[v3,48/52] xen/mpu: enable MMIO region trap in MPU system

Message ID	20230626033443.2943270-49-Penny.Zheng@arm.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> From: Penny Zheng <Penny.Zheng@arm.com> To: xen-devel@lists.xenproject.org Cc: Penny Zheng <Penny.Zheng@arm.com>, Stefano Stabellini <sstabellini@kernel.org>, Julien Grall <julien@xen.org>, Bertrand Marquis <bertrand.marquis@arm.com>, Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>, Penny Zheng <penny.zheng@arm.com>, Wei Chen <wei.chen@arm.com> Subject: [PATCH v3 48/52] xen/mpu: enable MMIO region trap in MPU system Date: Mon, 26 Jun 2023 11:34:39 +0800 Message-Id: <20230626033443.2943270-49-Penny.Zheng@arm.com> In-Reply-To: <20230626033443.2943270-1-Penny.Zheng@arm.com> References: <20230626033443.2943270-1-Penny.Zheng@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	xen/arm: Add Armv8-R64 MPU support to Xen - Part#1 \| expand [v3,00/52] xen/arm: Add Armv8-R64 MPU support to Xen - Part#1 [v3,01/52] xen/arm: remove xen_phys_start and xenheap_phys_end from config.h [v3,02/52] xen/arm: make ARM_EFI selectable for Arm64 [v3,03/52] xen/arm: add an option to define Xen start address for Armv8-R [v3,04/52] xen/arm: add .text.idmap in ld script for Xen identity map sections [v3,05/52] xen/arm64: head: Introduce enable_boot_mmu and enable_runtime_mmu [v3,06/52] xen/arm: introduce CONFIG_HAS_MMU [v3,07/52] xen/arm64: prepare for moving MMU related code from head.S [v3,08/52] xen/arm64: move MMU related code from head.S to mmu/head.S [v3,09/52] xen/arm: use PA == VA for EARLY_UART_VIRTUAL_ADDRESS on MPU systems [v3,10/52] xen/arm: Move MMU related definitions from config.h to mmu/layout.h [v3,11/52] xen/arm: mmu: fold FIXMAP into MMU system [v3,12/52] xen/mmu: extract early uart mapping from setup_fixmap [v3,13/52] xen/mmu: extract mmu-specific codes from mm.c/mm.h [v3,14/52] xen/mmu: move MMU-specific setup_mm to mmu/setup.c [v3,15/52] xen: make VMAP only support in MMU system [v3,16/52] xen/mmu: relocate copy_from_paddr into setup.c [v3,17/52] xen/arm: do not give memory back to static heap [v3,18/52] xen/arm: only map the init text section RW in free_init_memory [v3,19/52] xen/arm: switch to use ioremap_xxx in common file [v3,20/52] xen/mmu: move MMU specific P2M code to mmu/p2m.c and mmu/p2m.h [v3,21/52] xen: introduce CONFIG_HAS_PAGING_MEMPOOL [v3,22/52] xen/mmu: enable SMMU subsystem only in MMU [v3,23/52] xen/arm: create mpu/layout.h for MPU related address definitions [v3,24/52] xen/mpu: build up start-of-day Xen MPU memory region map [v3,25/52] xen/mpu: introduce helpers for MPU enablement [v3,26/52] xen/mpu: map early uart when earlyprintk on [v3,27/52] xen/mpu: introduce setup_mm_mappings [v3,28/52] xen/mpu: plump virt/maddr conversion in MPU system [v3,29/52] xen/mpu: introduce a pair helper read_protection_region()/write_protection_region() [v3,30/52] xen/mpu: populate a new region in Xen MPU mapping table [v3,31/52] xen/mpu: make early_fdt_map support in MPU systems [v3,32/52] xen/mpu: implement MPU version of setup_mm in mpu/setup.c [v3,33/52] xen/mpu: initialize frametable in MPU system [v3,34/52] xen/mpu: destroy an existing entry in Xen MPU memory mapping table [v3,35/52] xen/arm: map static memory on demand [v3,36/52] xen/mpu: implememt ioremap_xxx in MPU [v3,37/52] xen/mpu: implement MPU version of copy_from_paddr [v3,38/52] xen/mpu: map domain page in MPU system [v3,39/52] xen/mpu: support free_init_memory in MPU system [v3,40/52] xen/mpu: implement remove_early_mappings in MPU system [v3,41/52] xen/mpu: Use secure hypervisor timer in MPU system [v3,42/52] xen/mpu: implement setup_virt_paging for MPU system [v3,43/52] xen/mpu: configure VSTCR_EL2 in MPU system [v3,44/52] xen/mpu: P2M initialization in MPU system [v3,45/52] xen/mpu: insert an new entry into guest physmap in MPU system [v3,46/52] xen/mpu: look up entry in p2m table [v3,47/52] xen/mpu: support vcpu context switch in MPU system [v3,48/52] xen/mpu: enable MMIO region trap in MPU system [v3,49/52] xen/mpu: enable device passthrough in MPU system [v3,50/52] xen/mpu: dump debug message in MPU system [v3,51/52] xen/mpu: create stubs of function/variables for UNSUPPORTED features [v3,52/52] xen/arm: add Kconfig option CONFIG_HAS_MPU to enable MPU system support

