[v3,43/52] xen/mpu: configure VSTCR_EL2 in MPU system

Message ID	20230626033443.2943270-44-Penny.Zheng@arm.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> From: Penny Zheng <Penny.Zheng@arm.com> To: xen-devel@lists.xenproject.org Cc: Penny Zheng <Penny.Zheng@arm.com>, Stefano Stabellini <sstabellini@kernel.org>, Julien Grall <julien@xen.org>, Bertrand Marquis <bertrand.marquis@arm.com>, Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>, Penny Zheng <penny.zheng@arm.com>, Wei Chen <wei.chen@arm.com> Subject: [PATCH v3 43/52] xen/mpu: configure VSTCR_EL2 in MPU system Date: Mon, 26 Jun 2023 11:34:34 +0800 Message-Id: <20230626033443.2943270-44-Penny.Zheng@arm.com> In-Reply-To: <20230626033443.2943270-1-Penny.Zheng@arm.com> References: <20230626033443.2943270-1-Penny.Zheng@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
Series	xen/arm: Add Armv8-R64 MPU support to Xen - Part#1 \| expand [v3,00/52] xen/arm: Add Armv8-R64 MPU support to Xen - Part#1 [v3,01/52] xen/arm: remove xen_phys_start and xenheap_phys_end from config.h [v3,02/52] xen/arm: make ARM_EFI selectable for Arm64 [v3,03/52] xen/arm: add an option to define Xen start address for Armv8-R [v3,04/52] xen/arm: add .text.idmap in ld script for Xen identity map sections [v3,05/52] xen/arm64: head: Introduce enable_boot_mmu and enable_runtime_mmu [v3,06/52] xen/arm: introduce CONFIG_HAS_MMU [v3,07/52] xen/arm64: prepare for moving MMU related code from head.S [v3,08/52] xen/arm64: move MMU related code from head.S to mmu/head.S [v3,09/52] xen/arm: use PA == VA for EARLY_UART_VIRTUAL_ADDRESS on MPU systems [v3,10/52] xen/arm: Move MMU related definitions from config.h to mmu/layout.h [v3,11/52] xen/arm: mmu: fold FIXMAP into MMU system [v3,12/52] xen/mmu: extract early uart mapping from setup_fixmap [v3,13/52] xen/mmu: extract mmu-specific codes from mm.c/mm.h [v3,14/52] xen/mmu: move MMU-specific setup_mm to mmu/setup.c [v3,15/52] xen: make VMAP only support in MMU system [v3,16/52] xen/mmu: relocate copy_from_paddr into setup.c [v3,17/52] xen/arm: do not give memory back to static heap [v3,18/52] xen/arm: only map the init text section RW in free_init_memory [v3,19/52] xen/arm: switch to use ioremap_xxx in common file [v3,20/52] xen/mmu: move MMU specific P2M code to mmu/p2m.c and mmu/p2m.h [v3,21/52] xen: introduce CONFIG_HAS_PAGING_MEMPOOL [v3,22/52] xen/mmu: enable SMMU subsystem only in MMU [v3,23/52] xen/arm: create mpu/layout.h for MPU related address definitions [v3,24/52] xen/mpu: build up start-of-day Xen MPU memory region map [v3,25/52] xen/mpu: introduce helpers for MPU enablement [v3,26/52] xen/mpu: map early uart when earlyprintk on [v3,27/52] xen/mpu: introduce setup_mm_mappings [v3,28/52] xen/mpu: plump virt/maddr conversion in MPU system [v3,29/52] xen/mpu: introduce a pair helper read_protection_region()/write_protection_region() [v3,30/52] xen/mpu: populate a new region in Xen MPU mapping table [v3,31/52] xen/mpu: make early_fdt_map support in MPU systems [v3,32/52] xen/mpu: implement MPU version of setup_mm in mpu/setup.c [v3,33/52] xen/mpu: initialize frametable in MPU system [v3,34/52] xen/mpu: destroy an existing entry in Xen MPU memory mapping table [v3,35/52] xen/arm: map static memory on demand [v3,36/52] xen/mpu: implememt ioremap_xxx in MPU [v3,37/52] xen/mpu: implement MPU version of copy_from_paddr [v3,38/52] xen/mpu: map domain page in MPU system [v3,39/52] xen/mpu: support free_init_memory in MPU system [v3,40/52] xen/mpu: implement remove_early_mappings in MPU system [v3,41/52] xen/mpu: Use secure hypervisor timer in MPU system [v3,42/52] xen/mpu: implement setup_virt_paging for MPU system [v3,43/52] xen/mpu: configure VSTCR_EL2 in MPU system [v3,44/52] xen/mpu: P2M initialization in MPU system [v3,45/52] xen/mpu: insert an new entry into guest physmap in MPU system [v3,46/52] xen/mpu: look up entry in p2m table [v3,47/52] xen/mpu: support vcpu context switch in MPU system [v3,48/52] xen/mpu: enable MMIO region trap in MPU system [v3,49/52] xen/mpu: enable device passthrough in MPU system [v3,50/52] xen/mpu: dump debug message in MPU system [v3,51/52] xen/mpu: create stubs of function/variables for UNSUPPORTED features [v3,52/52] xen/arm: add Kconfig option CONFIG_HAS_MPU to enable MPU system support

