Hi all, This is the second part of the boot/memory rework for Xen on Arm. This part contains mostly clean-up & fixes found during the rework. The first part of the rework is "xen/arm: TLB flush helpers rework" [1]. For convenience, I provided a branch with all the patches applied based on next-4.13 (it is staging + patch queued for Arm): git://xenbits.xen.org/people/julieng/xen-unstable.git branch mm/part2/v1 Cheers, [1] https://lists.xen.org/archives/html/xen-devel/2019-04/msg01432.html Julien Grall (20): xen/const: Introduce _BITUL and _BITULL xen/arm: Rename SCTLR_* defines and remove unused one xen/arm: processor: Use _BITUL instead of _AC(1, U) in SCTLR_ defines xen/arm: Rework HSCTLR_BASE xen/arm: Rework secondary_start prototype xen/arm: Remove parameter cpuid from start_xen xen/arm64: head: Remove unnecessary comment xen/arm64: head: Move earlyprintk messages in .rodata.str xen/arm64: head: Correctly report the HW CPU ID xen/arm32: head: Correctly report the HW CPU ID xen/arm32: head: Don't set MAIR0 and MAIR1 xen/arm32: head: Always zero r3 before update a page-table entry xen/arm32: mm: Avoid to zero and clean cache for CPU0 domheap xen/arm32: mm: Avoid cleaning the cache for secondary CPUs page-tables xen/arm: mm: Use the shorter version __aligned(PAGE_SIZE) to align page-tables xen/arm: mm: Protect Xen page-table update with a spinlock xen/arm: mm: Initialize page-tables earlier xen/arm: mm: Check start is always before end in {destroy, modify}_xen_mappings xen/arm: Pair call to set_fixmap with call to clear_fixmap in copy_from_paddr xen/arm: Allow cleaning the directory even when CONFIG_EARLY_PRINTK is set xen/arch/arm/Makefile | 5 +++ xen/arch/arm/Rules.mk | 7 ---- xen/arch/arm/arm32/head.S | 33 ++++----------- xen/arch/arm/arm64/head.S | 40 +++++------------- xen/arch/arm/guest_walk.c | 2 +- xen/arch/arm/kernel.c | 3 +- xen/arch/arm/mm.c | 57 +++++++++++--------------- xen/arch/arm/setup.c | 7 ++-- xen/arch/arm/smpboot.c | 4 +- xen/arch/arm/traps.c | 6 +-- xen/include/asm-arm/asm_defns.h | 5 +++ xen/include/asm-arm/p2m.h | 4 +- xen/include/asm-arm/processor.h | 91 +++++++++++++++++++++++++++++++---------- xen/include/xen/const.h | 3 ++ 14 files changed, 137 insertions(+), 130 deletions(-) -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The pattern _AC(1, UL{,L}) << X is commonly used in the headers to make define usuable in both assembly and C. So introduce _BITUL and _BITULL to make the code slightly more readable. The idea has been taken from Linux (see include/uapi/linux.h). Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/include/xen/const.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/xen/include/xen/const.h b/xen/include/xen/const.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/xen/const.h +++ b/xen/include/xen/const.h @@ -XXX,XX +XXX,XX @@ #define _AT(T,X) ((T)(X)) #endif +#define _BITUL(x) (_AC(1, UL) << (x)) +#define _BITULL(x) (_AC(1, ULL) << (x)) + #endif /* __XEN_CONST_H__ */ -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The SCTLR_* are currently used for SCTLR/HSCTLR (arm32) and SCTLR_EL1/SCTLR_EL2 (arm64). The naming scheme is actually quite confusing because they may only be defined for an archicture (or even an exception level). So it is not easy for the developer to know which one to use. The naming scheme is reworked by adding Axx_ELx in each define: * xx is replaced by 32 or 64 if specific to an architecture * x is replaced by 2 (hypervisor) or 1 (kernel) if specific to an exception level While doing the renaming, remove the unused defines (or at least the ones that are unlikely going to be used). Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/arm32/head.S | 5 +++-- xen/arch/arm/arm64/head.S | 4 ++-- xen/arch/arm/guest_walk.c | 2 +- xen/arch/arm/mm.c | 2 +- xen/arch/arm/traps.c | 6 +++--- xen/include/asm-arm/p2m.h | 4 +++- xen/include/asm-arm/processor.h | 37 +++++++++++++++++-------------------- 7 files changed, 30 insertions(+), 30 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ cpu_init_done: * Alignment checking enabled, * MMU translation disabled (for now). */ - ldr r0, =(HSCTLR_BASE|SCTLR_A) + ldr r0, =(HSCTLR_BASE|SCTLR_AXX_A) mcr CP32(r0, HSCTLR) /* @@ -XXX,XX +XXX,XX @@ virtphys_clash: ldr r1, =paging /* Explicit vaddr, not RIP-relative */ mrc CP32(r0, HSCTLR) - orr r0, r0, #(SCTLR_M|SCTLR_C) /* Enable MMU and D-cache */ + /* Enable MMU and D-cache */ + orr r0, r0, #(SCTLR_Axx_ELx_M|SCTLR_Axx_ELx_C) dsb /* Flush PTE writes and finish reads */ mcr CP32(r0, HSCTLR) /* now paging is enabled */ isb /* Now, flush the icache */ diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ virtphys_clash: ldr x1, =paging /* Explicit vaddr, not RIP-relative */ mrs x0, SCTLR_EL2 - orr x0, x0, #SCTLR_M /* Enable MMU */ - orr x0, x0, #SCTLR_C /* Enable D-cache */ + orr x0, x0, #SCTLR_Axx_ELx_M /* Enable MMU */ + orr x0, x0, #SCTLR_Axx_ELx_C /* Enable D-cache */ dsb sy /* Flush PTE writes and finish reads */ msr SCTLR_EL2, x0 /* now paging is enabled */ isb /* Now, flush the icache */ diff --git a/xen/arch/arm/guest_walk.c b/xen/arch/arm/guest_walk.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/guest_walk.c +++ b/xen/arch/arm/guest_walk.c @@ -XXX,XX +XXX,XX @@ bool guest_walk_tables(const struct vcpu *v, vaddr_t gva, *perms = GV2M_READ; /* If the MMU is disabled, there is no need to translate the gva. */ - if ( !(sctlr & SCTLR_M) ) + if ( !(sctlr & SCTLR_Axx_ELx_M) ) { *ipa = gva; diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ void __init remove_early_mappings(void) */ static void xen_pt_enforce_wnx(void) { - WRITE_SYSREG32(READ_SYSREG32(SCTLR_EL2) | SCTLR_WXN, SCTLR_EL2); + WRITE_SYSREG32(READ_SYSREG32(SCTLR_EL2) | SCTLR_Axx_ELx_WXN, SCTLR_EL2); /* * The TLBs may cache SCTLR_EL2.WXN. So ensure it is synchronized * before flushing the TLBs. diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -XXX,XX +XXX,XX @@ static void cpsr_switch_mode(struct cpu_user_regs *regs, int mode) regs->cpsr |= PSR_IRQ_MASK; if ( mode == PSR_MODE_ABT ) regs->cpsr |= PSR_ABT_MASK; - if ( sctlr & SCTLR_TE ) + if ( sctlr & SCTLR_A32_ELx_TE ) regs->cpsr |= PSR_THUMB; - if ( sctlr & SCTLR_EE ) + if ( sctlr & SCTLR_Axx_ELx_EE ) regs->cpsr |= PSR_BIG_ENDIAN; } @@ -XXX,XX +XXX,XX @@ static vaddr_t exception_handler32(vaddr_t offset) { uint32_t sctlr = READ_SYSREG32(SCTLR_EL1); - if ( sctlr & SCTLR_V ) + if ( sctlr & SCTLR_A32_EL1_V ) return 0xffff0000 + offset; else /* always have security exceptions */ return READ_SYSREG(VBAR_EL1) + offset; diff --git a/xen/include/asm-arm/p2m.h b/xen/include/asm-arm/p2m.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/p2m.h +++ b/xen/include/asm-arm/p2m.h @@ -XXX,XX +XXX,XX @@ static inline int set_foreign_p2m_entry(struct domain *d, unsigned long gfn, */ static inline bool vcpu_has_cache_enabled(struct vcpu *v) { + const uint32_t mask = SCTLR_Axx_ELx_C | SCTLR_Axx_ELx_M; + /* Only works with the current vCPU */ ASSERT(current == v); - return (READ_SYSREG32(SCTLR_EL1) & (SCTLR_C|SCTLR_M)) == (SCTLR_C|SCTLR_M); + return (READ_SYSREG32(SCTLR_EL1) & mask) == mask; } #endif /* _XEN_P2M_H */ diff --git a/xen/include/asm-arm/processor.h b/xen/include/asm-arm/processor.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/processor.h +++ b/xen/include/asm-arm/processor.h @@ -XXX,XX +XXX,XX @@ #define TTBCR_PD1 (_AC(1,U)<<5) /* SCTLR System Control Register. */ -/* HSCTLR is a subset of this. */ -#define SCTLR_TE (_AC(1,U)<<30) -#define SCTLR_AFE (_AC(1,U)<<29) -#define SCTLR_TRE (_AC(1,U)<<28) -#define SCTLR_NMFI (_AC(1,U)<<27) -#define SCTLR_EE (_AC(1,U)<<25) -#define SCTLR_VE (_AC(1,U)<<24) -#define SCTLR_U (_AC(1,U)<<22) -#define SCTLR_FI (_AC(1,U)<<21) -#define SCTLR_WXN (_AC(1,U)<<19) -#define SCTLR_HA (_AC(1,U)<<17) -#define SCTLR_RR (_AC(1,U)<<14) -#define SCTLR_V (_AC(1,U)<<13) -#define SCTLR_I (_AC(1,U)<<12) -#define SCTLR_Z (_AC(1,U)<<11) -#define SCTLR_SW (_AC(1,U)<<10) -#define SCTLR_B (_AC(1,U)<<7) -#define SCTLR_C (_AC(1,U)<<2) -#define SCTLR_A (_AC(1,U)<<1) -#define SCTLR_M (_AC(1,U)<<0) + +/* Bits specific to SCTLR_EL1 for Arm32 */ + +#define SCTLR_A32_EL1_V (_AC(1,U)<<13) + +/* Common bits for SCTLR_ELx for Arm32 */ + +#define SCTLR_A32_ELx_TE (_AC(1,U)<<30) +#define SCTLR_A32_ELx_FI (_AC(1,U)<<21) + +/* Common bits for SCTLR_ELx on all architectures */ +#define SCTLR_Axx_ELx_EE (_AC(1,U)<<25) +#define SCTLR_Axx_ELx_WXN (_AC(1,U)<<19) +#define SCTLR_Axx_ELx_I (_AC(1,U)<<12) +#define SCTLR_Axx_ELx_C (_AC(1,U)<<2) +#define SCTLR_Axx_ELx_A (_AC(1,U)<<1) +#define SCTLR_Axx_ELx_M (_AC(1,U)<<0) #define HSCTLR_BASE _AC(0x30c51878,U) -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The newly introduced macro _BITUL makes the code more readable. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/include/asm-arm/processor.h | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/xen/include/asm-arm/processor.h b/xen/include/asm-arm/processor.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/processor.h +++ b/xen/include/asm-arm/processor.h @@ -XXX,XX +XXX,XX @@ /* Bits specific to SCTLR_EL1 for Arm32 */ -#define SCTLR_A32_EL1_V (_AC(1,U)<<13) +#define SCTLR_A32_EL1_V _BITUL(13) /* Common bits for SCTLR_ELx for Arm32 */ -#define SCTLR_A32_ELx_TE (_AC(1,U)<<30) -#define SCTLR_A32_ELx_FI (_AC(1,U)<<21) +#define SCTLR_A32_ELx_TE _BITUL(30) +#define SCTLR_A32_ELx_FI _BITUL(21) /* Common bits for SCTLR_ELx on all architectures */ -#define SCTLR_Axx_ELx_EE (_AC(1,U)<<25) -#define SCTLR_Axx_ELx_WXN (_AC(1,U)<<19) -#define SCTLR_Axx_ELx_I (_AC(1,U)<<12) -#define SCTLR_Axx_ELx_C (_AC(1,U)<<2) -#define SCTLR_Axx_ELx_A (_AC(1,U)<<1) -#define SCTLR_Axx_ELx_M (_AC(1,U)<<0) +#define SCTLR_Axx_ELx_EE _BITUL(25) +#define SCTLR_Axx_ELx_WXN _BITUL(19) +#define SCTLR_Axx_ELx_I _BITUL(12) +#define SCTLR_Axx_ELx_C _BITUL(2) +#define SCTLR_Axx_ELx_A _BITUL(1) +#define SCTLR_Axx_ELx_M _BITUL(0) #define HSCTLR_BASE _AC(0x30c51878,U) -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The current value of HSCTLR_BASE for Arm64 is pretty wrong. It would actually turn on SCTLR_EL2.nAA (bit 6) on hardware implementing ARMv8.4-LSE. Furthermore, the documentation of what is cleared/set in SCTLR_EL2 is also not correct and looks like to be a verbatim copy from Arm32. HSCTLR_BASE is replaced with a bunch of per-architecture new defines helping to understand better what is the initialie value for SCTLR_EL2/HSCTLR. Note the defines *_CLEAR are only used to check the state of each bits are known. Lastly, the documentation is dropped from arm{32,64}/head.S as it would be pretty easy to get out-of-sync with the definitions. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/arm32/head.S | 12 +--------- xen/arch/arm/arm64/head.S | 10 +------- xen/include/asm-arm/processor.h | 52 ++++++++++++++++++++++++++++++++++++++++- 3 files changed, 53 insertions(+), 21 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ cpu_init_done: ldr r0, =(TCR_RES1|TCR_SH0_IS|TCR_ORGN0_WBWA|TCR_IRGN0_WBWA|TCR_T0SZ(0)) mcr CP32(r0, HTCR) - /* - * Set up the HSCTLR: - * Exceptions in LE ARM, - * Low-latency IRQs disabled, - * Write-implies-XN disabled (for now), - * D-cache disabled (for now), - * I-cache enabled, - * Alignment checking enabled, - * MMU translation disabled (for now). - */ - ldr r0, =(HSCTLR_BASE|SCTLR_AXX_A) + ldr r0, =HSCTLR_SET mcr CP32(r0, HSCTLR) /* diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ skip_bss: msr tcr_el2, x0 - /* Set up the SCTLR_EL2: - * Exceptions in LE ARM, - * Low-latency IRQs disabled, - * Write-implies-XN disabled (for now), - * D-cache disabled (for now), - * I-cache enabled, - * Alignment checking disabled, - * MMU translation disabled (for now). */ - ldr x0, =(HSCTLR_BASE) + ldr x0, =SCTLR_EL2_SET msr SCTLR_EL2, x0 /* Ensure that any exceptions encountered at EL2 diff --git a/xen/include/asm-arm/processor.h b/xen/include/asm-arm/processor.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/processor.h +++ b/xen/include/asm-arm/processor.h @@ -XXX,XX +XXX,XX @@ #define SCTLR_A32_ELx_TE _BITUL(30) #define SCTLR_A32_ELx_FI _BITUL(21) +/* Common bits for SCTLR_ELx for Arm64 */ +#define SCTLR_A64_ELx_SA _BITUL(3) + /* Common bits for SCTLR_ELx on all architectures */ #define SCTLR_Axx_ELx_EE _BITUL(25) #define SCTLR_Axx_ELx_WXN _BITUL(19) @@ -XXX,XX +XXX,XX @@ #define SCTLR_Axx_ELx_A _BITUL(1) #define SCTLR_Axx_ELx_M _BITUL(0) -#define HSCTLR_BASE _AC(0x30c51878,U) +#ifdef CONFIG_ARM_32 + +#define HSCTLR_RES1 (_BITUL(3) | _BITUL(4) | _BITUL(5) | _BITUL(6) |\ + _BITUL(11) | _BITUL(16) | _BITUL(18) | _BITUL(22) |\ + _BITUL(23) | _BITUL(28) | _BITUL(29)) + +#define HSCTLR_RES0 (_BITUL(7) | _BITUL(8) | _BITUL(9) | _BITUL(10) |\ + _BITUL(13) | _BITUL(14) | _BITUL(15) | _BITUL(17) |\ + _BITUL(20) | _BITUL(24) | _BITUL(26) | _BITUL(27) |\ + _BITUL(31)) + +/* Initial value for HSCTLR */ +#define HSCTLR_SET (HSCTLR_RES1 | SCTLR_Axx_ELx_A | SCTLR_Axx_ELx_I) + +#define HSCTLR_CLEAR (HSCTLR_RES0 | SCTLR_Axx_ELx_M |\ + SCTLR_Axx_ELx_C | SCTLR_Axx_ELx_WXN |\ + SCTLR_A32_ELx_FI | SCTLR_Axx_ELx_EE |\ + SCTLR_A32_ELx_TE) + +#if (HSCTLR_SET ^ HSCTLR_CLEAR) != 0xffffffffU +#error "Inconsistent HSCTLR set/clear bits" +#endif + +#else + +#define SCTLR_EL2_RES1 (_BITUL(4) | _BITUL(5) | _BITUL(11) | _BITUL(16) |\ + _BITUL(18) | _BITUL(22) | _BITUL(23) | _BITUL(28) |\ + _BITUL(29)) + +#define SCTLR_EL2_RES0 (_BITUL(6) | _BITUL(7) | _BITUL(8) | _BITUL(9) |\ + _BITUL(10) | _BITUL(13) | _BITUL(14) | _BITUL(15) |\ + _BITUL(17) | _BITUL(20) | _BITUL(21) | _BITUL(24) |\ + _BITUL(26) | _BITUL(27) | _BITUL(30) | _BITUL(31) |\ + (0xffffffffULL << 32)) + +/* Initial value for SCTLR_EL2 */ +#define SCTLR_EL2_SET (SCTLR_EL2_RES1 | SCTLR_A64_ELx_SA |\ + SCTLR_Axx_ELx_I) + +#define SCTLR_EL2_CLEAR (SCTLR_EL2_RES0 | SCTLR_Axx_ELx_M |\ + SCTLR_Axx_ELx_A | SCTLR_Axx_ELx_C |\ + SCTLR_Axx_ELx_WXN | SCTLR_Axx_ELx_EE) + +#if (SCTLR_EL2_SET ^ SCTLR_EL2_CLEAR) != 0xffffffffffffffffUL +#error "Inconsistent SCTLR_EL2 set/clear bits" +#endif + +#endif /* HCR Hyp Configuration Register */ #define HCR_RW (_AC(1,UL)<<31) /* Register Width, ARM64 only */ -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel None of the parameters of secondary_start are actually used. So turn secondary_start to a function with no parameters. Also modify the assembly code to avoid setting-up the registers before calling secondary_start. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/arm32/head.S | 6 +++--- xen/arch/arm/arm64/head.S | 3 ++- xen/arch/arm/smpboot.c | 4 +--- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ launch: ldr sp, [r0] add sp, #STACK_SIZE /* (which grows down from the top). */ sub sp, #CPUINFO_sizeof /* Make room for CPU save record */ - mov r0, r10 /* Marshal args: - phys_offset */ - mov r1, r8 /* - DTB address */ - mov r2, r7 /* - CPU ID */ teq r12, #0 + moveq r0, r10 /* Marshal args: - phys_offset */ + moveq r1, r8 /* - DTB address */ + moveq r2, r7 /* - CPU ID */ beq start_xen /* and disappear into the land of C */ b start_secondary /* (to the appropriate entry point) */ diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ launch: sub x0, x0, #CPUINFO_sizeof /* Make room for CPU save record */ mov sp, x0 + cbnz x22, 1f + mov x0, x20 /* Marshal args: - phys_offset */ mov x1, x21 /* - FDT */ mov x2, x24 /* - CPU ID */ - cbnz x22, 1f b start_xen /* and disappear into the land of C */ 1: b start_secondary /* (to the appropriate entry point) */ diff --git a/xen/arch/arm/smpboot.c b/xen/arch/arm/smpboot.