[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Xen Arm vpl011 UART will cause segmentation fault in Linux guest

  • To: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>
  • From: Jiamei Xie <Jiamei.Xie@xxxxxxx>
  • Date: Fri, 11 Nov 2022 04:31:12 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yq3sN+1jEDS2xker+jK8CP5AAX7J6XYXi5NGFWGOaPk=; b=Fmg/Y1ctblKGP3KKFOi3JD/DKhWxRk+atqKR4mt8YeWz2JJQ9lm2OhPmew0F6xy9yT6S/3NkyI/By43XOn0sszHNyIeDwTBTUGnRuIR3+a/t38JczE4UzaZ8lA1BuIdSLHCwiDfWQHKJsV0o8XweM5bWV8iGolaK/T2o6beDTHYhW4XHUKv+lxwRboWPZO5Rc7BEjWZl/BZ/HJzv1ypyAK/hrgkWYCa9UUstNfn0OBzP4uUtWUyeuudglISI44OKMPHTyX7gFJ3NyFAI3vicNAOg8rzbJ3FlcY5S2xFaqEaslaw8O1zLOvb2PemNBgzwRc6Zc0yXPCfeaRez3acdLw==
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yq3sN+1jEDS2xker+jK8CP5AAX7J6XYXi5NGFWGOaPk=; b=REmLpxetysRhvPkG0FV+BuWADumGTVxPD7kn+XJDIRAQNcgOsaoVPIRSUHKVqZ3qk/KU4pZ7SxtLTDjOSESWwGgc2c6MnnUhz+WfKKZBri64MnuCQYlkPyYOVgKuMXRG6FRdx1kp6oYfly0TAEjUBUMn9BPg1BOFXm5PA/tXX8r+50GD0a27hys76IlrITuaX7cbpCp1I3OXv8KqFjUdgnOXEo36+ZK9/9I1f82Zk4CIq8XQa/BhcHhGowEqNILVkAzHeAFuMmDDOIwnxF6NHEHGVwfB25cXDSqFKXshoug1YxZYmFSQnPKVmw6QLl5nSB1uNM3a8XCK5XJUwAhs6Q==
  • Arc-seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=b0hNZuwOyXL3aNpKYGT3qfLgnRpQMi7Wil+skqhxU/LDUTccjj4qS4ZIaNXndEOGNSQuG1Inrt+pjWWUrNYJfvBOhVL8MYX7lqnk2QCIL3mUVFT+CK6YWdQ6cHW7+fy4f5e7t5qZCBF2imPo+xGKHwNSLzgdDArS435PBDCrUqme/RUjHLyupCxls8xZE2SLAeciwrFQUEOmXB35EHV6WiovWuweXDwTGvLBcHleeb9axw7+DxKmcK6SuJudS+IH1/F9wxkcyCFuj21h4r+vL9oCZ8w987K1kxx/mTFu0RxKtouBXnmLLv1p1iJL5piz49Ciko7M89Q+5jLeYPuTXw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AAlD8NYdAXrigkJy4MrEZ7Kl6Q8Hq+zgZQlux5hy/CnZQ4TQlA0SAyjP1dXoMAeu7lRj27XWbtmKY99o1jKVIPwKdQ2iM82SbfGQfsyQiuAQ5itmhdoRqCmzjH/dEUhHb1AmHASfz5QjbnYPpCDA+SCA6EIg9Fr0SkX2ORN8+crozzfhRh8vswXnJSJD5VNwKTKB5+V5B0JTZkaf+LEoBBz1Z/4+Dp2tUhdxI7omJhtnoKFHaJnHLpMtAA0ZPrLFe0MdwtnqrwOSthL3aaTa68QCXTqYcWrCsSc1Px7P+zFOIADz8zaApNP6Q05d7oMZZcSfjPpxO9Ord50uVThKHw==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Wei Chen <Wei.Chen@xxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, "julien@xxxxxxx" <julien@xxxxxxx>
  • Delivery-date: Fri, 11 Nov 2022 04:31:44 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: Adj0C3U97KqJOGXWTaWwFEv08mPlLwAAvb+AAAFgduAAAlWjgABJlSiAABB0itA=
  • Thread-topic: Xen Arm vpl011 UART will cause segmentation fault in Linux guest
Hi

