From patchwork Thu Apr 18 14:26:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?b?Q2zDqW1lbnQgTMOpZ2Vy?= X-Patchwork-Id: 1925071 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=lJWadUYp; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=rivosinc-com.20230601.gappssmtp.com header.i=@rivosinc-com.20230601.gappssmtp.com header.a=rsa-sha256 header.s=20230601 header.b=Uz77sTkw; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=kvm-riscv-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=patchwork.ozlabs.org) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VL0VM3R8dz1yZx for ; Fri, 19 Apr 2024 00:27:39 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=JQm0PL4+IDdEEDe06pwm9ToMofdsqS2eCyVBumvKw+k=; b=lJWadUYplwGfZd xic4p4CC1g+Rc8t40te/b9cCM7IzdqREV1JP45o2FcB2WCpJoAlTNgU5iAQzjb14+t67LLCq1uPrg t0cd/5afHgmNGsQepRy3F3FXVZy9tAweDvj9mE8iy3IXhZp7z8S2JHpYAW36lS3c0pvULNUx2Kqyn Cv3Yf++W54YKUbCjKfFKglCMdeXJAZ2mIxVLfHkEzHpONxEQ6+uV45AYc7sobXG1/dIvddAeYn5fZ ex3eyvtIOjXGsFv295aGKhBt5nbt8yEVEwk0jw9QZMU3q9MTbLus/bFXmgEWBHSOkrmfWLba3KMsL eb1/Lq52Cjedd1DiAKxw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rxSji-00000002ceQ-0IVY; Thu, 18 Apr 2024 14:27:38 +0000 Received: from mail-wr1-x433.google.com ([2a00:1450:4864:20::433]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rxSjM-00000002cW3-1a0h for kvm-riscv@lists.infradead.org; Thu, 18 Apr 2024 14:27:24 +0000 Received: by mail-wr1-x433.google.com with SMTP id ffacd0b85a97d-349a35aba9cso78917f8f.2 for ; Thu, 18 Apr 2024 07:27:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rivosinc-com.20230601.gappssmtp.com; s=20230601; t=1713450434; x=1714055234; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=m/abrO6aRdYSwYEiniLJTSjXDsMHpzNjwZUI0bHiQJI=; b=Uz77sTkw5q9geby3ck94PZzmiOCVVLrWvczIqA+VM2y0X9SkoMgfc3YwgJuTMzRN8+ 9Ly/TiQlukai6hsXhbjorXuNnWeC86gwEEbNaKd9v6RL7pRP/D/TrsG8WpCVfsFz/+CG 4obNyf085rSi6y9Via9u3apeDfvfsRsGkjr+p3jsJ/xMgvn424bn6ohZA3IhND0sq9aM 22eZo2E9ZlXGp7djq049zFjMleRcqX4iE4LOn4SlzDPGaaHISNIDdF4thrTqRpou5Er6 e5246HPTKV4+BRL69ITwv56yle+61M0tHXdiGfmldqkn4Eq3LHxoLDyaZeAzEegdYvS9 c5qg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713450434; x=1714055234; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=m/abrO6aRdYSwYEiniLJTSjXDsMHpzNjwZUI0bHiQJI=; b=svpZ6JXLcctPQP23x7MhS3htsVaAr3amzWgsYzkJPwevWWzGSSMQCPi9zZCBTuGSeb Zj1nov/AZTmf2vg6qV4IW5eOYcnjZcNYC+2hI/kKvCwUdgGL0abG+UzoCh4sWpXHRAGC vFPgHRCiCt+p8Rob0qzBm/0fIVg9SL7vBJvP/EErNCNIZszAuzjYfgFRppPdtgPhNUft 5Er+8mIwtwG2c64fRJ2Lxy8YrZKmAVhd7n34SlnYxv0aAHCj1vPVk8ROGLV31oCVxw0G cEKlhzn86+/32XBpseuDhn4sq8+jN21BOB9KulNCKTAiEBUZutXtLVJjQ23DL563+EAs ZG3g== X-Forwarded-Encrypted: i=1; AJvYcCWbii9pmR4X2xa9aUCO4LibnlfWd9wIHD3LKNONZ0oX1WXHiX/+f3HbgOqKfHL/zayi07dq6v2Fr+FFRnFu3aI+O8phHDibEPNWjYuldA== X-Gm-Message-State: AOJu0Yz5kDucSZpOOK8t5QR+D29QSn3tL1KPtnoQ7WWPEheSNgubE9C3 mKpD1y2b5DEvggUMOD0gJO1uEW1avWhInQ0z9khG86v4dlv6I/vyasiinDyQtTs= X-Google-Smtp-Source: AGHT+IEkGDIAezbeIVZmmrT9rlRCJjcxopA8THm4S/C75RtVNLUvN35X394KK2J0KQ/iPXZ6II3FvA== X-Received: by 2002:a05:600c:4f8a:b0:418:f770:ba0 with SMTP id n10-20020a05600c4f8a00b00418f7700ba0mr505923wmq.0.1713450434242; Thu, 18 Apr 2024 07:27:14 -0700 (PDT) Received: from carbon-x1.. ([2a01:e0a:999:a3a0:7b64:4d1d:16d8:e38b]) by smtp.gmail.com with ESMTPSA id v10-20020a05600c470a00b00418a386c059sm2873645wmo.42.2024.04.18.07.27.