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/smpboot.c +++ b/xen/arch/arm/smpboot.c @@ -XXX,XX +XXX,XX @@ smp_prepare_cpus(void) } /* Boot the current CPU */ -void start_secondary(unsigned long boot_phys_offset, - unsigned long fdt_paddr, - unsigned long hwid) +void start_secondary(void) { unsigned int cpuid = init_data.cpuid; -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The parameter cpuid is not used by start_xen. So remove it. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/arm32/head.S | 1 - xen/arch/arm/arm64/head.S | 1 - xen/arch/arm/setup.c | 3 +-- 3 files changed, 1 insertion(+), 4 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ launch: teq r12, #0 moveq r0, r10 /* Marshal args: - phys_offset */ moveq r1, r8 /* - DTB address */ - moveq r2, r7 /* - CPU ID */ beq start_xen /* and disappear into the land of C */ b start_secondary /* (to the appropriate entry point) */ diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ launch: mov x0, x20 /* Marshal args: - phys_offset */ mov x1, x21 /* - FDT */ - mov x2, x24 /* - CPU ID */ b start_xen /* and disappear into the land of C */ 1: b start_secondary /* (to the appropriate entry point) */ diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -XXX,XX +XXX,XX @@ size_t __read_mostly dcache_line_bytes; /* C entry point for boot CPU */ void __init start_xen(unsigned long boot_phys_offset, - unsigned long fdt_paddr, - unsigned long cpuid) + unsigned long fdt_paddr) { size_t fdt_size; int cpus, i; -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel So far, we don't init specific core initialization at boot. So remove the comment. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/arm64/head.S | 2 -- 1 file changed, 2 deletions(-) diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ el2: PRINT("- Xen starting at EL2 -\r\n") skip_bss: PRINT("- Setting up control registers -\r\n") - /* XXXX call PROCINFO_cpu_init here */ - /* Set up memory attribute type tables */ ldr x0, =MAIRVAL msr mair_el2, x0 -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel At the moment, the earlyprintk messages are interleaved with the instructions. This makes more difficult to read the objdump output. Introduce a new macro to add a string in .rodata.str and use it for all the earlyprintk messages. Signed-off-by: Julien Grall <julien.grall@arm.com> --- I haven't done a similar change in arm32 yet because the compiler will throw an error when using 'adr' when load an address from a different section (see A5-200 in ARM DDI 0406C.a for the technical reason). The change is likely to be more elaborate. --- xen/arch/arm/arm64/head.S | 14 +++++--------- xen/include/asm-arm/asm_defns.h | 5 +++++ 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ /* Macro to print a string to the UART, if there is one. * Clobbers x0-x3. */ #ifdef CONFIG_EARLY_PRINTK -#define PRINT(_s) \ - adr x0, 98f ; \ - bl puts ; \ - b 99f ; \ -98: .asciz _s ; \ - .align 2 ; \ -99: +#define PRINT(_s) \ + adr x0, 98f ; \ + bl puts ; \ + RODATA_STR(98, _s) #else /* CONFIG_EARLY_PRINTK */ #define PRINT(s) #endif /* !CONFIG_EARLY_PRINTK */ @@ -XXX,XX +XXX,XX @@ init_uart: #endif adr x0, 1f b puts -1: .asciz "- UART enabled -\r\n" - .align 4 +RODATA_STR(1, "- UART enabled -\r\n") /* Print early debug messages. * x0: Nul-terminated string to print. diff --git a/xen/include/asm-arm/asm_defns.h b/xen/include/asm-arm/asm_defns.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/asm_defns.h +++ b/xen/include/asm-arm/asm_defns.h @@ -XXX,XX +XXX,XX @@ # error "unknown ARM variant" #endif +#define RODATA_STR(label, msg) \ +.pushsection .rodata.str, "aMS", %progbits, 1 ; \ +label: .asciz msg; \ +.popsection + #endif /* __ARM_ASM_DEFNS_H__ */ /* * Local variables: -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel There are no reason to consider the HW CPU ID will be 0 when the processor is part of a uniprocessor system. At best, this will result to conflicting output as the rest of Xen use the value directly read from MPIDR_EL1. So remove the zeroing and logic to check if the CPU is part of a uniprocessor system. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/arm64/head.S | 6 ------ 1 file changed, 6 deletions(-) diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ GLOBAL(init_secondary) mov x26, #1 /* X26 := skip_zero_bss */ common_start: - mov x24, #0 /* x24 := CPU ID. Initialy zero until we - * find that multiprocessor extensions are - * present and the system is SMP */ mrs x0, mpidr_el1 - tbnz x0, _MPIDR_UP, 1f /* Uniprocessor system? */ - ldr x13, =(~MPIDR_HWID_MASK) bic x24, x0, x13 /* Mask out flags to get CPU ID */ -1: /* Non-boot CPUs wait here until __cpu_up is ready for them */ cbz x22, 1f -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel There are no reason to consider the HW CPU ID will be 0 when the processor is part of a uniprocessor system. At best, this will result to conflicting output as the rest of Xen use the value directly read from MPIDR. So remove the zeroing and logic to check if the CPU is part of a uniprocessor system. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/arm32/head.S | 8 -------- 1 file changed, 8 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ GLOBAL(init_secondary) mov r12, #1 /* r12 := is_secondary_cpu */ common_start: - mov r7, #0 /* r7 := CPU ID. Initialy zero until we - * find that multiprocessor extensions are - * present and the system is SMP */ mrc CP32(r1, MPIDR) - tst r1, #MPIDR_SMP /* Multiprocessor extension supported? */ - beq 1f - tst r1, #MPIDR_UP /* Uniprocessor system? */ - bne 1f bic r7, r1, #(~MPIDR_HWID_MASK) /* Mask out flags to get CPU ID */ -1: /* Non-boot CPUs wait here until __cpu_up is ready for them */ teq r12, #0 -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The co-processor registers MAIR0 and MAIR1 are managed by EL1. So there are no need to initialize them during Xen boot. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/arm32/head.S | 2 -- 1 file changed, 2 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ cpu_init_done: /* Set up memory attribute type tables */ ldr r0, =MAIR0VAL ldr r1, =MAIR1VAL - mcr CP32(r0, MAIR0) - mcr CP32(r1, MAIR1) mcr CP32(r0, HMAIR0) mcr CP32(r1, HMAIR1) -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The boot code is using r2 and r3 to hold the page-table entry value. While r2 is always updated before storing the value, this is not always the case for r3. Thankfully today, r3 will always be zero when we care. But this is difficult to track and error-prone. So always zero r3 within the few instructions before the write the page-table entry. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/arm32/head.S | 3 +++ 1 file changed, 3 insertions(+) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ cpu_init_done: orr r2, r2, #PT_UPPER(MEM) /* r2:r3 := section map */ orr r2, r2, #PT_LOWER(MEM) lsl r1, r1, #3 /* r1 := Slot offset */ + mov r3, #0x0 strd r2, r3, [r4, r1] /* Mapping of paddr(start) */ mov r6, #1 /* r6 := identity map now in place */ @@ -XXX,XX +XXX,XX @@ paging: lsl r2, r2, #THIRD_SHIFT /* 4K aligned paddr of UART */ orr r2, r2, #PT_UPPER(DEV_L3) orr r2, r2, #PT_LOWER(DEV_L3) /* r2:r3 := 4K dev map including UART */ + mov r3, #0 strd r2, r3, [r1, #(FIXMAP_CONSOLE*8)] /* Map it in the first fixmap's slot */ 1: @@ -XXX,XX +XXX,XX @@ paging: orr r2, r2, #PT_LOWER(PT) /* r2:r3 := table map of xen_fixmap */ ldr r4, =FIXMAP_ADDR(0) mov r4, r4, lsr #(SECOND_SHIFT - 3) /* r4 := Slot for FIXMAP(0) */ + mov r3, #0 strd r2, r3, [r1, r4] /* Map it in the fixmap's slot */ /* Use a virtual address to access the UART. */ -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The page-table walker is configured to use the same shareability and cacheability as the access performed when updating the page-tables. This means cleaning the cache for CPU0 domheap is unnecessary. Furthermore, CPU0 page-tables are part of Xen binary and will already be zeroed beforehand. So it is pointless to zero the domheap again. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/mm.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ void __init setup_pagetables(unsigned long boot_phys_offset) #ifdef CONFIG_ARM_32 per_cpu(xen_pgtable, 0) = cpu0_pgtable; per_cpu(xen_dommap, 0) = cpu0_dommap; - - /* Make sure it is clear */ - memset(this_cpu(xen_dommap), 0, DOMHEAP_SECOND_PAGES*PAGE_SIZE); - clean_dcache_va_range(this_cpu(xen_dommap), - DOMHEAP_SECOND_PAGES*PAGE_SIZE); #endif } -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The page-table walker is configured to use the same shareability and cacheability as the access performed when updating the page-tables. This means cleaning the cache for secondary CPUs runtime page-tables is unnecessary. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/mm.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ int init_secondary_pagetables(int cpu) write_pte(&first[first_table_offset(DOMHEAP_VIRT_START+i*FIRST_SIZE)], pte); } - clean_dcache_va_range(first, PAGE_SIZE); - clean_dcache_va_range(domheap, DOMHEAP_SECOND_PAGES*PAGE_SIZE); - per_cpu(xen_pgtable, cpu) = first; per_cpu(xen_dommap, cpu) = domheap; -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel We currently use the very long version __attribute__((__aligned(4096))) to align page-tables. Thankfully there is a shorter version to make the code more readable. While modifying the attribute: 1) Move it before the variable name as we do in other part of Xen 2) Switch to PAGE_SIZE instead of 4096 to make more future-proof 3) Mark static page-tables not used outside the file (i.e any page-tables other than boot_* and xen_fixmap). Lastly, some of the variables use __attribute__(__aligned(X * 4096)). However this is not necessary as page-tables are only required to be to be aligned to a page-size. So use __aligned(PAGE_SIZE). Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/mm.c | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ struct domain *dom_xen, *dom_io, *dom_cow; * Finally, if EARLY_PRINTK is enabled then xen_fixmap will be mapped * by the CPU once it has moved off the 1:1 mapping. */ -lpae_t boot_pgtable[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +lpae_t __aligned(PAGE_SIZE) boot_pgtable[LPAE_ENTRIES]; #ifdef CONFIG_ARM_64 -lpae_t boot_first[LPAE_ENTRIES] __attribute__((__aligned__(4096))); -lpae_t boot_first_id[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +lpae_t __aligned(PAGE_SIZE) boot_first[LPAE_ENTRIES]; +lpae_t __aligned(PAGE_SIZE) boot_first_id[LPAE_ENTRIES]; #endif -lpae_t boot_second[LPAE_ENTRIES] __attribute__((__aligned__(4096))); -lpae_t boot_third[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +lpae_t __aligned(PAGE_SIZE) boot_second[LPAE_ENTRIES]; +lpae_t __aligned(PAGE_SIZE) boot_third[LPAE_ENTRIES]; /* Main runtime page tables */ @@ -XXX,XX +XXX,XX @@ lpae_t boot_third[LPAE_ENTRIES] __attribute__((__aligned__(4096))); #ifdef CONFIG_ARM_64 #define HYP_PT_ROOT_LEVEL 0 -lpae_t xen_pgtable[LPAE_ENTRIES] __attribute__((__aligned__(4096))); -lpae_t xen_first[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +static lpae_t __aligned(PAGE_SIZE) xen_pgtable[LPAE_ENTRIES]; +static lpae_t __aligned(PAGE_SIZE) xen_first[LPAE_ENTRIES]; #define THIS_CPU_PGTABLE xen_pgtable #else #define HYP_PT_ROOT_LEVEL 1 @@ -XXX,XX +XXX,XX @@ static DEFINE_PER_CPU(lpae_t *, xen_pgtable); * DOMHEAP_VIRT_START...DOMHEAP_VIRT_END in 2MB chunks. */ static DEFINE_PER_CPU(lpae_t *, xen_dommap); /* Root of the trie for cpu0, other CPU's PTs are dynamically allocated */ -lpae_t cpu0_pgtable[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +static lpae_t __aligned(PAGE_SIZE) cpu0_pgtable[LPAE_ENTRIES]; /* cpu0's domheap page tables */ -lpae_t cpu0_dommap[LPAE_ENTRIES*DOMHEAP_SECOND_PAGES] - __attribute__((__aligned__(4096*DOMHEAP_SECOND_PAGES))); +static lpae_t __aligned(PAGE_SIZE) cpu0_dommap[LPAE_ENTRIES*DOMHEAP_SECOND_PAGES]; #endif #ifdef CONFIG_ARM_64 /* The first page of the first level mapping of the xenheap. The * subsequent xenheap first level pages are dynamically allocated, but * we need this one to bootstrap ourselves. */ -lpae_t xenheap_first_first[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +static lpae_t __aligned(PAGE_SIZE) xenheap_first_first[LPAE_ENTRIES]; /* The zeroeth level slot which uses xenheap_first_first. Used because * setup_xenheap_mappings otherwise relies on mfn_to_virt which isn't * valid for a non-xenheap mapping. */ @@ -XXX,XX +XXX,XX @@ static __initdata int xenheap_first_first_slot = -1; * addresses from 0 to 0x7fffffff. Offsets into it are calculated * with second_linear_offset(), not second_table_offset(). */ -lpae_t xen_second[LPAE_ENTRIES*2] __attribute__((__aligned__(4096*2))); +static lpae_t __aligned(PAGE_SIZE) xen_second[LPAE_ENTRIES*2]; /* First level page table used for fixmap */ -lpae_t xen_fixmap[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +lpae_t __aligned(PAGE_SIZE) xen_fixmap[LPAE_ENTRIES]; /* First level page table used to map Xen itself with the XN bit set * as appropriate. */ -static lpae_t xen_xenmap[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +static lpae_t __aligned(PAGE_SIZE) xen_xenmap[LPAE_ENTRIES]; /* Non-boot CPUs use this to find the correct pagetables. */ uint64_t init_ttbr; -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The function create_xen_entries may be concurrently called. So we need to protect with a spinlock to avoid corruption the page-tables. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/mm.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ enum xenmap_operation { RESERVE }; +static DEFINE_SPINLOCK(xen_pt_lock); + static int create_xen_entries(enum xenmap_operation op, unsigned long virt, mfn_t mfn, @@ -XXX,XX +XXX,XX @@ static int create_xen_entries(enum xenmap_operation op, lpae_t pte, *entry; lpae_t *third = NULL; + spin_lock(&xen_pt_lock); + for(; addr < addr_end; addr += PAGE_SIZE, mfn = mfn_add(mfn, 1)) { entry = &xen_second[second_linear_offset(addr)]; @@ -XXX,XX +XXX,XX @@ out: */ flush_xen_tlb_range_va(virt, PAGE_SIZE * nr_mfns); + spin_unlock(&xen_pt_lock); + return rc; } -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel Since commit f60658c6ae "xen/arm: Stop relocating Xen", the function setup_page_tables() does not require any information from the FDT. So the initialization of the page-tables can be done much earlier in the boot process. The earliest setup_page_tables() can be called is after traps have been initialized, so we can get backtrace if an error occurred. Moving the initialization of the page-tables also avoid the dance to map the FDT again in the new set of page-tables. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/mm.c | 12 +++--------- xen/arch/arm/setup.c | 4 ++-- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ static inline lpae_t pte_of_xenaddr(vaddr_t va) return mfn_to_xen_entry(maddr_to_mfn(ma), MT_NORMAL); } -/* Map the FDT in the early boot page table */ +/* Map the FDT in the runtime page table */ void * __init early_fdt_map(paddr_t fdt_paddr) { /* We are using 2MB superpage for mapping the FDT */ @@ -XXX,XX +XXX,XX @@ void * __init early_fdt_map(paddr_t fdt_paddr) /* The FDT is mapped using 2MB superpage */ BUILD_BUG_ON(BOOT_FDT_VIRT_START % SZ_2M); - create_mappings(boot_second, BOOT_FDT_VIRT_START, paddr_to_pfn(base_paddr), + create_mappings(xen_second, BOOT_FDT_VIRT_START, paddr_to_pfn(base_paddr), SZ_2M >> PAGE_SHIFT, SZ_2M); offset = fdt_paddr % SECOND_SIZE; @@ -XXX,XX +XXX,XX @@ void * __init early_fdt_map(paddr_t fdt_paddr) if ( (offset + size) > SZ_2M ) { - create_mappings(boot_second, BOOT_FDT_VIRT_START + SZ_2M, + create_mappings(xen_second, BOOT_FDT_VIRT_START + SZ_2M, paddr_to_pfn(base_paddr + SZ_2M), SZ_2M >> PAGE_SHIFT, SZ_2M); } @@ -XXX,XX +XXX,XX @@ void __init setup_pagetables(unsigned long boot_phys_offset) pte.pt.table = 1; xen_second[second_table_offset(FIXMAP_ADDR(0))] = pte; - /* ... DTB */ - pte = boot_second[second_table_offset(BOOT_FDT_VIRT_START)]; - xen_second[second_table_offset(BOOT_FDT_VIRT_START)] = pte; - pte = boot_second[second_table_offset(BOOT_FDT_VIRT_START + SZ_2M)]; - xen_second[second_table_offset(BOOT_FDT_VIRT_START + SZ_2M)] = pte; - #ifdef CONFIG_ARM_64 ttbr = (uintptr_t) xen_pgtable + phys_offset; #else diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -XXX,XX +XXX,XX @@ void __init start_xen(unsigned long boot_phys_offset, /* Initialize traps early allow us to get backtrace when an error occurred */ init_traps(); + setup_pagetables(boot_phys_offset); + smp_clear_cpu_maps(); device_tree_flattened = early_fdt_map(fdt_paddr); @@ -XXX,XX +XXX,XX @@ void __init start_xen(unsigned long boot_phys_offset, (paddr_t)(uintptr_t)(_end - _start + 1), false); BUG_ON(!xen_bootmodule); - setup_pagetables(boot_phys_offset); - setup_mm(fdt_paddr, fdt_size); /* Parse the ACPI tables for possible boot-time configuration */ -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The two helpers {destroy, modify}_xen_mappings don't check that the start is always before the end. This should never happen but if it happens, it will result to unexpected behavior. Catch such issues earlier on by adding an ASSERT in destroy_xen_mappings and modify_xen_mappings. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/mm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ int populate_pt_range(unsigned long virt, unsigned long nr_mfns) int destroy_xen_mappings(unsigned long v, unsigned long e) { + ASSERT(v <= e); return create_xen_entries(REMOVE, v, INVALID_MFN, (e - v) >> PAGE_SHIFT, 0); } int modify_xen_mappings(unsigned long s, unsigned long e, unsigned int flags) { + ASSERT(s <= e); return create_xen_entries(MODIFY, s, INVALID_MFN, (e - s) >> PAGE_SHIFT, flags); } -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel At the moment, set_fixmap may replace a valid entry without following the break-before-make sequence. This may result to TLB conflict abort. Rather than dealing with Break-Before-Make in set_fixmap, every call to set_fixmap is paired with a call to clear_fixmap. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/kernel.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/xen/arch/arm/kernel.c b/xen/arch/arm/kernel.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/kernel.c +++ b/xen/arch/arm/kernel.c @@ -XXX,XX +XXX,XX @@ void __init copy_from_paddr(void *dst, paddr_t paddr, unsigned long len) set_fixmap(FIXMAP_MISC, maddr_to_mfn(paddr), PAGE_HYPERVISOR_WC); memcpy(dst, src + s, l); clean_dcache_va_range(dst, l); + clear_fixmap(FIXMAP_MISC); paddr += l; dst += l; len -= l; } - - clear_fixmap(FIXMAP_MISC); } static void __init place_modules(struct kernel_info *info, -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel CONFIG_EARLY_PRINTK can only be set when CONFIG_DEBUG is enabled. It can be quite convenient to only modify the target. However, the target clean will not include the .config. This means CONFIG_DEBUG is not enabled and therefore make will throw an error preventing clean to continue. The check is not moved at linking time. Signed-off-by: Julien Grall <julien.grall@arm.com> --- This code is pretty nasty, but I haven't found a better way for avoiding to check if CONFIG_DEBUG is enabled when the target clean is called. Ideally we will want to move CONFIG_EARLY_PRINTK in Kconfig. I haven't had time yet to look at it properly so far. --- xen/arch/arm/Makefile | 5 +++++ xen/arch/arm/Rules.mk | 7 ------- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/xen/arch/arm/Makefile b/xen/arch/arm/Makefile index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/Makefile +++ b/xen/arch/arm/Makefile @@ -XXX,XX +XXX,XX @@ prelink.o: $(ALL_OBJS) endif $(TARGET)-syms: prelink.o xen.lds +ifneq ($(CONFIG_EARLY_PRINTK), ) +ifneq ($(CONFIG_DEBUG), y) + $(error CONFIG_EARLY_PRINTK enabled for non-debug build) +endif +endif $(LD) $(LDFLAGS) -T xen.lds -N prelink.o \ $(BASEDIR)/common/symbols-dummy.o -o $(@D)/.$(@F).0 $(NM) -pa --format=sysv $(@D)/.$(@F).0 \ diff --git a/xen/arch/arm/Rules.mk b/xen/arch/arm/Rules.mk index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/Rules.mk +++ b/xen/arch/arm/Rules.mk @@ -XXX,XX +XXX,XX @@ CFLAGS-$(EARLY_PRINTK) += -DEARLY_PRINTK_BAUD=$(EARLY_PRINTK_BAUD) CFLAGS-$(EARLY_PRINTK) += -DEARLY_UART_BASE_ADDRESS=$(EARLY_UART_BASE_ADDRESS) CFLAGS-$(EARLY_PRINTK) += -DEARLY_UART_REG_SHIFT=$(EARLY_UART_REG_SHIFT) -else # !CONFIG_DEBUG - -ifneq ($(CONFIG_EARLY_PRINTK),) -# Early printk is dependant on a debug build. -$(error CONFIG_EARLY_PRINTK enabled for non-debug build) -endif - endif -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel Hi all, This is the second part of the boot/memory rework for Xen on Arm. This part contains mostly clean-up & fixes found during the rework. The first part of the rework is "xen/arm: TLB flush helpers rework" [1]. For convenience, I provided a branch with all the patches applied based on staging: git://xenbits.xen.org/people/julieng/xen-unstable.git branch mm/part2/v2 Cheers, [1] https://lists.xenproject.org/archives/html/xen-devel/2019-05/msg01109.html Julien Grall (19): xen/const: Extend the existing macro BIT to take a suffix in parameter xen/arm: Rename SCTLR_* defines and remove unused one xen/arm: processor: Use BIT(.., UL) instead of _AC(1, U) in SCTLR_ defines xen/arm: Rework HSCTLR_BASE xen/arm: Remove parameter cpuid from start_xen xen/arm: Rework secondary_start prototype xen/arm64: head: Remove unnecessary comment xen/arm64: head: Move earlyprintk messages in .rodata.str xen/arm64: head: Correctly report the HW CPU ID xen/arm32: head: Correctly report the HW CPU ID xen/arm32: head: Don't set MAIR0 and MAIR1 xen/arm32: head: Always zero r3 before update a page-table entry xen/arm32: mm: Avoid to zero and clean cache for CPU0 domheap xen/arm32: mm: Avoid cleaning the cache for secondary CPUs page-tables xen/arm: mm: Introduce DEFINE_PAGE_TABLE{,S} and use it xen/arm: mm: Protect Xen page-table update with a spinlock xen/arm: mm: Initialize page-tables earlier xen/arm: mm: Check start is always before end in {destroy, modify}_xen_mappings xen/arm: Pair call to set_fixmap with call to clear_fixmap in copy_from_paddr xen/arch/arm/arm32/head.S | 34 ++++---------- xen/arch/arm/arm32/insn.c | 2 +- xen/arch/arm/arm64/head.S | 40 +++++------------ xen/arch/arm/arm64/insn.c | 18 ++++---- xen/arch/arm/gic-v3-its.c | 13 +++--- xen/arch/arm/gic-v3-lpi.c | 4 +- xen/arch/arm/guest_walk.c | 10 ++--- xen/arch/arm/kernel.c | 3 +- xen/arch/arm/mm.c | 62 +++++++++++++------------- xen/arch/arm/setup.c | 7 ++- xen/arch/arm/smpboot.c | 4 +- xen/arch/arm/traps.c | 6 +-- xen/arch/arm/vgic-v3-its.c | 12 ++--- xen/arch/arm/vgic-v3.c | 2 +- xen/arch/arm/vgic.c | 2 +- xen/drivers/char/meson-uart.c | 16 +++---- xen/drivers/char/mvebu-uart.c | 34 +++++++------- xen/include/asm-arm/asm_defns.h | 5 +++ xen/include/asm-arm/bitops.h | 2 - xen/include/asm-arm/gic_v3_defs.h | 4 +- xen/include/asm-arm/gic_v3_its.h | 10 ++--- xen/include/asm-arm/p2m.h | 4 +- xen/include/asm-arm/processor.h | 93 ++++++++++++++++++++++++++++++--------- xen/include/xen/const.h | 2 + 24 files changed, 201 insertions(+), 188 deletions(-) -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel Arm currently provides two macro BIT and BIT_ULL that are only usable in C and return respectively unsigned long and unsigned long long. Extending the macros to deal with assembly would be a nice benefits as it could replace the common pattern to define fields (AC(1, sfx) << X) easier to read. Rather than extending the two macros, it was decided to drop BIT_ULL() and extend the macro BIT() to take a suffix (e.g U, UL, ULL) in parameter. This would allow to use different suffix without having to define new macros. The new extend macro is now moved in include/xen/const.h so it can be used by anyone in Xen and also avoid to include bitops.h in assembly code. Signed-off-by: Julien Grall <julien.grall@arm.com> --- Changes in v2: - Replace "xen/const: Introduce _BITUL and _BITULL" --- xen/arch/arm/arm32/insn.c | 2 +- xen/arch/arm/arm64/insn.c | 18 +++++++++--------- xen/arch/arm/gic-v3-its.c | 13 +++++++------ xen/arch/arm/gic-v3-lpi.c | 4 ++-- xen/arch/arm/guest_walk.c | 8 ++++---- xen/arch/arm/vgic-v3-its.c | 12 ++++++------ xen/arch/arm/vgic-v3.c | 2 +- xen/arch/arm/vgic.c | 2 +- xen/drivers/char/meson-uart.c | 16 ++++++++-------- xen/drivers/char/mvebu-uart.c | 34 +++++++++++++++++----------------- xen/include/asm-arm/bitops.h | 2 -- xen/include/asm-arm/gic_v3_defs.h | 4 ++-- xen/include/asm-arm/gic_v3_its.h | 10 +++++----- xen/include/xen/const.h | 2 ++ 14 files changed, 65 insertions(+), 64 deletions(-) diff --git a/xen/arch/arm/arm32/insn.c b/xen/arch/arm/arm32/insn.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/insn.c +++ b/xen/arch/arm/arm32/insn.c @@ -XXX,XX +XXX,XX @@ int32_t aarch32_get_branch_offset(uint32_t insn) * Check the imm signed bit. If the imm is a negative value, we * have to extend the imm to a full 32 bit negative value. */ - if ( imm & BIT(23) ) + if ( imm & BIT(23, UL) ) imm |= GENMASK(31, 24); return (int32_t)(imm << 2); diff --git a/xen/arch/arm/arm64/insn.c b/xen/arch/arm/arm64/insn.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/insn.c +++ b/xen/arch/arm/arm64/insn.c @@ -XXX,XX +XXX,XX @@ static int __kprobes aarch64_get_imm_shift_mask(enum aarch64_insn_imm_type type, switch (type) { case AARCH64_INSN_IMM_26: - mask = BIT(26) - 1; + mask = BIT(26, UL) - 1; shift = 0; break; case AARCH64_INSN_IMM_19: - mask = BIT(19) - 1; + mask = BIT(19, UL) - 1; shift = 5; break; case AARCH64_INSN_IMM_16: - mask = BIT(16) - 1; + mask = BIT(16, UL) - 1; shift = 5; break; case AARCH64_INSN_IMM_14: - mask = BIT(14) - 1; + mask = BIT(14, UL) - 1; shift = 5; break; case AARCH64_INSN_IMM_12: - mask = BIT(12) - 1; + mask = BIT(12, UL) - 1; shift = 10; break; case AARCH64_INSN_IMM_9: - mask = BIT(9) - 1; + mask = BIT(9, UL) - 1; shift = 12; break; case AARCH64_INSN_IMM_7: - mask = BIT(7) - 1; + mask = BIT(7, UL) - 1; shift = 15; break; case AARCH64_INSN_IMM_6: case AARCH64_INSN_IMM_S: - mask = BIT(6) - 1; + mask = BIT(6, UL) - 1; shift = 10; break; case AARCH64_INSN_IMM_R: - mask = BIT(6) - 1; + mask = BIT(6, UL) - 1; shift = 16; break; default: diff --git a/xen/arch/arm/gic-v3-its.c b/xen/arch/arm/gic-v3-its.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/gic-v3-its.c +++ b/xen/arch/arm/gic-v3-its.c @@ -XXX,XX +XXX,XX @@ static int its_map_baser(void __iomem *basereg, uint64_t regc, * attributes), retrying if necessary. */ retry: - table_size = ROUNDUP(nr_items * entry_size, BIT(BASER_PAGE_BITS(pagesz))); + table_size = ROUNDUP(nr_items * entry_size, + BIT(BASER_PAGE_BITS(pagesz), UL)); /* The BASE registers support at most 256 pages. */ table_size = min(table_size, 256U << BASER_PAGE_BITS(pagesz)); - buffer = _xzalloc(table_size, BIT(BASER_PAGE_BITS(pagesz))); + buffer = _xzalloc(table_size, BIT(BASER_PAGE_BITS(pagesz), UL)); if ( !buffer ) return -ENOMEM; @@ -XXX,XX +XXX,XX @@ static int gicv3_its_init_single_its(struct host_its *hw_its) case GITS_BASER_TYPE_NONE: continue; case GITS_BASER_TYPE_DEVICE: - ret = its_map_baser(basereg, reg, BIT(hw_its->devid_bits)); + ret = its_map_baser(basereg, reg, BIT(hw_its->devid_bits, UL)); if ( ret ) return ret; break; @@ -XXX,XX +XXX,XX @@ int gicv3_its_map_guest_device(struct domain *d, return ret; /* Sanitise the provided hardware values against the host ITS. */ - if ( host_devid >= BIT(hw_its->devid_bits) ) + if ( host_devid >= BIT(hw_its->devid_bits, UL) ) return -EINVAL; /* @@ -XXX,XX +XXX,XX @@ int gicv3_its_map_guest_device(struct domain *d, * TODO: Investigate if the number of events can be limited to smaller * values if the guest does not require that many. */ - nr_events = BIT(fls(nr_events - 1)); + nr_events = BIT(fls(nr_events - 1), UL); if ( nr_events < LPI_BLOCK ) nr_events = LPI_BLOCK; - if ( nr_events >= BIT(hw_its->evid_bits) ) + if ( nr_events >= BIT(hw_its->evid_bits, UL) ) return -EINVAL; /* check for already existing mappings */ diff --git a/xen/arch/arm/gic-v3-lpi.c b/xen/arch/arm/gic-v3-lpi.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/gic-v3-lpi.c +++ b/xen/arch/arm/gic-v3-lpi.c @@ -XXX,XX +XXX,XX @@ int gicv3_lpi_init_host_lpis(unsigned int host_lpi_bits) printk(XENLOG_WARNING "WARNING: max_lpi_bits must be between 14 and 32, adjusting.\n"); max_lpi_bits = max(max_lpi_bits, 14U); - lpi_data.max_host_lpi_ids = BIT(min(host_lpi_bits, max_lpi_bits)); + lpi_data.max_host_lpi_ids = BIT(min(host_lpi_bits, max_lpi_bits), UL); /* * Warn if the number of LPIs are quite high, as the user might not want * to waste megabytes of memory for a mostly empty table. * It's very unlikely that we need more than 24 bits worth of LPIs. */ - if ( lpi_data.max_host_lpi_ids > BIT(24) ) + if ( lpi_data.max_host_lpi_ids > BIT(24, UL) ) warning_add("Using high number of LPIs, limit memory usage with max_lpi_bits\n"); spin_lock_init(&lpi_data.host_lpis_lock); diff --git a/xen/arch/arm/guest_walk.c b/xen/arch/arm/guest_walk.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/guest_walk.c +++ b/xen/arch/arm/guest_walk.c @@ -XXX,XX +XXX,XX @@ static unsigned int get_top_bit(struct domain *d, vaddr_t gva, register_t tcr) topbit = 31; else { - if ( ((gva & BIT_ULL(55)) && (tcr & TCR_EL1_TBI1)) || - (!(gva & BIT_ULL(55)) && (tcr & TCR_EL1_TBI0)) ) + if ( ((gva & BIT(55, ULL)) && (tcr & TCR_EL1_TBI1)) || + (!(gva & BIT(55, ULL)) && (tcr & TCR_EL1_TBI0)) ) topbit = 55; else topbit = 63; @@ -XXX,XX +XXX,XX @@ static bool guest_walk_ld(const struct vcpu *v, { /* Select the TTBR(0|1)_EL1 that will be used for address translation. */ - if ( (gva & BIT_ULL(topbit)) == 0 ) + if ( (gva & BIT(topbit, ULL)) == 0 ) { input_size = 64 - t0_sz; @@ -XXX,XX +XXX,XX @@ static bool guest_walk_ld(const struct vcpu *v, * inherited by page table attributes (ARM DDI 0487B.a J1-5928). */ xn_table |= pte.pt.xnt; /* Execute-Never */ - ro_table |= pte.pt.apt & BIT(1); /* Read-Only */ + ro_table |= pte.pt.apt & BIT(1, UL);/* Read-Only */ /* Compute the base address of the next level translation table. */ mask = GENMASK_ULL(47, grainsizes[gran]); diff --git a/xen/arch/arm/vgic-v3-its.c b/xen/arch/arm/vgic-v3-its.