> -----Original Message-----
> From: Stefano Stabellini <sstabellini@xxxxxxxxxx>
> Sent: Friday, November 11, 2022 4:33 AM
> To: Michal Orzel <michal.orzel@xxxxxxx>
> Cc: Jiamei Xie <Jiamei.Xie@xxxxxxx>; xen-devel@xxxxxxxxxxxxxxxxxxxx; Wei
> Chen <Wei.Chen@xxxxxxx>; Bertrand Marquis
> <Bertrand.Marquis@xxxxxxx>; julien@xxxxxxx; sstabellini@xxxxxxxxxx
> Subject: Re: Xen Arm vpl011 UART will cause segmentation fault in Linux
> guest
> 
> On Wed, 9 Nov 2022, Michal Orzel wrote:
> > Hi Jiamei,
> >
> > On 09/11/2022 09:25, Jiamei Xie wrote:
> > >
> > >
> > > Hi Michal,
> > >
> > > Below log can be got when stating the linux guest. It says 9c09 is sbsa.
> And 9c09 is also output
> > >  in bootlogd error message:
> > > Serial: AMBA PL011 UART driver
> > > 9c0b0000.uart: ttyAMA0 at MMIO 0x9c0b0000 (irq = 12, base_baud = 0)
> is a PL011 rev2
> > > printk: console [ttyAMA0] enabled
> > > 9c090000.sbsa-uart: ttyAMA1 at MMIO 0x9c090000 (irq = 15, base_baud
> = 0) is a SBSA
> > >
> >
> > Xen behavior is correct and this would be Linux fault to try to write to
> DMACR for SBSA UART device.
> > DMACR is just an example. If you try to program e.g. the baudrate (through
> LCR) for VPL011 it will
> > also result in injecting abort into the guest. Should Xen support it? No. 
> > The
> reason why is that
> > it is not spec compliant operation. SBSA specification directly specifies
> what registers are exposed.
> > If Linux tries to write to some of the none-spec compliant registers - it 
> > is its
> fault.
> 
> Yeah, we need to fix Linux.
> 
> FYI this is not the first bug in Linux affecting the sbsa-uart driver:
> the issue is that the pl011 driver and the sbsa-uart driver share the
> same code in Linux so it happens sometimes that a pl011-only feature
> creeps into the sbsa-uart driver by mistake.

Thanks for your confirm about this. In that case, I will check the Linux code 
to see why this happens and how to fix it.

