From patchwork Sun Dec 8 22:28:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lukas Auer X-Patchwork-Id: 1205778 X-Patchwork-Delegate: uboot@andestech.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=aisec.fraunhofer.de Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47WLc015slz9s4Y for ; Mon, 9 Dec 2019 09:29:52 +1100 (AEDT) Received: from phobos.denx.de (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 1AD018135C; Sun, 8 Dec 2019 23:29:35 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=aisec.fraunhofer.de Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 90DB981630; Sun, 8 Dec 2019 23:29:31 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=0.4 required=5.0 tests=KHOP_HELO_FCRDNS, SPF_HELO_NONE, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.2 Received: from mail-edgeKA24.fraunhofer.de (mail-edgeka24.fraunhofer.de [153.96.1.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 2FC4A809ED for ; Sun, 8 Dec 2019 23:29:28 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=aisec.fraunhofer.de Authentication-Results: phobos.denx.de; spf=none smtp.mailfrom=lukas.auer@aisec.fraunhofer.de X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A2ErAwAEee1d/xwBYJllHAEBAQEBBwEBEQEEBAEBgX6CIIFBAR88Coxuo1MJAQEBAQEBAQEBBwETHAEBhEACghYkOBMCEAEBBQEBAQEBBQQCAmmFQ4YoBicLAUEFEFFXBg4FgyKCdwGsYzOJBIFICQGBLIc/hFkPgUw/gRE2gxuEEoYlBI0RglmebweBRG1uBIVOjxoMG4JCjAeLaZAPmGYCBAIEBQIVgWkjgVgzGiSDO1ARFIxyF44kQAEBMQGMf4ExgRABAQ X-IPAS-Result: A2ErAwAEee1d/xwBYJllHAEBAQEBBwEBEQEEBAEBgX6CIIFBAR88Coxuo1MJAQEBAQEBAQEBBwETHAEBhEACghYkOBMCEAEBBQEBAQEBBQQCAmmFQ4YoBicLAUEFEFFXBg4FgyKCdwGsYzOJBIFICQGBLIc/hFkPgUw/gRE2gxuEEoYlBI0RglmebweBRG1uBIVOjxoMG4JCjAeLaZAPmGYCBAIEBQIVgWkjgVgzGiSDO1ARFIxyF44kQAEBMQGMf4ExgRABAQ X-IronPort-AV: E=Sophos;i="5.69,293,1571695200"; d="scan'208";a="18718725" Received: from mail-mtaka28.fraunhofer.de ([153.96.1.28]) by mail-edgeKA24.fraunhofer.de with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Dec 2019 23:29:27 +0100 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0CIAgAEee1dfRBhWMBlHAEBAQEBBwEBEQEEBAEBgX6DYQEfPAqMbqNTCQEDAQEBAQEHAS8BAYRAAoI5OBMCEAEBBAEBAQIBBQQUAQEWOoVKhVMDAycLAUEFEFFXBg4FgyKCeKxjM4kEgUgJAYEshz+EaIFMP4ERNoMbhBKGJQSNEYJZnm8HgURtbgSFTo8aDBuCQowHi2mQD5hmAgQCBAUCFYFpIYFZMxokgztQERSMcheOJEABAQEwAYx/gTGBEAEB X-IronPort-AV: E=Sophos;i="5.69,293,1571695200"; d="scan'208";a="20754809" Received: from fgdemucivp01ltm.xch.fraunhofer.de (HELO FGDEMUCIMP11EXC.ads.fraunhofer.de) ([192.88.97.16]) by mail-mtaKA28.fraunhofer.de with ESMTP/TLS/AES256-SHA; 08 Dec 2019 23:29:07 +0100 Received: from xch-onprem-07.ads.fraunhofer.de (10.225.16.45) by FGDEMUCIMP11EXC.ads.fraunhofer.de (10.80.232.42) with Microsoft SMTP Server (TLS) id 14.3.439.0; Sun, 8 Dec 2019 23:32:21 +0100 Received: from localhost.localdomain (10.225.16.62) by xch-onprem-07.ads.fraunhofer.de (10.225.16.45) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1779.2; Sun, 8 Dec 2019 23:29:05 +0100 From: Lukas Auer To: Subject: [PATCH v2 1/4] spl: opensbi: specify main hart as preferred boot hart Date: Sun, 8 Dec 2019 23:28:49 +0100 Message-ID: <20191208222852.5506-2-lukas.auer@aisec.fraunhofer.de> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20191208222852.5506-1-lukas.auer@aisec.fraunhofer.de> References: <20191208222852.5506-1-lukas.auer@aisec.fraunhofer.de> MIME-Version: 1.0 X-Originating-IP: [10.225.16.62] X-ClientProxiedBy: xch-onprem-08.ads.fraunhofer.de (10.225.16.40) To xch-onprem-07.ads.fraunhofer.de (10.225.16.45) X-TM-AS-Product-Ver: SMEX-11.0.0.4179-8.200.1013-25090.004 X-TM-AS-Result: No--3.872000-8.000000-31 X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.26 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.101.4 at phobos.denx.de X-Virus-Status: Clean OpenSBI uses a relocation lottery to determine the hart to relocate OpenSBI to its link address. In the U-Boot SPL boot flow, the main hart schedules the secondary harts to enter OpenSBI before doing so itself. One of the secondary harts will therefore always be the winner of the relocation lottery. This is problematic if the link address ranges of OpenSBI and U-Boot SPL overlap. OpenSBI will be relocated and therefore overwrite U-Boot SPL while some harts may still run it, leading to code corruption. Avoid this problem by specifying the main hart as the preferred boot hart to perform the OpenSBI relocation. The main hart will be the last hart to enter OpenSBI, relocation can therefore occur safely. The boot hart field was added to version 2 of the OpenSBI FW_DYNAMIC info structure. The header file include/opensbi.h is synchronized with include/sbi/fw_dynamic.h from the OpenSBI project to update the info structure. The header file is recent as of commit 7a13beb21326 ("firmware: Add preferred boot HART field in struct fw_dynamic_info"). Reported-by: Rick Chen Suggested-by: Anup Patel Signed-off-by: Lukas Auer Reviewed-by: Rick Chen Tested-by: Rick Chen Reviewed-by: Anup Patel --- Changes in v2: None common/spl/spl_opensbi.c | 1 + include/opensbi.h | 18 +++++++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/common/spl/spl_opensbi.c b/common/spl/spl_opensbi.c index 2345f949f0..fed41b1e66 100644 --- a/common/spl/spl_opensbi.c +++ b/common/spl/spl_opensbi.c @@ -70,6 +70,7 @@ void spl_invoke_opensbi(struct spl_image_info *spl_image) opensbi_info.next_addr = uboot_entry; opensbi_info.next_mode = FW_DYNAMIC_INFO_NEXT_MODE_S; opensbi_info.options = SBI_SCRATCH_NO_BOOT_PRINTS; + opensbi_info.boot_hart = gd->arch.boot_hart; opensbi_entry = (void (*)(ulong, ulong, ulong))spl_image->entry_point; invalidate_icache_all(); diff --git a/include/opensbi.h b/include/opensbi.h index 9f1d62e7dd..d812cc8ccd 100644 --- a/include/opensbi.h +++ b/include/opensbi.h @@ -11,7 +11,7 @@ #define FW_DYNAMIC_INFO_MAGIC_VALUE 0x4942534f /** Maximum supported info version */ -#define FW_DYNAMIC_INFO_VERSION 0x1 +#define FW_DYNAMIC_INFO_VERSION 0x2 /** Possible next mode values */ #define FW_DYNAMIC_INFO_NEXT_MODE_U 0x0 @@ -35,6 +35,22 @@ struct fw_dynamic_info { unsigned long next_mode; /** Options for OpenSBI library */ unsigned long options; + /** + * Preferred boot HART id + * + * It is possible that the previous booting stage uses same link + * address as the FW_DYNAMIC firmware. In this case, the relocation + * lottery mechanism can potentially overwrite the previous booting + * stage while other HARTs are still running in the previous booting + * stage leading to boot-time crash. To avoid this boot-time crash, + * the previous booting stage can specify last HART that will jump + * to the FW_DYNAMIC firmware as the preferred boot HART. + * + * To avoid specifying a preferred boot HART, the previous booting + * stage can set it to -1UL which will force the FW_DYNAMIC firmware + * to use the relocation lottery mechanism. + */ + unsigned long boot_hart; } __packed; #endif