root table */ lsl r1, r1, #3 /* r1 := Slot offset */ strd r2, r3, [r0, r1] - b identity_mapping_removed - -1: - /* - * Find the second slot used. Remove the entry for the first - * table if the slot is not XEN_SECOND_SLOT. - */ - get_table_slot r1, r9, 2 /* r1 := second slot */ - cmp r1, #XEN_SECOND_SLOT - beq identity_mapping_removed - /* It is not in slot 1, remove the entry */ - ldr r0, =boot_second /* r0 := second table */ - lsl r1, r1, #3 /* r1 := Slot offset */ - strd r2, r3, [r0, r1] -identity_mapping_removed: flush_xen_tlb_local r0 mov pc, lr ENDPROC(remove_identity_mapping) From patchwork Sat Oct 22 15:04:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015979 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 6DCE7FA3741 for ; Sat, 22 Oct 2022 15:04:45 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428304.678362 (Exim 4.92) (envelope-from ) id 1omG3B-0006up-ML; Sat, 22 Oct 2022 15:04:37 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428304.678362; Sat, 22 Oct 2022 15:04:37 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3B-0006tk-F6; Sat, 22 Oct 2022 15:04:37 +0000 Received: by outflank-mailman (input) for mailman id 428304; Sat, 22 Oct 2022 15:04:36 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3A-0006nJ-HK for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:04:36 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3A-0005Fw-4X; Sat, 22 Oct 2022 15:04:36 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG39-00023n-St; Sat, 22 Oct 2022 15:04:36 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=8XRbJOwi2jcZkrnNl+I4D+X7AdFfSZzKWbgWtXj+qTs=; b=UKYz+4aJuQvus7mvCVGx9PT7rC AJ399U6sxnXab7b2gduyVC240QlG+h6PGvBK3OFy9ftrECkIS4dNxoBDKMQSRyS5UCgOobqiHaISe lP22AtQCYiz7v5vFXHlIvwvGdj69OFoz3G2LIeBxy3xzy7KUa9S6hEk8rwXvUM0Ems50=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 06/12] xen/arm: Enable use of dump_pt_walk() early during boot Date: Sat, 22 Oct 2022 16:04:16 +0100 Message-Id: <20221022150422.17707-7-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall At the moment, dump_pt_walk() is using map_domain_page() to map the page tables. map_domain_page() is only usuable after init_domheap_mappings() is called (arm32) or the xenheap has been initialized (arm64). This means it can be hard to diagnose incorrect page-tables during early boot. So update dump_pt_walk() to xen_{, un}map_table() instead. Note that the two helpers are moved earlier to avoid forward declaring them. Signed-off-by: Julien Grall --- xen/arch/arm/mm.c | 56 +++++++++++++++++++++++------------------------ 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index 726211c77917..306507d7bced 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -200,6 +200,30 @@ static void __init __maybe_unused build_assertions(void) #undef CHECK_DIFFERENT_SLOT } +static lpae_t *xen_map_table(mfn_t mfn) +{ + /* + * During early boot, map_domain_page() may be unusable. Use the + * PMAP to map temporarily a page-table. + */ + if ( system_state == SYS_STATE_early_boot ) + return pmap_map(mfn); + + return map_domain_page(mfn); +} + +static void xen_unmap_table(const lpae_t *table) +{ + /* + * During early boot, xen_map_table() will not use map_domain_page() + * but the PMAP. + */ + if ( system_state == SYS_STATE_early_boot ) + pmap_unmap(table); + else + unmap_domain_page(table); +} + void dump_pt_walk(paddr_t ttbr, paddr_t addr, unsigned int root_level, unsigned int nr_root_tables) @@ -239,7 +263,7 @@ void dump_pt_walk(paddr_t ttbr, paddr_t addr, else root_table = 0; - mapping = map_domain_page(mfn_add(root_mfn, root_table)); + mapping = xen_map_table(mfn_add(root_mfn, root_table)); for ( level = root_level; ; level++ ) { @@ -255,11 +279,11 @@ void dump_pt_walk(paddr_t ttbr, paddr_t addr, break; /* For next iteration */ - unmap_domain_page(mapping); - mapping = map_domain_page(lpae_get_mfn(pte)); + xen_unmap_table(mapping); + mapping = xen_map_table(lpae_get_mfn(pte)); } - unmap_domain_page(mapping); + xen_unmap_table(mapping); } void dump_hyp_walk(vaddr_t addr) @@ -722,30 +746,6 @@ void *ioremap(paddr_t pa, size_t len) return ioremap_attr(pa, len, PAGE_HYPERVISOR_NOCACHE); } -static lpae_t *xen_map_table(mfn_t mfn) -{ - /* - * During early boot, map_domain_page() may be unusable. Use the - * PMAP to map temporarily a page-table. - */ - if ( system_state == SYS_STATE_early_boot ) - return pmap_map(mfn); - - return map_domain_page(mfn); -} - -static void xen_unmap_table(const lpae_t *table) -{ - /* - * During early boot, xen_map_table() will not use map_domain_page() - * but the PMAP. - */ - if ( system_state == SYS_STATE_early_boot ) - pmap_unmap(table); - else - unmap_domain_page(table); -} - static int create_xen_table(lpae_t *entry) { mfn_t mfn; From patchwork Sat Oct 22 15:04:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015982 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0C4F0C433FE for ; Sat, 22 Oct 2022 15:04:48 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428305.678377 (Exim 4.92) (envelope-from ) id 1omG3D-0007M6-7S; Sat, 22 Oct 2022 15:04:39 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428305.678377; Sat, 22 Oct 2022 15:04:39 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3D-0007Je-1d; Sat, 22 Oct 2022 15:04:39 +0000 Received: by outflank-mailman (input) for mailman id 428305; Sat, 22 Oct 2022 15:04:37 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3B-0006xc-OL for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:04:37 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3B-0005GJ-Fz; Sat, 22 Oct 2022 15:04:37 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG3B-00023n-86; Sat, 22 Oct 2022 15:04:37 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=0MRxjTuvfQiTLB/kIf7fSXALDQ1KnZVYj+vhcIohuOE=; b=rM7ghcJUdNowXvTueGCjJqyj5+ v9zPM4JYS0HUsH19D3efvdwXml/y22vUt55Do6WG0EzL0wG6/3so5RvFCbP5MaJUFD7+oBkWYVCG7 dVzCziZM8CsuOO2ZHBFUfNksBMY98pVi6X+FsyLialsEKeGspq8RUgd7pa/N/VQmkZY8=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 07/12] xen/arm64: Rework the memory layout Date: Sat, 22 Oct 2022 16:04:17 +0100 Message-Id: <20221022150422.17707-8-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall Xen is currently not fully compliant with the Arm Arm because it will switch the TTBR with the MMU on. In order to be compliant, we need to disable the MMU before switching the TTBR. The implication is the page-tables should contain an identity mapping of the code switching the TTBR. In most of the case we expect Xen to be loaded in low memory. I am aware of one platform (i.e AMD Seattle) where the memory start above 512GB. To give us some slack, consider that Xen may be loaded in the first 2TB of the physical address space. The memory layout is reshuffled to keep the first two slots of the zeroeth level free. Xen will now be loaded at (2TB + 2MB). This requires a slight tweak of the boot code because XEN_VIRT_START cannot be used as an immediate. This reshuffle will make trivial to create a 1:1 mapping when Xen is loaded below 2TB. Signed-off-by: Julien Grall ---- Changes in v2: - Reword the commit message - Load Xen at 2TB + 2MB - Update the documentation to reflect the new layout --- xen/arch/arm/arm64/head.S | 3 ++- xen/arch/arm/include/asm/config.h | 34 +++++++++++++++++++++---------- xen/arch/arm/mm.c | 11 +++++----- 3 files changed, 31 insertions(+), 17 deletions(-) diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index ad014716db6f..23c2c7491db2 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -607,7 +607,8 @@ create_page_tables: * need an additional 1:1 mapping, the virtual mapping will * suffice. */ - cmp x19, #XEN_VIRT_START + ldr x0, =XEN_VIRT_START + cmp x19, x0 bne 1f ret 1: diff --git a/xen/arch/arm/include/asm/config.h b/xen/arch/arm/include/asm/config.h index f381c471f67a..0ed9a0505080 100644 --- a/xen/arch/arm/include/asm/config.h +++ b/xen/arch/arm/include/asm/config.h @@ -72,15 +72,12 @@ #include /* - * Common ARM32 and ARM64 layout: + * ARM32 layout: * 0 - 2M Unmapped * 2M - 4M Xen text, data, bss * 4M - 6M Fixmap: special-purpose 4K mapping slots * 6M - 10M Early boot mapping of FDT - * 10M - 12M Livepatch vmap (if compiled in) - * - * ARM32 layout: - * 0 - 12M + * 10M - 12M Livepatch vmap (if compiled in) * * 32M - 128M Frametable: 24 bytes per page for 16GB of RAM * 256M - 1G VMAP: ioremap and early_ioremap use this virtual address @@ -90,8 +87,17 @@ * 2G - 4G Domheap: on-demand-mapped * * ARM64 layout: - * 0x0000000000000000 - 0x0000007fffffffff (512GB, L0 slot [0]) - * 0 - 12M + * 0x0000000000000000 - 0x00001fffffffffff (2TB, L0 slots [0..1]) + * + * Reserved to identity map Xen + * + * 0x0000020000000000 - 0x000028fffffffff (512TB, L0 slot [2] + * (Relative offsets) + * 0 - 2M Unmapped + * 2M - 4M Xen text, data, bss + * 4M - 6M Fixmap: special-purpose 4K mapping slots + * 6M - 10M Early boot mapping of FDT + * 10M - 12M Livepatch vmap (if compiled in) * * 1G - 2G VMAP: ioremap and early_ioremap * @@ -107,7 +113,17 @@ * Unused */ +#ifdef CONFIG_ARM_32 #define XEN_VIRT_START _AT(vaddr_t, MB(2)) +#else + +#define SLOT0_ENTRY_BITS 39 +#define SLOT0(slot) (_AT(vaddr_t,slot) << SLOT0_ENTRY_BITS) +#define SLOT0_ENTRY_SIZE SLOT0(1) + +#define XEN_VIRT_START (SLOT0(2) + _AT(vaddr_t, MB(2))) +#endif + #define XEN_VIRT_SIZE _AT(vaddr_t, MB(2)) #define FIXMAP_VIRT_START (XEN_VIRT_START + XEN_VIRT_SIZE) @@ -164,10 +180,6 @@ #else /* ARM_64 */ -#define