[v4,7/7] lib: sbi: call platform load/store emulators

Message ID	1709692540-77803-8-git-send-email-ganboing@gmail.com
State	Accepted
Headers	show Return-Path: <opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> From: Bo Gan <ganboing@gmail.com> To: opensbi@lists.infradead.org Cc: wxjstz@126.com, anup@brainfault.org Subject: [PATCH v4 7/7] lib: sbi: call platform load/store emulators Date: Tue, 5 Mar 2024 18:35:40 -0800 Message-Id: <1709692540-77803-8-git-send-email-ganboing@gmail.com> In-Reply-To: <1709692540-77803-1-git-send-email-ganboing@gmail.com> References: <1709692540-77803-1-git-send-email-ganboing@gmail.com> preview: sbi_load/store_access_handler now tries to call platform emulators if defined. Otherwise, redirects the fault. If the platform code returns failure, this means the H/S/U has accessed the emulated devi [...] Content analysis details: (-0.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2607:f8b0:4864:20:0:0:0:129 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [ganboing(at)gmail.com] -0.0 T_SCC_BODY_TEXT_LINE No description available. Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "opensbi" <opensbi-bounces@lists.infradead.org> Errors-To: opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
Series	Allow platform to handle load/store faults \| expand [v4,0/7] Allow platform to handle load/store faults [v4,1/7] lib: sbi: rename sbi_misaligned_ldst.c to sbi_trap_ldst.c [v4,2/7] include: sbi: rename sbi_misaligned_ldst.h to sbi_trap_ldst.h [v4,3/7] lib: sbi: change prototype of sbi_trap_redirect [v4,4/7] lib: sbi: change prototype of sbi_misaligned_load/store_handler [v4,5/7] lib: sbi: abstract out insn decoding to unify mem fault handlers [v4,6/7] include: sbi: add emulate_load/store handler to platform ops [v4,7/7] lib: sbi: call platform load/store emulators

Message ID

1709692540-77803-8-git-send-email-ganboing@gmail.com

State

Accepted

Headers

From: Bo Gan <ganboing@gmail.com>
To: opensbi@lists.infradead.org
Cc: wxjstz@126.com,
	anup@brainfault.org
Subject: [PATCH v4 7/7] lib: sbi: call platform load/store emulators
Date: Tue,  5 Mar 2024 18:35:40 -0800
Message-Id: <1709692540-77803-8-git-send-email-ganboing@gmail.com>
In-Reply-To: <1709692540-77803-1-git-send-email-ganboing@gmail.com>
References: <1709692540-77803-1-git-send-email-ganboing@gmail.com>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "opensbi" <opensbi-bounces@lists.infradead.org>
Errors-To: opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Series

Allow platform to handle load/store faults | expand

Commit Message

Bo Gan March 6, 2024, 2:35 a.m. UTC

sbi_load/store_access_handler now tries to call platform emulators
if defined. Otherwise, redirects the fault. If the platform code
returns failure, this means the H/S/U has accessed the emulated
devices in an unexpected manner, which is very likely caused by
buggy code in H/S/U. We redirect the fault, so lower privileged
level can get notified, and act accordingly. (E.g., oops in Linux)

We let the handler truly fail if the trap was originated from M mode.
In this case, something must be very wrong and we should just fail.

Signed-off-by: Bo Gan <ganboing@gmail.com>
---
 include/sbi/sbi_platform.h | 45 +++++++++++++++++++++++++++++++++++++++++++++
 lib/sbi/sbi_trap_ldst.c    | 37 +++++++++++++++++++++++++++++++++++--
 2 files changed, 80 insertions(+), 2 deletions(-)

Comments

Anup Patel March 11, 2024, 5 a.m. UTC | #1

On Wed, Mar 6, 2024 at 8:06 AM Bo Gan <ganboing@gmail.com> wrote:
>
> sbi_load/store_access_handler now tries to call platform emulators
> if defined. Otherwise, redirects the fault. If the platform code
> returns failure, this means the H/S/U has accessed the emulated
> devices in an unexpected manner, which is very likely caused by
> buggy code in H/S/U. We redirect the fault, so lower privileged
> level can get notified, and act accordingly. (E.g., oops in Linux)
>
> We let the handler truly fail if the trap was originated from M mode.
> In this case, something must be very wrong and we should just fail.
>
> Signed-off-by: Bo Gan <ganboing@gmail.com>

LGTM.