Message ID

20230626033443.2943270-44-Penny.Zheng@arm.com (mailing list archive)

State

New, archived

Headers

Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
From: Penny Zheng <Penny.Zheng@arm.com>
To: xen-devel@lists.xenproject.org
Cc: Penny Zheng <Penny.Zheng@arm.com>,
	Stefano Stabellini <sstabellini@kernel.org>,
	Julien Grall <julien@xen.org>,
	Bertrand Marquis <bertrand.marquis@arm.com>,
	Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>,
	Penny Zheng <penny.zheng@arm.com>,
	Wei Chen <wei.chen@arm.com>
Subject: [PATCH v3 43/52] xen/mpu: configure VSTCR_EL2 in MPU system
Date: Mon, 26 Jun 2023 11:34:34 +0800
Message-Id: <20230626033443.2943270-44-Penny.Zheng@arm.com>
In-Reply-To: <20230626033443.2943270-1-Penny.Zheng@arm.com>
References: <20230626033443.2943270-1-Penny.Zheng@arm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Series

xen/arm: Add Armv8-R64 MPU support to Xen - Part#1 | expand

Commit Message

Penny Zheng June 26, 2023, 3:34 a.m. UTC

VSTCR_EL2, Virtualization Secure Translation Control Register，is
the control register for stage 2 of the Secure EL1&0 translation regime.

VSTCR_EL2.SA defines secure stage 2 translation output address space.
To make sure that all stage 2 translations for the Secure PA space
access the Secure PA space, we keep SA bit as 0.
VSTCR_EL2.SC is NS check enable bit.
To make sure that Stage 2 NS configuration is checked against stage 1
NS configuration in EL1&0 translation regime for the given address, and
generates a fault if they are different, we set SC bit 1.

Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Wei Chen <wei.chen@arm.com>
---
v3:
- new commit
---
 xen/arch/arm/include/asm/arm64/sysregs.h |  6 ++++++
 xen/arch/arm/mpu/p2m.c                   | 17 ++++++++++++++++-
 2 files changed, 22 insertions(+), 1 deletion(-)

