From patchwork Thu Oct 15 13:26:50 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anup Patel X-Patchwork-Id: 1382671 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2001:8b0:10b:1231::1; helo=merlin.infradead.org; envelope-from=opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=wdc.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=merlin.20170209 header.b=pf7ia1Xz; dkim=permerror header.d=wdc.com header.i=@wdc.com header.a=rsa-sha1 header.s=dkim.wdc.com header.b=f+5BL10b; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=sharedspace.onmicrosoft.com header.i=@sharedspace.onmicrosoft.com header.a=rsa-sha256 header.s=selector2-sharedspace-onmicrosoft-com header.b=hs5XgmMB; dkim-atps=neutral Received: from merlin.infradead.org (merlin.infradead.org [IPv6:2001:8b0:10b:1231::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4CBqpf1tnHz9sRk for ; Fri, 16 Oct 2020 00:27:54 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To:Message-Id:Date: Subject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=+CbV9QT7P4Puyk1B8pAAuQOFWhLzkjXKHNZYvXnjfAA=; b=pf7ia1Xz+eVmuzMxFUxe3RE6d 5Tpg1okyYySbDUQ6hkq3ng2Rz7+NNUk6K1rQp8F5cVNAFn/Yq6aIPvW2/P9ORLHsOFotB0jugCxtl ONXNWQVkDWT/yP343ctY+gx0GcF0AFH9ypMkaaAEH+2Fxp74OTzeHkS9iErtPuQwpPp7pVKSaEWgo RZqqhCzrO/oD0bsy5bGNSUapqkoQPJoyqyF75WuPDRjhBBJow9V8w7P7BAomlMkjQRAonIA0ukjZU esRRRI0CjdOW4v4+Q6RWUVm2D1lsSg6QxEx9D8ottj+oGedmYcpBkUu1nzqWD8jKMTZ9nQo3ymCBC f265NykTg==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kT3IJ-0004Jg-Gw; Thu, 15 Oct 2020 13:27:47 +0000 Received: from esa2.hgst.iphmx.com ([68.232.143.124]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1kT3IF-0004Fc-JF for opensbi@lists.infradead.org; Thu, 15 Oct 2020 13:27:45 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=wdc.com; i=@wdc.com; q=dns/txt; s=dkim.wdc.com; t=1602768812; x=1634304812; h=from:to:cc:subject:date:message-id:in-reply-to: references:content-transfer-encoding:mime-version; bh=tiyMHbhLkZbsD5cAtzoZLz+lqAg1uHurshIdOCzewKQ=; b=f+5BL10b55q3IWjpv3Jz6F9IoMPWTn7sdRUxjg9cS0tw34eYqslsJYSF c6EcH1zucaffBK7jqYd8VguNhgVDxozLkJrmX1CWOOt0qKpCzDH+ly57+ eT1AZbJVwriQjsqm1Te0WvOJUAFD22ZtSMf5cHlvauP+76mKZyMnXue25 DARXlWgPdpG+jm8RY8pa0y0Yqknk9nGlRC3DE6QSSevbgN68LpuEVgs83 obplm49FU8ZpKIbhIINcmUUBiLlG6LUhJ6mulijoxLZFTYUL+10q3MVhp B4QpqNijTl+F4ANn9vILumvMb9cnfj36Lb8h55kq6euxvwSQnKlP1VcP0 w==; IronPort-SDR: VJ33OInyYPsbeJwPFai0NB/pMgYMNEYK6gsKACeB6mSLDbougQRhjerdQdwc4/1bgEl8YwwrHk 6ZK8eIQujiVRAoAepnyqhU/3fje3Oq8Q/9AWkPkbp7SPbM8MLzZJw6k19gGkBNAcGlxnMOEl9o I7HmYqmEQmlpXZkKsR2sLyM1TfO0fBa8nqodIENEAICH51w7gwGv4WvlLqY8c5qTNfrfE/cE1U mxNM4MQ5rqXNOh+gHNueD7l3X4ouRW81JPcofi0bcu87GZM48XU/7ahX14IKbeYm67zrfTQR8L 6UI= X-IronPort-AV: E=Sophos;i="5.77,379,1596470400"; d="scan'208";a="253498980" Received: from mail-bn8nam08lp2040.outbound.protection.outlook.com (HELO NAM04-BN8-obe.outbound.protection.outlook.com) ([104.47.74.40]) by ob1.hgst.iphmx.com with ESMTP; 15 Oct 2020 21:33:31 +0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ab/QmArIDh5V1pqov/koEBhkHLiuHalsBVha+8zw8vFajqcpzwEeGCbSbRJu3DaycCh6EX/lpa8lmAIVMyZfm0rwzKxpcBxDj2eLHDNf3jMVdR4E0VnAfihsPLHK/biXZ2JJ+s438daKy6UkKv41UgMNNbzwqDONSuO8QT1HCHhiJRmOc71JVDsqamwG5Qla7WduNDmSG5dfn7j843HFnHK7azlz1riKrKFz9RuqBFADiF2i4is+Pc4f9AoUlEyLC4ojhG1f56JrEU8iTZjRr4uoKCc08XJEuob+WijCXWwbYTILFEaPMMyn5PpVMf/Fz3k6VDVToJA/MsvADAMWwA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7tqfLlQZ8v7nWnp2N8RPZ/TwdmMjCH7HljU0zZR0cCk=; b=ShjY1Qxb8JQhfv2ZkrdUHClQBb+QhsQOQiwFrvqITgzRPeH1zHQb5xJSIR+wxEfHMGmsNyHFZoIW8aQiSwSjO7Bn2e1lxdT4+W4Zs+GISfeuqAApbwoDfK5mTVNSpWpjdzPebIGIk0s5BGGf3dP+UmwadcNgXtLCjWmdei3lItswBT4CR0/Nd+8RRMZwzdeH2tMAN+GIf9C2tWVvF9l3YuW5Q6jBc7xHdcBBV9qLf+BAw/pS8nl4XCKkXFC/L4c6Xj12aN6ustzvS1DdSUsZaQILHjWWduqxEUtEjgwlR3m/kM5Tm+m4U2zI1kHDqKkSwIaI0vk/yBqoFw0JL771Qw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wdc.com; dmarc=pass action=none header.from=wdc.com; dkim=pass header.d=wdc.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sharedspace.onmicrosoft.com; s=selector2-sharedspace-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7tqfLlQZ8v7nWnp2N8RPZ/TwdmMjCH7HljU0zZR0cCk=; b=hs5XgmMBMyZRvzNacNy3LvSlbWTRRmSZAwTYjfAn+G3h9Zaphfoq4BF/Ik2oMkVoymFUfB0n/CkviCI7FmTuWcuYibhoszsA9EqzEtuzvY5q3J8JyH4+Q1Fop4tXZX3con+Yw5OsERpmMct/NduHoObereVTExkTdHVILtrdeMk= Authentication-Results: wdc.com; dkim=none (message not signed) header.d=none;wdc.com; dmarc=none action=none header.from=wdc.com; Received: from DM6PR04MB6201.namprd04.prod.outlook.com (2603:10b6:5:127::32) by DM6PR04MB6624.namprd04.prod.outlook.com (2603:10b6:5:1b6::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3455.21; Thu, 15 Oct 2020 13:27:42 +0000 Received: from DM6PR04MB6201.namprd04.prod.outlook.com ([fe80::d035:e2c6:c11:51dd]) by DM6PR04MB6201.namprd04.prod.outlook.com ([fe80::d035:e2c6:c11:51dd%6]) with mapi id 15.20.3477.021; Thu, 15 Oct 2020 13:27:41 +0000 From: Anup Patel To: Atish Patra , Alistair Francis Subject: [PATCH v2 06/16] lib: sbi: Add initial domain support Date: Thu, 15 Oct 2020 18:56:50 +0530 Message-Id: <20201015132700.2232820-7-anup.patel@wdc.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201015132700.2232820-1-anup.patel@wdc.com> References: <20201015132700.2232820-1-anup.patel@wdc.com> X-Originating-IP: [122.167.44.151] X-ClientProxiedBy: MAXPR0101CA0065.INDPRD01.PROD.OUTLOOK.COM (2603:1096:a00:e::27) To DM6PR04MB6201.namprd04.prod.outlook.com (2603:10b6:5:127::32) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from wdc.com (122.167.44.151) by MAXPR0101CA0065.INDPRD01.PROD.OUTLOOK.COM (2603:1096:a00:e::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.22 via Frontend Transport; Thu, 15 Oct 2020 13:27:39 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 6b7ccf0c-013f-4ded-b04e-08d8710e179c X-MS-TrafficTypeDiagnostic: DM6PR04MB6624: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: WDCIPOUTBOUND: EOP-TRUE X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: gh65EW0GFh5ItrmL5+TmiBCjCQLU1eyQNR1hGXxZfRbwWbErBQzSZX5yraIdG5SWXlxzQEfin5kEAuuDRUq2xnErW9gO+ZWLJPM9L4ErVfvRSz0MrwrVvHwcl3oL55hiPq7eU5UZL9UyMAtnVXD4lcKSJ3Qm1aQ3VmeuqgYyu9zdCazTdBPqFa/GltEVoIwQOrAKVi/US7a8nlFTNl/TokA/hqnHr1zEOUvsvC7wBubiZh8gW+gkpPvnZsHJdxggxsLJPrHVfcCPSiOoba8r9PZNwt0+X7o9c0oeuapTcDBWqSeFVjYC3Y9PIe6lqaEHsMVMhUF1wFuVcMMDRUTnvNhfDut+RTkcbHvfnNKzUfXZSiotT5cyilqBGrHZrzMv X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR04MB6201.namprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(376002)(39860400002)(136003)(366004)(346002)(2906002)(66946007)(110136005)(66556008)(5660300002)(44832011)(66476007)(36756003)(6666004)(316002)(54906003)(8886007)(8676002)(8936002)(86362001)(34490700002)(1076003)(52116002)(26005)(16526019)(186003)(55016002)(83380400001)(478600001)(956004)(2616005)(6636002)(4326008)(7696005)(30864003); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData: wVyA871/cdzhmFwlVaTulYrfr8r0Yv3r2suOJ7dvrQmJtwwcONYVb0WAIdGbEFzCXiV/JxmwRZMmc7YmLjH0KxeaOa3JelBpS/NEWnsZu/AO+F2Md8fJ2zjwzoLK67xaX1jhKHjDn1s1tYLjgNogVqpNuHvimOiinkLujhRX7yc3k0htX/P45jbAvwnhSFz+n4DDPtl3SYd53PWfCUwW1hGxPp6L4VE2HI/567VsOy/rXUfeMNKCYCyzrkd0QdlNeAT1Xs3lWPYQHetpwVhQB4QNGA/PU3LlBqtGwpRxQTJFZhoTWZZB3LFd56XN18PwYKEa7wBRRoU3rCj7WdYbrg4jdM1HEPFT9tg/WqMUzmDLeErRoLgCxwuV/HlUOxOsdXPW2bWTxxVj4Nta49aAwOcbR/awdY13RUJGV43ESt1aw2qIDBytwZjbRPP/oxKlSoEI3tok4WLcWsBbBMQyrjlngKbmU+1HPLk1NnkyCWJqnITOQAK1CX4B8chx8iin/80LbL8pGKKeMgcw8JC3X/imb29PPWoDtShEZv2adkoQkGVSAPlzLtDTU02mPWddjdRrVOpPgYx8a0ulmaMPS2vTdHVe8p9+fELOiefmlgWr5aPmqH50U3X8UdrOvEy1bDONkI+0Q5RyCSuCxoDIVw== X-OriginatorOrg: wdc.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6b7ccf0c-013f-4ded-b04e-08d8710e179c X-MS-Exchange-CrossTenant-AuthSource: DM6PR04MB6201.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Oct 2020 13:27:41.8556 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: b61c8803-16f3-4c35-9b17-6f65f441df86 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: v0dLpsDZP0fCLZKjV6hqUaIwtVDQ7bP1RRhQPS6YMnctoFUHGt84NVyM4GEaNdWYj98gFcGE0Alnr/b2b2B+9g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR04MB6624 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201015_092743_946842_3CF5B9EC X-CRM114-Status: GOOD ( 29.09 ) X-Spam-Score: -2.5 (--) X-Spam-Report: SpamAssassin version 3.4.4 on merlin.infradead.org summary: Content analysis details: (-2.5 points) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [68.232.143.124 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 MSGID_FROM_MTA_HEADER Message-Id was added by a relay X-BeenThere: opensbi@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Anup Patel , Anup Patel , opensbi@lists.infradead.org Sender: "opensbi" Errors-To: opensbi-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org An OpenSBI domain is a logical entity representing a set of HARTs and a set of memory regions for these HARTs. The OpenSBI domains support will allow OpenSBI platforms and previous booting stage (i.e. U-Boot SPL, Coreboot, etc) to partition a system into multiple domains where each domain will run it's own software. For inter-domain isolation, OpenSBI will eventually use various HW features such as PMP, ePMP, IOPMP, SiFive shield, etc but initial implementation only use HW PMP support. This patch provides initial implementation of OpenSBI domains where we have a root/default domain and OpenSBI platforms can provide non-root/custom domains using domain_get() callback. Signed-off-by: Anup Patel --- include/sbi/sbi_domain.h | 142 ++++++++++++++ include/sbi/sbi_platform.h | 20 ++ lib/sbi/objects.mk | 1 + lib/sbi/sbi_domain.c | 377 +++++++++++++++++++++++++++++++++++++ lib/sbi/sbi_init.c | 20 ++ 5 files changed, 560 insertions(+) create mode 100644 include/sbi/sbi_domain.h create mode 100644 lib/sbi/sbi_domain.c diff --git a/include/sbi/sbi_domain.h b/include/sbi/sbi_domain.h new file mode 100644 index 0000000..17fb013 --- /dev/null +++ b/include/sbi/sbi_domain.h @@ -0,0 +1,142 @@ +/* + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2020 Western Digital Corporation or its affiliates. + * + * Authors: + * Anup Patel + */ + +#ifndef __SBI_DOMAIN_H__ +#define __SBI_DOMAIN_H__ + +#include +#include + +struct sbi_scratch; + +/** Representation of OpenSBI domain memory region */ +struct sbi_domain_memregion { + /** + * Size of memory region as power of 2 + * It has to be minimum 3 and maximum __riscv_xlen + */ + unsigned long order; + /** + * Base address of memory region + * It must be 2^order aligned address + */ + unsigned long base; + /** Access flags of memory region */ +#define SBI_DOMAIN_MEMREGION_READABLE (1UL << 0) +#define SBI_DOMAIN_MEMREGION_WRITEABLE (1UL << 1) +#define SBI_DOMAIN_MEMREGION_EXECUTABLE (1UL << 2) +#define SBI_DOMAIN_MEMREGION_MMIO (1UL << 3) +#define SBI_DOMAIN_MEMREGION_MMODE (1UL << 4) + unsigned long flags; +}; + +/** Maximum number of domains */ +#define SBI_DOMAIN_MAX_INDEX 32 + +/** Representation of OpenSBI domain */ +struct sbi_domain { + /** + * Logical index of this domain + * Note: This set by sbi_domain_finalize() in the coldboot path + */ + u32 index; + /** + * HARTs assigned to this domain + * Note: This set by sbi_domain_init() and sbi_domain_finalize() + * in the coldboot path + */ + struct sbi_hartmask assigned_harts; + /** Name of this domain */ + char name[64]; + /** Possible HARTs in this domain */ + const struct sbi_hartmask *possible_harts; + /** Array of memory regions terminated by a region with order zero */ + struct sbi_domain_memregion *regions; + /** HART id of the HART booting this domain */ + u32 boot_hartid; + /** Arg1 (or 'a1' register) of next booting stage for this domain */ + unsigned long next_arg1; + /** Address of next booting stage for this domain */ + unsigned long next_addr; + /** Privilege mode of next booting stage for this domain */ + unsigned long next_mode; + /** Is domain allowed to reset the system */ + bool system_reset_allowed; +}; + +/** HART id to domain table */ +extern struct sbi_domain *hartid_to_domain_table[]; + +/** Get pointer to sbi_domain from HART id */ +#define sbi_hartid_to_domain(__hartid) \ + hartid_to_domain_table[__hartid] + +/** Get pointer to sbi_domain for current HART */ +#define sbi_domain_thishart_ptr() \ + sbi_hartid_to_domain(current_hartid()) + +/** Index to domain table */ +extern struct sbi_domain *domidx_to_domain_table[]; + +/** Get pointer to sbi_domain from index */ +#define sbi_index_to_domain(__index) \ + domidx_to_domain_table[__index] + +/** Iterate over each domain */ +#define sbi_domain_for_each(__i, __d) \ + for ((__i) = 0; ((__d) = sbi_index_to_domain(__i)); (__i)++) + +/** Iterate over each memory region of a domain */ +#define sbi_domain_for_each_memregion(__d, __r) \ + for ((__r) = (__d)->regions; (__r)->order; (__r)++) + +/** + * Check whether given HART is assigned to specified domain + * @param dom pointer to domain + * @param hartid the HART ID + * @return TRUE if HART is assigned to domain otherwise FALSE + */ +bool sbi_domain_is_assigned_hart(const struct sbi_domain *dom, u32 hartid); + +/** + * Get ulong assigned HART mask for given domain and HART base ID + * @param dom pointer to domain + * @param hbase the HART base ID + * @return ulong possible HART mask + * Note: the return ulong mask will be set to zero on failure. + */ +ulong sbi_domain_get_assigned_hartmask(const struct sbi_domain *dom, + ulong hbase); + +/** Initialize a domain memory region as firmware region */ +void sbi_domain_memregion_initfw(struct sbi_domain_memregion *reg); + +/** + * Check whether we can access specified address for given mode and + * memory region flags under a domain + * @param dom pointer to domain + * @param addr the address to be checked + * @param mode the privilege mode of access + * @param mmio the memory type of access is MMIO + * @param read the access is read + * @param write the access is write + * @param execute the access is instruction execute + * @return TRUE if access allowed otherwise FALSE + */ +bool sbi_domain_check_addr(const struct sbi_domain *dom, + unsigned long addr, unsigned long mode, bool mmio, + bool read, bool write, bool execute); + +/** Finalize domain tables and startup non-root domains */ +int sbi_domain_finalize(struct sbi_scratch *scratch, u32 cold_hartid); + +/** Initialize domains */ +int sbi_domain_init(struct sbi_scratch *scratch, u32 cold_hartid); + +#endif diff --git a/include/sbi/sbi_platform.h b/include/sbi/sbi_platform.h index f2c3237..e1355d8 100644 --- a/include/sbi/sbi_platform.h +++ b/include/sbi/sbi_platform.h @@ -44,6 +44,7 @@ #include #include +struct sbi_domain; struct sbi_trap_info; /** Possible feature flags of a platform */ @@ -89,6 +90,9 @@ struct sbi_platform_operations { */ int (*misa_get_xlen)(void); + /** Get domain pointer for given HART id */ + struct sbi_domain *(*domain_get)(u32 hartid); + /** Write a character to the platform console output */ void (*console_putc)(char ch); /** Read a character from the platform console input */ @@ -447,6 +451,22 @@ static inline int sbi_platform_misa_xlen(const struct sbi_platform *plat) return -1; } +/** + * Get domain pointer for given HART + * + * @param plat pointer to struct sbi_platform + * @param hartid shorthand letter for CPU extensions + * + * @return non-NULL domain pointer on success and NULL on failure + */ +static inline struct sbi_domain *sbi_platform_domain_get( + const struct sbi_platform *plat, u32 hartid) +{ + if (plat && sbi_platform_ops(plat)->domain_get) + return sbi_platform_ops(plat)->domain_get(hartid); + return NULL; +} + /** * Write a character to the platform console output * diff --git a/lib/sbi/objects.mk b/lib/sbi/objects.mk index fa808a0..6f2c06f 100644 --- a/lib/sbi/objects.mk +++ b/lib/sbi/objects.mk @@ -15,6 +15,7 @@ libsbi-objs-y += riscv_locks.o libsbi-objs-y += sbi_bitmap.o libsbi-objs-y += sbi_bitops.o libsbi-objs-y += sbi_console.o +libsbi-objs-y += sbi_domain.o libsbi-objs-y += sbi_ecall.o libsbi-objs-y += sbi_ecall_base.o libsbi-objs-y += sbi_ecall_hsm.o diff --git a/lib/sbi/sbi_domain.c b/lib/sbi/sbi_domain.c new file mode 100644 index 0000000..53a703e --- /dev/null +++ b/lib/sbi/sbi_domain.c @@ -0,0 +1,377 @@ +/* + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2020 Western Digital Corporation or its affiliates. + * + * Authors: + * Anup Patel + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +struct sbi_domain *hartid_to_domain_table[SBI_HARTMASK_MAX_BITS] = { 0 }; +struct sbi_domain *domidx_to_domain_table[SBI_DOMAIN_MAX_INDEX] = { 0 }; + +static u32 domain_count = 0; + +static struct sbi_hartmask root_hmask = { 0 }; + +#define ROOT_FW_REGION 0 +#define ROOT_ALL_REGION 1 +#define ROOT_END_REGION 2 +static struct sbi_domain_memregion root_memregs[ROOT_END_REGION + 1] = { 0 }; + +static struct sbi_domain root = { + .name = "root", + .possible_harts = &root_hmask, + .regions = root_memregs, + .system_reset_allowed = TRUE, +}; + +bool sbi_domain_is_assigned_hart(const struct sbi_domain *dom, u32 hartid) +{ + if (dom) + return sbi_hartmask_test_hart(hartid, &dom->assigned_harts); + + return FALSE; +} + +ulong sbi_domain_get_assigned_hartmask(const struct sbi_domain *dom, + ulong hbase) +{ + ulong ret, bword, boff; + + if (!dom) + return 0; + + bword = BIT_WORD(hbase); + boff = BIT_WORD_OFFSET(hbase); + + ret = sbi_hartmask_bits(&dom->assigned_harts)[bword++] >> boff; + if (boff && bword < BIT_WORD(SBI_HARTMASK_MAX_BITS)) { + ret |= (sbi_hartmask_bits(&dom->assigned_harts)[bword] & + (BIT(boff) - 1UL)) << (BITS_PER_LONG - boff); + } + + return ret; +} + +void sbi_domain_memregion_initfw(struct sbi_domain_memregion *reg) +{ + if (!reg) + return; + + sbi_memcpy(reg, &root_memregs[ROOT_FW_REGION], sizeof(*reg)); +} + +bool sbi_domain_check_addr(const struct sbi_domain *dom, + unsigned long addr, unsigned long mode, bool mmio, + bool read, bool write, bool execute) +{ + struct sbi_domain_memregion *reg; + unsigned long rstart, rend, rflags, rwx = 0; + + if (!dom) + return FALSE; + + if (read) + rwx |= SBI_DOMAIN_MEMREGION_READABLE; + if (write) + rwx |= SBI_DOMAIN_MEMREGION_WRITEABLE; + if (execute) + rwx |= SBI_DOMAIN_MEMREGION_EXECUTABLE; + + sbi_domain_for_each_memregion(dom, reg) { + rflags = reg->flags; + if (mode == PRV_M && !(rflags & SBI_DOMAIN_MEMREGION_MMODE)) + continue; + + rstart = reg->base; + rend = (reg->order < __riscv_xlen) ? + rstart + ((1UL << reg->order) - 1) : -1UL; + if (rstart <= addr && addr <= rend) { + if ((mmio && !(rflags & SBI_DOMAIN_MEMREGION_MMIO)) || + (!mmio && (rflags & SBI_DOMAIN_MEMREGION_MMIO))) + return FALSE; + return ((rflags & rwx) == rwx) ? TRUE : FALSE; + } + } + + return (mode == PRV_M) ? TRUE : FALSE; +} + +/* Check if region comply with constraints */ +static bool is_region_valid(const struct sbi_domain_memregion *reg) +{ + if (reg->order < 3 || __riscv_xlen < reg->order) + return FALSE; + + if (reg->base & (BIT(reg->order) - 1)) + return FALSE; + + return TRUE; +} + +/** Check if regionA is sub-region of regionB */ +static bool is_region_subset(const struct sbi_domain_memregion *regA, + const struct sbi_domain_memregion *regB) +{ + ulong regA_start = regA->base; + ulong regA_end = regA->base + (BIT(regA->order) - 1); + ulong regB_start = regB->base; + ulong regB_end = regB->base + (BIT(regA->order) - 1); + + if ((regB_start <= regA_start) && + (regA_start < regB_end) && + (regB_start < regA_end) && + (regA_end <= regB_end)) + return TRUE; + + return FALSE; +} + +/** Check if regionA conflicts regionB */ +static bool is_region_conflict(const struct sbi_domain_memregion *regA, + const struct sbi_domain_memregion *regB) +{ + if ((is_region_subset(regA, regB) || is_region_subset(regB, regA)) && + regA->flags == regB->flags) + return TRUE; + + return FALSE; +} + +/** Check if regionA should be placed before regionB */ +static bool is_region_before(const struct sbi_domain_memregion *regA, + const struct sbi_domain_memregion *regB) +{ + if (regA->order < regB->order) + return TRUE; + + if ((regA->order == regB->order) && + (regA->base < regB->base)) + return TRUE; + + return FALSE; +} + +static int sanitize_domain(const struct sbi_platform *plat, + struct sbi_domain *dom) +{ + u32 i, j, count; + bool have_fw_reg; + struct sbi_domain_memregion