[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v6 1/3] xen/arm: mpu: Create boot-time MPU protection regions


  • To: Julien Grall <julien@xxxxxxx>, Ayan Kumar Halder <ayan.kumar.halder@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • From: Ayan Kumar Halder <ayankuma@xxxxxxx>
  • Date: Mon, 2 Dec 2024 15:36:06 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RGQL8XVivSmIqhJLIGJN3hPvdiz+GNNKZi3aRNbCIt8=; b=ZKoohSuhJpQYG2Ac0C6lmJ7swQyP93e0fZWhE4jAk+uABrObu2//ZMFzD3VxRcT4wePqcWwYTPfrdXHjRJWnzk7czWR8iobtotU6+t6M1NajDf+176q4hxBNtZOgkUSs4k9CfZVsRVaNwXD0QaAC4BsDIKJgIM1WceN5X33md/QWT9+wpk7JIj1nhyDqddIblNlkRrbDvqL9fAwWOLvq1OmjY4z+8P5MNTgFFuKboOh94A+fWNXOms/W6SHoz9UbXT5zr618kSITrhvscHRua2mpal91xenoFeqi1aoAY+EmaTxSiutRiMcUg9wcXSu7onOAoXccySf4K6NKQdNRMw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=NaNsm1KStYnGabtyuBW6saMRkySODJRv/e1pPKRzQcSk5RIKwz6RVNepCjATzFCyrf41r8W57dfEJYIXTmb7uaWTySbG3R88Q7A7YmMbpB5hGeH4TQ0+mfAOVTmtuW49a+4OOt1XvNkCD+IEjh0wKo/ytzIUHzBteVePSctzqv8MCLZBNAl7qvhEsHuzUIM/uPf7AU2eqsv4oMU0od8oX+E+sFVgqn7HmLvbbZrp+gmOSBcoaARXdxyes3b8zUY8O5/EKtEuWKC10zRCdKiTayVeG1mccnJOgTS6zt6D13k9jLtUNvQAsFnQURjpAZDnDgbRMYuLOVZBtRGx8sKNdQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com;
  • Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Luca Fancellu <luca.fancellu@xxxxxxx>
  • Delivery-date: Mon, 02 Dec 2024 15:36:20 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>


On 30/11/2024 17:45, Julien Grall wrote:
Hi Ayan,
Hi Julien,

On 18/11/2024 12:12, Ayan Kumar Halder wrote:
+/*
+ * Macro to prepare and set a EL2 MPU memory region.
+ * We will also create an according MPU memory region entry, which
+ * is a structure of pr_t,  in table \prmap.
+ *
+ * sel:         region selector
+ * base:        reg storing base address
+ * limit:       reg storing limit address
+ * prbar:       store computed PRBAR_EL2 value
+ * prlar:       store computed PRLAR_EL2 value
+ * maxcount:    maximum number of EL2 regions supported
+ * attr_prbar:  PRBAR_EL2-related memory attributes. If not specified it will be
+ *              REGION_DATA_PRBAR
+ * attr_prlar:  PRLAR_EL2-related memory attributes. If not specified it will be
+ *              REGION_NORMAL_PRLAR
+ *
+ * Preserves \maxcount
+ * Clobbers \sel, \base, \limit, \prbar, \prlar

Per this line, "\sel" is clobbered. Which implies the caller cannot rely on the value. Yet ...

+ *
+ * Note that all parameters using registers should be distinct.
+ */
+.macro prepare_xen_region, sel, base, limit, prbar, prlar, maxcount, attr_prbar=REGION_DATA_PRBAR, attr_prlar=REGION_NORMAL_PRLAR
+    /* Check if the region is empty */
+    cmp   \base, \limit
+    beq   1f
+
+    /* Check if the number of regions exceeded the count specified in MPUIR_EL2 */
+    cmp   \sel, \maxcount
+    bge   fail_insufficient_regions
+
+    /* Prepare value for PRBAR_EL2 reg and preserve it in \prbar.*/
+    and   \base, \base, #MPU_REGION_MASK
+    mov   \prbar, #\attr_prbar
+    orr   \prbar, \prbar, \base
+
+    /* Limit address should be inclusive */
+    sub   \limit, \limit, #1
+    and   \limit, \limit, #MPU_REGION_MASK
+    mov   \prlar, #\attr_prlar
+    orr   \prlar, \prlar, \limit
+
+    msr   PRSELR_EL2, \sel
+    isb
+    msr   PRBAR_EL2, \prbar
+    msr   PRLAR_EL2, \prlar
+    dsb   sy
+    isb
+
+    add   \sel, \sel, #1
+
+1:
+.endm
+
+/*
+ * Failure caused due to insufficient MPU regions.
+ */
+FUNC_LOCAL(fail_insufficient_regions)
+    PRINT("- Selected MPU region is above the implemented number in MPUIR_EL2 -\r\n")
+1:  wfe
+    b   1b
+END(fail_insufficient_regions)
+
+/*
+ * Maps the various sections of Xen (described in xen.lds.S) as different MPU
+ * regions.
+ *
+ * Clobbers x0 - x5
+ *
+ */
+FUNC(enable_boot_cpu_mm)
+    /* Get the number of regions specified in MPUIR_EL2 */
+    mrs   x5, MPUIR_EL2
+    and   x5, x5, #NUM_MPU_REGIONS_MASK
+
+    /* x0: region sel */
+    mov   x0, xzr
+    /* Xen text section. */
+    ldr   x1, =_stext
+    ldr   x2, =_etext
+    prepare_xen_region x0, x1, x2, x3, x4, x5, attr_prbar=REGION_TEXT_PRBAR
+
+    /* Xen read-only data section. */
+    ldr   x1, =_srodata
+    ldr   x2, =_erodata
+    prepare_xen_region x0, x1, x2, x3, x4, x5, attr_prbar=REGION_RO_PRBAR


... you will pass x0 (\sel) without any update from the previous call. So effectively, you treat \sel as an input/output that will get incremented.

Therefore the comment needs to be updated. Possibly to:

"
output:

sel: Next available index in the MPU
"
Yes,  makes sense.

I will commit the series once we agree on the wording.

Yes, agreed with the wording.

- Ayan




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.