Comments

Ayan Kumar Halder July 5, 2023, 2:21 p.m. UTC | #1

On 26/06/2023 04:34, Penny Zheng wrote:
> CAUTION: This message has originated from an External Source. Please use proper judgment and caution when opening attachments, clicking links, or responding to this email.
>
>
> VSTCR_EL2, Virtualization Secure Translation Control Register，is
> the control register for stage 2 of the Secure EL1&0 translation regime.
>
> VSTCR_EL2.SA defines secure stage 2 translation output address space.
> To make sure that all stage 2 translations for the Secure PA space
> access the Secure PA space, we keep SA bit as 0.
> VSTCR_EL2.SC is NS check enable bit.
> To make sure that Stage 2 NS configuration is checked against stage 1
> NS configuration in EL1&0 translation regime for the given address, and
> generates a fault if they are different, we set SC bit 1.
>
> Signed-off-by: Penny Zheng <penny.zheng@arm.com>
> Signed-off-by: Wei Chen <wei.chen@arm.com>
> ---
> v3:
> - new commit
> ---
>   xen/arch/arm/include/asm/arm64/sysregs.h |  6 ++++++
>   xen/arch/arm/mpu/p2m.c                   | 17 ++++++++++++++++-
>   2 files changed, 22 insertions(+), 1 deletion(-)
>
> diff --git a/xen/arch/arm/include/asm/arm64/sysregs.h b/xen/arch/arm/include/asm/arm64/sysregs.h
> index ab0e6a97d3..35d7da411d 100644
> --- a/xen/arch/arm/include/asm/arm64/sysregs.h
> +++ b/xen/arch/arm/include/asm/arm64/sysregs.h
> @@ -512,6 +512,12 @@
>   /* MPU Protection Region Enable Register encode */
>   #define PRENR_EL2   S3_4_C6_C1_1
>
> +/* Virtualization Secure Translation Control Register */
> +#define VSTCR_EL2            S3_4_C2_C6_2
> +#define VSTCR_EL2_RES1_SHIFT 31
> +#define VSTCR_EL2_SA         ~(_AC(0x1,UL)<<30)
> +#define VSTCR_EL2_SC         (_AC(0x1,UL)<<20)
> +
>   #endif
>
>   #ifdef CONFIG_ARM_SECURE_STATE
> diff --git a/xen/arch/arm/mpu/p2m.c b/xen/arch/arm/mpu/p2m.c
> index 04c44825cb..a7a3912a9a 100644
> --- a/xen/arch/arm/mpu/p2m.c
> +++ b/xen/arch/arm/mpu/p2m.c
> @@ -10,7 +10,7 @@
>
>   void __init setup_virt_paging(void)
>   {
> -    uint64_t val = 0;
> +    uint64_t val = 0, val2 = 0;
>       bool p2m_vmsa = true;
>
>       /* PA size */
> @@ -76,6 +76,21 @@ void __init setup_virt_paging(void)
>
>       WRITE_SYSREG(val, VTCR_EL2);
#ifdef CONFIG_ARM_64
>
> +    /*
> +     * VSTCR_EL2.SA defines secure stage 2 translation output address space.
> +     * To make sure that all stage 2 translations for the Secure PA space
> +     * access the Secure PA space, we keep SA bit as 0.
> +     *
> +     * VSTCR_EL2.SC is NS check enable bit.
> +     * To make sure that Stage 2 NS configuration is checked against stage 1
> +     * NS configuration in EL1&0 translation regime for the given address, and
> +     * generates a fault if they are different, we set SC bit 1.
> +     */
> +    val2 = 1 << VSTCR_EL2_RES1_SHIFT;
> +    val2 &= VSTCR_EL2_SA;
> +    val2 |= VSTCR_EL2_SC;
> +    WRITE_SYSREG(val2, VSTCR_EL2);
#endif
> +
>       return;
>
>   fault:
> --
> 2.25.1
>
>

Penny Zheng July 13, 2023, 7:12 a.m. UTC | #2

Hi Ayan

On 2023/7/5 22:21, Ayan Kumar Halder wrote:
> 
> On 26/06/2023 04:34, Penny Zheng wrote:
>> CAUTION: This message has originated from an External Source. Please 
>> use proper judgment and caution when opening attachments, clicking 
>> links, or responding to this email.
>>
>>
>> VSTCR_EL2, Virtualization Secure Translation Control Register，is
>> the control register for stage 2 of the Secure EL1&0 translation regime.
>>
>> VSTCR_EL2.SA defines secure stage 2 translation output address space.
>> To make sure that all stage 2 translations for the Secure PA space
>> access the Secure PA space, we keep SA bit as 0.
>> VSTCR_EL2.SC is NS check enable bit.
>> To make sure that Stage 2 NS configuration is checked against stage 1
>> NS configuration in EL1&0 translation regime for the given address, and
>> generates a fault if they are different, we set SC bit 1.
>>
>> Signed-off-by: Penny Zheng <penny.zheng@arm.com>
>> Signed-off-by: Wei Chen <wei.chen@arm.com>
>> ---
>> v3:
>> - new commit
>> ---
>>   xen/arch/arm/include/asm/arm64/sysregs.h |  6 ++++++
>>   xen/arch/arm/mpu/p2m.c                   | 17 ++++++++++++++++-
>>   2 files changed, 22 insertions(+), 1 deletion(-)
>>
>> diff --git a/xen/arch/arm/include/asm/arm64/sysregs.h 
>> b/xen/arch/arm/include/asm/arm64/sysregs.h
>> index ab0e6a97d3..35d7da411d 100644
>> --- a/xen/arch/arm/include/asm/arm64/sysregs.h
>> +++ b/xen/arch/arm/include/asm/arm64/sysregs.h
>> @@ -512,6 +512,12 @@
>>   /* MPU Protection Region Enable Register encode */
>>   #define PRENR_EL2   S3_4_C6_C1_1
>>
>> +/* Virtualization Secure Translation Control Register */
>> +#define VSTCR_EL2            S3_4_C2_C6_2
>> +#define VSTCR_EL2_RES1_SHIFT 31
>> +#define VSTCR_EL2_SA         ~(_AC(0x1,UL)<<30)
>> +#define VSTCR_EL2_SC         (_AC(0x1,UL)<<20)
>> +
>>   #endif
>>
>>   #ifdef CONFIG_ARM_SECURE_STATE
>> diff --git a/xen/arch/arm/mpu/p2m.c b/xen/arch/arm/mpu/p2m.c
>> index 04c44825cb..a7a3912a9a 100644
>> --- a/xen/arch/arm/mpu/p2m.c
>> +++ b/xen/arch/arm/mpu/p2m.c
>> @@ -10,7 +10,7 @@
>>
>>   void __init setup_virt_paging(void)
>>   {
>> -    uint64_t val = 0;
>> +    uint64_t val = 0, val2 = 0;
>>       bool p2m_vmsa = true;
>>
>>       /* PA size */
>> @@ -76,6 +76,21 @@ void __init setup_virt_paging(void)
>>
>>       WRITE_SYSREG(val, VTCR_EL2);
> #ifdef CONFIG_ARM_64
>>
>> +    /*
>> +     * VSTCR_EL2.SA defines secure stage 2 translation output address 
>> space.
>> +     * To make sure that all stage 2 translations for the Secure PA 
>> space
>> +     * access the Secure PA space, we keep SA bit as 0.
>> +     *
>> +     * VSTCR_EL2.SC is NS check enable bit.
>> +     * To make sure that Stage 2 NS configuration is checked against 
>> stage 1
>> +     * NS configuration in EL1&0 translation regime for the given 
>> address, and
>> +     * generates a fault if they are different, we set SC bit 1.
>> +     */
>> +    val2 = 1 << VSTCR_EL2_RES1_SHIFT;
>> +    val2 &= VSTCR_EL2_SA;
>> +    val2 |= VSTCR_EL2_SC;
>> +    WRITE_SYSREG(val2, VSTCR_EL2);
> #endif

Understood, will fix.

>> +
>>       return;
>>
>>   fault:
>> -- 
>> 2.25.1
>>
>>

diff --git a/xen/arch/arm/include/asm/arm64/sysregs.h b/xen/arch/arm/include/asm/arm64/sysregs.h
index ab0e6a97d3..35d7da411d 100644
--- a/xen/arch/arm/include/asm/arm64/sysregs.h
+++ b/xen/arch/arm/include/asm/arm64/sysregs.h
@@ -512,6 +512,12 @@ 
 /* MPU Protection Region Enable Register encode */
 #define PRENR_EL2   S3_4_C6_C1_1
 
+/* Virtualization Secure Translation Control Register */
+#define VSTCR_EL2            S3_4_C2_C6_2
+#define VSTCR_EL2_RES1_SHIFT 31
+#define VSTCR_EL2_SA         ~(_AC(0x1,UL)<<30)
+#define VSTCR_EL2_SC         (_AC(0x1,UL)<<20)
+
 #endif
 
 #ifdef CONFIG_ARM_SECURE_STATE
diff --git a/xen/arch/arm/mpu/p2m.c b/xen/arch/arm/mpu/p2m.c
index 04c44825cb..a7a3912a9a 100644
--- a/xen/arch/arm/mpu/p2m.c
+++ b/xen/arch/arm/mpu/p2m.c
@@ -10,7 +10,7 @@ 
 
 void __init setup_virt_paging(void)
 {
-    uint64_t val = 0;
+    uint64_t val = 0, val2 = 0;
     bool p2m_vmsa = true;
 
     /* PA size */
@@ -76,6 +76,21 @@  void __init setup_virt_paging(void)
 
     WRITE_SYSREG(val, VTCR_EL2);
 
+    /*
+     * VSTCR_EL2.SA defines secure stage 2 translation output address space.
+     * To make sure that all stage 2 translations for the Secure PA space
+     * access the Secure PA space, we keep SA bit as 0.
+     *
+     * VSTCR_EL2.SC is NS check enable bit.
+     * To make sure that Stage 2 NS configuration is checked against stage 1
+     * NS configuration in EL1&0 translation regime for the given address, and
+     * generates a fault if they are different, we set SC bit 1.
+     */
+    val2 = 1 << VSTCR_EL2_RES1_SHIFT;
+    val2 &= VSTCR_EL2_SA;
+    val2 |= VSTCR_EL2_SC;
+    WRITE_SYSREG(val2, VSTCR_EL2);
+
     return;
 
 fault:

[v3,43/52] xen/mpu: configure VSTCR_EL2 in MPU system

Commit Message

Comments

Patch