SLOT0_ENTRY_BITS 39 -#define SLOT0(slot) (_AT(vaddr_t,slot) << SLOT0_ENTRY_BITS) -#define SLOT0_ENTRY_SIZE SLOT0(1) - #define VMAP_VIRT_START GB(1) #define VMAP_VIRT_SIZE GB(1) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index 306507d7bced..2c6648a0dfe5 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -162,7 +162,7 @@ static void __init __maybe_unused build_assertions(void) #endif /* Page table structure constraints */ #ifdef CONFIG_ARM_64 - BUILD_BUG_ON(zeroeth_table_offset(XEN_VIRT_START)); + BUILD_BUG_ON(zeroeth_table_offset(XEN_VIRT_START) < 2); #endif BUILD_BUG_ON(first_table_offset(XEN_VIRT_START)); #ifdef CONFIG_ARCH_MAP_DOMAIN_PAGE @@ -507,10 +507,11 @@ void __init setup_pagetables(unsigned long boot_phys_offset) phys_offset = boot_phys_offset; #ifdef CONFIG_ARM_64 - p = (void *) xen_pgtable; - p[0] = pte_of_xenaddr((uintptr_t)xen_first); - p[0].pt.table = 1; - p[0].pt.xn = 0; + pte = pte_of_xenaddr((uintptr_t)xen_first); + pte.pt.table = 1; + pte.pt.xn = 0; + xen_pgtable[zeroeth_table_offset(XEN_VIRT_START)] = pte; + p = (void *) xen_first; #else p = (void *) cpu0_pgtable; From patchwork Sat Oct 22 15:04:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015983 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id A516AECDFA1 for ; Sat, 22 Oct 2022 15:04:49 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428306.678389 (Exim 4.92) (envelope-from ) id 1omG3F-0007lE-MG; Sat, 22 Oct 2022 15:04:41 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428306.678389; Sat, 22 Oct 2022 15:04:41 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3F-0007kr-H0; Sat, 22 Oct 2022 15:04:41 +0000 Received: by outflank-mailman (input) for mailman id 428306; Sat, 22 Oct 2022 15:04:39 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3D-0007LY-2Q for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:04:39 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3C-0005Gl-SC; Sat, 22 Oct 2022 15:04:38 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG3C-00023n-JX; Sat, 22 Oct 2022 15:04:38 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=FEIsx7P9nZwfhR6xy4wYJJIBI7buDF20ZIDRCCQ1MYk=; b=EatH+9nm1S1uIelLBdQIeXVRJ4 f7zaA7/xk+M+MQOR98qi1v9Byaqm9xw9K6k9LO6I9xEo6tKATcjm72OvAattDy2JmT5O8L2hBxhuO 03Ik17exSeiPixty5vcnvXHtjceMVANEz/C8/XUsokoQJpR2K+ylKzUyTq/3ROnoaXzQ=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 08/12] xen/arm: mm: Allow xen_pt_update() to work with the current root table Date: Sat, 22 Oct 2022 16:04:18 +0100 Message-Id: <20221022150422.17707-9-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall At the moment, xen_pt_update() will only work on the runtime page tables. In follow-up patches, we will also want to use the helper to update the boot page tables. All the existing callers of xen_pt_update() expects to modify the current page-tables. Therefore, we can read the root physical address directly from TTBR0_EL2. Signed-off-by: Julien Grall ---- Changes in v2: - Patch added --- xen/arch/arm/mm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index 2c6648a0dfe5..a3f604e0e2d1 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -1123,7 +1123,7 @@ static int xen_pt_update(unsigned long virt, * * XXX: Add a check. */ - const mfn_t root = virt_to_mfn(THIS_CPU_PGTABLE); + const mfn_t root = maddr_to_mfn(READ_SYSREG64(TTBR0_EL2)); /* * The hardware was configured to forbid mapping both writeable and From patchwork Sat Oct 22 15:04:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015984 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 0A380C04A95 for ; Sat, 22 Oct 2022 15:04:51 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428307.678394 (Exim 4.92) (envelope-from ) id 1omG3G-0007qe-5i; Sat, 22 Oct 2022 15:04:42 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428307.678394; Sat, 22 Oct 2022 15:04:42 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3F-0007oo-VC; Sat, 22 Oct 2022 15:04:41 +0000 Received: by outflank-mailman (input) for mailman id 428307; Sat, 22 Oct 2022 15:04:40 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3E-0007gb-Il for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:04:40 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omG3E-0005H7-6c; Sat, 22 Oct 2022 15:04:40 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG3D-00023n-V0; Sat, 22 Oct 2022 15:04:40 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=cCCPY4hyDMzYl29pMvx1V2vjkyKfUtThF9ZI50ioPPg=; b=2pDcZnOEQPUMqLTt7QRQS/Nzb4 FG+xo4CXu/YaYcqdqOJyQARfqf4t2VknXwgLGAdda97ep0goRCcdPJ8I0/StIPPr8jGik/gnzvYuA KfZ9q2xaX03idxcOfUoWiR5FeYCm5sueOlI1wdwwXlnsXtnI2MgcZCYS3EZRZ2g8eY4k=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 09/12] xen/arm: mm: Allow dump_hyp_walk() to work