[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v1 3/4] xen/arm: mpu: Create boot-time MPU protection regions
- To: Julien Grall <julien@xxxxxxx>
- From: Luca Fancellu <Luca.Fancellu@xxxxxxx>
- Date: Mon, 9 Sep 2024 09:28:48 +0000
- Accept-language: en-GB, en-US
- Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=arm.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
- Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yjj6PpFluIEiY862ibNT5CP9eC37pKJ0mJzR2hBBfbo=; b=ZYN0j5jgL7NCX+gbb8PQDdECyhDbIl57yuvXyrKrhRx/kzwhiLFJWNC+6s+BpV72l3/ljFgdWu27397yNq1i0AXdndrzg7SgLYZP8ZSO+/RX199X54lResn4iREm8CXxIv2HK4kUksFcDHVRVtO77zob7e+5+hEyaTGw6e/bFPVSzN7RwWT/+bigAMn3eO3wSNkgulhiwOdAoNLFBIxeMLkeg9qAhyyJaoFBq2ke1yfg/78vd0QqRwFG8VHh8HceNDMzhxnm3s44s6/DDsYKYesb5gD72OQDypjWLuczvcY51UG+gswgiTJu5vWYulElCqn86jRLtafKWjR+/gyCDg==
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yjj6PpFluIEiY862ibNT5CP9eC37pKJ0mJzR2hBBfbo=; b=dGR5YyYg8xPGVSez9jogZMU5NDPXFR/jYEM9Ak/7wzEefrM4vT1A8p/GutIpsCCwRXn622NvLA1sPzJSUwFs18B9oHlQq2+n8Bw2ZlrqWgfCi072jnK3eGOg4ZBnZA20stULZe51Yck9+ZK4s5M/pugjG8tWFetLnyfClfwNw5hiLHzVG9pkZ/1iTpb2kWWGyUSuJlSgFZiivSwas5L9KMPwTieflgG0cksTJ3xdotxiDTSJQsoF62T/HejctuZHi3whuoKLXW5Xlv8szuJ8trvdU3P6P7lNAYoj5r3cqdYaAAlPl3zOLlhmQwcQPH3etWLNpRZaOPKIIvyhzjK2IQ==
- Arc-seal: i=2; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=pass; b=rB83Zh58fFXrTjRI8xuCAWUJBCiLHT8o22VBaM+FTaEHK9NRJs7hhf+ttgb9z2b1UTwFvF59/2iSzktTlkLQI3XxzQ2qn7qQPKowXlg5GHjhWW7v5/Of6sSrPRxpPUPGs6COsvG6G2pReMnGmDVLT8vIPob+bcJhba4tWn2jSHDDyXoP7VLFq3ZIrPiQEFyDn9yUoINwJHWCHlRqJidfA6zZt5V2gNQ76KrZCMOC71vqz6yVapEeXEZEBg3wMpvaqtyHMDHo8gw1iK1jYR/qDqmRSG6t78bYnEBq/zaXikjUm4Ulf0hdgxdrvJel1p2pv7Wmc48CG9jv79HDjdzRsg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=QwG+WV3+dByTbfVImzqWZQubzgp9yTlnTz9XPy//xDApUJ/ZGa8obTa7lODMlwRBRlanEvIhe/YbZ/oOBGT4TpER6sXJFLegxC1Zje9PHjhEEOZH25vS1K+Mh1OoMuq3AvCMpAJD4f3RP68liYUHOShpl1wxhJREBWIfiAuNBxmSObhsP+uqg9YLA3hlhBPRywitJELrHAYhplIQaB8ZviR3pJgOgvF11ozhmp2PL/v8mHEQe696QFd17KVoNnI7hNdS5zoEfKESVNm5yNxugN0OfajwZ5+8tgr85OhlmX4H9g/juWcSW0uxhygHDB0C4ZCW0gjbHJeb+gz686W2LQ==
- Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
- Cc: Ayan Kumar Halder <ayankuma@xxxxxxx>, Ayan Kumar Halder <ayan.kumar.halder@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
- Delivery-date: Mon, 09 Sep 2024 09:29:38 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Nodisclaimer: true
- Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
- Thread-index: AQHa9XoHude8SoLzqU+vDRBIKLz30bI8y1SAgArTwQCABvDngIAAryqAgAAHQACAAAPxgA==
- Thread-topic: [PATCH v1 3/4] xen/arm: mpu: Create boot-time MPU protection regions
> On 9 Sep 2024, at 10:14, Julien Grall <julien@xxxxxxx> wrote:
>
>
>
> On 09/09/2024 09:48, Luca Fancellu wrote:
>> Hi Julien, Ayan,
>>>>>
>>>>>> + msr PRBAR_EL2, \prbar
>>>>>> + msr PRLAR_EL2, \prlar
>>>>>> + dsb sy
>>>> This should be visible to outer shareable domain atleast. The reason being
>>>> one can use the SH[1:0] bits in PRBAR_EL2 to set the region to outer
>>>> shareable.
>>>> Thus, the writes to these registers should be visible to outer shareable
>>>> domain as well.
>>>
>>> I am a bit confused. SH[1:0] is about how the region will be accessed not
>>> up to where should registers are visible. I was expecting that the MPU
>>> registers only need to be visible to the MPU itself.
>>>
>>> For instance, when using the MMU, the translation unit is in the
>>> non-shareable domain. So a 'nsh' is sufficient regardless of the
>>> shareability of the page/block.
>>>
>>> This is explicitely written in the Arm Arm (see D5-4929 in ARM DDI 0487H.a)
>>> but I can't find a similar section for the MPU yet. Although, I would be a
>>> bit surprised if the MPU is not in the non-shareable domain... Maybe this
>>> could be clarified with Arm?
>> I got the feedback that DSB SY is ok here
>
> Thanks for asking. Does this mean that a "dsb nsh" would not be sufficient?
Unfortunately no one gave a straight answer on that, I was under the impression
that nsh was sufficient, but didn’t have a confirmation.
I will try to chase more in deep.
>
>>>
>>> Anyway, for now, I am open to use 'dsb sy' with a TODO to revisit it.
>>>
>>>>>> + isb
>>>
>>> Re-quoting the spec from you previous answer:
>>>
>>> ```
>>> Writes to MPU registers are only guaranteed to be visible
>>> following a Context synchronization event and DSB operation.
>>> ```
>>>
>>> So this suggests that it should be first an 'isb' and then a 'dsb'. Any
>>> reason you wrote it the other way around?
>> I chased this internally and it was suggested the current order, dsb
>> followed by the isb: DSB ensures the completion of prior
>> instructions before the next executes, and then ISB ensures subsequent
>> instruction fetch observes the updated MPU state.
>
> I am confused. "DSB" doesn't ensure any completion of instructions. It just
> ensures memory access completion. Can you clarify?
Sorry, I meant memory access completion.
Cheers,
Luca
|