Best wishes
Jiamei Xie
> 
> 
> > >> -----Original Message-----
> > >> From: Michal Orzel <michal.orzel@xxxxxxx>
> > >> Sent: Wednesday, November 9, 2022 3:40 PM
> > >> To: Jiamei Xie <Jiamei.Xie@xxxxxxx>; xen-devel@xxxxxxxxxxxxxxxxxxxx
> > >> Cc: Wei Chen <Wei.Chen@xxxxxxx>; Bertrand Marquis
> > >> <Bertrand.Marquis@xxxxxxx>; julien@xxxxxxx; sstabellini@xxxxxxxxxx
> > >> Subject: Re: Xen Arm vpl011 UART will cause segmentation fault in Linux
> > >> guest
> > >>
> > >> Hi Jiamei,
> > >>
> > >> On 09/11/2022 08:20, Jiamei Xie wrote:
> > >>>
> > >>>
> > >>> Hi all,
> > >>>
> > >>> When the guest kernel enables DMA engine with
> > >> "CONFIG_DMA_ENGINE=y", Linux AMBA PL011 driver will access PL011
> > >> DMACR register. But this register have not been supported by vpl011 of
> Xen.
> > >> Xen will inject a data abort into guest, this will cause segmentation 
> > >> fault
> of
> > >> guest with the below message:
> > >> I am quite confused.
> > >> VPL011 implements SBSA UART which only implements some subset of
> PL011
> > >> operations (SBSA UART is not PL011).
> > >> According to spec (SBSA ver. 6.0), the SBSA_UART does not support
> DMA
> > >> features so Xen code is fine.
> > >> When Xen exposes vpl011 device to a guest, this device has "arm,sbsa-
> uart"
> > >> compatible and not "uart-pl011".
> > >> Linux driver "amba-pl011.c" should see this compatible and assign
> proper
> > >> operations (sbsa_uart_pops instead of amba_pl011_pops) that do not
> enable
> > >> DMA.
> > >> Maybe the issue is with your configuration?
> > >>
> > >> ~Michal
> > >>
> > >>> Unhandled fault at 0xffffffc00944d048
> > >>> Mem abort info:
> > >>> ESR = 0x96000000
> > >>> EC = 0x25: DABT (current EL), IL = 32 bits
> > >>> SET = 0, FnV = 0
> > >>> EA = 0, S1PTW = 0
> > >>> FSC = 0x00: ttbr address size fault
> > >>> Data abort info:
> > >>> ISV = 0, ISS = 0x00000000
> > >>> CM = 0, WnR = 0
> > >>> swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000020e2e000
> > >>> [ffffffc00944d048] pgd=100000003ffff803, p4d=100000003ffff803,
> > >> pud=100000003ffff803, pmd=100000003fffa803,
> pte=006800009c090f13
> > >>> Internal error: ttbr address size fault: 96000000 [#1] PREEMPT SMP
> > >>> Modules linked in:
> > >>> CPU: 0 PID: 132 Comm: bootlogd Not tainted 5.15.44-yocto-standard
> #1
> > >>> pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
> > >>> pc : pl011_stop_rx+0x70/0x80
> > >>> lr : uart_tty_port_shutdown+0x44/0x110
> > >>> sp : ffffffc00999bba0
> > >>> x29: ffffffc00999bba0 x28: ffffff80234ac380 x27: ffffff8022f5d000
> > >>> x26: 0000000000000000 x25: 0000000045585401 x24:
> 0000000000000000
> > >>> x23: ffffff8021ba4660 x22: 0000000000000001 x21: ffffff8021a0e2a0
> > >>> x20: ffffff802198f880 x19: ffffff8021a0e1a0 x18: 0000000000000000
> > >>> x17: 0000000000000000 x16: 0000000000000000 x15:
> 0000000000000000
> > >>> x14: 0000000000000000 x13: 0000000000000000 x12:
> 0000000000000000
> > >>> x11: 0000000000000000 x10: 0000000000000000 x9 :
> ffffffc00871ba14
> > >>> x8 : ffffffc0099de260 x7 : ffffff8021a0e318 x6 : 0000000000000003
> > >>> x5 : ffffffc009315f20 x4 : ffffffc00944d038 x3 : 0000000000000000
> > >>> x2 : ffffffc00944d048 x1 : 0000000000000000 x0 : 0000000000000048
> > >>> Call trace:
> > >>> pl011_stop_rx+0x70/0x80
> > >>> tty_port_shutdown+0x7c/0xb4
> > >>> tty_port_close+0x60/0xcc
> > >>> uart_close+0x34/0x8c
> > >>> tty_release+0x144/0x4c0
> > >>> __fput+0x78/0x220
> > >>> ____fput+0x1c/0x30
> > >>> task_work_run+0x88/0xc0
> > >>> do_notify_resume+0x8d0/0x123c
> > >>> el0_svc+0xa8/0xc0
> > >>> el0t_64_sync_handler+0xa4/0x130
> > >>> el0t_64_sync+0x1a0/0x1a4
> > >>> Code: b9000083 b901f001 794038a0 8b000042 (b9000041)
> > >>> ---[ end trace 83dd93df15c3216f ]---
> > >>> note: bootlogd[132] exited with preempt_count 1
> > >>> /etc/rcS.d/S07bootlogd: line 47: 132 Segmentation fault start-stop-
> > >> daemon
> > >>> In Xen, vpl011_mmio_write doesn't handle DMACR . And kernel doesn't
> > >> check if pl011_write executes sucessfully in pl011_dma_rx_stop . So
> such
> > >> segmentation fault occurs.
> > >>> static inline void pl011_dma_rx_stop(struct uart_amba_port *uap)
> > >>> {
> > >>>         /* FIXME.  Just disable the DMA enable */
> > >>>         uap->dmacr &= ~UART011_RXDMAE;
> > >>>         pl011_write(uap->dmacr, uap, REG_DMACR);
> > >>> }
> > >>>
> > >>> I think we should prevent such segmentation fault. We have checked
> the
> > >> PL011 spec, it seems there is not any register bit can indicate DMA
> support
> > >> status of PL011. We might have two options:
> > >>> 1. Option#1 is to add DMA support for vpl011, but this is not trivial.
> > >>> 2. Option#2 is to ignore the write to DMACR, and return 0 for DMACR
> read
> > >> in vpl011. But this option need co-work with kernel, because current
> Linux
> > >> PL011 driver assume the write operation will never be failed, and will
> not
> > >> fallback to no-DMA mode, when Xen return 0 for DMA enabled bit in
> DMACR.
> > >>>
> > >>> How do you think about it?  Any suggestion about it is welcome.
> Thanks.
> > >>>
> > >>> Best wishes
> > >>> Jiamei Xie
> > >>>
> >

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.