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 18 Apr 2024 07:27:13 -0700 (PDT) From: =?utf-8?b?Q2zDqW1lbnQgTMOpZ2Vy?= To: Conor Dooley , Rob Herring , Krzysztof Kozlowski , Paul Walmsley , Palmer Dabbelt , Albert Ou , Anup Patel , Atish Patra Cc: =?utf-8?b?Q2zDqW1lbnQgTMOpZ2Vy?= , linux-riscv@lists.infradead.org, devicetree@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, kvm-riscv@lists.infradead.org, Ved Shanbhogue Subject: [RFC PATCH 4/7] riscv: handle Ssdbltrp mstatus SDT bit Date: Thu, 18 Apr 2024 16:26:43 +0200 Message-ID: <20240418142701.1493091-5-cleger@rivosinc.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240418142701.1493091-1-cleger@rivosinc.com> References: <20240418142701.1493091-1-cleger@rivosinc.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240418_072716_573285_078E4293 X-CRM114-Status: GOOD ( 15.06 ) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: When Ssdbltrp is enabled, we must take care of clearing SDT after sensitive phases are over to avoid generating a double trap. This is mainly about exceptions handling so clear SDT once we have saved [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:433 listed in] [list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-BeenThere: kvm-riscv@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "kvm-riscv" Errors-To: kvm-riscv-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org When Ssdbltrp is enabled, we must take care of clearing SDT after sensitive phases are over to avoid generating a double trap. This is mainly about exceptions handling so clear SDT once we have saved enough information (critical CSRs) but also clears it during SATP mode detection which generates an "inline" trap and thus sets SDT implicitely. Signed-off-by: Clément Léger --- arch/riscv/include/asm/csr.h | 1 + arch/riscv/kernel/entry.S | 52 ++++++++++++++++++++--------------- arch/riscv/kernel/head.S | 4 +++ arch/riscv/kernel/sse_entry.S | 4 +-- 4 files changed, 37 insertions(+), 24 deletions(-) diff --git a/arch/riscv/include/asm/csr.h b/arch/riscv/include/asm/csr.h index 5528159b3d5d..905cdf894a57 100644 --- a/arch/riscv/include/asm/csr.h +++ b/arch/riscv/include/asm/csr.h @@ -17,6 +17,7 @@ #define SR_SPP _AC(0x00000100, UL) /* Previously Supervisor */ #define SR_MPP _AC(0x00001800, UL) /* Previously Machine */ #define SR_SUM _AC(0x00040000, UL) /* Supervisor User Memory Access */ +#define SR_SDT _AC(0x01000000, UL) /* Supervisor Double Trap */ #define SR_FS _AC(0x00006000, UL) /* Floating-point Status */ #define SR_FS_OFF _AC(0x00000000, UL) diff --git a/arch/riscv/kernel/entry.S b/arch/riscv/kernel/entry.S index 1591e0781569..07da91080839 100644 --- a/arch/riscv/kernel/entry.S +++ b/arch/riscv/kernel/entry.S @@ -49,23 +49,12 @@ SYM_CODE_START(handle_exception) REG_S x5, PT_T0(sp) save_from_x6_to_x31 - /* - * Disable user-mode memory access as it should only be set in the - * actual user copy routines. - * - * Disable the FPU/Vector to detect illegal usage of floating point - * or vector in kernel space. - */ - li t0, SR_SUM | SR_FS_VS - REG_L