1. Patchew
  2. Xen
  3. View series

[PATCH] xen: arm: Spin-up cpu instead PSCI CPU OFF

dmitry.semenets@gmail.com posted 1 patch 1 year, 11 months ago
Test gitlab-ci failed
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/20220622072410.87346-1-dmitry.semenets@gmail.com
xen/arch/arm/shutdown.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
[PATCH] xen: arm: Spin-up cpu instead PSCI CPU OFF
Posted by dmitry.semenets@gmail.com 1 year, 11 months ago 
From: Dmytro Semenets <dmytro_semenets@epam.com>

Use spin-up cpu with disabled interrupts instead PSCI CPU OFF
halt and reboot procedures. Some platforms can't stop CPU via PSCI
because Thrusted OS can't migrate execution to other CPU.

Signed-off-by: Dmytro Semenets <dmytro_semenets@epam.com>
---
 xen/arch/arm/shutdown.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/xen/arch/arm/shutdown.c b/xen/arch/arm/shutdown.c
index 3dc6819d56..a9aea19e8e 100644
--- a/xen/arch/arm/shutdown.c
+++ b/xen/arch/arm/shutdown.c
@@ -8,7 +8,12 @@
 
 static void noreturn halt_this_cpu(void *arg)
 {
-    stop_cpu();
+    local_irq_disable();
+    /* Make sure the write happens before we sleep forever */
+    dsb(sy);
+    isb();
+    while ( 1 )
+        wfi();
 }
 
 void machine_halt(void)
-- 
2.25.1
Re: [PATCH] xen: arm: Spin-up cpu instead PSCI CPU OFF
Posted by Julien Grall 1 year, 11 months ago 
Hi Dmytro,

Title: It seems to suggest we are completely removing PSCI CPU off. I 
would suggest to rename to:

xen/arm: Don't use stop_cpu() in halt_this_cpu()

On 22/06/2022 08:24, dmitry.semenets@gmail.com wrote:
> From: Dmytro Semenets <dmytro_semenets@epam.com>
> 
> Use spin-up cpu with disabled interrupts instead PSCI CPU OFF
> halt and reboot procedures. Some platforms can't stop CPU via PSCI
> because Thrusted OS can't migrate execution to other CPU.

There are some information missing:
  - What's the problem if we don't do that (i.e. Xen will panic())
  - Reference to the spec
  - Why this is fine to not use PSCI off

I would suggest the following commit message:

"
When shutting down (or rebooting) the platform, Xen will call stop_cpu() 
on all the CPUs but one. The last CPU will then request the system to 
shutdown/restart.

On platform using PSCI, stop_cpu() will call PSCI CPU off. Per the spec 
(section 5.5.2 DEN0022D.b), the call could return DENIED if the Trusted 
OS is resident on the CPU that is about to be turned off.

As Xen doesn't migrate off the trusted OS (which BTW may not be 
migratable), it would be possible to hit the panic().

In the ideal situation, Xen should migrate the trusted OS or make sure 
the CPU off is not called. However, when shutting down (or rebooting) 
the platform, it is pointless to try to turn off all the CPUs (per 
section 5.10.2, it is only required to put the core in a known state).

So solve the problem by open-coding stop_cpu() in halt_this_cpu() and 
not call PSCI CPU off.
"

I will give an opportunity for you, Bertrand and Stefano to answer 
before committing it.

Cheers,

-- 
Julien Grall

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.