From patchwork Tue Sep 17 18:12:39 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 173912 Delivered-To: patch@linaro.org Received: by 2002:a92:7e96:0:0:0:0:0 with SMTP id q22csp1463154ill; Tue, 17 Sep 2019 11:14:27 -0700 (PDT) X-Google-Smtp-Source: APXvYqy8blHXzCAdTZMz3R0cDB2fBJ8EUSe/MhuIbdEiywTWLlJ7EhYiXb6uy5MXWp73zBoP8UFu X-Received: by 2002:a02:3786:: with SMTP id r128mr2690582jar.76.1568744067000; Tue, 17 Sep 2019 11:14:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568744066; cv=none; d=google.com; s=arc-20160816; b=jAlJ5D9TEbP2E5k5cBA7ykKDZd/Qd57qS/mSbjttKOkA5AX/arqXcs5vZ3O6N4I5qk dBsJg1O147Mz5A+k8G+pCKOR89RAHbPGyMvok7Fmli/9i9iEQ3YFwWGOvFd6JukfH3TZ OGninZ4DMXR1TkDMDqdWFNXSHgxKTePHRM2jiT+dbKSrJKfBNNmKVU0ctOAR6+EqCxrd cjIfJ52UVefwMMmJ6AAuQaAEf4ylqt/bVT3rQ5akG9GcIAU2pyPGOvgzF/UdiHJAL4Y5 FZymVouSRvu2Cr2SrN9hr2/HoytEBAEPsklgQK268LxOHH4o7xHq7/40vO+hRSln9N0S 6tWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-unsubscribe:list-id :precedence:subject:references:in-reply-to:message-id:date:to:from; bh=dhBxSh4n3SVwv34XNMrTJDJA35wmRijYLywHYI1rXJs=; b=zxAV+B2DF9N0qThPcMVRFUA6me0pMXb5liX0WaWSXZyhwlRpp1qA1vYz7c9tNiacyq 2rt6yn8tAT+eUZfVJcEZ+lN0OkV74iWu0rc4BA0xC5PN3omsPmrflbWqeCYzlZG9Qssi EaLx7ne+c7qHXh3bSKxR7LH95nyJNY8c0PHmG3iCWc5oFLTQTArucLAJeCTOyXtJn0AC nuTkDqiJkjHmeHWS9WVx6YFkO11fSUCvcRFtuJkjr+XpZMaEYF+2Phhnx1kQpopJJOgV MF0S8QCMYsLIywhGrbOs47DXeP7l9THnA6TXn5MMq+W97ItjvfKawdRPfvrCf1K5wg6P C12A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id i3si3879688iom.132.2019.09.17.11.14.26 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Tue, 17 Sep 2019 11:14:26 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of xen-devel-bounces@lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iAHyH-00086A-Bu; Tue, 17 Sep 2019 18:13:01 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iAHyG-00085i-2D for xen-devel@lists.xenproject.org; Tue, 17 Sep 2019 18:13:00 +0000 X-Inumbo-ID: c573aca2-d976-11e9-961d-12813bfff9fa Received: from foss.arm.com (unknown [217.140.110.172]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTP id c573aca2-d976-11e9-961d-12813bfff9fa; Tue, 17 Sep 2019 18:12:55 +0000 (UTC) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 16A8B1682; Tue, 17 Sep 2019 11:12:55 -0700 (PDT) Received: from e108454-lin.cambridge.arm.com (e108454-lin.cambridge.arm.com [10.1.196.50]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 650FF3F67D; Tue, 17 Sep 2019 11:12:54 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 17 Sep 2019 19:12:39 +0100 Message-Id: <20190917181244.30027-4-julien.grall@arm.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190917181244.30027-1-julien.grall@arm.com> References: <20190917181244.30027-1-julien.grall@arm.com> Subject: [Xen-devel] [PATCH v4 3/8] xen/arm32: head: Remove 1:1 mapping as soon as it is not used X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Julien Grall , Stefano Stabellini , Volodymyr Babchuk MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" The 1:1 mapping may clash with other parts of the Xen virtual memory layout. At the moment, Xen is handling the clash by only creating a mapping to the runtime virtual address before enabling the MMU. The rest of the mappings (such as the fixmap) will be mapped after the MMU is enabled. However, the code doing the mapping is not safe as it replace mapping without using the Break-Before-Make sequence. As the 1:1 mapping can be anywhere in the memory, it is easier to remove all the entries added as soon as the 1:1 mapping is not used rather than adding the Break-Before-Make sequence everywhere. It is difficult to track where exactly the 1:1 mapping was created without a full rework of create_page_tables(). Instead, introduce a new function remove_identity_mapping() will look where is the top-level entry for the 1:1 mapping and remove it. The new function is only called for the boot CPU. Secondary CPUs will switch directly to the runtime page-tables so there are no need to remove the 1:1 mapping. Note that this still doesn't make the Secondary CPUs path safe but it is not making it worst. Note that the TLB flush sequence is same sequence as described in asm-arm/arm32/flushtlb.h with a twist. Per G5-5532 ARM DDI 0487D.a, a dsb nsh is sufficient for local flushed. Note the section is from the AArch32 Armv8 spec, I wasn't able to find the same exact section in the Armv7 spec but this is dotted as local operations only applies to non-shareable domain. This was missed while reworking the header and therefore a more conservative way were adopted. Signed-off-by: Julien Grall Reviewed-by: Stefano Stabellini --- It is very likely we will need to re-introduce the 1:1 mapping to cater secondary CPUs boot and suspend/resume. For now, the attempt is to make boot CPU path fully Arm Arm compliant. Changes in v4: - Fix typo - Fix indentation - Remove unnecessary comments Changes in v3: - Remove unused label - Avoid harcoding slots Changes in v2: - Patch added --- xen/arch/arm/arm32/head.S | 84 +++++++++++++++++++++++++++++++++++++---------- 1 file changed, 67 insertions(+), 17 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index 999233452d..65b7e0d711 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -32,6 +32,10 @@ #define PT_UPPER(x) (PT_##x & 0xf00) #define PT_LOWER(x) (PT_##x & 0x0ff) +/* Convenience defines to get slot used by Xen mapping. */ +#define XEN_FIRST_SLOT first_table_offset(XEN_VIRT_START) +#define XEN_SECOND_SLOT second_table_offset(XEN_VIRT_START) + #if (defined (CONFIG_EARLY_PRINTK)) && (defined (EARLY_PRINTK_INC)) #include EARLY_PRINTK_INC #endif @@ -157,6 +161,13 @@ past_zImage: ldr r0, =primary_switched mov pc, r0 primary_switched: + /* + * The 1:1 map may clash with other parts of the Xen virtual memory + * layout. As it is not used anymore, remove it completely to + * avoid having to worry about replacing existing mapping + * afterwards. + */ + bl remove_identity_mapping bl setup_fixmap #ifdef CONFIG_EARLY_PRINTK /* Use a virtual address to access the UART. */ @@ -481,12 +492,61 @@ enable_mmu: mov pc, lr ENDPROC(enable_mmu) -setup_fixmap: +/* + * Remove the 1:1 map from the page-tables. It is not easy to keep track + * where the 1:1 map was mapped, so we will look for the top-level entry + * exclusive to the 1:1 map and remove it. + * + * Inputs: + * r9 : paddr(start) + * + * Clobbers r0 - r3 + */ +remove_identity_mapping: + /* r2:r3 := invalid page-table entry */ + mov r2, #0x0 + mov r3, #0x0 /* - * Now we can install the fixmap and dtb mappings, since we - * don't need the 1:1 map any more + * Find the first slot used. Remove the entry for the first + * table if the slot is not XEN_FIRST_SLOT. */ - dsb + lsr r1, r9, #FIRST_SHIFT + mov_w r0, LPAE_ENTRY_MASK + and r1, r1, r0 /* r1 := first slot */ + cmp r1, #XEN_FIRST_SLOT + beq 1f + /* It is not in slot 0, remove the entry */ + ldr r0, =boot_pgtable /* r0 := root table */ + lsl r1, r1, #3 /* r1 := Slot offset */ + strd r2, r3, [r0, r1] + b identity_mapping_removed + +1: + /* + * Find the second slot used. Remove the entry for the first + * table if the slot is not XEN_SECOND_SLOT. + */ + lsr r1, r9, #SECOND_SHIFT + mov_w r0, LPAE_ENTRY_MASK + and r1, r1, r0 /* r1 := second slot */ + cmp r1, #XEN_SECOND_SLOT + beq identity_mapping_removed + /* It is not in slot 1, remove the entry */ + ldr r0, =boot_second /* r0 := second table */ + lsl r1, r1, #3 /* r1 := Slot offset */ + strd r2, r3, [r0, r1] + +identity_mapping_removed: + /* See asm-arm/arm32/flushtlb.h for the explanation of the sequence. */ + dsb nshst + mcr CP32(r0, TLBIALLH) + dsb nsh + isb + + mov pc, lr +ENDPROC(remove_identity_mapping) + +setup_fixmap: #if defined(CONFIG_EARLY_PRINTK) /* Fixmap is only used by early printk */ /* Add UART to the fixmap table */ ldr r1, =xen_fixmap /* r1 := vaddr (xen_fixmap) */ @@ -496,7 +556,6 @@ setup_fixmap: orr r2, r2, #PT_LOWER(DEV_L3) /* r2:r3 := 4K dev map including UART */ mov r3, #0x0 strd r2, r3, [r1, #(FIXMAP_CONSOLE*8)] /* Map it in the first fixmap's slot */ -1: /* Map fixmap into boot_second */ ldr r1, =boot_second /* r1 := vaddr (boot_second) */ @@ -508,19 +567,10 @@ setup_fixmap: mov r4, r4, lsr #(SECOND_SHIFT - 3) /* r4 := Slot for FIXMAP(0) */ mov r3, #0x0 strd r2, r3, [r1, r4] /* Map it in the fixmap's slot */ -#endif - - /* - * Flush the TLB in case the 1:1 mapping happens to clash with - * the virtual addresses used by the fixmap or DTB. - */ - dsb /* Ensure any page table updates made above - * have occurred. */ - isb - mcr CP32(r0, TLBIALLH) /* Flush hypervisor TLB */ - dsb /* Ensure completion of TLB flush */ - isb + /* Ensure any page table updates made above have occurred. */ + dsb nshst +#endif mov pc, lr ENDPROC(setup_fixmap)