Reviewed-by: Anup Patel <anup@brainfault.org>

Regards,
Anup

> ---
>  include/sbi/sbi_platform.h | 45 +++++++++++++++++++++++++++++++++++++++++++++
>  lib/sbi/sbi_trap_ldst.c    | 37 +++++++++++++++++++++++++++++++++++--
>  2 files changed, 80 insertions(+), 2 deletions(-)
>
> diff --git a/include/sbi/sbi_platform.h b/include/sbi/sbi_platform.h
> index f962aa4..581935a 100644
> --- a/include/sbi/sbi_platform.h
> +++ b/include/sbi/sbi_platform.h
> @@ -48,6 +48,7 @@
>  #include <sbi/sbi_error.h>
>  #include <sbi/sbi_scratch.h>
>  #include <sbi/sbi_version.h>
> +#include <sbi/sbi_trap_ldst.h>
>
>  struct sbi_domain_memregion;
>  struct sbi_ecall_return;
> @@ -683,6 +684,50 @@ static inline int sbi_platform_vendor_ext_provider(
>         return SBI_ENOTSUPP;
>  }
>
> +/**
> + * Ask platform to emulate the trapped load
> + *
> + * @param plat pointer to struct sbi_platform
> + * @param rlen length of the load: 1/2/4/8...
> + * @param addr virtual address of the load. Platform needs to page-walk and
> + *        find the physical address if necessary
> + * @param out_val value loaded
> + *
> + * @return 0 on success and negative error code on failure
> + */
> +static inline int sbi_platform_emulate_load(const struct sbi_platform *plat,
> +                                           int rlen, unsigned long addr,
> +                                           union sbi_ldst_data *out_val)
> +{
> +       if (plat && sbi_platform_ops(plat)->emulate_load) {
> +               return sbi_platform_ops(plat)->emulate_load(rlen, addr,
> +                                                           out_val);
> +       }
> +       return SBI_ENOTSUPP;
> +}
> +
> +/**
> + * Ask platform to emulate the trapped store
> + *
> + * @param plat pointer to struct sbi_platform
> + * @param wlen length of the store: 1/2/4/8...
> + * @param addr virtual address of the store. Platform needs to page-walk and
> + *        find the physical address if necessary
> + * @param in_val value to store
> + *
> + * @return 0 on success and negative error code on failure
> + */
> +static inline int sbi_platform_emulate_store(const struct sbi_platform *plat,
> +                                            int wlen, unsigned long addr,
> +                                            union sbi_ldst_data in_val)
> +{
> +       if (plat && sbi_platform_ops(plat)->emulate_store) {
> +               return sbi_platform_ops(plat)->emulate_store(wlen, addr,
> +                                                            in_val);
> +       }
> +       return SBI_ENOTSUPP;
> +}
> +
>  #endif
>
>  #endif
> diff --git a/lib/sbi/sbi_trap_ldst.c b/lib/sbi/sbi_trap_ldst.c
> index 7e4a007..0425ccb 100644
> --- a/lib/sbi/sbi_trap_ldst.c
> +++ b/lib/sbi/sbi_trap_ldst.c
> @@ -15,6 +15,7 @@
>  #include <sbi/sbi_pmu.h>
>  #include <sbi/sbi_trap.h>
>  #include <sbi/sbi_unpriv.h>
> +#include <sbi/sbi_platform.h>
>
>  /**
>   * Load emulator callback:
> @@ -309,14 +310,46 @@ int sbi_misaligned_store_handler(struct sbi_trap_regs *regs,
>                                       sbi_misaligned_st_emulator);
>  }
>
> +static int sbi_ld_access_emulator(int rlen, union sbi_ldst_data *out_val,
> +                                 struct sbi_trap_regs *regs,
> +                                 const struct sbi_trap_info *orig_trap)
> +{
> +       /* If fault came from M mode, just fail */
> +       if (((regs->mstatus & MSTATUS_MPP) >> MSTATUS_MPP_SHIFT) == PRV_M)
> +               return SBI_EINVAL;
> +
> +       /* If platform emulator failed, we redirect instead of fail */
> +       if (sbi_platform_emulate_load(sbi_platform_thishart_ptr(), rlen,
> +                                     orig_trap->tval, out_val))
> +               return sbi_trap_redirect(regs, orig_trap);
> +
> +       return rlen;
> +}
> +
>  int sbi_load_access_handler(struct sbi_trap_regs *regs,
>                             const struct sbi_trap_info *orig_trap)
>  {
> -       return sbi_trap_redirect(regs, orig_trap);
> +       return sbi_trap_emulate_load(regs, orig_trap, sbi_ld_access_emulator);
> +}
> +
> +static int sbi_st_access_emulator(int wlen, union sbi_ldst_data in_val,
> +                                 struct sbi_trap_regs *regs,
> +                                 const struct sbi_trap_info *orig_trap)
> +{
> +       /* If fault came from M mode, just fail */
> +       if (((regs->mstatus & MSTATUS_MPP) >> MSTATUS_MPP_SHIFT) == PRV_M)
> +               return SBI_EINVAL;
> +
> +       /* If platform emulator failed, we redirect instead of fail */
> +       if (sbi_platform_emulate_store(sbi_platform_thishart_ptr(), wlen,
> +                                      orig_trap->tval, in_val))
> +               return sbi_trap_redirect(regs, orig_trap);
> +
> +       return wlen;
>  }
>
>  int sbi_store_access_handler(struct sbi_trap_regs *regs,
>                              const struct sbi_trap_info *orig_trap)
>  {
> -       return sbi_trap_redirect(regs, orig_trap);
> +       return sbi_trap_emulate_store(regs, orig_trap, sbi_st_access_emulator);
>  }
> --
> 2.7.4
>

diff --git a/include/sbi/sbi_platform.h b/include/sbi/sbi_platform.h
index f962aa4..581935a 100644
--- a/include/sbi/sbi_platform.h
+++ b/include/sbi/sbi_platform.h
@@ -48,6 +48,7 @@ 
 #include <sbi/sbi_error.h>
 #include <sbi/sbi_scratch.h>
 #include <sbi/sbi_version.h>
+#include <sbi/sbi_trap_ldst.h>
 
 struct sbi_domain_memregion;
 struct sbi_ecall_return;
@@ -683,6 +684,50 @@  static inline int sbi_platform_vendor_ext_provider(
 	return SBI_ENOTSUPP;
 }
 