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/vgic-v3-its.c +++ b/xen/arch/arm/vgic-v3-its.c @@ -XXX,XX +XXX,XX @@ typedef uint16_t coll_table_entry_t; */ typedef uint64_t dev_table_entry_t; #define DEV_TABLE_ITT_ADDR(x) ((x) & GENMASK(51, 8)) -#define DEV_TABLE_ITT_SIZE(x) (BIT(((x) & GENMASK(4, 0)) + 1)) +#define DEV_TABLE_ITT_SIZE(x) (BIT(((x) & GENMASK(4, 0)) + 1, UL)) #define DEV_TABLE_ENTRY(addr, bits) \ (((addr) & GENMASK(51, 8)) | (((bits) - 1) & GENMASK(4, 0))) @@ -XXX,XX +XXX,XX @@ typedef uint64_t dev_table_entry_t; */ static paddr_t get_baser_phys_addr(uint64_t reg) { - if ( reg & BIT(9) ) + if ( reg & BIT(9, UL) ) return (reg & GENMASK(47, 16)) | ((reg & GENMASK(15, 12)) << 36); else @@ -XXX,XX +XXX,XX @@ static int its_set_collection(struct virt_its *its, uint16_t collid, paddr_t addr = get_baser_phys_addr(its->baser_coll); /* The collection table entry must be able to store a VCPU ID. */ - BUILD_BUG_ON(BIT(sizeof(coll_table_entry_t) * 8) < MAX_VIRT_CPUS); + BUILD_BUG_ON(BIT(sizeof(coll_table_entry_t) * 8, UL) < MAX_VIRT_CPUS); ASSERT(spin_is_locked(&its->its_lock)); @@ -XXX,XX +XXX,XX @@ static int its_handle_mapd(struct virt_its *its, uint64_t *cmdptr) */ ret = gicv3_its_map_guest_device(its->d, its->doorbell_address, devid, its->doorbell_address, devid, - BIT(size), valid); + BIT(size, UL), valid); if ( ret && valid ) return ret; } @@ -XXX,XX +XXX,XX @@ static int vgic_v3_its_mmio_write(struct vcpu *v, mmio_info_t *info, if ( reg & GITS_VALID_BIT ) { its->max_devices = its_baser_nr_entries(reg); - if ( its->max_devices > BIT(its->devid_bits) ) - its->max_devices = BIT(its->devid_bits); + if ( its->max_devices > BIT(its->devid_bits, UL) ) + its->max_devices = BIT(its->devid_bits, UL); } else its->max_devices = 0; diff --git a/xen/arch/arm/vgic-v3.c b/xen/arch/arm/vgic-v3.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/vgic-v3.c +++ b/xen/arch/arm/vgic-v3.c @@ -XXX,XX +XXX,XX @@ static uint64_t sanitize_pendbaser(uint64_t reg) static void vgic_vcpu_enable_lpis(struct vcpu *v) { uint64_t reg = v->domain->arch.vgic.rdist_propbase; - unsigned int nr_lpis = BIT((reg & 0x1f) + 1); + unsigned int nr_lpis = BIT((reg & 0x1f) + 1, UL); /* rdists_enabled is protected by the domain lock. */ ASSERT(spin_is_locked(&v->domain->arch.vgic.lock)); diff --git a/xen/arch/arm/vgic.c b/xen/arch/arm/vgic.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/vgic.c +++ b/xen/arch/arm/vgic.c @@ -XXX,XX +XXX,XX @@ struct vgic_irq_rank *vgic_rank_irq(struct vcpu *v, unsigned int irq) void vgic_init_pending_irq(struct pending_irq *p, unsigned int virq) { /* The lpi_vcpu_id field must be big enough to hold a VCPU ID. */ - BUILD_BUG_ON(BIT(sizeof(p->lpi_vcpu_id) * 8) < MAX_VIRT_CPUS); + BUILD_BUG_ON(BIT(sizeof(p->lpi_vcpu_id) * 8, UL) < MAX_VIRT_CPUS); memset(p, 0, sizeof(*p)); INIT_LIST_HEAD(&p->inflight); diff --git a/xen/drivers/char/meson-uart.c b/xen/drivers/char/meson-uart.c index XXXXXXX..XXXXXXX 100644 --- a/xen/drivers/char/meson-uart.c +++ b/xen/drivers/char/meson-uart.c @@ -XXX,XX +XXX,XX @@ #define AML_UART_MISC_REG 0x10 /* UART_CONTROL bits */ -#define AML_UART_TX_RST BIT(22) -#define AML_UART_RX_RST BIT(23) -#define AML_UART_CLEAR_ERR BIT(24) -#define AML_UART_RX_INT_EN BIT(27) -#define AML_UART_TX_INT_EN BIT(28) +#define AML_UART_TX_RST BIT(22, UL) +#define AML_UART_RX_RST BIT(23, UL) +#define AML_UART_CLEAR_ERR BIT(24, UL) +#define AML_UART_RX_INT_EN BIT(27, UL) +#define AML_UART_TX_INT_EN BIT(28, UL) /* UART_STATUS bits */ -#define AML_UART_RX_FIFO_EMPTY BIT(20) -#define AML_UART_TX_FIFO_FULL BIT(21) -#define AML_UART_TX_FIFO_EMPTY BIT(22) +#define AML_UART_RX_FIFO_EMPTY BIT(20, UL) +#define AML_UART_TX_FIFO_FULL BIT(21, UL) +#define AML_UART_TX_FIFO_EMPTY BIT(22, UL) #define AML_UART_TX_CNT_MASK GENMASK(14, 8) /* AML_UART_MISC bits */ diff --git a/xen/drivers/char/mvebu-uart.c b/xen/drivers/char/mvebu-uart.c index XXXXXXX..XXXXXXX 100644 --- a/xen/drivers/char/mvebu-uart.c +++ b/xen/drivers/char/mvebu-uart.c @@ -XXX,XX +XXX,XX @@ #define UART_TX_REG 0x04 #define UART_CTRL_REG 0x08 -#define CTRL_TXFIFO_RST BIT(15) -#define CTRL_RXFIFO_RST BIT(14) -#define CTRL_TX_RDY_INT BIT(5) -#define CTRL_RX_RDY_INT BIT(4) -#define CTRL_BRK_DET_INT BIT(3) -#define CTRL_FRM_ERR_INT BIT(2) -#define CTRL_PAR_ERR_INT BIT(1) -#define CTRL_OVR_ERR_INT BIT(0) +#define CTRL_TXFIFO_RST BIT(15, UL) +#define CTRL_RXFIFO_RST BIT(14, UL) +#define CTRL_TX_RDY_INT BIT(5, UL) +#define CTRL_RX_RDY_INT BIT(4, UL) +#define CTRL_BRK_DET_INT BIT(3, UL) +#define CTRL_FRM_ERR_INT BIT(2, UL) +#define CTRL_PAR_ERR_INT BIT(1, UL) +#define CTRL_OVR_ERR_INT BIT(0, UL) #define CTRL_ERR_INT (CTRL_BRK_DET_INT | CTRL_FRM_ERR_INT | \ CTRL_PAR_ERR_INT | CTRL_OVR_ERR_INT) #define UART_STATUS_REG 0x0c -#define STATUS_TXFIFO_EMP BIT(13) -#define STATUS_TXFIFO_FUL BIT(11) -#define STATUS_TXFIFO_HFL BIT(10) -#define STATUS_TX_RDY BIT(5) -#define STATUS_RX_RDY BIT(4) -#define STATUS_BRK_DET BIT(3) -#define STATUS_FRM_ERR BIT(2) -#define STATUS_PAR_ERR BIT(1) -#define STATUS_OVR_ERR BIT(0) +#define STATUS_TXFIFO_EMP BIT(13, UL) +#define STATUS_TXFIFO_FUL BIT(11, UL) +#define STATUS_TXFIFO_HFL BIT(10, UL) +#define STATUS_TX_RDY BIT(5, UL) +#define STATUS_RX_RDY BIT(4, UL) +#define STATUS_BRK_DET BIT(3, UL) +#define STATUS_FRM_ERR BIT(2, UL) +#define STATUS_PAR_ERR BIT(1, UL) +#define STATUS_OVR_ERR BIT(0, UL) #define STATUS_BRK_ERR (STATUS_BRK_DET | STATUS_FRM_ERR | \ STATUS_PAR_ERR | STATUS_OVR_ERR) diff --git a/xen/include/asm-arm/bitops.h b/xen/include/asm-arm/bitops.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/bitops.h +++ b/xen/include/asm-arm/bitops.h @@ -XXX,XX +XXX,XX @@ #define __clear_bit(n,p) clear_bit(n,p) #define BITS_PER_WORD 32 -#define BIT(nr) (1UL << (nr)) #define BIT_MASK(nr) (1UL << ((nr) % BITS_PER_WORD)) #define BIT_WORD(nr) ((nr) / BITS_PER_WORD) -#define BIT_ULL(nr) (1ULL << (nr)) #define BITS_PER_BYTE 8 #define ADDR (*(volatile int *) addr) diff --git a/xen/include/asm-arm/gic_v3_defs.h b/xen/include/asm-arm/gic_v3_defs.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/gic_v3_defs.h +++ b/xen/include/asm-arm/gic_v3_defs.h @@ -XXX,XX +XXX,XX @@ (7UL << GICR_PENDBASER_INNER_CACHEABILITY_SHIFT) #define GICR_PENDBASER_OUTER_CACHEABILITY_MASK \ (7UL << GICR_PENDBASER_OUTER_CACHEABILITY_SHIFT) -#define GICR_PENDBASER_PTZ BIT(62) +#define GICR_PENDBASER_PTZ BIT(62, UL) #define GICR_PENDBASER_RES0_MASK \ - (BIT(63) | GENMASK(61, 59) | GENMASK(55, 52) | \ + (BIT(63, UL) | GENMASK(61, 59) | GENMASK(55, 52) | \ GENMASK(15, 12) | GENMASK(6, 0)) #define DEFAULT_PMR_VALUE 0xff diff --git a/xen/include/asm-arm/gic_v3_its.h b/xen/include/asm-arm/gic_v3_its.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/gic_v3_its.h +++ b/xen/include/asm-arm/gic_v3_its.h @@ -XXX,XX +XXX,XX @@ #define GITS_PIDR2 GICR_PIDR2 /* Register bits */ -#define GITS_VALID_BIT BIT(63) +#define GITS_VALID_BIT BIT(63, UL) -#define GITS_CTLR_QUIESCENT BIT(31) -#define GITS_CTLR_ENABLE BIT(0) +#define GITS_CTLR_QUIESCENT BIT(31, UL) +#define GITS_CTLR_ENABLE BIT(0, UL) -#define GITS_TYPER_PTA BIT(19) +#define GITS_TYPER_PTA BIT(19, UL) #define GITS_TYPER_DEVIDS_SHIFT 13 #define GITS_TYPER_DEVIDS_MASK (0x1fUL << GITS_TYPER_DEVIDS_SHIFT) #define GITS_TYPER_DEVICE_ID_BITS(r) (((r & GITS_TYPER_DEVIDS_MASK) >> \ @@ -XXX,XX +XXX,XX @@ GITS_TYPER_ITT_SIZE_SHIFT) + 1) #define GITS_TYPER_PHYSICAL (1U << 0) -#define GITS_BASER_INDIRECT BIT(62) +#define GITS_BASER_INDIRECT BIT(62, UL) #define GITS_BASER_INNER_CACHEABILITY_SHIFT 59 #define GITS_BASER_TYPE_SHIFT 56 #define GITS_BASER_TYPE_MASK (7ULL << GITS_BASER_TYPE_SHIFT) diff --git a/xen/include/xen/const.h b/xen/include/xen/const.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/xen/const.h +++ b/xen/include/xen/const.h @@ -XXX,XX +XXX,XX @@ #define _AT(T,X) ((T)(X)) #endif +#define BIT(pos, sfx) (_AC(1, sfx) << (pos)) + #endif /* __XEN_CONST_H__ */ -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The AIVIVT is a type of instruction cache available on Armv7. This is the only cache not implementing the IVIPT extension and therefore requiring specific care. To simplify maintenance requirements, Xen will not boot on platform using AIVIVT cache. This should not be an issue because Xen Arm32 can only boot on a small number of processors (see arch/arm/arm32/proc-v7.S). All of them are not using AIVIVT cache. Signed-off-by: Julien Grall <julien.grall@arm.com> --- Changes in v3: - Patch added --- xen/arch/arm/setup.c | 5 +++++ xen/include/asm-arm/processor.h | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -XXX,XX +XXX,XX @@ static void __init setup_mm(unsigned long dtb_paddr, size_t dtb_size) unsigned long boot_mfn_start, boot_mfn_end; int i; void *fdt; + const uint32_t ctr = READ_CP32(CTR); if ( !bootinfo.mem.nr_banks ) panic("No memory bank\n"); + /* We only supports instruction caches implementing the IVIPT extension. */ + if ( ((ctr >> CTR_L1Ip_SHIFT) & CTR_L1Ip_MASK) == CTR_L1Ip_AIVIVT ) + panic("AIVIVT instruction cache not supported\n"); + init_pdx(); ram_start = bootinfo.mem.bank[0].start; diff --git a/xen/include/asm-arm/processor.h b/xen/include/asm-arm/processor.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/processor.h +++ b/xen/include/asm-arm/processor.h @@ -XXX,XX +XXX,XX @@ #endif #include <public/arch-arm.h> +/* CTR Cache Type Register */ +#define CTR_L1Ip_MASK 0x3 +#define CTR_L1Ip_SHIFT 14 +#define CTR_L1Ip_AIVIVT 0x1 + /* MIDR Main ID Register */ #define MIDR_REVISION_MASK 0xf #define MIDR_RESIVION(midr) ((midr) & MIDR_REVISION_MASK) -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The logic to set SCTLR_EL2.WXN is the same for the boot CPU and non-boot CPU. So introduce a function to set the bit and clear TLBs. This new function will help us to document and update the logic in a single place. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> --- Changes in v3: - Add Stefano's reviewed-by Changes in v2: - Fix typo in the commit message - Add Andrii's reviewed-by --- xen/arch/arm/mm.c | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ void __init remove_early_mappings(void) flush_xen_data_tlb_range_va(BOOT_FDT_VIRT_START, BOOT_FDT_SLOT_SIZE); } +/* + * After boot, Xen page-tables should not contain mapping that are both + * Writable and eXecutables. + * + * This should be called on each CPU to enforce the policy. + */ +static void xen_pt_enforce_wnx(void) +{ + WRITE_SYSREG32(READ_SYSREG32(SCTLR_EL2) | SCTLR_WXN, SCTLR_EL2); + /* Flush everything after setting WXN bit. */ + flush_xen_text_tlb_local(); +} + extern void switch_ttbr(uint64_t ttbr); /* Clear a translation table and clean & invalidate the cache */ @@ -XXX,XX +XXX,XX @@ void __init setup_pagetables(unsigned long boot_phys_offset) clear_table(boot_second); clear_table(boot_third); - /* From now on, no mapping may be both writable and executable. */ - WRITE_SYSREG32(READ_SYSREG32(SCTLR_EL2) | SCTLR_WXN, SCTLR_EL2); - /* Flush everything after setting WXN bit. */ - flush_xen_text_tlb_local(); + xen_pt_enforce_wnx(); #ifdef CONFIG_ARM_32 per_cpu(xen_pgtable, 0) = cpu0_pgtable; @@ -XXX,XX +XXX,XX @@ int init_secondary_pagetables(int cpu) /* MMU setup for secondary CPUS (which already have paging enabled) */ void mmu_init_secondary_cpu(void) { - /* From now on, no mapping may be both writable and executable. */ - WRITE_SYSREG32(READ_SYSREG32(SCTLR_EL2) | SCTLR_WXN, SCTLR_EL2); - flush_xen_text_tlb_local(); + xen_pt_enforce_wnx(); } #ifdef CONFIG_ARM_32 -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The SCTLR_* are currently used for SCTLR/HSCTLR (arm32) and SCTLR_EL1/SCTLR_EL2 (arm64). The naming scheme is actually quite confusing because they may only be defined for an archicture (or even an exception level). So it is not easy for the developer to know which one to use. The naming scheme is reworked by adding Axx_ELx in each define: * xx is replaced by 32 or 64 if specific to an architecture * x is replaced by 2 (hypervisor) or 1 (kernel) if specific to an exception level While doing the renaming, remove the unused defines (or at least the ones that are unlikely going to be used). Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v2: - Fix build on arm32 - Add Andrii's reviewed-by --- xen/arch/arm/arm32/head.S | 5 +++-- xen/arch/arm/arm64/head.S | 4 ++-- xen/arch/arm/guest_walk.c | 2 +- xen/arch/arm/mm.c | 2 +- xen/arch/arm/traps.c | 6 +++--- xen/include/asm-arm/p2m.h | 4 +++- xen/include/asm-arm/processor.h | 37 +++++++++++++++++-------------------- 7 files changed, 30 insertions(+), 30 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ cpu_init_done: * Alignment checking enabled, * MMU translation disabled (for now). */ - ldr r0, =(HSCTLR_BASE|SCTLR_A) + ldr r0, =(HSCTLR_BASE|SCTLR_Axx_ELx_A) mcr CP32(r0, HSCTLR) /* @@ -XXX,XX +XXX,XX @@ virtphys_clash: ldr r1, =paging /* Explicit vaddr, not RIP-relative */ mrc CP32(r0, HSCTLR) - orr r0, r0, #(SCTLR_M|SCTLR_C) /* Enable MMU and D-cache */ + /* Enable MMU and D-cache */ + orr r0, r0, #(SCTLR_Axx_ELx_M|SCTLR_Axx_ELx_C) dsb /* Flush PTE writes and finish reads */ mcr CP32(r0, HSCTLR) /* now paging is enabled */ isb /* Now, flush the icache */ diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ virtphys_clash: ldr x1, =paging /* Explicit vaddr, not RIP-relative */ mrs x0, SCTLR_EL2 - orr x0, x0, #SCTLR_M /* Enable MMU */ - orr x0, x0, #SCTLR_C /* Enable D-cache */ + orr x0, x0, #SCTLR_Axx_ELx_M /* Enable MMU */ + orr x0, x0, #SCTLR_Axx_ELx_C /* Enable D-cache */ dsb sy /* Flush PTE writes and finish reads */ msr SCTLR_EL2, x0 /* now paging is enabled */ isb /* Now, flush the icache */ diff --git a/xen/arch/arm/guest_walk.c b/xen/arch/arm/guest_walk.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/guest_walk.c +++ b/xen/arch/arm/guest_walk.c @@ -XXX,XX +XXX,XX @@ bool guest_walk_tables(const struct vcpu *v, vaddr_t gva, *perms = GV2M_READ; /* If the MMU is disabled, there is no need to translate the gva. */ - if ( !(sctlr & SCTLR_M) ) + if ( !(sctlr & SCTLR_Axx_ELx_M) ) { *ipa = gva; diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ void __init remove_early_mappings(void) */ static void xen_pt_enforce_wnx(void) { - WRITE_SYSREG32(READ_SYSREG32(SCTLR_EL2) | SCTLR_WXN, SCTLR_EL2); + WRITE_SYSREG32(READ_SYSREG32(SCTLR_EL2) | SCTLR_Axx_ELx_WXN, SCTLR_EL2); /* * The TLBs may cache SCTLR_EL2.WXN. So ensure it is synchronized * before flushing the TLBs. diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -XXX,XX +XXX,XX @@ static void cpsr_switch_mode(struct cpu_user_regs *regs, int mode) regs->cpsr |= PSR_IRQ_MASK; if ( mode == PSR_MODE_ABT ) regs->cpsr |= PSR_ABT_MASK; - if ( sctlr & SCTLR_TE ) + if ( sctlr & SCTLR_A32_ELx_TE ) regs->cpsr |= PSR_THUMB; - if ( sctlr & SCTLR_EE ) + if ( sctlr & SCTLR_Axx_ELx_EE ) regs->cpsr |= PSR_BIG_ENDIAN; } @@ -XXX,XX +XXX,XX @@ static vaddr_t exception_handler32(vaddr_t offset) { uint32_t sctlr = READ_SYSREG32(SCTLR_EL1); - if ( sctlr & SCTLR_V ) + if ( sctlr & SCTLR_A32_EL1_V ) return 0xffff0000 + offset; else /* always have security exceptions */ return READ_SYSREG(VBAR_EL1) + offset; diff --git a/xen/include/asm-arm/p2m.h b/xen/include/asm-arm/p2m.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/p2m.h +++ b/xen/include/asm-arm/p2m.h @@ -XXX,XX +XXX,XX @@ static inline int set_foreign_p2m_entry(struct domain *d, unsigned long gfn, */ static inline bool vcpu_has_cache_enabled(struct vcpu *v) { + const uint32_t mask = SCTLR_Axx_ELx_C | SCTLR_Axx_ELx_M; + /* Only works with the current vCPU */ ASSERT(current == v); - return (READ_SYSREG32(SCTLR_EL1) & (SCTLR_C|SCTLR_M)) == (SCTLR_C|SCTLR_M); + return (READ_SYSREG32(SCTLR_EL1) & mask) == mask; } #endif /* _XEN_P2M_H */ diff --git a/xen/include/asm-arm/processor.h b/xen/include/asm-arm/processor.