treg, *reg, *reg1; + + /* Check possible HARTs */ + if (!dom->possible_harts) + return SBI_EINVAL; + sbi_hartmask_for_each_hart(i, dom->possible_harts) { + if (sbi_platform_hart_invalid(plat, i)) + return SBI_EINVAL; + }; + + /* Check memory regions */ + if (!dom->regions) + return SBI_EINVAL; + sbi_domain_for_each_memregion(dom, reg) { + if (!is_region_valid(reg)) + return SBI_EINVAL; + } + + /* Count memory regions and check presence of firmware region */ + count = 0; + have_fw_reg = FALSE; + sbi_domain_for_each_memregion(dom, reg) { + if (reg->order == root_memregs[ROOT_FW_REGION].order && + reg->base == root_memregs[ROOT_FW_REGION].base && + reg->flags == root_memregs[ROOT_FW_REGION].flags) + have_fw_reg = TRUE; + count++; + } + if (!have_fw_reg) + return SBI_EINVAL; + + /* Sort the memory regions */ + for (i = 0; i < (count - 1); i++) { + reg = &dom->regions[i]; + for (j = i + 1; j < count; j++) { + reg1 = &dom->regions[j]; + + if (is_region_conflict(reg1, reg)) + return SBI_EINVAL; + + if (!is_region_before(reg1, reg)) + continue; + + sbi_memcpy(&treg, reg1, sizeof(treg)); + sbi_memcpy(reg1, reg, sizeof(treg)); + sbi_memcpy(reg, &treg, sizeof(treg)); + } + } + + /* + * We don't need to check boot HART id of domain because if boot + * HART id is not possible/assigned to this domain then it won't + * be started at boot-time by sbi_domain_finalize(). + */ + + /* + * Check next mode + * + * We only allow next mode to be S-mode or U-mode.so that we can + * protect M-mode context and enforce checks on memory accesses. + */ + if (dom->next_mode != PRV_S && + dom->next_mode != PRV_U) + return SBI_EINVAL; + + /* Check next address and next mode*/ + if (!sbi_domain_check_addr(dom, dom->next_addr, dom->next_mode, + FALSE, FALSE, FALSE, TRUE)) + return SBI_EINVAL; + + return 0; +} + +int sbi_domain_finalize(struct sbi_scratch *scratch, u32 cold_hartid) +{ + int rc; + u32 i, j, dhart; + bool dom_exists; + struct sbi_domain *dom, *tdom; + const struct sbi_platform *plat = sbi_platform_ptr(scratch); + + /* Discover domains */ + for (i = 0; i < SBI_HARTMASK_MAX_BITS; i++) { + /* Ignore invalid HART */ + if (sbi_platform_hart_invalid(plat, i)) + continue; + + /* Get domain assigned to HART */ + dom = sbi_platform_domain_get(plat, i); + if (!dom) + continue; + + /* Check if domain already discovered */ + dom_exists = FALSE; + sbi_domain_for_each(j, tdom) { + if (tdom == dom) { + dom_exists = TRUE; + break; + } + } + + /* Newly discovered domain */ + if (!dom_exists) { + /* + * Ensure that we have room for Domain Index to + * HART ID mapping + */ + if (domain_count <= SBI_DOMAIN_MAX_INDEX) + return SBI_ENOSPC; + + /* Sanitize discovered domain */ + rc = sanitize_domain(plat, dom); + if (rc) + return rc; + + /* Assign index to domain */ + dom->index = domain_count++; + domidx_to_domain_table[dom->index] = dom; + + /* Clear assigned HARTs of domain */ + sbi_hartmask_clear_all(&dom->assigned_harts); + } + + /* Assign domain to HART if HART is a possible HART */ + if (sbi_hartmask_test_hart(i, dom->possible_harts)) { + tdom = hartid_to_domain_table[i]; + if (tdom) + sbi_hartmask_clear_hart(i, + &tdom->assigned_harts); + hartid_to_domain_table[i] = dom; + sbi_hartmask_set_hart(i, &dom->assigned_harts); + } + } + + /* Startup boot HART of domains */ + sbi_domain_for_each(i, dom) { + /* Domain boot HART */ + dhart = dom->boot_hartid; + + /* Ignore if boot HART not possible for this domain */ + if (!sbi_hartmask_test_hart(i, dom->possible_harts)) + continue; + + /* Ignore if boot HART assigned different domain */ + if (sbi_hartid_to_domain(dhart) != dom || + !sbi_hartmask_test_hart(i, &dom->assigned_harts)) + continue; + + /* Startup boot HART of domain */ + if (dhart == cold_hartid) { + scratch->next_addr = dom->next_addr; + scratch->next_mode = dom->next_mode; + scratch->next_arg1 = dom->next_arg1; + } else { + rc = sbi_hsm_hart_start(scratch, dhart, dom->next_addr, + dom->next_mode, dom->next_arg1); + if (rc) + return rc; + } + } + + return 0; +} + +int sbi_domain_init(struct sbi_scratch *scratch, u32 cold_hartid) +{ + u32 i; + const struct sbi_platform *plat = sbi_platform_ptr(scratch); + + /* Root domain firmware memory region */ + root_memregs[ROOT_FW_REGION].order = log2roundup(scratch->fw_size); + root_memregs[ROOT_FW_REGION].base = scratch->fw_start & + ~((1UL << root_memregs[0].order) - 1UL); + root_memregs[ROOT_FW_REGION].flags = 0; + + /* Root domain allow everything memory region */ + root_memregs[ROOT_ALL_REGION].order = __riscv_xlen; + root_memregs[ROOT_ALL_REGION].base = 0; + root_memregs[ROOT_ALL_REGION].flags = (SBI_DOMAIN_MEMREGION_READABLE | + SBI_DOMAIN_MEMREGION_WRITEABLE | + SBI_DOMAIN_MEMREGION_EXECUTABLE); + + /* Root domain memory region end */ + root_memregs[ROOT_END_REGION].order = 0; + + /* Root domain boot HART id is same as coldboot HART id */ + root.boot_hartid = cold_hartid; + + /* Root domain next booting stage details */ + root.next_arg1 = scratch->next_arg1; + root.next_addr = scratch->next_addr; + root.next_mode = scratch->next_mode; + + /* Select root domain for all valid HARTs */ + for (i = 0; i < SBI_HARTMASK_MAX_BITS; i++) { + if (sbi_platform_hart_invalid(plat, i)) + continue; + sbi_hartmask_set_hart(i, &root_hmask); + hartid_to_domain_table[i] = &root; + sbi_hartmask_set_hart(i, &root.assigned_harts); + } + + /* Set root domain index */ + root.index = domain_count++; + domidx_to_domain_table[root.index] = &root; + + return 0; +} diff --git a/lib/sbi/sbi_init.c b/lib/sbi/sbi_init.c index 5cedb15..406cb3f 100644 --- a/lib/sbi/sbi_init.c +++ b/lib/sbi/sbi_init.c @@ -12,6 +12,7 @@ #include #include #include +#include #include #include #include @@ -169,6 +170,11 @@ static void __noreturn init_coldboot(struct sbi_scratch *scratch, u32 hartid) if (rc) sbi_hart_hang(); + /* Note: This has to be second thing in coldboot init sequence */ + rc = sbi_domain_init(scratch, hartid); + if (rc) + sbi_hart_hang(); + init_count_offset = sbi_scratch_alloc_offset(__SIZEOF_POINTER__, "INIT_COUNT"); if (!init_count_offset) @@ -210,10 +216,24 @@ static void __noreturn init_coldboot(struct sbi_scratch *scratch, u32 hartid) if (rc) sbi_hart_hang(); + /* + * Note: Finalize domains after HSM initialization so that we + * can startup non-root domains. + * Note: Finalize domains before HART PMP configuration so + * that we use correct domain for configuring PMP. + */ + rc = sbi_domain_finalize(scratch, hartid); + if (rc) + sbi_hart_hang(); + rc = sbi_hart_pmp_configure(scratch); if (rc) sbi_hart_hang(); + /* + * Note: Platform final initialization should be last so that + * it sees correct domain assignment and PMP configuration. + */ rc = sbi_platform_final_init(plat, TRUE); if (rc) sbi_hart_hang();