+/**
+ * Ask platform to emulate the trapped load
+ *
+ * @param plat pointer to struct sbi_platform
+ * @param rlen length of the load: 1/2/4/8...
+ * @param addr virtual address of the load. Platform needs to page-walk and
+ *        find the physical address if necessary
+ * @param out_val value loaded
+ *
+ * @return 0 on success and negative error code on failure
+ */
+static inline int sbi_platform_emulate_load(const struct sbi_platform *plat,
+					    int rlen, unsigned long addr,
+					    union sbi_ldst_data *out_val)
+{
+	if (plat && sbi_platform_ops(plat)->emulate_load) {
+		return sbi_platform_ops(plat)->emulate_load(rlen, addr,
+							    out_val);
+	}
+	return SBI_ENOTSUPP;
+}
+
+/**
+ * Ask platform to emulate the trapped store
+ *
+ * @param plat pointer to struct sbi_platform
+ * @param wlen length of the store: 1/2/4/8...
+ * @param addr virtual address of the store. Platform needs to page-walk and
+ *        find the physical address if necessary
+ * @param in_val value to store
+ *
+ * @return 0 on success and negative error code on failure
+ */
+static inline int sbi_platform_emulate_store(const struct sbi_platform *plat,
+					     int wlen, unsigned long addr,
+					     union sbi_ldst_data in_val)
+{
+	if (plat && sbi_platform_ops(plat)->emulate_store) {
+		return sbi_platform_ops(plat)->emulate_store(wlen, addr,
+							     in_val);
+	}
+	return SBI_ENOTSUPP;
+}
+
 #endif
 
 #endif
diff --git a/lib/sbi/sbi_trap_ldst.c b/lib/sbi/sbi_trap_ldst.c
index 7e4a007..0425ccb 100644
--- a/lib/sbi/sbi_trap_ldst.c
+++ b/lib/sbi/sbi_trap_ldst.c
@@ -15,6 +15,7 @@ 
 #include <sbi/sbi_pmu.h>
 #include <sbi/sbi_trap.h>
 #include <sbi/sbi_unpriv.h>
+#include <sbi/sbi_platform.h>
 
 /**
  * Load emulator callback:
@@ -309,14 +310,46 @@  int sbi_misaligned_store_handler(struct sbi_trap_regs *regs,
 				      sbi_misaligned_st_emulator);
 }
 
+static int sbi_ld_access_emulator(int rlen, union sbi_ldst_data *out_val,
+				  struct sbi_trap_regs *regs,
+				  const struct sbi_trap_info *orig_trap)
+{
+	/* If fault came from M mode, just fail */
+	if (((regs->mstatus & MSTATUS_MPP) >> MSTATUS_MPP_SHIFT) == PRV_M)
+		return SBI_EINVAL;
+
+	/* If platform emulator failed, we redirect instead of fail */
+	if (sbi_platform_emulate_load(sbi_platform_thishart_ptr(), rlen,
+				      orig_trap->tval, out_val))
+		return sbi_trap_redirect(regs, orig_trap);
+
+	return rlen;
+}
+
 int sbi_load_access_handler(struct sbi_trap_regs *regs,
 			    const struct sbi_trap_info *orig_trap)
 {
-	return sbi_trap_redirect(regs, orig_trap);
+	return sbi_trap_emulate_load(regs, orig_trap, sbi_ld_access_emulator);
+}
+
+static int sbi_st_access_emulator(int wlen, union sbi_ldst_data in_val,
+				  struct sbi_trap_regs *regs,
+				  const struct sbi_trap_info *orig_trap)
+{
+	/* If fault came from M mode, just fail */
+	if (((regs->mstatus & MSTATUS_MPP) >> MSTATUS_MPP_SHIFT) == PRV_M)
+		return SBI_EINVAL;
+
+	/* If platform emulator failed, we redirect instead of fail */
+	if (sbi_platform_emulate_store(sbi_platform_thishart_ptr(), wlen,
+				       orig_trap->tval, in_val))
+		return sbi_trap_redirect(regs, orig_trap);
+
+	return wlen;
 }
 
 int sbi_store_access_handler(struct sbi_trap_regs *regs,
 			     const struct sbi_trap_info *orig_trap)
 {
-	return sbi_trap_redirect(regs, orig_trap);
+	return sbi_trap_emulate_store(regs, orig_trap, sbi_st_access_emulator);
 }

[v4,7/7] lib: sbi: call platform load/store emulators

Commit Message

Comments

Patch