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/processor.h +++ b/xen/include/asm-arm/processor.h @@ -XXX,XX +XXX,XX @@ #define TTBCR_PD1 (_AC(1,U)<<5) /* SCTLR System Control Register. */ -/* HSCTLR is a subset of this. */ -#define SCTLR_TE (_AC(1,U)<<30) -#define SCTLR_AFE (_AC(1,U)<<29) -#define SCTLR_TRE (_AC(1,U)<<28) -#define SCTLR_NMFI (_AC(1,U)<<27) -#define SCTLR_EE (_AC(1,U)<<25) -#define SCTLR_VE (_AC(1,U)<<24) -#define SCTLR_U (_AC(1,U)<<22) -#define SCTLR_FI (_AC(1,U)<<21) -#define SCTLR_WXN (_AC(1,U)<<19) -#define SCTLR_HA (_AC(1,U)<<17) -#define SCTLR_RR (_AC(1,U)<<14) -#define SCTLR_V (_AC(1,U)<<13) -#define SCTLR_I (_AC(1,U)<<12) -#define SCTLR_Z (_AC(1,U)<<11) -#define SCTLR_SW (_AC(1,U)<<10) -#define SCTLR_B (_AC(1,U)<<7) -#define SCTLR_C (_AC(1,U)<<2) -#define SCTLR_A (_AC(1,U)<<1) -#define SCTLR_M (_AC(1,U)<<0) + +/* Bits specific to SCTLR_EL1 for Arm32 */ + +#define SCTLR_A32_EL1_V (_AC(1,U)<<13) + +/* Common bits for SCTLR_ELx for Arm32 */ + +#define SCTLR_A32_ELx_TE (_AC(1,U)<<30) +#define SCTLR_A32_ELx_FI (_AC(1,U)<<21) + +/* Common bits for SCTLR_ELx on all architectures */ +#define SCTLR_Axx_ELx_EE (_AC(1,U)<<25) +#define SCTLR_Axx_ELx_WXN (_AC(1,U)<<19) +#define SCTLR_Axx_ELx_I (_AC(1,U)<<12) +#define SCTLR_Axx_ELx_C (_AC(1,U)<<2) +#define SCTLR_Axx_ELx_A (_AC(1,U)<<1) +#define SCTLR_Axx_ELx_M (_AC(1,U)<<0) #define HSCTLR_BASE _AC(0x30c51878,U) -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel Use the pattern BIT(..., UL) to make the code more readable. Note that unsigned long is used instead of unsigned because SCTLR is technically 32-bit on Arm32 and 64-bit on Arm64. Signed-off-by: Julien Grall <julien.grall@arm.com> --- Changes in v2: - Rework the patch to use BIT(..., UL) instead of _BITUL(...). --- xen/include/asm-arm/processor.h | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/xen/include/asm-arm/processor.h b/xen/include/asm-arm/processor.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/processor.h +++ b/xen/include/asm-arm/processor.h @@ -XXX,XX +XXX,XX @@ /* Bits specific to SCTLR_EL1 for Arm32 */ -#define SCTLR_A32_EL1_V (_AC(1,U)<<13) +#define SCTLR_A32_EL1_V BIT(13, UL) /* Common bits for SCTLR_ELx for Arm32 */ -#define SCTLR_A32_ELx_TE (_AC(1,U)<<30) -#define SCTLR_A32_ELx_FI (_AC(1,U)<<21) +#define SCTLR_A32_ELx_TE BIT(30, UL) +#define SCTLR_A32_ELx_FI BIT(21, UL) /* Common bits for SCTLR_ELx on all architectures */ -#define SCTLR_Axx_ELx_EE (_AC(1,U)<<25) -#define SCTLR_Axx_ELx_WXN (_AC(1,U)<<19) -#define SCTLR_Axx_ELx_I (_AC(1,U)<<12) -#define SCTLR_Axx_ELx_C (_AC(1,U)<<2) -#define SCTLR_Axx_ELx_A (_AC(1,U)<<1) -#define SCTLR_Axx_ELx_M (_AC(1,U)<<0) +#define SCTLR_Axx_ELx_EE BIT(25, UL) +#define SCTLR_Axx_ELx_WXN BIT(19, UL) +#define SCTLR_Axx_ELx_I BIT(12, UL) +#define SCTLR_Axx_ELx_C BIT(2, UL) +#define SCTLR_Axx_ELx_A BIT(1, UL) +#define SCTLR_Axx_ELx_M BIT(0, UL) #define HSCTLR_BASE _AC(0x30c51878,U) -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The function flush_xen_text_tlb_local() has been misused and will result to invalidate the instruction cache more than necessary. For instance, there is no need to invalidate the instruction cache if we are setting SCTLR_EL2.WXN. There is effectively only one caller (i.e free_init_memory() who would need to invalidate the instruction cache. So rather than keeping around the function flush_xen_text_tlb_local() replace it with call to flush_xen_tlb_local() and explicitely flush the cache when necessary. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v3: - Fix typoes Changes in v2: - Add Andrii's reviewed-by --- xen/arch/arm/mm.c | 17 ++++++++++++++--- xen/include/asm-arm/arm32/page.h | 23 +++++++++-------------- xen/include/asm-arm/arm64/page.h | 21 +++++---------------- 3 files changed, 28 insertions(+), 33 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ void __init remove_early_mappings(void) static void xen_pt_enforce_wnx(void) { WRITE_SYSREG32(READ_SYSREG32(SCTLR_EL2) | SCTLR_WXN, SCTLR_EL2); - /* Flush everything after setting WXN bit. */ - flush_xen_text_tlb_local(); + /* + * The TLBs may cache SCTLR_EL2.WXN. So ensure it is synchronized + * before flushing the TLBs. + */ + isb(); + flush_xen_data_tlb_local(); } extern void switch_ttbr(uint64_t ttbr); @@ -XXX,XX +XXX,XX @@ static void set_pte_flags_on_range(const char *p, unsigned long l, enum mg mg) } write_pte(xen_xenmap + i, pte); } - flush_xen_text_tlb_local(); + flush_xen_data_tlb_local(); } /* Release all __init and __initdata ranges to be reused */ @@ -XXX,XX +XXX,XX @@ void free_init_memory(void) uint32_t *p; set_pte_flags_on_range(__init_begin, len, mg_rw); + + /* + * From now on, init will not be used for execution anymore, + * so nuke the instruction cache to remove entries related to init. + */ + invalidate_icache_local(); + #ifdef CONFIG_ARM_32 /* udf instruction i.e (see A8.8.247 in ARM DDI 0406C.c) */ insn = 0xe7f000f0; diff --git a/xen/include/asm-arm/arm32/page.h b/xen/include/asm-arm/arm32/page.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm32/page.h +++ b/xen/include/asm-arm/arm32/page.h @@ -XXX,XX +XXX,XX @@ static inline void invalidate_icache(void) } /* - * Flush all hypervisor mappings from the TLB and branch predictor of - * the local processor. - * - * This is needed after changing Xen code mappings. - * - * The caller needs to issue the necessary DSB and D-cache flushes - * before calling flush_xen_text_tlb. + * Invalidate all instruction caches on the local processor to PoU. + * We also need to flush the branch predictor for ARMv7 as it may be + * architecturally visible to the software (see B2.2.4 in ARM DDI 0406C.b). */ -static inline void flush_xen_text_tlb_local(void) +static inline void invalidate_icache_local(void) { asm volatile ( - "isb;" /* Ensure synchronization with previous changes to text */ - CMD_CP32(TLBIALLH) /* Flush hypervisor TLB */ - CMD_CP32(ICIALLU) /* Flush I-cache */ - CMD_CP32(BPIALL) /* Flush branch predictor */ - "dsb;" /* Ensure completion of TLB+BP flush */ - "isb;" + CMD_CP32(ICIALLU) /* Flush I-cache. */ + CMD_CP32(BPIALL) /* Flush branch predictor. */ : : : "memory"); + + dsb(nsh); /* Ensure completion of the flush I-cache */ + isb(); /* Synchronize fetched instruction stream. */ } /* diff --git a/xen/include/asm-arm/arm64/page.h b/xen/include/asm-arm/arm64/page.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm64/page.h +++ b/xen/include/asm-arm/arm64/page.h @@ -XXX,XX +XXX,XX @@ static inline void invalidate_icache(void) isb(); } -/* - * Flush all hypervisor mappings from the TLB of the local processor. - * - * This is needed after changing Xen code mappings. - * - * The caller needs to issue the necessary DSB and D-cache flushes - * before calling flush_xen_text_tlb. - */ -static inline void flush_xen_text_tlb_local(void) +/* Invalidate all instruction caches on the local processor to PoU */ +static inline void invalidate_icache_local(void) { - asm volatile ( - "isb;" /* Ensure synchronization with previous changes to text */ - "tlbi alle2;" /* Flush hypervisor TLB */ - "ic iallu;" /* Flush I-cache */ - "dsb sy;" /* Ensure completion of TLB flush */ - "isb;" - : : : "memory"); + asm volatile ("ic iallu"); + dsb(nsh); /* Ensure completion of the I-cache flush */ + isb(); } /* -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel TLB helpers in the headers tlbflush.h are currently quite confusing to use the name may lead to think they are dealing with hypervisors TLBs while they actually deal with guest TLBs. Rename them to make it clearer that we are dealing with guest TLBs. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> Acked-by: Stefano Stabellini <sstabellini@kernel.org> --- Changes in v3: - Add Stefano's acked-by Changes in v2: - Add Andrii's reviewed-by --- xen/arch/arm/p2m.c | 6 +++--- xen/arch/arm/smp.c | 2 +- xen/arch/arm/traps.c | 2 +- xen/include/asm-arm/arm32/flushtlb.h | 8 ++++---- xen/include/asm-arm/arm64/flushtlb.h | 8 ++++---- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/xen/arch/arm/p2m.c b/xen/arch/arm/p2m.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/p2m.c +++ b/xen/arch/arm/p2m.c @@ -XXX,XX +XXX,XX @@ void p2m_restore_state(struct vcpu *n) * when running multiple vCPU of the same domain on a single pCPU. */ if ( *last_vcpu_ran != INVALID_VCPU_ID && *last_vcpu_ran != n->vcpu_id ) - flush_tlb_local(); + flush_guest_tlb_local(); *last_vcpu_ran = n->vcpu_id; } @@ -XXX,XX +XXX,XX @@ static void p2m_force_tlb_flush_sync(struct p2m_domain *p2m) isb(); } - flush_tlb(); + flush_guest_tlb(); if ( ovttbr != READ_SYSREG64(VTTBR_EL2) ) { @@ -XXX,XX +XXX,XX @@ static void setup_virt_paging_one(void *data) WRITE_SYSREG(READ_SYSREG(HCR_EL2) | HCR_VM, HCR_EL2); isb(); - flush_tlb_all_local(); + flush_all_guests_tlb_local(); } } diff --git a/xen/arch/arm/smp.c b/xen/arch/arm/smp.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/smp.c +++ b/xen/arch/arm/smp.c @@ -XXX,XX +XXX,XX @@ void flush_tlb_mask(const cpumask_t *mask) { /* No need to IPI other processors on ARM, the processor takes care of it. */ - flush_tlb_all(); + flush_all_guests_tlb(); } void smp_send_event_check_mask(const cpumask_t *mask) diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -XXX,XX +XXX,XX @@ static void do_trap_stage2_abort_guest(struct cpu_user_regs *regs, * still be inaccurate. */ if ( !is_data ) - flush_tlb_local(); + flush_guest_tlb_local(); rc = gva_to_ipa(gva, &gpa, GV2M_READ); /* diff --git a/xen/include/asm-arm/arm32/flushtlb.h b/xen/include/asm-arm/arm32/flushtlb.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm32/flushtlb.h +++ b/xen/include/asm-arm/arm32/flushtlb.h @@ -XXX,XX +XXX,XX @@ #define __ASM_ARM_ARM32_FLUSHTLB_H__ /* Flush local TLBs, current VMID only */ -static inline void flush_tlb_local(void) +static inline void flush_guest_tlb_local(void) { dsb(sy); @@ -XXX,XX +XXX,XX @@ static inline void flush_tlb_local(void) } /* Flush inner shareable TLBs, current VMID only */ -static inline void flush_tlb(void) +static inline void flush_guest_tlb(void) { dsb(sy); @@ -XXX,XX +XXX,XX @@ static inline void flush_tlb(void) } /* Flush local TLBs, all VMIDs, non-hypervisor mode */ -static inline void flush_tlb_all_local(void) +static inline void flush_all_guests_tlb_local(void) { dsb(sy); @@ -XXX,XX +XXX,XX @@ static inline void flush_tlb_all_local(void) } /* Flush innershareable TLBs, all VMIDs, non-hypervisor mode */ -static inline void flush_tlb_all(void) +static inline void flush_all_guests_tlb(void) { dsb(sy); diff --git a/xen/include/asm-arm/arm64/flushtlb.h b/xen/include/asm-arm/arm64/flushtlb.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm64/flushtlb.h +++ b/xen/include/asm-arm/arm64/flushtlb.h @@ -XXX,XX +XXX,XX @@ #define __ASM_ARM_ARM64_FLUSHTLB_H__ /* Flush local TLBs, current VMID only */ -static inline void flush_tlb_local(void) +static inline void flush_guest_tlb_local(void) { asm volatile( "dsb sy;" @@ -XXX,XX +XXX,XX @@ static inline void flush_tlb_local(void) } /* Flush innershareable TLBs, current VMID only */ -static inline void flush_tlb(void) +static inline void flush_guest_tlb(void) { asm volatile( "dsb sy;" @@ -XXX,XX +XXX,XX @@ static inline void flush_tlb(void) } /* Flush local TLBs, all VMIDs, non-hypervisor mode */ -static inline void flush_tlb_all_local(void) +static inline void flush_all_guests_tlb_local(void) { asm volatile( "dsb sy;" @@ -XXX,XX +XXX,XX @@ static inline void flush_tlb_all_local(void) } /* Flush innershareable TLBs, all VMIDs, non-hypervisor mode */ -static inline void flush_tlb_all(void) +static inline void flush_all_guests_tlb(void) { asm volatile( "dsb sy;" -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The current value of HSCTLR_BASE for Arm64 is pretty wrong. It would actually turn on SCTLR_EL2.nAA (bit 6) on hardware implementing ARMv8.4-LSE. Furthermore, the documentation of what is cleared/set in SCTLR_EL2 is also not correct and looks like to be a verbatim copy from Arm32. HSCTLR_BASE is replaced with a bunch of per-architecture new defines helping to understand better what is the initialie value for SCTLR_EL2/HSCTLR. Note the defines *_CLEAR are only used to check the state of each bits are known. Lastly, the documentation is dropped from arm{32,64}/head.S as it would be pretty easy to get out-of-sync with the definitions. Signed-off-by: Julien Grall <julien.grall@arm.com> --- Changes in v2: - Use BIT(..., UL) instead of _BITUL --- xen/arch/arm/arm32/head.S | 12 +-------- xen/arch/arm/arm64/head.S | 10 +------- xen/include/asm-arm/processor.h | 54 ++++++++++++++++++++++++++++++++++++++++- 3 files changed, 55 insertions(+), 21 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ cpu_init_done: ldr r0, =(TCR_RES1|TCR_SH0_IS|TCR_ORGN0_WBWA|TCR_IRGN0_WBWA|TCR_T0SZ(0)) mcr CP32(r0, HTCR) - /* - * Set up the HSCTLR: - * Exceptions in LE ARM, - * Low-latency IRQs disabled, - * Write-implies-XN disabled (for now), - * D-cache disabled (for now), - * I-cache enabled, - * Alignment checking enabled, - * MMU translation disabled (for now). - */ - ldr r0, =(HSCTLR_BASE|SCTLR_Axx_ELx_A) + ldr r0, =HSCTLR_SET mcr CP32(r0, HSCTLR) /* diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ skip_bss: msr tcr_el2, x0 - /* Set up the SCTLR_EL2: - * Exceptions in LE ARM, - * Low-latency IRQs disabled, - * Write-implies-XN disabled (for now), - * D-cache disabled (for now), - * I-cache enabled, - * Alignment checking disabled, - * MMU translation disabled (for now). */ - ldr x0, =(HSCTLR_BASE) + ldr x0, =SCTLR_EL2_SET msr SCTLR_EL2, x0 /* Ensure that any exceptions encountered at EL2 diff --git a/xen/include/asm-arm/processor.h b/xen/include/asm-arm/processor.