Message ID

20230626033443.2943270-49-Penny.Zheng@arm.com (mailing list archive)

State

New, archived

Headers

Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
From: Penny Zheng <Penny.Zheng@arm.com>
To: xen-devel@lists.xenproject.org
Cc: Penny Zheng <Penny.Zheng@arm.com>,
	Stefano Stabellini <sstabellini@kernel.org>,
	Julien Grall <julien@xen.org>,
	Bertrand Marquis <bertrand.marquis@arm.com>,
	Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>,
	Penny Zheng <penny.zheng@arm.com>,
	Wei Chen <wei.chen@arm.com>
Subject: [PATCH v3 48/52] xen/mpu: enable MMIO region trap in MPU system
Date: Mon, 26 Jun 2023 11:34:39 +0800
Message-Id: <20230626033443.2943270-49-Penny.Zheng@arm.com>
In-Reply-To: <20230626033443.2943270-1-Penny.Zheng@arm.com>
References: <20230626033443.2943270-1-Penny.Zheng@arm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

xen/arm: Add Armv8-R64 MPU support to Xen - Part#1 | expand

Commit Message

Penny Zheng June 26, 2023, 3:34 a.m. UTC

MMIO region traps, generating from insufficient access permissions,
will lead to data abort with Permission Fault in MPU system.
It is different with MMU system, which generates Translation Fault instead.

We extract common codes for dealing with MMIO trap into a new helper
do_mmio_trap_stage2_abort_guest().

Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Wei Chen <wei.chen@arm.com>
---
v3:
- new commit
---
 xen/arch/arm/traps.c | 81 +++++++++++++++++++++++++++++---------------
 1 file changed, 54 insertions(+), 27 deletions(-)

diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c
index ef5c6a8195..bffa147c36 100644
--- a/xen/arch/arm/traps.c
+++ b/xen/arch/arm/traps.c
@@ -1848,6 +1848,45 @@  static inline bool check_p2m(bool is_data, paddr_t gpa)
     return false;
 }
 
+static int do_mmio_trap_stage2_abort_guest(struct cpu_user_regs *regs,
+                                           const union hsr hsr,
+                                           mmio_info_t *info,
+                                           vaddr_t gva, paddr_t gpa)
+{
+    enum io_state state;
+
+    state = try_handle_mmio(regs, info);
+    switch ( state )
+    {
+        case IO_ABORT:
+            goto inject_abt;
+        case IO_HANDLED:
+            /*
+             * If the instruction was decoded and has executed successfully
+             * on the MMIO region, then Xen should execute the next part of
+             * the instruction. (for eg increment the rn if it is a
+             * post-indexing instruction.
+             */
+            finalize_instr_emulation(&info->dabt_instr);
+            advance_pc(regs, hsr);
+            return 0;
+        case IO_RETRY:
+            /* finish later */
+            return 0;
+        case IO_UNHANDLED:
+            /* IO unhandled, try another way to handle it. */
+            return -EFAULT;
+    }
+
+inject_abt:
+    gdprintk(XENLOG_DEBUG,
+             "HSR=%#"PRIregister" pc=%#"PRIregister" gva=%#"PRIvaddr" gpa=%#"PRIpaddr"\n",
+             hsr.bits, regs->pc, gva, gpa);
+    inject_dabt_exception(regs, gva, hsr.len);
+
+    return 0;
+}
+
 static void do_trap_stage2_abort_guest(struct cpu_user_regs *regs,
                                        const union hsr hsr)
 {
@@ -1862,7 +1901,6 @@  static void do_trap_stage2_abort_guest(struct cpu_user_regs *regs,
     uint8_t fsc = xabt.fsc & ~FSC_LL_MASK;
     bool is_data = (hsr.ec == HSR_EC_DATA_ABORT_LOWER_EL);
     mmio_info_t info;
-    enum io_state state;
 
     /*
      * If this bit has been set, it means that this stage-2 abort is caused
@@ -1896,6 +1934,8 @@  static void do_trap_stage2_abort_guest(struct cpu_user_regs *regs,
             return; /* Try again */
     }
 
+    info.gpa = gpa;
+    info.dabt = hsr.dabt;
     switch ( fsc )
     {
     case FSC_FLT_PERM:
@@ -1909,6 +1949,17 @@  static void do_trap_stage2_abort_guest(struct cpu_user_regs *regs,
         };
 
         p2m_mem_access_check(gpa, gva, npfec);
+
+#ifdef CONFIG_HAS_MPU
+        /*
+         * MMIO region traps, generating from insufficient access permissions,
+         * will lead to data abort with Permission fault.
+         */
+        if ( is_data &&
+             (do_mmio_trap_stage2_abort_guest(regs, hsr, &info, gva, gpa) == 0) )
+            return;
+#endif
+
         /*
          * The only way to get here right now is because of mem_access,
          * thus reinjecting the exception to the guest is never required.
@@ -1917,9 +1968,6 @@  static void do_trap_stage2_abort_guest(struct cpu_user_regs *regs,
     }
     case FSC_FLT_TRANS:
     {
-        info.gpa = gpa;
-        info.dabt = hsr.dabt;
-
         /*
          * Assumption :- Most of the times when we get a data abort and the ISS
          * is invalid or an instruction abort, the underlying cause is that the
@@ -1948,29 +1996,8 @@  static void do_trap_stage2_abort_guest(struct cpu_user_regs *regs,
         if ( info.dabt_instr.state == INSTR_ERROR )
             goto inject_abt;
 
-        state = try_handle_mmio(regs, &info);
-
-        switch ( state )
-        {
-            case IO_ABORT:
-                goto inject_abt;
-            case IO_HANDLED:
-                /*
-                 * If the instruction was decoded and has executed successfully
-                 * on the MMIO region, then Xen should execute the next part of
-                 * the instruction. (for eg increment the rn if it is a
-                 * post-indexing instruction.
-                 */
-                finalize_instr_emulation(&info.dabt_instr);
-                advance_pc(regs, hsr);
-                return;
-            case IO_RETRY:
-                /* finish later */
-                return;
-            case IO_UNHANDLED:
-                /* IO unhandled, try another way to handle it. */
-                break;
-        }
+        if ( do_mmio_trap_stage2_abort_guest(regs, hsr, &info, gva, gpa) == 0 )
+            return;
 
         /*
          * If the instruction syndrome was invalid, then we already checked if

[v3,48/52] xen/mpu: enable MMIO region trap in MPU system

Commit Message

Patch