[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v4 10/11] public: add XENFEAT_ARM_SMCCC_supported feature

Hello Sergej,

On 31.08.17 15:20, Sergej Proskurin wrote:
Hi Volodymyr, hi Julien,

On 08/24/2017 07:25 PM, Julien Grall wrote:

On 21/08/17 21:27, Volodymyr Babchuk wrote:
This feature indicates that hypervisor is compatible with ARM
SMC calling convention. Hypervisor will not inject an undefined
instruction exception if an invalid SMC function were called and
will not crash a domain if an invlalid HVC functions were called.


The last sentence is misleading. Xen will still inject and undefined
instruction for some SMC/HVC. You may want to rework it to make it clear.

Now that you say that Xen will still inject an undefined instruction
exception for some SMCs, I have a to ask for which exactly?
For ones that are compatible with ARM SMCCC [1]. E.g if you are running SMCCC-compatible system and you are calling SMC/HVC with immediate value 0, then you are safe.

I might be off topic here, so please tell me if you believe this is not
the right place for this question. In this case I will open an new
thread. Right now, I am working with the previous implementation of
do_trap_smc that was extended in this patch. Yet, as far as I
understand, the behavior should not change, which is why I am asking
this quesiton in this thread.
If you are talking about forwarding SMC exception to VM monitor, then yes, that should not change.

Currently, I am working on SMC guest injections and trying to understand
the resulting behavior. Every time, right after the execution of an
injected SMC instruction, the guest traps into the undefined instruction
exception handler in EL1 and I simply don't understand why. As far as I
understand, as soon an injected SMC instruction gets executed, it should
_transparently_ trap into the hypervisor (assuming MDCR_EL2.TDE is set).
As soon as the hypervisor returns (e.g. to PC+4 or to the trapping PC
that now contains the original instruction instead of the injected SMC),
the guest should simply continue its execution.
Hm. What do you mean under "SMC instruction injection?".
Current code in hypervisor will always inject undefined instruction exception when you call SMC (unless you installed VM monitor for the guest). Also, it will not increase PC. So, if you'll try to remove inject_undef_exception() call, you'll get into an infinite loop.

Now, according to ARM DDI0487B.a D1-1873, the following holds: "If
HCR_EL2.TSC or HCR.TSC traps attempted EL1 execution of SMC instructions
to EL2, that trap has priority over this disable". So this means that if
SMCs are disabled for NS EL1, the guest will trap into the hypervisor on
SMC execution. Yet, since SMCs are disabled from NS EL1, the guest will
execute an undefined instrcution exception. Which is what I was thinking
about is currently happening on my ARMv8 dev board (Lemaker Hikey). On
the other hand I believe that it is highly unlikely that the EFI loader
explicitly disables SMC's for NS EL1. However, since I don't have access
to SCR_EL3.SMD from EL2, I can't tell whether this is the reason for the
behavior I am experiencing on my board or not.
According to ARM ARM, hypervisor should trap SMC even if was disabled by EL3. I think, that in your case the problem is in current implementation of do_trap_smc()

It would be of great help if you would provide me with some more clarity
on my case. I am sure that I have missed something that simply needs
clarification. Thank you very much in advance.
I don't quite understood, what you are trying to achieve. But I think that pair of printk()s in do_trap_smc() will reveal much.

[1] http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.