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/processor.h +++ b/xen/include/asm-arm/processor.h @@ -XXX,XX +XXX,XX @@ #define SCTLR_A32_ELx_TE BIT(30, UL) #define SCTLR_A32_ELx_FI BIT(21, UL) +/* Common bits for SCTLR_ELx for Arm64 */ +#define SCTLR_A64_ELx_SA BIT(3, UL) + /* Common bits for SCTLR_ELx on all architectures */ #define SCTLR_Axx_ELx_EE BIT(25, UL) #define SCTLR_Axx_ELx_WXN BIT(19, UL) @@ -XXX,XX +XXX,XX @@ #define SCTLR_Axx_ELx_A BIT(1, UL) #define SCTLR_Axx_ELx_M BIT(0, UL) -#define HSCTLR_BASE _AC(0x30c51878,U) +#ifdef CONFIG_ARM_32 + +#define HSCTLR_RES1 (BIT( 3, UL) | BIT( 4, UL) | BIT( 5, UL) |\ + BIT( 6, UL) | BIT(11, UL) | BIT(16, UL) |\ + BIT(18, UL) | BIT(22, UL) | BIT(23, UL) |\ + BIT(28, UL) | BIT(29, UL)) + +#define HSCTLR_RES0 (BIT(7, UL) | BIT(8, UL) | BIT(9, UL) | BIT(10, UL) |\ + BIT(13, UL) | BIT(14, UL) | BIT(15, UL) | BIT(17, UL) |\ + BIT(20, UL) | BIT(24, UL) | BIT(26, UL) | BIT(27, UL) |\ + BIT(31, UL)) + +/* Initial value for HSCTLR */ +#define HSCTLR_SET (HSCTLR_RES1 | SCTLR_Axx_ELx_A | SCTLR_Axx_ELx_I) + +#define HSCTLR_CLEAR (HSCTLR_RES0 | SCTLR_Axx_ELx_M |\ + SCTLR_Axx_ELx_C | SCTLR_Axx_ELx_WXN |\ + SCTLR_A32_ELx_FI | SCTLR_Axx_ELx_EE |\ + SCTLR_A32_ELx_TE) + +#if (HSCTLR_SET ^ HSCTLR_CLEAR) != 0xffffffffU +#error "Inconsistent HSCTLR set/clear bits" +#endif + +#else + +#define SCTLR_EL2_RES1 (BIT( 4, UL) | BIT( 5, UL) | BIT(11, UL) |\ + BIT(16, UL) | BIT(18, UL) | BIT(22, UL) |\ + BIT(23, UL) | BIT(28, UL) | BIT(29, UL)) + +#define SCTLR_EL2_RES0 (BIT( 6, UL) | BIT( 7, UL) | BIT( 8, UL) |\ + BIT( 9, UL) | BIT(10, UL) | BIT(13, UL) |\ + BIT(14, UL) | BIT(15, UL) | BIT(17, UL) |\ + BIT(20, UL) | BIT(21, UL) | BIT(24, UL) |\ + BIT(26, UL) | BIT(27, UL) | BIT(30, UL) |\ + BIT(31, UL) | (0xffffffffULL << 32)) + +/* Initial value for SCTLR_EL2 */ +#define SCTLR_EL2_SET (SCTLR_EL2_RES1 | SCTLR_A64_ELx_SA |\ + SCTLR_Axx_ELx_I) + +#define SCTLR_EL2_CLEAR (SCTLR_EL2_RES0 | SCTLR_Axx_ELx_M |\ + SCTLR_Axx_ELx_A | SCTLR_Axx_ELx_C |\ + SCTLR_Axx_ELx_WXN | SCTLR_Axx_ELx_EE) + +#if (SCTLR_EL2_SET ^ SCTLR_EL2_CLEAR) != 0xffffffffffffffffUL +#error "Inconsistent SCTLR_EL2 set/clear bits" +#endif + +#endif /* HCR Hyp Configuration Register */ #define HCR_RW (_AC(1,UL)<<31) /* Register Width, ARM64 only */ -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The parameter cpuid is not used by start_xen. So remove it. Signed-off-by: Julien Grall <julien.grall@arm.com> --- - Re-order the patch with "xen/arm: Rework secondary_start prototype" --- xen/arch/arm/arm32/head.S | 1 - xen/arch/arm/arm64/head.S | 1 - xen/arch/arm/setup.c | 3 +-- 3 files changed, 1 insertion(+), 4 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ launch: sub sp, #CPUINFO_sizeof /* Make room for CPU save record */ mov r0, r10 /* Marshal args: - phys_offset */ mov r1, r8 /* - DTB address */ - mov r2, r7 /* - CPU ID */ teq r12, #0 beq start_xen /* and disappear into the land of C */ b start_secondary /* (to the appropriate entry point) */ diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ launch: mov x0, x20 /* Marshal args: - phys_offset */ mov x1, x21 /* - FDT */ - mov x2, x24 /* - CPU ID */ cbnz x22, 1f b start_xen /* and disappear into the land of C */ 1: diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -XXX,XX +XXX,XX @@ size_t __read_mostly dcache_line_bytes; /* C entry point for boot CPU */ void __init start_xen(unsigned long boot_phys_offset, - unsigned long fdt_paddr, - unsigned long cpuid) + unsigned long fdt_paddr) { size_t fdt_size; int cpus, i; -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel Now that we dropped flush_xen_text_tlb_local(), we have only one set of helpers acting on Xen TLBs. There naming are quite confusing because the TLB instructions used will act on both Data and Instruction TLBs. Take the opportunity to rework the documentation which can be confusing to read as they don't match the implementation. Note the mention about the instruction cache maintenance has been removed because modifying mapping does not require instruction cache maintenance. Lastly, switch from unsigned long to vaddr_t as the function technically deal with virtual address. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v3: - Update commit message - Fix typoes Changes in v2: - Add Andrii's reviewed-by --- xen/arch/arm/mm.c | 18 +++++++++--------- xen/include/asm-arm/arm32/page.h | 15 +++++---------- xen/include/asm-arm/arm64/page.h | 15 +++++---------- xen/include/asm-arm/page.h | 28 ++++++++++++++-------------- 4 files changed, 33 insertions(+), 43 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ void set_fixmap(unsigned map, mfn_t mfn, unsigned int flags) pte.pt.table = 1; /* 4k mappings always have this bit set */ pte.pt.xn = 1; write_pte(xen_fixmap + third_table_offset(FIXMAP_ADDR(map)), pte); - flush_xen_data_tlb_range_va(FIXMAP_ADDR(map), PAGE_SIZE); + flush_xen_tlb_range_va(FIXMAP_ADDR(map), PAGE_SIZE); } /* Remove a mapping from a fixmap entry */ @@ -XXX,XX +XXX,XX @@ void clear_fixmap(unsigned map) { lpae_t pte = {0}; write_pte(xen_fixmap + third_table_offset(FIXMAP_ADDR(map)), pte); - flush_xen_data_tlb_range_va(FIXMAP_ADDR(map), PAGE_SIZE); + flush_xen_tlb_range_va(FIXMAP_ADDR(map), PAGE_SIZE); } /* Create Xen's mappings of memory. @@ -XXX,XX +XXX,XX @@ static void __init create_mappings(lpae_t *second, write_pte(p + i, pte); pte.pt.base += 1 << LPAE_SHIFT; } - flush_xen_data_tlb_local(); + flush_xen_tlb_local(); } #ifdef CONFIG_DOMAIN_PAGE @@ -XXX,XX +XXX,XX @@ void *map_domain_page(mfn_t mfn) * We may not have flushed this specific subpage at map time, * since we only flush the 4k page not the superpage */ - flush_xen_data_tlb_range_va_local(va, PAGE_SIZE); + flush_xen_tlb_range_va_local(va, PAGE_SIZE); return (void *)va; } @@ -XXX,XX +XXX,XX @@ void __init remove_early_mappings(void) write_pte(xen_second + second_table_offset(BOOT_FDT_VIRT_START), pte); write_pte(xen_second + second_table_offset(BOOT_FDT_VIRT_START + SZ_2M), pte); - flush_xen_data_tlb_range_va(BOOT_FDT_VIRT_START, BOOT_FDT_SLOT_SIZE); + flush_xen_tlb_range_va(BOOT_FDT_VIRT_START, BOOT_FDT_SLOT_SIZE); } /* @@ -XXX,XX +XXX,XX @@ static void xen_pt_enforce_wnx(void) * before flushing the TLBs. */ isb(); - flush_xen_data_tlb_local(); + flush_xen_tlb_local(); } extern void switch_ttbr(uint64_t ttbr); @@ -XXX,XX +XXX,XX @@ void __init setup_xenheap_mappings(unsigned long base_mfn, vaddr += FIRST_SIZE; } - flush_xen_data_tlb_local(); + flush_xen_tlb_local(); } #endif @@ -XXX,XX +XXX,XX @@ static int create_xen_entries(enum xenmap_operation op, BUG(); } } - flush_xen_data_tlb_range_va(virt, PAGE_SIZE * nr_mfns); + flush_xen_tlb_range_va(virt, PAGE_SIZE * nr_mfns); rc = 0; @@ -XXX,XX +XXX,XX @@ static void set_pte_flags_on_range(const char *p, unsigned long l, enum mg mg) } write_pte(xen_xenmap + i, pte); } - flush_xen_data_tlb_local(); + flush_xen_tlb_local(); } /* Release all __init and __initdata ranges to be reused */ diff --git a/xen/include/asm-arm/arm32/page.h b/xen/include/asm-arm/arm32/page.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm32/page.h +++ b/xen/include/asm-arm/arm32/page.h @@ -XXX,XX +XXX,XX @@ static inline void invalidate_icache_local(void) isb(); /* Synchronize fetched instruction stream. */ } -/* - * Flush all hypervisor mappings from the data TLB of the local - * processor. This is not sufficient when changing code mappings or - * for self modifying code. - */ -static inline void flush_xen_data_tlb_local(void) +/* Flush all hypervisor mappings from the TLB of the local processor. */ +static inline void flush_xen_tlb_local(void) { asm volatile("dsb;" /* Ensure preceding are visible */ CMD_CP32(TLBIALLH) @@ -XXX,XX +XXX,XX @@ static inline void flush_xen_data_tlb_local(void) } /* Flush TLB of local processor for address va. */ -static inline void __flush_xen_data_tlb_one_local(vaddr_t va) +static inline void __flush_xen_tlb_one_local(vaddr_t va) { asm volatile(STORE_CP32(0, TLBIMVAH) : : "r" (va) : "memory"); } -/* Flush TLB of all processors in the inner-shareable domain for - * address va. */ -static inline void __flush_xen_data_tlb_one(vaddr_t va) +/* Flush TLB of all processors in the inner-shareable domain for address va. */ +static inline void __flush_xen_tlb_one(vaddr_t va) { asm volatile(STORE_CP32(0, TLBIMVAHIS) : : "r" (va) : "memory"); } diff --git a/xen/include/asm-arm/arm64/page.h b/xen/include/asm-arm/arm64/page.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm64/page.h +++ b/xen/include/asm-arm/arm64/page.h @@ -XXX,XX +XXX,XX @@ static inline void invalidate_icache_local(void) isb(); } -/* - * Flush all hypervisor mappings from the data TLB of the local - * processor. This is not sufficient when changing code mappings or - * for self modifying code. - */ -static inline void flush_xen_data_tlb_local(void) +/* Flush all hypervisor mappings from the TLB of the local processor. */ +static inline void flush_xen_tlb_local(void) { asm volatile ( "dsb sy;" /* Ensure visibility of PTE writes */ @@ -XXX,XX +XXX,XX @@ static inline void flush_xen_data_tlb_local(void) } /* Flush TLB of local processor for address va. */ -static inline void __flush_xen_data_tlb_one_local(vaddr_t va) +static inline void __flush_xen_tlb_one_local(vaddr_t va) { asm volatile("tlbi vae2, %0;" : : "r" (va>>PAGE_SHIFT) : "memory"); } -/* Flush TLB of all processors in the inner-shareable domain for - * address va. */ -static inline void __flush_xen_data_tlb_one(vaddr_t va) +/* Flush TLB of all processors in the inner-shareable domain for address va. */ +static inline void __flush_xen_tlb_one(vaddr_t va) { asm volatile("tlbi vae2is, %0;" : : "r" (va>>PAGE_SHIFT) : "memory"); } diff --git a/xen/include/asm-arm/page.h b/xen/include/asm-arm/page.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/page.h +++ b/xen/include/asm-arm/page.h @@ -XXX,XX +XXX,XX @@ static inline int clean_and_invalidate_dcache_va_range } while (0) /* - * Flush a range of VA's hypervisor mappings from the data TLB of the - * local processor. This is not sufficient when changing code mappings - * or for self modifying code. + * Flush a range of VA's hypervisor mappings from the TLB of the local + * processor. */ -static inline void flush_xen_data_tlb_range_va_local(unsigned long va, - unsigned long size) +static inline void flush_xen_tlb_range_va_local(vaddr_t va, + unsigned long size) { - unsigned long end = va + size; + vaddr_t end = va + size; + dsb(sy); /* Ensure preceding are visible */ while ( va < end ) { - __flush_xen_data_tlb_one_local(va); + __flush_xen_tlb_one_local(va); va += PAGE_SIZE; } dsb(sy); /* Ensure completion of the TLB flush */ @@ -XXX,XX +XXX,XX @@ static inline void flush_xen_data_tlb_range_va_local(unsigned long va, } /* - * Flush a range of VA's hypervisor mappings from the data TLB of all - * processors in the inner-shareable domain. This is not sufficient - * when changing code mappings or for self modifying code. + * Flush a range of VA's hypervisor mappings from the TLB of all + * processors in the inner-shareable domain. */ -static inline void flush_xen_data_tlb_range_va(unsigned long va, - unsigned long size) +static inline void flush_xen_tlb_range_va(vaddr_t va, + unsigned long size) { - unsigned long end = va + size; + vaddr_t end = va + size; + dsb(sy); /* Ensure preceding are visible */ while ( va < end ) { - __flush_xen_data_tlb_one(va); + __flush_xen_tlb_one(va); va += PAGE_SIZE; } dsb(sy); /* Ensure completion of the TLB flush */ -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel None of the parameters of secondary_start are actually used. So turn secondary_start to a function with no parameters. Also modify the assembly code to avoid setting-up the registers before calling secondary_start. Signed-off-by: Julien Grall <julien.grall@arm.com> - Re-order the patch with "xen/arm: Remove parameter cpuid from start_xen". --- xen/arch/arm/arm32/head.S | 4 ++-- xen/arch/arm/arm64/head.S | 3 ++- xen/arch/arm/smpboot.c | 4 +--- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ launch: ldr sp, [r0] add sp, #STACK_SIZE /* (which grows down from the top). */ sub sp, #CPUINFO_sizeof /* Make room for CPU save record */ - mov r0, r10 /* Marshal args: - phys_offset */ - mov r1, r8 /* - DTB address */ teq r12, #0 + moveq r0, r10 /* Marshal args: - phys_offset */ + moveq r1, r8 /* - DTB address */ beq start_xen /* and disappear into the land of C */ b start_secondary /* (to the appropriate entry point) */ diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ launch: sub x0, x0, #CPUINFO_sizeof /* Make room for CPU save record */ mov sp, x0 + cbnz x22, 1f + mov x0, x20 /* Marshal args: - phys_offset */ mov x1, x21 /* - FDT */ - cbnz x22, 1f b start_xen /* and disappear into the land of C */ 1: b start_secondary /* (to the appropriate entry point) */ diff --git a/xen/arch/arm/smpboot.c b/xen/arch/arm/smpboot.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/smpboot.c +++ b/xen/arch/arm/smpboot.c @@ -XXX,XX +XXX,XX @@ smp_prepare_cpus(void) } /* Boot the current CPU */ -void start_secondary(unsigned long boot_phys_offset, - unsigned long fdt_paddr, - unsigned long hwid) +void start_secondary(void) { unsigned int cpuid = init_data.cpuid; -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel At the moment, TLB helpers are scattered in 2 headers: page.h (for Xen TLB helpers) and tlbflush.h (for guest TLB helpers). This patch is gathering all of them in tlbflush. This will help to uniformize and update the logic of the helpers in follow-up patches. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> Acked-by: Stefano Stabellini <sstabellini@kernel.org> --- Changes in v3: - Add Stefano's acked-by Changes in v2: - Add Andrii's reviewed-by --- xen/include/asm-arm/arm32/flushtlb.h | 22 +++++++++++++++++++++ xen/include/asm-arm/arm32/page.h | 22 --------------------- xen/include/asm-arm/arm64/flushtlb.h | 23 ++++++++++++++++++++++ xen/include/asm-arm/arm64/page.h | 23 ---------------------- xen/include/asm-arm/flushtlb.h | 38 ++++++++++++++++++++++++++++++++++++ xen/include/asm-arm/page.h | 38 ------------------------------------ 6 files changed, 83 insertions(+), 83 deletions(-) diff --git a/xen/include/asm-arm/arm32/flushtlb.h b/xen/include/asm-arm/arm32/flushtlb.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm32/flushtlb.h +++ b/xen/include/asm-arm/arm32/flushtlb.h @@ -XXX,XX +XXX,XX @@ static inline void flush_all_guests_tlb(void) isb(); } +/* Flush all hypervisor mappings from the TLB of the local processor. */ +static inline void flush_xen_tlb_local(void) +{ + asm volatile("dsb;" /* Ensure preceding are visible */ + CMD_CP32(TLBIALLH) + "dsb;" /* Ensure completion of the TLB flush */ + "isb;" + : : : "memory"); +} + +/* Flush TLB of local processor for address va. */ +static inline void __flush_xen_tlb_one_local(vaddr_t va) +{ + asm volatile(STORE_CP32(0, TLBIMVAH) : : "r" (va) : "memory"); +} + +/* Flush TLB of all processors in the inner-shareable domain for address va. */ +static inline void __flush_xen_tlb_one(vaddr_t va) +{ + asm volatile(STORE_CP32(0, TLBIMVAHIS) : : "r" (va) : "memory"); +} + #endif /* __ASM_ARM_ARM32_FLUSHTLB_H__ */ /* * Local variables: diff --git a/xen/include/asm-arm/arm32/page.h b/xen/include/asm-arm/arm32/page.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm32/page.h +++ b/xen/include/asm-arm/arm32/page.h @@ -XXX,XX +XXX,XX @@ static inline void invalidate_icache_local(void) isb(); /* Synchronize fetched instruction stream. */ } -/* Flush all hypervisor mappings from the TLB of the local processor. */ -static inline void flush_xen_tlb_local(void) -{ - asm volatile("dsb;" /* Ensure preceding are visible */ - CMD_CP32(TLBIALLH) - "dsb;" /* Ensure completion of the TLB flush */ - "isb;" - : : : "memory"); -} - -/* Flush TLB of local processor for address va. */ -static inline void __flush_xen_tlb_one_local(vaddr_t va) -{ - asm volatile(STORE_CP32(0, TLBIMVAH) : : "r" (va) : "memory"); -} - -/* Flush TLB of all processors in the inner-shareable domain for address va. */ -static inline void __flush_xen_tlb_one(vaddr_t va) -{ - asm volatile(STORE_CP32(0, TLBIMVAHIS) : : "r" (va) : "memory"); -} - /* Ask the MMU to translate a VA for us */ static inline uint64_t __va_to_par(vaddr_t va) { diff --git a/xen/include/asm-arm/arm64/flushtlb.h b/xen/include/asm-arm/arm64/flushtlb.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm64/flushtlb.h +++ b/xen/include/asm-arm/arm64/flushtlb.h @@ -XXX,XX +XXX,XX @@ static inline void flush_all_guests_tlb(void) : : : "memory"); } +/* Flush all hypervisor mappings from the TLB of the local processor. */ +static inline void flush_xen_tlb_local(void) +{ + asm volatile ( + "dsb sy;" /* Ensure visibility of PTE writes */ + "tlbi alle2;" /* Flush hypervisor TLB */ + "dsb sy;" /* Ensure completion of TLB flush */ + "isb;" + : : : "memory"); +} + +/* Flush TLB of local processor for address va. */ +static inline void __flush_xen_tlb_one_local(vaddr_t va) +{ + asm volatile("tlbi vae2, %0;" : : "r" (va>>PAGE_SHIFT) : "memory"); +} + +/* Flush TLB of all processors in the inner-shareable domain for address va. */ +static inline void __flush_xen_tlb_one(vaddr_t va) +{ + asm volatile("tlbi vae2is, %0;" : : "r" (va>>PAGE_SHIFT) : "memory"); +} + #endif /* __ASM_ARM_ARM64_FLUSHTLB_H__ */ /* * Local variables: diff --git a/xen/include/asm-arm/arm64/page.h b/xen/include/asm-arm/arm64/page.