[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v1 3/4] xen/arm: mpu: Create boot-time MPU protection regions


  • To: Julien Grall <julien@xxxxxxx>
  • From: Luca Fancellu <Luca.Fancellu@xxxxxxx>
  • Date: Mon, 9 Sep 2024 08:48:43 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=arm.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=e4AADrSPJag9qHsAYBK9lyECw1QwVpdT4FuM6VjXR9s=; b=j6LEaUXXdoF21LBXCVCtBDNHW9/uZgjcbUeCodHlFpDJFxh9obB0qnOpz3wee5Bg56nED8JBnUP15Y1r+30teQyuvaSnW3JFU1+sENmwX1Qm98OseVADlCyKu1F2IAcmkqnL4CqROlb1iUBANW+8t/0Y6PVkexC6FUDaS+3UgEPXyycjfxY7JuR3Qx9fkt8ED7F4afAH8hdRbnVOCs7DrFZdtROfRQrSkUqzpj4cOklsxhbBR0KFQIpT4NkgNb0lB05i9MaC5gVDi1DtYnel8R/P9tl0bPeLl3vOVmlkeb+U1bbINThi2GMsGVzF1RolEZ04YWjBECZi9fS1ETDGwg==
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=e4AADrSPJag9qHsAYBK9lyECw1QwVpdT4FuM6VjXR9s=; b=d6cV5iSafxSd9OcZqyFBqusxHiQbgIyHe4890hXZKYVrvYGrpAKWFUm9bOMGPkZEqAwElkm2/JaOtFJmMBc3wHIU3MykOOiOOQl2VwP1BB3jOpYECxRI2Oio2jzJfxsHa11rAGL/CcuhrzS2p9oXFdPqgaVlkA8skDIsZD6Phc5D3jH3HUjjYYXovdPUec+3yjZmgeil5mM2cHTrg1NZj+Cl+JZekliSftSvhvg6lbKmbW7/dMcWwyipEemjIxyYrHQgz258e3IAk4kVxJTdKSQbz3Mh3PJy0ZPVMp8vBEwsEift77RP1pic8A9wJgcgQ7nfFiMUhIEkyG3K/TLhBg==
  • Arc-seal: i=2; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=pass; b=U4zaa0041cew3BnE2FlK2QLComAGYB5IPFWbgP7kRNPUcfZ7NG5QDsy2fGmPdO3IhPXgfyl7EmmnNX7rgOPx6+fpIdC1eAVE7YoTR2kPvZH4moyYn2N0HI6c0XF2F7MlcuaAY3PQe+Id6Zui0CaSri+/aJaevhOAU8SjieGA/eeTA0HLX2zd1Am758Lqfl0E8JUToDQJgx18xBlr3Y16oFWhinL4JvxK0/kjpeR0e37Tx2z9w1wQSADv7Pwo/zdl6oGN27xC1zgIbmzxa3bAzyU6/sHB3xrxLXFFPcVUvIuc0hZtwS0bhK/aii+oM5+2+2Q4I94tORJPnaVLr50I0g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=q9iIZACw48drQGmCAhEArLtnFPj8qBSownQTrrRIUjCAEfoa0VGg9sgPeWfdaHLz32HfoCrBa556oMbIwnHy5bW2uHkFDxfFlP5dr59zdTX9Omyy5D4KWYfdfmL65Xy+TWp+QIjwdgKSZdUPFnhuzmHThVMjqKhbO+1slWZHBDRDdTWxaUc1fwhWnQmiMVx8gnDb3i89lJiTNgpSErWQc2JHmawoWvef6Tezo7NhEhTcft6zMfbaKmNZKHPQu+BBrPk2nb7zm2BCZURL9wjC59AWWNU7ejqyfF83za3HVsc5lhMymaLww6sEbgwnfJMfQQS+oz9qPyYUJ6UpMBU6Lg==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: Ayan Kumar Halder <ayankuma@xxxxxxx>, Ayan Kumar Halder <ayan.kumar.halder@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Delivery-date: Mon, 09 Sep 2024 08:49:18 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHa9XoHude8SoLzqU+vDRBIKLz30bI8y1SAgArTwQCABvDngIAAryqA
  • Thread-topic: [PATCH v1 3/4] xen/arm: mpu: Create boot-time MPU protection regions

Hi Julien, Ayan,

>>> 
>>>> +    msr   PRBAR_EL2, \prbar
>>>> +    msr   PRLAR_EL2, \prlar
>>>> +    dsb   sy
>> This should be visible to outer shareable domain atleast. The reason being 
>> one can use the SH[1:0] bits in PRBAR_EL2 to set the region to outer 
>> shareable.
>> Thus, the writes to these registers should be visible to outer shareable 
>> domain as well.
> 
> I am a bit confused. SH[1:0] is about how the region will be accessed not up 
> to where should registers are visible. I was expecting that the MPU registers 
> only need to be visible to the MPU itself.
> 
> For instance, when using the MMU, the translation unit is in the 
> non-shareable domain. So a 'nsh' is sufficient regardless of the shareability 
> of the page/block.
> 
> This is explicitely written in the Arm Arm (see D5-4929 in ARM DDI 0487H.a) 
> but I can't find a similar section for the MPU yet. Although, I would be a 
> bit surprised if the MPU is not in the non-shareable domain... Maybe this 
> could be clarified with Arm?

I got the feedback that DSB SY is ok here

> 
> Anyway, for now, I am open to use 'dsb sy' with a TODO to revisit it.
> 
>>>> +    isb
> 
> Re-quoting the spec from you previous answer:
> 
> ```
> Writes to MPU registers are only guaranteed to be visible
> following a Context synchronization event and DSB operation.
> ```
> 
> So this suggests that it should be first an 'isb' and then a 'dsb'. Any 
> reason you wrote it the other way around?

I chased this internally and it was suggested the current order, dsb followed 
by the isb: DSB ensures the completion of prior 
instructions before the next executes, and then ISB ensures subsequent 
instruction fetch observes the updated MPU state.

Probably I will raise something to make awareness around the misleading order 
of that phrase.

Cheers,
Luca


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.