[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v7 3/8] xen/arm: Fold mmu_init_secondary_cpu() to head.S

To: Henry Wang <Henry.Wang@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
From: Julien Grall <julien@xxxxxxx>
Date: Fri, 13 Oct 2023 18:26:28 +0100
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Wei Chen <wei.chen@xxxxxxx>, Penny Zheng <penny.zheng@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
Delivery-date: Fri, 13 Oct 2023 17:26:38 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi Henry,

On 09/10/2023 02:03, Henry Wang wrote:

Currently mmu_init_secondary_cpu() only enforces the page table
should not contain mapping that are both Writable and eXecutables
after boot. To ease the arch/arm/mm.c split work, fold this function
to head.S.

Introduce assembly macro pt_enforce_wxn for both arm32 and arm64.
For arm64, the macro is called at the end of enable_secondary_cpu_mm().
For arm32, the macro is called before secondary CPUs jumping into
the C world.

Signed-off-by: Henry Wang <Henry.Wang@xxxxxxx>
---
v7:
- No change.

Given the discusion on v6, I was expecting some changes here at least onarm64 side.

For arm32, my proposal would not yet work because sadly the temporarypage-tables for secondary bring-up will contain writable and executablemappings.

v6:
- New patch.
---
  xen/arch/arm/arm32/head.S     | 20 ++++++++++++++++++++
  xen/arch/arm/arm64/mmu/head.S | 21 +++++++++++++++++++++
  xen/arch/arm/include/asm/mm.h |  2 --
  xen/arch/arm/mm.c             |  6 ------
  xen/arch/arm/smpboot.c        |  2 --
  5 files changed, 41 insertions(+), 10 deletions(-)

diff --git a/xen/arch/arm/arm32/head.S b/xen/arch/arm/arm32/head.S
index 33b038e7e0..39218cf15f 100644
--- a/xen/arch/arm/arm32/head.S
+++ b/xen/arch/arm/arm32/head.S
@@ -83,6 +83,25 @@
          isb
  .endm

+/*

+ * Enforce Xen page-tables do not contain mapping that are both
+ * Writable and eXecutables.
+ *
+ * This should be called on each secondary CPU.
+ */
+.macro pt_enforce_wxn tmp
+        mrc   CP32(\tmp, HSCTLR)
+        orr   \tmp, \tmp, #SCTLR_Axx_ELx_WXN
+        dsb
+        mcr   CP32(\tmp, HSCTLR)
+        /*
+         * The TLBs may cache SCTLR_EL2.WXN. So ensure it is synchronized
+         * before flushing the TLBs.
+         */
+        isb
+        flush_xen_tlb_local \tmp
+.endm
+
  /*
   * Common register usage in this file:
   *   r0  -
@@ -254,6 +273,7 @@ secondary_switched:
          /* Use a virtual address to access the UART. */
          mov_w r11, EARLY_UART_VIRTUAL_ADDRESS
  #endif
+        pt_enforce_wxn r0
          PRINT("- Ready -\r\n")
          /* Jump to C world */
          mov_w r2, start_secondary
diff --git a/xen/arch/arm/arm64/mmu/head.S b/xen/arch/arm/arm64/mmu/head.S
index 88075ef083..e4b07594b5 100644
--- a/xen/arch/arm/arm64/mmu/head.S
+++ b/xen/arch/arm/arm64/mmu/head.S
@@ -31,6 +31,25 @@
          isb
  .endm

+/*

+ * Enforce Xen page-tables do not contain mapping that are both
+ * Writable and eXecutables.
+ *
+ * This should be called on each secondary CPU.
+ */
+.macro pt_enforce_wxn tmp
+       mrs   \tmp, SCTLR_EL2
+       orr   \tmp, \tmp, #SCTLR_Axx_ELx_WXN
+       dsb   sy
+       msr   SCTLR_EL2, \tmp
+       /*
+        * The TLBs may cache SCTLR_EL2.WXN. So ensure it is synchronized
+        * before flushing the TLBs.
+        */
+       isb
+       flush_xen_tlb_local
+.endm
+
  /*
   * Macro to find the slot number at a given page-table level
   *
@@ -308,6 +327,8 @@ ENTRY(enable_secondary_cpu_mm)
          bl    enable_mmu
          mov   lr, x5

+ pt_enforce_wxn x0

+
          /* Return to the virtual address requested by the caller. */
          ret
  ENDPROC(enable_secondary_cpu_mm)
diff --git a/xen/arch/arm/include/asm/mm.h b/xen/arch/arm/include/asm/mm.h
index d25e59f828..163d22ecd3 100644
--- a/xen/arch/arm/include/asm/mm.h
+++ b/xen/arch/arm/include/asm/mm.h
@@ -214,8 +214,6 @@ extern void remove_early_mappings(void);
  /* Allocate and initialise pagetables for a secondary CPU. Sets init_ttbr to 
the
   * new page table */
  extern int init_secondary_pagetables(int cpu);
-/* Switch secondary CPUS to its own pagetables and finalise MMU setup */
-extern void mmu_init_secondary_cpu(void);
  /*
   * For Arm32, set up the direct-mapped xenheap: up to 1GB of contiguous,
   * always-mapped memory. Base must be 32MB aligned and size a multiple of 
32MB.
diff --git a/xen/arch/arm/mm.c b/xen/arch/arm/mm.c
index b7eb3a6e08..923a90925c 100644
--- a/xen/arch/arm/mm.c
+++ b/xen/arch/arm/mm.c
@@ -326,12 +326,6 @@ void __init setup_pagetables(unsigned long 
boot_phys_offset)
  #endif
  }

-/* MMU setup for secondary CPUS (which already have paging enabled) */

-void mmu_init_secondary_cpu(void)
-{
-    xen_pt_enforce_wnx();
-}
-
  #ifdef CONFIG_ARM_32
  /*
   * Set up the direct-mapped xenheap:
diff --git a/xen/arch/arm/smpboot.c b/xen/arch/arm/smpboot.c
index ec76de3cac..beb137d06e 100644
--- a/xen/arch/arm/smpboot.c
+++ b/xen/arch/arm/smpboot.c
@@ -361,8 +361,6 @@ void start_secondary(void)
       */
      update_system_features(&current_cpu_data);

- mmu_init_secondary_cpu();

-
      gic_init_secondary_cpu();

set_current(idle_vcpu[cpuid]);


Cheers,

--
Julien Grall

Follow-Ups:
- Re: [PATCH v7 3/8] xen/arm: Fold mmu_init_secondary_cpu() to head.S
  - From: Henry Wang

References:
- [PATCH v7 0/8] xen/arm: Split MMU code as the prepration of MPU work
  - From: Henry Wang
- [PATCH v7 3/8] xen/arm: Fold mmu_init_secondary_cpu() to head.S
  - From: Henry Wang

Prev by Date: Re: [PATCH v10 15/17] xen/arm: account IO handlers for emulated PCI MSI-X
Next by Date: Re: [PATCH v7 4/8] xen/arm: Extract MMU-specific MM code
Previous by thread: [PATCH v7 3/8] xen/arm: Fold mmu_init_secondary_cpu() to head.S
Next by thread: Re: [PATCH v7 3/8] xen/arm: Fold mmu_init_secondary_cpu() to head.S
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.