on the current root table Date: Sat, 22 Oct 2022 16:04:19 +0100 Message-Id: <20221022150422.17707-10-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall dump_hyp_walk() is used to print the tables walk in case of the data or instruction abort. Those abort are not limited to the runtime and could happen at early boot. However, the current implementation of dump_hyp_walk() check that the TTBR matches the runtime page tables. Therefore, early abort will result to a secondary abort and not print the table walks. Given that the function is called in the abort path, there is no reason for us to keep the BUG_ON() in any form. So drop it. Signed-off-by: Julien Grall ---- Changes in v2: - Patch added --- xen/arch/arm/mm.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index a3f604e0e2d1..865780695421 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -289,13 +289,11 @@ void dump_pt_walk(paddr_t ttbr, paddr_t addr, void dump_hyp_walk(vaddr_t addr) { uint64_t ttbr = READ_SYSREG64(TTBR0_EL2); - lpae_t *pgtable = THIS_CPU_PGTABLE; printk("Walking Hypervisor VA 0x%"PRIvaddr" " "on CPU%d via TTBR 0x%016"PRIx64"\n", addr, smp_processor_id(), ttbr); - BUG_ON( virt_to_maddr(pgtable) != ttbr ); dump_pt_walk(ttbr, addr, HYP_PT_ROOT_LEVEL, 1); } From patchwork Sat Oct 22 15:04:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015991 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 972C1FA3749 for ; Sat, 22 Oct 2022 15:19:07 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428372.678432 (Exim 4.92) (envelope-from ) id 1omGH2-0004c9-9n; Sat, 22 Oct 2022 15:18:56 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428372.678432; Sat, 22 Oct 2022 15:18:56 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omGH2-0004Z5-57; Sat, 22 Oct 2022 15:18:56 +0000 Received: by outflank-mailman (input) for mailman id 428372; Sat, 22 Oct 2022 15:18:55 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omGH1-0004T0-EP for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:18:55 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omGH1-0005Z7-11; Sat, 22 Oct 2022 15:18:55 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG3F-00023n-AF; Sat, 22 Oct 2022 15:04:41 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=HJNHIwwoqIJiLFkEWC04rmEHTG3YbKX/QqL6kPV2MOA=; b=wzBrGdZs8bcUtG57E0Cdqy9afo 7x/3ytySeQc7sgoDb/oz0UZ6gdPrhuEJKrlPX0RkwVGxIapW6JZDlBrKOsqnHJiQvNu8LXFIx7PzO pOtx7DJX1SYParnFnNdFUacq+eB+XZuoRv1kyvSZKoiURQTG55IhyMnH2gANj8r5offE=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 10/12] xen/arm64: mm: Introduce helpers to prepare/enable/disable the identity mapping Date: Sat, 22 Oct 2022 16:04:20 +0100 Message-Id: <20221022150422.17707-11-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall In follow-up patches we will need to have part of Xen identity mapped in order to safely switch the TTBR. On some platform, the identity mapping may have to start at 0. If we always keep the identity region mapped, NULL pointer dereference would lead to access to valid mapping. It would be possible to relocate Xen to avoid clashing with address 0. However the identity mapping is only meant to be used in very limited places. Therefore it would be better to keep the identity region invalid for most of the time. Two new external helpers are introduced: - arch_setup_page_tables() will setup the page-tables so it is easy to create the mapping afterwards. - update_identity_mapping() will create/remove the identity mapping Signed-off-by: Julien Grall ---- Changes in v2: - Remove the arm32 part - Use a different logic for the boot page tables and runtime one because Xen may be running in a different place. --- xen/arch/arm/arm64/Makefile | 1 + xen/arch/arm/arm64/mm.c | 121 ++++++++++++++++++++++++++++ xen/arch/arm/include/asm/arm32/mm.h | 4 + xen/arch/arm/include/asm/arm64/mm.h | 12 +++ xen/arch/arm/include/asm/setup.h | 11 +++ xen/arch/arm/mm.c | 6 +- 6 files changed, 153 insertions(+), 2 deletions(-) create mode 100644 xen/arch/arm/arm64/mm.c diff --git a/xen/arch/arm/arm64/Makefile b/xen/arch/arm/arm64/Makefile index 6d507da0d44d..28481393e98f 100644 --- a/xen/arch/arm/arm64/Makefile +++ b/xen/arch/arm/arm64/Makefile @@ -10,6 +10,7 @@ obj-y += entry.o obj-y += head.o obj-y += insn.o obj-$(CONFIG_LIVEPATCH) += livepatch.o +obj-y += mm.o obj-y += smc.o obj-y += smpboot.o obj-y += traps.o diff --git a/xen/arch/arm/arm64/mm.c b/xen/arch/arm/arm64/mm.c new file mode 100644 index 000000000000..9eaf545ea9dd --- /dev/null +++ b/xen/arch/arm/arm64/mm.c @@ -0,0 +1,121 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +#include +#include + +#include + +/* Override macros from asm/page.h to make them work with mfn_t */ +#undef virt_to_mfn +#define virt_to_mfn(va) _mfn(__virt_to_mfn(va)) + +static DEFINE_PAGE_TABLE(xen_first_id); +static DEFINE_PAGE_TABLE(xen_second_id); +static DEFINE_PAGE_TABLE(xen_third_id); + +/* + * The identity mapping may start at physical address 0. So we don't want + * to keep it mapped longer than necessary. + * + * When this is called, we are still using the boot_pgtable. + * + * We need to prepare the identity mapping for both the boot page tables + * and runtime page tables. + * + * The logic to create the entry is slightly different because Xen may + * be running at a different location at runtime. + */ +static void __init prepare_boot_identity_mapping(void) +{ + paddr_t id_addr = virt_to_maddr(_start); + lpae_t pte; + DECLARE_OFFSETS(id_offsets, id_addr); + + if ( id_offsets[0] != 0 ) + panic("Cannot handled ID mapping above 512GB\n"); + + /* Link first ID table */ + pte = mfn_to_xen_entry(virt_to_mfn(boot_first_id), MT_NORMAL); + pte.pt.table = 1; + pte.pt.xn = 0; + + write_pte(&boot_pgtable[id_offsets[0]], pte); + + /* Link second ID table */ + pte = mfn_to_xen_entry(virt_to_mfn(boot_second_id), MT_NORMAL); + pte.pt.table = 1; + pte.pt.xn = 0; + + write_pte(&boot_first_id[id_offsets[1]], pte); + + /* Link third ID table */ + pte = mfn_to_xen_entry(virt_to_mfn(boot_third_id), MT_NORMAL); + pte.pt.table = 1; + pte.pt.xn = 0; + + write_pte(&boot_second_id[id_offsets[2]], pte); + + /* The mapping in the third table will be created at a later stage */ +} + +static void __init prepare_runtime_identity_mapping(void) +{ + paddr_t id_addr = virt_to_maddr(_start); + lpae_t pte; + DECLARE_OFFSETS(id_offsets, id_addr); + + if ( id_offsets[0] != 0 ) + panic("Cannot handled ID mapping above 512GB\n"); + + /* Link first ID table */ + pte = pte_of_xenaddr((vaddr_t)xen_first_id); + pte.pt.table = 1; + pte.pt.xn = 0; + + write_pte(&xen_pgtable[id_offsets[0]], pte); + + /* Link second ID table */ + pte = pte_of_xenaddr((vaddr_t)xen_second_id); + pte.pt.table = 1; + pte.pt.xn = 0; + + write_pte(&xen_first_id[id_offsets[1]], pte); + + /* Link third ID table */ + pte = pte_of_xenaddr((vaddr_t)xen_third_id); + pte.pt.table = 1; + pte.pt.xn = 0; + + write_pte(&xen_second_id[id_offsets[2]], pte); + + /* The mapping in the third table will be created at a later stage */ +} + +void __init arch_setup_page_tables(void) +{ + prepare_boot_identity_mapping(); + prepare_runtime_identity_mapping(); +} + +void update_identity_mapping(bool enable) +{ + paddr_t id_addr = virt_to_maddr(_start); + int rc; + + if ( enable ) + rc = map_pages_to_xen(id_addr, maddr_to_mfn(id_addr), 1, + PAGE_HYPERVISOR_RX); + else + rc = destroy_xen_mappings(id_addr, id_addr + PAGE_SIZE); + + BUG_ON(rc); +} + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ diff --git a/xen/arch/arm/include/asm/arm32/mm.h b/xen/arch/arm/include/asm/arm32/mm.h index 8bfc906e7178..856f2dbec4ad 100644 --- a/xen/arch/arm/include/asm/arm32/mm.h +++ b/xen/arch/arm/include/asm/arm32/mm.h @@ -18,6 +18,10 @@ static inline bool arch_mfns_in_directmap(unsigned long mfn, unsigned long nr) bool init_domheap_mappings(unsigned int cpu); +static inline void arch_setup_page_tables(void) +{ +} + #endif /* __ARM_ARM32_MM_H__ */ /* diff --git a/xen/arch/arm/include/asm/arm64/mm.h b/xen/arch/arm/include/asm/arm64/mm.h index aa2adac63189..807d3b2321fd 100644 --- a/xen/arch/arm/include/asm/arm64/mm.h +++ b/xen/arch/arm/include/asm/arm64/mm.h @@ -1,6 +1,8 @@ #ifndef __ARM_ARM64_MM_H__ #define __ARM_ARM64_MM_H__ +extern DEFINE_PAGE_TABLE(xen_pgtable); + /* * On ARM64, all the RAM is currently direct mapped in Xen. * Hence return always true. @@ -10,6 +12,16 @@ static inline bool arch_mfns_in_directmap(unsigned long mfn, unsigned long nr) return true; } +void arch_setup_page_tables(void); + +/* + * Enable/disable the identity mapping + * + * Note that nested a call (e.g. enable=true, enable=true) is not + * supported. + */ +void update_identity_mapping(bool enable); + #endif /* __ARM_ARM64_MM_H__ */ /* diff --git a/xen/arch/arm/include/asm/setup.h b/xen/arch/arm/include/asm/setup.h index fdbf68aadcaa..e7a80fecec14 100644 --- a/xen/arch/arm/include/asm/setup.h +++ b/xen/arch/arm/include/asm/setup.h @@ -168,6 +168,17 @@ int map_range_to_domain(const struct dt_device_node *dev, extern const char __ro_after_init_start[], __ro_after_init_end[]; +extern DEFINE_BOOT_PAGE_TABLE(boot_pgtable); + +#ifdef CONFIG_ARM_64 +extern DEFINE_BOOT_PAGE_TABLE(boot_first_id); +#endif +extern DEFINE_BOOT_PAGE_TABLE(boot_second_id); +extern DEFINE_BOOT_PAGE_TABLE(boot_third_id); + +/* Find where Xen will be residing at runtime and return an PT entry */ +lpae_t pte_of_xenaddr(vaddr_t); + #endif /* * Local variables: diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index 865780695421..824beed3976a 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -102,7 +102,7 @@ DEFINE_BOOT_PAGE_TABLE(boot_third); #ifdef CONFIG_ARM_64 #define HYP_PT_ROOT_LEVEL 0 -static DEFINE_PAGE_TABLE(xen_pgtable); +DEFINE_PAGE_TABLE(xen_pgtable); static DEFINE_PAGE_TABLE(xen_first); #define THIS_CPU_PGTABLE xen_pgtable #else @@ -397,7 +397,7 @@ void flush_page_to_ram(unsigned long mfn, bool sync_icache) invalidate_icache(); } -static inline lpae_t pte_of_xenaddr(vaddr_t va) +lpae_t pte_of_xenaddr(vaddr_t va) { paddr_t ma = va + phys_offset; @@ -504,6 +504,8 @@ void __init setup_pagetables(unsigned long boot_phys_offset) phys_offset = boot_phys_offset; + arch_setup_page_tables(); + #ifdef CONFIG_ARM_64 pte = pte_of_xenaddr((uintptr_t)xen_first); pte.pt.table = 1; From patchwork Sat Oct 22 15:04:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015989 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7CF49FA3743 for ; Sat, 22 Oct 2022 15:19:06 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428371.678428 (Exim 4.92) (envelope-from ) id 1omGH2-0004WW-39; Sat, 22 Oct 2022 15:18:56 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428371.678428; Sat, 22 Oct 2022 15:18:56 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omGH1-0004Vc-S5; Sat, 22 Oct 2022 15:18:55 +0000 Received: by outflank-mailman (input) for mailman id 428371; Sat, 22 Oct 2022 15:18:55 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omGH1-0004Sv-BE for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:18:55 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omGH1-0005Z9-30; Sat, 22 Oct 2022 15:18:55 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG3G-00023n-M1; Sat, 22 Oct 2022 15:04:42 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=jHNNhi8K1ZRzIp2kHxExqhjCOVBUp7E2y4GDHMRrZwQ=; b=EAbp/YI5s2LGMs7xfqiFSCEvfr +omSA5S+O0xZRnjjbM4ArjDe7nwmI4qk3uVjEx8BXEjMeGAsFGLKWIYNp8V4LjQqFfqlbgkVzvZXr 2fmI9hktvGrSC0L1uyKfQhOxBW4rdMD/TFhQ1zEvfY5iBog66j7JBeGBQ3sK+NE1iWxY=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 11/12] xen/arm64: mm: Rework switch_ttbr() Date: Sat, 22 Oct 2022 16:04:21 +0100 Message-Id: <20221022150422.17707-12-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall At the moment, switch_ttbr() is switching the TTBR whilst the MMU is still on. Switching TTBR is like replacing existing mappings with new ones. So we need to follow the break-before-make sequence. In this case, it means the MMU needs to be switched off while the TTBR is updated. In order to disable the MMU, we need to first jump to an identity mapping. Rename switch_ttbr() to switch_ttbr_id() and create an helper on top to temporary map the identity mapping and call switch_ttbr() via the identity address. switch_ttbr_id() is now reworked to temporarily turn off the MMU before updating the TTBR. We also need to make sure the helper switch_ttbr() is part of the identity mapping. So move _end_boot past it. The arm32 code will use a different approach. So this issue is for now only resolved on arm64. Signed-off-by: Julien Grall ---- Changes in v2: - Remove the arm32 changes. This will be addressed differently - Re-instate the instruct cache flush. This is not strictly necessary but kept it for safety. - Use "dsb ish" rather than "dsb sy". TODO: * Handle the case where the runtime Xen is loaded at a different position. * Rename _end_boot to _end_id_mapping or similar --- xen/arch/arm/arm64/head.S | 54 +++++++++++++++++++++++------------ xen/arch/arm/arm64/mm.c | 39 +++++++++++++++++++++++++ xen/arch/arm/include/asm/mm.h | 2 ++ xen/arch/arm/mm.c | 14 +++++---- 4 files changed, 84 insertions(+), 25 deletions(-) diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index 23c2c7491db2..223cc7631d3b 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -812,36 +812,52 @@ fail: PRINT("- Boot failed -\r\n") b 1b ENDPROC(fail) -GLOBAL(_end_boot) - /* * Switch TTBR * * x0 ttbr - * - * TODO: This code does not comply with break-before-make. */ -ENTRY(switch_ttbr) - dsb sy /* Ensure the flushes happen before - * continuing */ - isb /* Ensure synchronization with previous - * changes to text */ - tlbi alle2 /* Flush hypervisor TLB */ - ic iallu /* Flush I-cache */ - dsb sy /* Ensure completion of TLB flush */ +ENTRY(switch_ttbr_id) + /* 1) Ensure any previous read/write have completed */ + dsb ish + isb + + /* 2) Turn off MMU */ + mrs x1, SCTLR_EL2 + bic x1, x1, #SCTLR_Axx_ELx_M + msr SCTLR_EL2, x1 + isb + + /* + * 3) Flush the TLBs. + * See asm/arm64/flushtlb.h for the explanation of the sequence. + */ + dsb nshst + tlbi alle2 + dsb nsh + isb + + /* 4) Update the TTBR */ + msr TTBR0_EL2, x0 isb - msr TTBR0_EL2, x0 + /* + * 5) Flush I-cache + * This should not be necessary but it is kept for safety. + */ + ic iallu + isb - isb /* Ensure synchronization with previous - * changes to text */ - tlbi alle2 /* Flush hypervisor TLB */ - ic iallu /* Flush I-cache */ - dsb sy /* Ensure completion of TLB flush */ + /* 5) Turn on the MMU */ + mrs x1, SCTLR_EL2 + orr x1, x1, #SCTLR_Axx_ELx_M /* Enable MMU */ + msr SCTLR_EL2, x1 isb ret -ENDPROC(switch_ttbr) +ENDPROC(switch_ttbr_id) + +GLOBAL(_end_boot) #ifdef CONFIG_EARLY_PRINTK /* diff --git a/xen/arch/arm/arm64/mm.c b/xen/arch/arm/arm64/mm.c index 9eaf545ea9dd..2ede4e75ae33 100644 --- a/xen/arch/arm/arm64/mm.c +++ b/xen/arch/arm/arm64/mm.c @@ -31,6 +31,15 @@ static void __init prepare_boot_identity_mapping(void) lpae_t pte; DECLARE_OFFSETS(id_offsets, id_addr); + /* + * We will be re-using the boot ID tables. They may not have been + * zeroed but they should be unlinked. So it is fine to use + * clear_page(). + */ + clear_page(boot_first_id); + clear_page(boot_second_id); + clear_page(boot_third_id); + if ( id_offsets[0] != 0 ) panic("Cannot handled ID mapping above 512GB\n"); @@ -111,6 +120,36 @@ void update_identity_mapping(bool enable) BUG_ON(rc); } +extern void switch_ttbr_id(uint64_t ttbr); + +typedef void (switch_ttbr_fn)(uint64_t ttbr); + +void __init switch_ttbr(uint64_t ttbr) +{ + vaddr_t id_addr = virt_to_maddr(switch_ttbr_id); + switch_ttbr_fn *fn = (switch_ttbr_fn *)id_addr; + lpae_t pte; + + /* Enable the identity mapping in the boot page tables */ + update_identity_mapping(true); + /* Enable the identity mapping in the runtime page tables */ + pte = pte_of_xenaddr((vaddr_t)switch_ttbr_id); + pte.pt.table = 1; + pte.pt.xn = 0; + pte.pt.ro = 1; + write_pte(&xen_third_id[third_table_offset(id_addr)], pte); + + /* Switch TTBR */ + fn(ttbr); + + /* + * Disable the identity mapping in the runtime page tables. + * Note it is not necessary to disable it in the boot page tables + * because they are not going to be used by this CPU anymore. + */ + update_identity_mapping(false); +} + /* * Local variables: * mode: C diff --git a/xen/arch/arm/include/asm/mm.h b/xen/arch/arm/include/asm/mm.h index 68adcac9fa8d..bff6923f3ea9 100644 --- a/xen/arch/arm/include/asm/mm.h +++ b/xen/arch/arm/include/asm/mm.h @@ -196,6 +196,8 @@ extern unsigned long total_pages; extern void setup_pagetables(unsigned long boot_phys_offset); /* Map FDT in boot pagetable */ extern void *early_fdt_map(paddr_t fdt_paddr); +/* Switch to a new root page-tables */ +extern void switch_ttbr(uint64_t ttbr); /* Remove early mappings */ extern void remove_early_mappings(void); /* Allocate and initialise pagetables for a secondary CPU. Sets init_ttbr to the diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index 824beed3976a..defc54a19907 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -485,8 +485,6 @@ static void xen_pt_enforce_wnx(void) flush_xen_tlb_local(); } -extern void switch_ttbr(uint64_t ttbr); - /* Clear a translation table and clean & invalidate the cache */ static void clear_table(void *table) { @@ -559,13 +557,17 @@ void __init setup_pagetables(unsigned long boot_phys_offset) ttbr = (uintptr_t) cpu0_pgtable + phys_offset; #endif - switch_ttbr(ttbr); - - xen_pt_enforce_wnx(); - + /* + * This needs to be setup first so switch_ttbr() can enable the + * identity mapping. + */ #ifdef CONFIG_ARM_32 per_cpu(xen_pgtable, 0) = cpu0_pgtable; #endif + + switch_ttbr(ttbr); + + xen_pt_enforce_wnx(); } static void clear_boot_pagetables(void) From patchwork Sat Oct 22 15:04:22 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 13015990 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B62A4FA3747 for ; Sat, 22 Oct 2022 15:19:06 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.428370.678421 (Exim 4.92) (envelope-from ) id 1omGH1-0004TF-O7; Sat, 22 Oct 2022 15:18:55 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 428370.678421; Sat, 22 Oct 2022 15:18:55 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omGH1-0004T8-LI; Sat, 22 Oct 2022 15:18:55 +0000 Received: by outflank-mailman (input) for mailman id 428370; Sat, 22 Oct 2022 15:18:55 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omGH1-0004Sq-9R for xen-devel@lists.xenproject.org; Sat, 22 Oct 2022 15:18:55 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1omGH0-0005Z5-TT; Sat, 22 Oct 2022 15:18:54 +0000 Received: from 54-240-197-224.amazon.com ([54.240.197.224] helo=dev-dsk-jgrall-1b-035652ec.eu-west-1.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1omG3I-00023n-1G; Sat, 22 Oct 2022 15:04:44 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=QrKVoHX4qf0LlBAWONoW3KGm6ybNg9XRNoyqYYBQsCU=; b=yeT5y7CLP3XFkDni1Tr9DIuf6D qm91moVcg3R/j7l+jg7D6etvgIhU8U5cBv6Wb9JhEmFmkfc73yAbs1nFEDqm1OvHkkwd6Ji1zs5NP EeT7VFaoSy5eU0hMQDzCXJtgXRoPDHKtCjWurCMwa1io1yPQOb/c//MCfirq07hfpksk=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: marco.solieri@minervasys.tech, lucmiccio@gmail.com, carlo.nonato@minervasys.tech, Julien Grall , Stefano Stabellini , Julien Grall , Bertrand Marquis , Volodymyr Babchuk Subject: [RFC v2 12/12] xen/arm64: smpboot: Directly switch to the runtime page-tables Date: Sat, 22 Oct 2022 16:04:22 +0100 Message-Id: <20221022150422.17707-13-julien@xen.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20221022150422.17707-1-julien@xen.org> References: <20221022150422.17707-1-julien@xen.org> MIME-Version: 1.0 From: Julien Grall Switching TTBR while the MMU is on is not safe. Now that the identity mapping will not clash with the rest of the memory layout, we can avoid creating temporary page-tables every time a CPU is brought up. The arm32 code will use a different approach. So this issue is for now only resolved on arm64. Signed-off-by: Julien Grall ---- Changes in v2: - Remove arm32 code --- xen/arch/arm/arm32/smpboot.c | 4 ++++ xen/arch/arm/arm64/head.S | 29 +++++++++-------------------- xen/arch/arm/arm64/smpboot.c | 15 ++++++++++++++- xen/arch/arm/include/asm/smp.h | 1 + xen/arch/arm/smpboot.c | 1 + 5 files changed, 29 insertions(+), 21 deletions(-) diff --git a/xen/arch/arm/arm32/smpboot.c b/xen/arch/arm/arm32/smpboot.c index e7368665d50d..518e9f9c7e70 100644 --- a/xen/arch/arm/arm32/smpboot.c +++ b/xen/arch/arm/arm32/smpboot.c @@ -21,6 +21,10 @@ int arch_cpu_up(int cpu) return platform_cpu_up(cpu); } +void arch_cpu_up_finish(void) +{ +} + /* * Local variables: * mode: C diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index 223cc7631d3b..8765a1570839 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -308,6 +308,7 @@ real_start_efi: bl check_cpu_mode bl cpu_init bl create_page_tables + load_paddr x0, boot_pgtable bl enable_mmu /* We are still in the 1:1 mapping. Jump to the runtime Virtual Address. */ @@ -365,29 +366,14 @@ GLOBAL(init_secondary) #endif bl check_cpu_mode bl cpu_init - bl create_page_tables + load_paddr x0, init_ttbr + ldr x0, [x0] bl enable_mmu /* We are still in the 1:1 mapping. Jump to the runtime Virtual Address. */ ldr x0, =secondary_switched br x0 secondary_switched: - /* - * Non-boot CPUs need to move on to the proper pagetables, which were - * setup in init_secondary_pagetables. - * - * XXX: This is not compliant with the Arm Arm. - */ - ldr x4, =init_ttbr /* VA of TTBR0_EL2 stashed by CPU 0 */ - ldr x4, [x4] /* Actual value */ - dsb sy - msr TTBR0_EL2, x4 - dsb sy - isb - tlbi alle2 - dsb sy /* Ensure completion of TLB flush */ - isb - #ifdef CONFIG_EARLY_PRINTK /* Use a virtual address to access the UART. */ ldr x23, =EARLY_UART_VIRTUAL_ADDRESS @@ -672,9 +658,13 @@ ENDPROC(create_page_tables) * mapping. In other word, the caller is responsible to switch to the runtime * mapping. * - * Clobbers x0 - x3 + * Inputs: + * x0 : Physical address of the page tables. + * + * Clobbers x0 - x4 */ enable_mmu: + mov x4, x0 PRINT("- Turning on paging -\r\n") /* @@ -685,8 +675,7 @@ enable_mmu: dsb nsh /* Write Xen's PT's paddr into TTBR0_EL2 */ - load_paddr x0, boot_pgtable - msr TTBR0_EL2, x0 + msr TTBR0_EL2, x4 isb mrs x0, SCTLR_EL2 diff --git a/xen/arch/arm/arm64/smpboot.c b/xen/arch/arm/arm64/smpboot.c index 694fbf67e62a..9637f424699e 100644 --- a/xen/arch/arm/arm64/smpboot.c +++ b/xen/arch/arm/arm64/smpboot.c @@ -106,10 +106,23 @@ int __init arch_cpu_init(int cpu, struct dt_device_node *dn) int arch_cpu_up(int cpu) { + int rc; + if ( !smp_enable_ops[cpu].prepare_cpu ) return -ENODEV; - return smp_enable_ops[cpu].prepare_cpu(cpu); + update_identity_mapping(true); + + rc = smp_enable_ops[cpu].prepare_cpu(cpu); + if ( rc ) + update_identity_mapping(false); + + return rc; +} + +void arch_cpu_up_finish(void) +{ + update_identity_mapping(false); } /* diff --git a/xen/arch/arm/include/asm/smp.h b/xen/arch/arm/include/asm/smp.h index 8133d5c29572..a37ca55bff2c 100644 --- a/xen/arch/arm/include/asm/smp.h +++ b/xen/arch/arm/include/asm/smp.h @@ -25,6 +25,7 @@ extern void noreturn stop_cpu(void); extern int arch_smp_init(void); extern int arch_cpu_init(int cpu, struct dt_device_node *dn); extern int arch_cpu_up(int cpu); +extern void arch_cpu_up_finish(void); int cpu_up_send_sgi(int cpu); diff --git a/xen/arch/arm/smpboot.c b/xen/arch/arm/smpboot.c index f7bda3a18b48..32e1d30e087e 100644 --- a/xen/arch/arm/smpboot.c +++ b/xen/arch/arm/smpboot.c @@ -509,6 +509,7 @@ int __cpu_up(unsigned int cpu) init_data.cpuid = ~0; smp_up_cpu = MPIDR_INVALID; clean_dcache(smp_up_cpu); + arch_cpu_up_finish(); if ( !cpu_online(cpu) ) {