[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 4/6] xen/arm: mpu: Create boot-time MPU protection regions


  • To: Julien Grall <julien.grall.oss@xxxxxxxxx>
  • From: Luca Fancellu <Luca.Fancellu@xxxxxxx>
  • Date: Wed, 30 Oct 2024 10:08:09 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=arm.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dkim=[1,1,header.d=arm.com] dmarc=[1,1,header.from=arm.com])
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=upE9IaCDrPH45d35ED35SGKZdtetYYVzm4el82dTgTo=; b=aekUPiN2btp1mZGW4YzpMRXtmfdij1JWKOsq+6XlrmV6tdWiXEnF41RyXiT6/JfBRUHYHcZb5eJSUv0zJz8IrwyBs2Z9dGvlxeQHUmOktbCyzd2l6hegsKv5O9PI4B2Zi2iy/xfTMLHWtdkyH5Q5vDQxXv2I7eKYpPxlkr8C5GfE5+gn9Rm6RSJpDFHLLq2M+DqfagosrNMJZyzv4VQPKwCtAM7X67pdaRJrZyOOA9eaRBlGX4tB9HIyGtFbBSkPJxdcCq+WPJrEN4jZqfjlovR6RKi5vwK9IwbRdtzn4Nel25HKNaTAspRzegnekklO1DOQpOAK/N0FhRf8gwuvjA==
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=upE9IaCDrPH45d35ED35SGKZdtetYYVzm4el82dTgTo=; b=qJl6BjM0/BVjfJLBnCSBvv6mESTOPmtShhVMqkaYRrVXoXQ3au+KjIqi7qeNYyHO5RYRalP5q0t//+LV60C+dThpPbeHPr0x3EG20VCwy25d3YM82eEMavrN0kTarSTJmIRWTrSvLNrlXSf5edBkW5OecPHRoB3e5imUXXCuV7BPZ+SAnjv1a18a2nCGyoS2rnb8nNuapdNs9kV/P1KMZ9XgnK/MHYptPRUXHHcFiOKASdAEGyBanxx65aUKGmY02OKEtSNln/FZ9/qo7QfFv3aE05aCiVb04zbQIo6Z/s+bvBqMuyiEBC854wAE8jMPn0hsOtj12ome4y49YzB5kw==
  • Arc-seal: i=2; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=pass; b=UtC4ziTr2XiX4IbwM+NeW9LnnK0qfLw8LVHVsPEa1/s3tgxDcgJ7QpE4cKpfIz7MFIeHiQLcUxQkIhJTJMt7wpaNi5RycXvOCmwUSVVsxZ6QH3offVQ7CIbu2veNrbuxWMtAQ/bLybzbQnhKmEQTF6whR19PkyzRfP/rBfTEky5fQVm6ySKHXJEVDQAe0HpqS0eF5LIeanUGykOnyVJGlW2P3oWRyumr8ETPhKR1e/mgraEgCLML5sDMTB8cnTVSxCVy8WP+/8JEqtQ7sDQ8ySqG6f1GQYOtElF0J4puQfhJkRV3gKr0oY79QIeQexmYIP0vRRXoWpg8iQWa9o/WMg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ESqhMtPgBYo0ceSj9tqHjZXbtEeXRk09kyAiUzM6DEHeXIYrdB0/0+O+x6QZTPPoMt+v1DC8Skmkl/rMYIw80jLARJ+Vl+FWmjtSMa9Arpj/hf/JAa15HKDleeaetXragHYPFnR0SYmivVmwQMvSeQ0sVbEKySyNblRFf97p1rFkVu3EpN8qPetwStzsPnFsGRK6EWXhoK/jry0IVXtNNW/BQaaoBHN3dHi5czqyaKD3RtXfcq2o//ND5zvUcbaCE2SsMHygqlKg3jsT/Qoyyce2nUYCLAsPflCta4WDMWPx0qkr9oNd9iXows4qLOYsVxUcTUzRkrK17ATWZk2Yeg==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: Ayan Kumar Halder <ayan.kumar.halder@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Delivery-date: Wed, 30 Oct 2024 10:08:39 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHbKTd3r9ds8GMpC0a1KoGz65CsELKfBnMAgAAKAQCAAARNAA==
  • Thread-topic: [PATCH v4 4/6] xen/arm: mpu: Create boot-time MPU protection regions

Hi Julien,

> On 30 Oct 2024, at 09:52, Julien Grall <julien.grall.oss@xxxxxxxxx> wrote:
> 
> On Wed, 30 Oct 2024 at 09:17, Luca Fancellu <Luca.Fancellu@xxxxxxx> wrote:
>> 
>> Hi Ayan,
>> 
>> While I rebased the branch on top of your patches, I saw you’ve changed the 
>> number of regions
>> mapped at boot time, can I ask why?
> 
> I have asked the change. If you look at the layout...

Apologies, I didn’t see you’ve asked the change

> 
>> 
>> Compared to 
>> https://patchwork.kernel.org/project/xen-devel/patch/20230626033443.2943270-25-Penny.Zheng@xxxxxxx/:
> 
> 
> ... you have two sections with the same permissions:
> 
> xen_mpumap[1] : Xen read-only data
> xen_mpumap[2] : Xen read-only after init data
> xen_mpumap[3] : Xen read-write data
> 
> During boot, [2] and [3] will share the same permissions. After boot,
> this will be [1] and [2]. Given the number of MPU regions is limited,
> this is a bit of a waste.
> 
> We also don't want to have a hole in the middle of Xen sections. So
> folding seemed to be a good idea.
> 
>> 
>>> +FUNC(enable_boot_cpu_mm)
>>> +
>>> +    /* Get the number of regions specified in MPUIR_EL2 */
>>> +    mrs   x5, MPUIR_EL2
>>> +
>>> +    /* x0: region sel */
>>> +    mov   x0, xzr
>>> +    /* Xen text section. */
>>> +    ldr   x1, =_stext
>>> +    ldr   x2, =_etext
>>> +    prepare_xen_region x0, x1, x2, x3, x4, x5, attr_prbar=REGION_TEXT_PRBAR
>>> +
>>> +    /* Xen read-only data section. */
>>> +    ldr   x1, =_srodata
>>> +    ldr   x2, =_erodata
>>> +    prepare_xen_region x0, x1, x2, x3, x4, x5, attr_prbar=REGION_RO_PRBAR
>>> +
>>> +    /* Xen read-only after init and data section. (RW data) */
>>> +    ldr   x1, =__ro_after_init_start
>>> +    ldr   x2, =__init_begin
>>> +    prepare_xen_region x0, x1, x2, x3, x4, x5
>> 
>>         ^— this, for example, will block Xen to call init_done(void) later, 
>> I understand this is earlyboot,
>>               but I guess we don’t want to make subsequent changes to this 
>> part when introducing the
>>               patches to support start_xen()
> 
> Can you be a bit more descriptive... What will block?

This call in setup.c:
    rc = modify_xen_mappings((unsigned long)&__ro_after_init_start,
                             (unsigned long)&__ro_after_init_end,
                             PAGE_HYPERVISOR_RO);

Cannot work anymore because xen_mpumap[2] is wider than only 
(__ro_after_init_start, __ro_after_init_end).

If that is what we want, then we could wrap the above call into something MMU 
specific that will execute the above call and
something MPU specific that will modify xen_mpumap[1] from (_srodata, _erodata) 
to (_srodata, __ro_after_init_end)
and xen_mpumap[2] from (__ro_after_init_start, __init_begin) to 
(__ro_after_init_end, __init_begin).

Please, let me know your thoughts.

Cheers,
Luca


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.