s0, TASK_TI_USER_SP(tp) - csrrc s1, CSR_STATUS, t0 csrr s2, CSR_EPC csrr s3, CSR_TVAL csrr s4, CSR_CAUSE csrr s5, CSR_SCRATCH REG_S s0, PT_SP(sp) - REG_S s1, PT_STATUS(sp) REG_S s2, PT_EPC(sp) REG_S s3, PT_BADADDR(sp) REG_S s4, PT_CAUSE(sp) @@ -77,6 +66,21 @@ SYM_CODE_START(handle_exception) */ csrw CSR_SCRATCH, x0 + /* + * Disable user-mode memory access as it should only be set in the + * actual user copy routines. + * + * Disable the FPU/Vector to detect illegal usage of floating point + * or vector in kernel space. + * + * Clear supervisor double trap bit as all trap context is saved and we + * can handle another one + */ + li t0, SR_SUM | SR_FS_VS | SR_SDT + + csrrc s1, CSR_STATUS, t0 + REG_S s1, PT_STATUS(sp) + /* Load the global pointer */ load_global_pointer @@ -123,15 +127,25 @@ SYM_CODE_START_NOALIGN(ret_from_exception) #ifdef CONFIG_RISCV_M_MODE /* the MPP value is too large to be used as an immediate arg for addi */ li t0, SR_MPP - and s0, s0, t0 + and t1, s0, t0 #else - andi s0, s0, SR_SPP + andi t1, s0, SR_SPP +#endif + +#ifdef CONFIG_RISCV_ISA_V_PREEMPTIVE + move a0, sp + call riscv_v_context_nesting_end #endif - bnez s0, 1f + /* + * Restore STATUS now to set supervisor double trap bit which means that + * from now on, we can not handle an exception up to "sret" + */ + csrw CSR_STATUS, s0 + bnez t1, 1f /* Save unwound kernel stack pointer in thread_info */ - addi s0, sp, PT_SIZE_ON_STACK - REG_S s0, TASK_TI_KERNEL_SP(tp) + addi t1, sp, PT_SIZE_ON_STACK + REG_S t1, TASK_TI_KERNEL_SP(tp) /* Save the kernel shadow call stack pointer */ scs_save_current @@ -142,11 +156,6 @@ SYM_CODE_START_NOALIGN(ret_from_exception) */ csrw CSR_SCRATCH, tp 1: -#ifdef CONFIG_RISCV_ISA_V_PREEMPTIVE - move a0, sp - call riscv_v_context_nesting_end -#endif - REG_L a0, PT_STATUS(sp) /* * The current load reservation is effectively part of the processor's * state, in the sense that load reservations cannot be shared between @@ -167,7 +176,6 @@ SYM_CODE_START_NOALIGN(ret_from_exception) REG_L a2, PT_EPC(sp) REG_SC x0, a2, PT_EPC(sp) - csrw CSR_STATUS, a0 csrw CSR_EPC, a2 REG_L x1, PT_RA(sp) diff --git a/arch/riscv/kernel/head.S b/arch/riscv/kernel/head.S index 4236a69c35cb..bcc2b6678f40 100644 --- a/arch/riscv/kernel/head.S +++ b/arch/riscv/kernel/head.S @@ -106,6 +106,10 @@ relocate_enable_mmu: csrw CSR_SATP, a0 .align 2 1: + /* A trap potentially set the SDT flag, clear it */ + li t0, SR_SDT + csrc CSR_STATUS, t0 + /* Set trap vector to spin forever to help debug */ la a0, .Lsecondary_park csrw CSR_TVEC, a0 diff --git a/arch/riscv/kernel/sse_entry.S b/arch/riscv/kernel/sse_entry.S index d3c7286f3372..e69d386e36e9 100644 --- a/arch/riscv/kernel/sse_entry.S +++ b/arch/riscv/kernel/sse_entry.S @@ -65,7 +65,7 @@ SYM_CODE_START(handle_sse) REG_S a4, PT_SP(sp) /* Disable user memory access and floating/vector computing */ - li t0, SR_SUM | SR_FS_VS + li t0, SR_SUM | SR_FS_VS | SR_SDT csrc CSR_STATUS, t0 load_global_pointer @@ -131,8 +131,8 @@ SYM_CODE_START(handle_sse) SYM_INNER_LABEL(ret_from_sse, SYM_L_GLOBAL) /* Restore saved CSRs */ - csrw CSR_SSCRATCH, s4 csrw CSR_SSTATUS, s5 + csrw CSR_SSCRATCH, s4 #ifdef CONFIG_FRAME_POINTER /* Frame pointer is created only when kernel is interrupted */