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm64/page.h +++ b/xen/include/asm-arm/arm64/page.h @@ -XXX,XX +XXX,XX @@ static inline void invalidate_icache_local(void) isb(); } -/* Flush all hypervisor mappings from the TLB of the local processor. */ -static inline void flush_xen_tlb_local(void) -{ - asm volatile ( - "dsb sy;" /* Ensure visibility of PTE writes */ - "tlbi alle2;" /* Flush hypervisor TLB */ - "dsb sy;" /* Ensure completion of TLB flush */ - "isb;" - : : : "memory"); -} - -/* Flush TLB of local processor for address va. */ -static inline void __flush_xen_tlb_one_local(vaddr_t va) -{ - asm volatile("tlbi vae2, %0;" : : "r" (va>>PAGE_SHIFT) : "memory"); -} - -/* Flush TLB of all processors in the inner-shareable domain for address va. */ -static inline void __flush_xen_tlb_one(vaddr_t va) -{ - asm volatile("tlbi vae2is, %0;" : : "r" (va>>PAGE_SHIFT) : "memory"); -} - /* Ask the MMU to translate a VA for us */ static inline uint64_t __va_to_par(vaddr_t va) { diff --git a/xen/include/asm-arm/flushtlb.h b/xen/include/asm-arm/flushtlb.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/flushtlb.h +++ b/xen/include/asm-arm/flushtlb.h @@ -XXX,XX +XXX,XX @@ static inline void page_set_tlbflush_timestamp(struct page_info *page) /* Flush specified CPUs' TLBs */ void flush_tlb_mask(const cpumask_t *mask); +/* + * Flush a range of VA's hypervisor mappings from the TLB of the local + * processor. + */ +static inline void flush_xen_tlb_range_va_local(vaddr_t va, + unsigned long size) +{ + vaddr_t end = va + size; + + dsb(sy); /* Ensure preceding are visible */ + while ( va < end ) + { + __flush_xen_tlb_one_local(va); + va += PAGE_SIZE; + } + dsb(sy); /* Ensure completion of the TLB flush */ + isb(); +} + +/* + * Flush a range of VA's hypervisor mappings from the TLB of all + * processors in the inner-shareable domain. + */ +static inline void flush_xen_tlb_range_va(vaddr_t va, + unsigned long size) +{ + vaddr_t end = va + size; + + dsb(sy); /* Ensure preceding are visible */ + while ( va < end ) + { + __flush_xen_tlb_one(va); + va += PAGE_SIZE; + } + dsb(sy); /* Ensure completion of the TLB flush */ + isb(); +} + #endif /* __ASM_ARM_FLUSHTLB_H__ */ /* * Local variables: diff --git a/xen/include/asm-arm/page.h b/xen/include/asm-arm/page.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/page.h +++ b/xen/include/asm-arm/page.h @@ -XXX,XX +XXX,XX @@ static inline int clean_and_invalidate_dcache_va_range : : "r" (_p), "m" (*_p)); \ } while (0) -/* - * Flush a range of VA's hypervisor mappings from the TLB of the local - * processor. - */ -static inline void flush_xen_tlb_range_va_local(vaddr_t va, - unsigned long size) -{ - vaddr_t end = va + size; - - dsb(sy); /* Ensure preceding are visible */ - while ( va < end ) - { - __flush_xen_tlb_one_local(va); - va += PAGE_SIZE; - } - dsb(sy); /* Ensure completion of the TLB flush */ - isb(); -} - -/* - * Flush a range of VA's hypervisor mappings from the TLB of all - * processors in the inner-shareable domain. - */ -static inline void flush_xen_tlb_range_va(vaddr_t va, - unsigned long size) -{ - vaddr_t end = va + size; - - dsb(sy); /* Ensure preceding are visible */ - while ( va < end ) - { - __flush_xen_tlb_one(va); - va += PAGE_SIZE; - } - dsb(sy); /* Ensure completion of the TLB flush */ - isb(); -} - /* Flush the dcache for an entire page. */ void flush_page_to_ram(unsigned long mfn, bool sync_icache); -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel So far, we don't have specific core initialization at boot. So remove the comment. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v2: - Fix typo in the commit message - Add Andrii's reviewed-by --- xen/arch/arm/arm64/head.S | 2 -- 1 file changed, 2 deletions(-) diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ el2: PRINT("- Xen starting at EL2 -\r\n") skip_bss: PRINT("- Setting up control registers -\r\n") - /* XXXX call PROCINFO_cpu_init here */ - /* Set up memory attribute type tables */ ldr x0, =MAIRVAL msr mair_el2, x0 -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel All the TLBs helpers invalidate all the TLB entries are using the same pattern: DSB SY TLBI ... DSB SY ISB This pattern is following pattern recommended by the Arm Arm to ensure visibility of updates to translation tables (see K11.5.2 in ARM DDI 0487D.b). We have been a bit too eager in Xen and use system-wide DSBs when this can be limited to the inner-shareable domain. Furthermore, the first DSB can be restrict further to only store in the inner-shareable domain. This is because the DSB is here to ensure visibility of the update to translation table walks. Lastly, there are a lack of documentation in most of the TLBs helper. Rather than trying to update the helpers one by one, this patch introduce a per-arch macro to generate the TLB helpers. This will be easier to update the TLBs helper in the future and the documentation. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> --- Changes in v3: - Add Stefano's reviewed-by Changes in v2: - Update the reference to the Arm Arm to the latest spec - Add Andrii's reviewed-by --- xen/include/asm-arm/arm32/flushtlb.h | 73 ++++++++++++++-------------------- xen/include/asm-arm/arm64/flushtlb.h | 76 +++++++++++++++--------------------- 2 files changed, 60 insertions(+), 89 deletions(-) diff --git a/xen/include/asm-arm/arm32/flushtlb.h b/xen/include/asm-arm/arm32/flushtlb.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm32/flushtlb.h +++ b/xen/include/asm-arm/arm32/flushtlb.h @@ -XXX,XX +XXX,XX @@ #ifndef __ASM_ARM_ARM32_FLUSHTLB_H__ #define __ASM_ARM_ARM32_FLUSHTLB_H__ -/* Flush local TLBs, current VMID only */ -static inline void flush_guest_tlb_local(void) -{ - dsb(sy); - - WRITE_CP32((uint32_t) 0, TLBIALL); - - dsb(sy); - isb(); +/* + * Every invalidation operation use the following patterns: + * + * DSB ISHST // Ensure prior page-tables updates have completed + * TLBI... // Invalidate the TLB + * DSB ISH // Ensure the TLB invalidation has completed + * ISB // See explanation below + * + * For Xen page-tables the ISB will discard any instructions fetched + * from the old mappings. + * + * For the Stage-2 page-tables the ISB ensures the completion of the DSB + * (and therefore the TLB invalidation) before continuing. So we know + * the TLBs cannot contain an entry for a mapping we may have removed. + */ +#define TLB_HELPER(name, tlbop) \ +static inline void name(void) \ +{ \ + dsb(ishst); \ + WRITE_CP32(0, tlbop); \ + dsb(ish); \ + isb(); \ } -/* Flush inner shareable TLBs, current VMID only */ -static inline void flush_guest_tlb(void) -{ - dsb(sy); - - WRITE_CP32((uint32_t) 0, TLBIALLIS); +/* Flush local TLBs, current VMID only */ +TLB_HELPER(flush_guest_tlb_local, TLBIALL); - dsb(sy); - isb(); -} +/* Flush inner shareable TLBs, current VMID only */ +TLB_HELPER(flush_guest_tlb, TLBIALLIS); /* Flush local TLBs, all VMIDs, non-hypervisor mode */ -static inline void flush_all_guests_tlb_local(void) -{ - dsb(sy); - - WRITE_CP32((uint32_t) 0, TLBIALLNSNH); - - dsb(sy); - isb(); -} +TLB_HELPER(flush_all_guests_tlb_local, TLBIALLNSNH); /* Flush innershareable TLBs, all VMIDs, non-hypervisor mode */ -static inline void flush_all_guests_tlb(void) -{ - dsb(sy); - - WRITE_CP32((uint32_t) 0, TLBIALLNSNHIS); - - dsb(sy); - isb(); -} +TLB_HELPER(flush_all_guests_tlb, TLBIALLNSNHIS); /* Flush all hypervisor mappings from the TLB of the local processor. */ -static inline void flush_xen_tlb_local(void) -{ - asm volatile("dsb;" /* Ensure preceding are visible */ - CMD_CP32(TLBIALLH) - "dsb;" /* Ensure completion of the TLB flush */ - "isb;" - : : : "memory"); -} +TLB_HELPER(flush_xen_tlb_local, TLBIALLH); /* Flush TLB of local processor for address va. */ static inline void __flush_xen_tlb_one_local(vaddr_t va) diff --git a/xen/include/asm-arm/arm64/flushtlb.h b/xen/include/asm-arm/arm64/flushtlb.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/arm64/flushtlb.h +++ b/xen/include/asm-arm/arm64/flushtlb.h @@ -XXX,XX +XXX,XX @@ #ifndef __ASM_ARM_ARM64_FLUSHTLB_H__ #define __ASM_ARM_ARM64_FLUSHTLB_H__ -/* Flush local TLBs, current VMID only */ -static inline void flush_guest_tlb_local(void) -{ - asm volatile( - "dsb sy;" - "tlbi vmalls12e1;" - "dsb sy;" - "isb;" - : : : "memory"); +/* + * Every invalidation operation use the following patterns: + * + * DSB ISHST // Ensure prior page-tables updates have completed + * TLBI... // Invalidate the TLB + * DSB ISH // Ensure the TLB invalidation has completed + * ISB // See explanation below + * + * For Xen page-tables the ISB will discard any instructions fetched + * from the old mappings. + * + * For the Stage-2 page-tables the ISB ensures the completion of the DSB + * (and therefore the TLB invalidation) before continuing. So we know + * the TLBs cannot contain an entry for a mapping we may have removed. + */ +#define TLB_HELPER(name, tlbop) \ +static inline void name(void) \ +{ \ + asm volatile( \ + "dsb ishst;" \ + "tlbi " # tlbop ";" \ + "dsb ish;" \ + "isb;" \ + : : : "memory"); \ } +/* Flush local TLBs, current VMID only. */ +TLB_HELPER(flush_guest_tlb_local, vmalls12e1); + /* Flush innershareable TLBs, current VMID only */ -static inline void flush_guest_tlb(void) -{ - asm volatile( - "dsb sy;" - "tlbi vmalls12e1is;" - "dsb sy;" - "isb;" - : : : "memory"); -} +TLB_HELPER(flush_guest_tlb, vmalls12e1is); /* Flush local TLBs, all VMIDs, non-hypervisor mode */ -static inline void flush_all_guests_tlb_local(void) -{ - asm volatile( - "dsb sy;" - "tlbi alle1;" - "dsb sy;" - "isb;" - : : : "memory"); -} +TLB_HELPER(flush_all_guests_tlb_local, alle1); /* Flush innershareable TLBs, all VMIDs, non-hypervisor mode */ -static inline void flush_all_guests_tlb(void) -{ - asm volatile( - "dsb sy;" - "tlbi alle1is;" - "dsb sy;" - "isb;" - : : : "memory"); -} +TLB_HELPER(flush_all_guests_tlb, alle1is); /* Flush all hypervisor mappings from the TLB of the local processor. */ -static inline void flush_xen_tlb_local(void) -{ - asm volatile ( - "dsb sy;" /* Ensure visibility of PTE writes */ - "tlbi alle2;" /* Flush hypervisor TLB */ - "dsb sy;" /* Ensure completion of TLB flush */ - "isb;" - : : : "memory"); -} +TLB_HELPER(flush_xen_tlb_local, alle2); /* Flush TLB of local processor for address va. */ static inline void __flush_xen_tlb_one_local(vaddr_t va) -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel At the moment, the earlyprintk messages are interleaved with the instructions. This makes more difficult to read the objdump output. Introduce a new macro to add a string in .rodata.str and use it for all the earlyprintk messages. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- I haven't done a similar change in arm32 yet because the compiler will throw an error when using 'adr' when load an address from a different section (see A5-200 in ARM DDI 0406C.a for the technical reason). The change is likely to be more elaborate. Changes in v2: - Add Andrii's reviewed-by --- xen/arch/arm/arm64/head.S | 14 +++++--------- xen/include/asm-arm/asm_defns.h | 5 +++++ 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ /* Macro to print a string to the UART, if there is one. * Clobbers x0-x3. */ #ifdef CONFIG_EARLY_PRINTK -#define PRINT(_s) \ - adr x0, 98f ; \ - bl puts ; \ - b 99f ; \ -98: .asciz _s ; \ - .align 2 ; \ -99: +#define PRINT(_s) \ + adr x0, 98f ; \ + bl puts ; \ + RODATA_STR(98, _s) #else /* CONFIG_EARLY_PRINTK */ #define PRINT(s) #endif /* !CONFIG_EARLY_PRINTK */ @@ -XXX,XX +XXX,XX @@ init_uart: #endif adr x0, 1f b puts -1: .asciz "- UART enabled -\r\n" - .align 4 +RODATA_STR(1, "- UART enabled -\r\n") /* Print early debug messages. * x0: Nul-terminated string to print. diff --git a/xen/include/asm-arm/asm_defns.h b/xen/include/asm-arm/asm_defns.h index XXXXXXX..XXXXXXX 100644 --- a/xen/include/asm-arm/asm_defns.h +++ b/xen/include/asm-arm/asm_defns.h @@ -XXX,XX +XXX,XX @@ # error "unknown ARM variant" #endif +#define RODATA_STR(label, msg) \ +.pushsection .rodata.str, "aMS", %progbits, 1 ; \ +label: .asciz msg; \ +.popsection + #endif /* __ARM_ASM_DEFNS_H__ */ /* * Local variables: -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel At the moment, create_xen_entries will only flush the TLBs if the full range has successfully been updated. This may lead to leave unwanted entries in the TLBs if we fail to update some entries. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> --- Changes in v2: - Add Andrii's reviewed-by - Add Stefano's reviewed-by --- xen/arch/arm/mm.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ static int create_xen_entries(enum xenmap_operation op, unsigned long nr_mfns, unsigned int flags) { - int rc; + int rc = 0; unsigned long addr = virt, addr_end = addr + nr_mfns * PAGE_SIZE; lpae_t pte, *entry; lpae_t *third = NULL; @@ -XXX,XX +XXX,XX @@ static int create_xen_entries(enum xenmap_operation op, { printk("%s: trying to replace an existing mapping addr=%lx mfn=%"PRI_mfn"\n", __func__, addr, mfn_x(mfn)); - return -EINVAL; + rc = -EINVAL; + goto out; } if ( op == RESERVE ) break; @@ -XXX,XX +XXX,XX @@ static int create_xen_entries(enum xenmap_operation op, { printk("%s: trying to %s a non-existing mapping addr=%lx\n", __func__, op == REMOVE ? "remove" : "modify", addr); - return -EINVAL; + rc = -EINVAL; + goto out; } if ( op == REMOVE ) pte.bits = 0; @@ -XXX,XX +XXX,XX @@ static int create_xen_entries(enum xenmap_operation op, { printk("%s: Incorrect combination for addr=%lx\n", __func__, addr); - return -EINVAL; + rc = -EINVAL; + goto out; } } write_pte(entry, pte); @@ -XXX,XX +XXX,XX @@ static int create_xen_entries(enum xenmap_operation op, BUG(); } } +out: + /* + * Flush the TLBs even in case of failure because we may have + * partially modified the PT. This will prevent any unexpected + * behavior afterwards. + */ flush_xen_tlb_range_va(virt, PAGE_SIZE * nr_mfns); - rc = 0; - -out: return rc; } -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel There are no reason to consider the HW CPU ID will be 0 when the processor is part of a uniprocessor system. At best, this will result to conflicting output as the rest of Xen use the value directly read from MPIDR_EL1. So remove the zeroing and logic to check if the CPU is part of a uniprocessor system. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v2: - Add Andrii's reviewed-by --- xen/arch/arm/arm64/head.S | 6 ------ 1 file changed, 6 deletions(-) diff --git a/xen/arch/arm/arm64/head.S b/xen/arch/arm/arm64/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm64/head.S +++ b/xen/arch/arm/arm64/head.S @@ -XXX,XX +XXX,XX @@ GLOBAL(init_secondary) mov x26, #1 /* X26 := skip_zero_bss */ common_start: - mov x24, #0 /* x24 := CPU ID. Initialy zero until we - * find that multiprocessor extensions are - * present and the system is SMP */ mrs x0, mpidr_el1 - tbnz x0, _MPIDR_UP, 1f /* Uniprocessor system? */ - ldr x13, =(~MPIDR_HWID_MASK) bic x24, x0, x13 /* Mask out flags to get CPU ID */ -1: /* Non-boot CPUs wait here until __cpu_up is ready for them */ cbz x22, 1f -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel There are no reason to consider the HW CPU ID will be 0 when the processor is part of a uniprocessor system. At best, this will result to conflicting output as the rest of Xen use the value directly read from MPIDR. So remove the zeroing and logic to check if the CPU is part of a uniprocessor system. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v2: - Add Andrii's reviewed-by --- xen/arch/arm/arm32/head.S | 8 -------- 1 file changed, 8 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ GLOBAL(init_secondary) mov r12, #1 /* r12 := is_secondary_cpu */ common_start: - mov r7, #0 /* r7 := CPU ID. Initialy zero until we - * find that multiprocessor extensions are - * present and the system is SMP */ mrc CP32(r1, MPIDR) - tst r1, #MPIDR_SMP /* Multiprocessor extension supported? */ - beq 1f - tst r1, #MPIDR_UP /* Uniprocessor system? */ - bne 1f bic r7, r1, #(~MPIDR_HWID_MASK) /* Mask out flags to get CPU ID */ -1: /* Non-boot CPUs wait here until __cpu_up is ready for them */ teq r12, #0 -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The co-processor registers MAIR0 and MAIR1 are managed by EL1. So there are no need to initialize them during Xen boot. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v2 - Add Andrii's reviewed-by --- xen/arch/arm/arm32/head.S | 2 -- 1 file changed, 2 deletions(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ cpu_init_done: /* Set up memory attribute type tables */ ldr r0, =MAIR0VAL ldr r1, =MAIR1VAL - mcr CP32(r0, MAIR0) - mcr CP32(r1, MAIR1) mcr CP32(r0, HMAIR0) mcr CP32(r1, HMAIR1) -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The boot code is using r2 and r3 to hold the page-table entry value. While r2 is always updated before storing the value, this is not always the case for r3. Thankfully today, r3 will always be zero when we care. But this is difficult to track and error-prone. So always zero r3 within the few instructions before the write the page-table entry. Signed-off-by: Julien Grall <julien.grall@arm.com> --- Changes in v2: - Use 0x0 instead of 0 - Remove a duplicate mov r3, #0 --- xen/arch/arm/arm32/head.S | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/arm32/head.S +++ b/xen/arch/arm/arm32/head.S @@ -XXX,XX +XXX,XX @@ cpu_init_done: orr r2, r2, #PT_UPPER(MEM) /* r2:r3 := section map */ orr r2, r2, #PT_LOWER(MEM) lsl r1, r1, #3 /* r1 := Slot offset */ + mov r3, #0x0 strd r2, r3, [r4, r1] /* Mapping of paddr(start) */ mov r6, #1 /* r6 := identity map now in place */ @@ -XXX,XX +XXX,XX @@ paging: /* Add UART to the fixmap table */ ldr r1, =xen_fixmap /* r1 := vaddr (xen_fixmap) */ - mov r3, #0 lsr r2, r11, #THIRD_SHIFT lsl r2, r2, #THIRD_SHIFT /* 4K aligned paddr of UART */ orr r2, r2, #PT_UPPER(DEV_L3) orr r2, r2, #PT_LOWER(DEV_L3) /* r2:r3 := 4K dev map including UART */ + mov r3, #0x0 strd r2, r3, [r1, #(FIXMAP_CONSOLE*8)] /* Map it in the first fixmap's slot */ 1: @@ -XXX,XX +XXX,XX @@ paging: orr r2, r2, #PT_LOWER(PT) /* r2:r3 := table map of xen_fixmap */ ldr r4, =FIXMAP_ADDR(0) mov r4, r4, lsr #(SECOND_SHIFT - 3) /* r4 := Slot for FIXMAP(0) */ + mov r3, #0x0 strd r2, r3, [r1, r4] /* Map it in the fixmap's slot */ /* Use a virtual address to access the UART. */ -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The page-table walker is configured to use the same shareability and cacheability as the access performed when updating the page-tables. This means cleaning the cache for CPU0 domheap is unnecessary. Furthermore, CPU0 page-tables are part of Xen binary and will already be zeroed before been used. So it is pointless to zero the domheap again. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v2: - Tweak a bit the commit message - Add Andrii's reviewed-by --- xen/arch/arm/mm.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ void __init setup_pagetables(unsigned long boot_phys_offset) #ifdef CONFIG_ARM_32 per_cpu(xen_pgtable, 0) = cpu0_pgtable; per_cpu(xen_dommap, 0) = cpu0_dommap; - - /* Make sure it is clear */ - memset(this_cpu(xen_dommap), 0, DOMHEAP_SECOND_PAGES*PAGE_SIZE); - clean_dcache_va_range(this_cpu(xen_dommap), - DOMHEAP_SECOND_PAGES*PAGE_SIZE); #endif } -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The page-table walker is configured to use the same shareability and cacheability as the access performed when updating the page-tables. This means cleaning the cache for secondary CPUs runtime page-tables is unnecessary. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v2: - Add Andrii's reviewed-by --- xen/arch/arm/mm.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ int init_secondary_pagetables(int cpu) write_pte(&first[first_table_offset(DOMHEAP_VIRT_START+i*FIRST_SIZE)], pte); } - clean_dcache_va_range(first, PAGE_SIZE); - clean_dcache_va_range(domheap, DOMHEAP_SECOND_PAGES*PAGE_SIZE); - per_cpu(xen_pgtable, cpu) = first; per_cpu(xen_dommap, cpu) = domheap; -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel We have multiple static page-tables defined in arch/arm/mm.c. The current way to define them is difficult to read and does not help when making modification. Two new helpers DEFINE_PAGE_TABLES (to define multiple page-tables) and DEFINE_PAGE_TABLE (alias of DEFINE_PAGE_TABLES(..., 1)) are introduced and now used to define static page-tables. Note that DEFINE_PAGE_TABLES() alignment differs from what is currently used for allocating page-tables. This is fine because page-tables are only required to be aligned to a page-size. Signed-off-by: Julien Grall <julien.grall@arm.com> --- Changes in v2: - Patch in replacement of "Use the shorter version __aligned(PAGE_SIZE) to align page-tables". --- xen/arch/arm/mm.c | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ struct domain *dom_xen, *dom_io, *dom_cow; #undef mfn_to_virt #define mfn_to_virt(mfn) __mfn_to_virt(mfn_x(mfn)) +#define DEFINE_PAGE_TABLES(name, nr) \ +lpae_t __aligned(PAGE_SIZE) name[LPAE_ENTRIES * (nr)] + +#define DEFINE_PAGE_TABLE(name) DEFINE_PAGE_TABLES(name, 1) + /* Static start-of-day pagetables that we use before the allocators * are up. These are used by all CPUs during bringup before switching * to the CPUs own pagetables. @@ -XXX,XX +XXX,XX @@ struct domain *dom_xen, *dom_io, *dom_cow; * Finally, if EARLY_PRINTK is enabled then xen_fixmap will be mapped * by the CPU once it has moved off the 1:1 mapping. */ -lpae_t boot_pgtable[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +DEFINE_PAGE_TABLE(boot_pgtable); #ifdef CONFIG_ARM_64 -lpae_t boot_first[LPAE_ENTRIES] __attribute__((__aligned__(4096))); -lpae_t boot_first_id[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +DEFINE_PAGE_TABLE(boot_first); +DEFINE_PAGE_TABLE(boot_first_id); #endif -lpae_t boot_second[LPAE_ENTRIES] __attribute__((__aligned__(4096))); -lpae_t boot_third[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +DEFINE_PAGE_TABLE(boot_second); +DEFINE_PAGE_TABLE(boot_third); /* Main runtime page tables */ @@ -XXX,XX +XXX,XX @@ lpae_t boot_third[LPAE_ENTRIES] __attribute__((__aligned__(4096))); #ifdef CONFIG_ARM_64 #define HYP_PT_ROOT_LEVEL 0 -lpae_t xen_pgtable[LPAE_ENTRIES] __attribute__((__aligned__(4096))); -lpae_t xen_first[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +static DEFINE_PAGE_TABLE(xen_pgtable); +static DEFINE_PAGE_TABLE(xen_first); #define THIS_CPU_PGTABLE xen_pgtable #else #define HYP_PT_ROOT_LEVEL 1 @@ -XXX,XX +XXX,XX @@ static DEFINE_PER_CPU(lpae_t *, xen_pgtable); * DOMHEAP_VIRT_START...DOMHEAP_VIRT_END in 2MB chunks. */ static DEFINE_PER_CPU(lpae_t *, xen_dommap); /* Root of the trie for cpu0, other CPU's PTs are dynamically allocated */ -lpae_t cpu0_pgtable[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +static DEFINE_PAGE_TABLE(cpu0_pgtable); /* cpu0's domheap page tables */ -lpae_t cpu0_dommap[LPAE_ENTRIES*DOMHEAP_SECOND_PAGES] - __attribute__((__aligned__(4096*DOMHEAP_SECOND_PAGES))); +static DEFINE_PAGE_TABLES(cpu0_dommap, DOMHEAP_SECOND_PAGES); #endif #ifdef CONFIG_ARM_64 /* The first page of the first level mapping of the xenheap. The * subsequent xenheap first level pages are dynamically allocated, but * we need this one to bootstrap ourselves. */ -lpae_t xenheap_first_first[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +static DEFINE_PAGE_TABLE(xenheap_first_first); /* The zeroeth level slot which uses xenheap_first_first. Used because * setup_xenheap_mappings otherwise relies on mfn_to_virt which isn't * valid for a non-xenheap mapping. */ @@ -XXX,XX +XXX,XX @@ static __initdata int xenheap_first_first_slot = -1; * addresses from 0 to 0x7fffffff. Offsets into it are calculated * with second_linear_offset(), not second_table_offset(). */ -lpae_t xen_second[LPAE_ENTRIES*2] __attribute__((__aligned__(4096*2))); +static DEFINE_PAGE_TABLES(xen_second, 2); /* First level page table used for fixmap */ -lpae_t xen_fixmap[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +DEFINE_PAGE_TABLE(xen_fixmap); /* First level page table used to map Xen itself with the XN bit set * as appropriate. */ -static lpae_t xen_xenmap[LPAE_ENTRIES] __attribute__((__aligned__(4096))); +static DEFINE_PAGE_TABLE(xen_xenmap); /* Non-boot CPUs use this to find the correct pagetables. */ uint64_t init_ttbr; -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The function create_xen_entries() may be called concurrently. For instance, while the vmap allocation is protected by a spinlock, the mapping is not. The implementation create_xen_entries() contains quite a few TOCTOU races such as when allocating the 3rd-level page-tables. Thankfully, they are pretty hard to reach as page-tables are allocated once and never released. Yet it is possible, so we need to protect with a spinlock to avoid corrupting the page-tables. Signed-off-by: Julien Grall <julien.grall@arm.com> --- Changes in v2: - Rework the commit message --- xen/arch/arm/mm.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ enum xenmap_operation { RESERVE }; +static DEFINE_SPINLOCK(xen_pt_lock); + static int create_xen_entries(enum xenmap_operation op, unsigned long virt, mfn_t mfn, @@ -XXX,XX +XXX,XX @@ static int create_xen_entries(enum xenmap_operation op, lpae_t pte, *entry; lpae_t *third = NULL; + spin_lock(&xen_pt_lock); + for(; addr < addr_end; addr += PAGE_SIZE, mfn = mfn_add(mfn, 1)) { entry = &xen_second[second_linear_offset(addr)]; @@ -XXX,XX +XXX,XX @@ out: */ flush_xen_tlb_range_va(virt, PAGE_SIZE * nr_mfns); + spin_unlock(&xen_pt_lock); + return rc; } -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel Since commit f60658c6ae "xen/arm: Stop relocating Xen", the function setup_page_tables() does not require any information from the FDT. So the initialization of the page-tables can be done much earlier in the boot process. The earliest setup_page_tables() can be called is after traps have been initialized, so we can get backtrace if an error occurred. Moving the initialization of the page-tables also avoid the dance to map the FDT again in the new set of page-tables. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v2: - Add Andrii's reviewed-by --- xen/arch/arm/mm.c | 12 +++--------- xen/arch/arm/setup.c | 4 ++-- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ static inline lpae_t pte_of_xenaddr(vaddr_t va) return mfn_to_xen_entry(maddr_to_mfn(ma), MT_NORMAL); } -/* Map the FDT in the early boot page table */ +/* Map the FDT in the runtime page table */ void * __init early_fdt_map(paddr_t fdt_paddr) { /* We are using 2MB superpage for mapping the FDT */ @@ -XXX,XX +XXX,XX @@ void * __init early_fdt_map(paddr_t fdt_paddr) /* The FDT is mapped using 2MB superpage */ BUILD_BUG_ON(BOOT_FDT_VIRT_START % SZ_2M); - create_mappings(boot_second, BOOT_FDT_VIRT_START, paddr_to_pfn(base_paddr), + create_mappings(xen_second, BOOT_FDT_VIRT_START, paddr_to_pfn(base_paddr), SZ_2M >> PAGE_SHIFT, SZ_2M); offset = fdt_paddr % SECOND_SIZE; @@ -XXX,XX +XXX,XX @@ void * __init early_fdt_map(paddr_t fdt_paddr) if ( (offset + size) > SZ_2M ) { - create_mappings(boot_second, BOOT_FDT_VIRT_START + SZ_2M, + create_mappings(xen_second, BOOT_FDT_VIRT_START + SZ_2M, paddr_to_pfn(base_paddr + SZ_2M), SZ_2M >> PAGE_SHIFT, SZ_2M); } @@ -XXX,XX +XXX,XX @@ void __init setup_pagetables(unsigned long boot_phys_offset) pte.pt.table = 1; xen_second[second_table_offset(FIXMAP_ADDR(0))] = pte; - /* ... DTB */ - pte = boot_second[second_table_offset(BOOT_FDT_VIRT_START)]; - xen_second[second_table_offset(BOOT_FDT_VIRT_START)] = pte; - pte = boot_second[second_table_offset(BOOT_FDT_VIRT_START + SZ_2M)]; - xen_second[second_table_offset(BOOT_FDT_VIRT_START + SZ_2M)] = pte; - #ifdef CONFIG_ARM_64 ttbr = (uintptr_t) xen_pgtable + phys_offset; #else diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -XXX,XX +XXX,XX @@ void __init start_xen(unsigned long boot_phys_offset, /* Initialize traps early allow us to get backtrace when an error occurred */ init_traps(); + setup_pagetables(boot_phys_offset); + smp_clear_cpu_maps(); device_tree_flattened = early_fdt_map(fdt_paddr); @@ -XXX,XX +XXX,XX @@ void __init start_xen(unsigned long boot_phys_offset, (paddr_t)(uintptr_t)(_end - _start + 1), false); BUG_ON(!xen_bootmodule); - setup_pagetables(boot_phys_offset); - setup_mm(fdt_paddr, fdt_size); /* Parse the ACPI tables for possible boot-time configuration */ -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel The two helpers {destroy, modify}_xen_mappings don't check that the start is always before the end. This should never happen but if it happens, it will result to unexpected behavior. Catch such issues earlier on by adding an ASSERT in destroy_xen_mappings and modify_xen_mappings. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v2: - Add Andrii's reviewed-by --- xen/arch/arm/mm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/mm.c +++ b/xen/arch/arm/mm.c @@ -XXX,XX +XXX,XX @@ int populate_pt_range(unsigned long virt, unsigned long nr_mfns) int destroy_xen_mappings(unsigned long v, unsigned long e) { + ASSERT(v <= e); return create_xen_entries(REMOVE, v, INVALID_MFN, (e - v) >> PAGE_SHIFT, 0); } int modify_xen_mappings(unsigned long s, unsigned long e, unsigned int flags) { + ASSERT(s <= e); return create_xen_entries(MODIFY, s, INVALID_MFN, (e - s) >> PAGE_SHIFT, flags); } -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel At the moment, set_fixmap may replace a valid entry without following the break-before-make sequence. This may result to TLB conflict abort. Rather than dealing with Break-Before-Make in set_fixmap, every call to set_fixmap is paired with a call to clear_fixmap. Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Andrii Anisov <andrii_anisov@epam.com> --- Changes in v2: - Add Andrii's reviewed-by --- xen/arch/arm/kernel.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/xen/arch/arm/kernel.c b/xen/arch/arm/kernel.c index XXXXXXX..XXXXXXX 100644 --- a/xen/arch/arm/kernel.c +++ b/xen/arch/arm/kernel.c @@ -XXX,XX +XXX,XX @@ void __init copy_from_paddr(void *dst, paddr_t paddr, unsigned long len) set_fixmap(FIXMAP_MISC, maddr_to_mfn(paddr), PAGE_HYPERVISOR_WC); memcpy(dst, src + s, l); clean_dcache_va_range(dst, l); + clear_fixmap(FIXMAP_MISC); paddr += l; dst += l; len -= l; } - - clear_fixmap(FIXMAP_MISC); } static void __init place_modules(struct kernel_info *info, -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel