Hi,
On 3/31/20 12:17 PM, Sascha Hauer wrote:
> The attributes should be set to avoid speculative access to memory-mapped
> peripherals.
>
> The patch has been tested with:
>
> noinline unsigned long nox(void)
> {
> return get_pc();
> }
>
> static void xn_test(void)
> {
> void *adr = (void *)SOME_SRAM_ADDRESS;
> unsigned long ret;
> unsigned long (*fn)(void) = adr;
>
> memcpy(adr, nox, 0x1000);
>
> sync_caches_for_execution();
>
> ret = fn();
> printf("pc: 0x%08lx\n", ret);
> }
>
> Without this patch nox() gets executed in SRAM, with it runs into a
> abort as expected.
Looks good to me.
Reviewed-by: Ahmad Fatoum <a.fatoum@xxxxxxxxxxxxxx>
>
> Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
> ---
> Changes since v1:
> - Select correct PXN/UXN bits based on current exception level
>
> arch/arm/cpu/mmu-early_64.c | 3 ++-
> arch/arm/cpu/mmu_64.c | 4 ++--
> arch/arm/cpu/mmu_64.h | 17 +++++++++++++++++
> 3 files changed, 21 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm/cpu/mmu-early_64.c b/arch/arm/cpu/mmu-early_64.c
> index 94e372637a..a7598f28aa 100644
> --- a/arch/arm/cpu/mmu-early_64.c
> +++ b/arch/arm/cpu/mmu-early_64.c
> @@ -67,7 +67,8 @@ void mmu_early_enable(unsigned long membase, unsigned long memsize,
>
> el = current_el();
> set_ttbr_tcr_mair(el, ttb, calc_tcr(el, EARLY_BITS_PER_VA), MEMORY_ATTRIBUTES);
> - create_sections((void *)ttb, 0, 0, 1UL << (EARLY_BITS_PER_VA - 1), UNCACHED_MEM);
> + create_sections((void *)ttb, 0, 0, 1UL << (EARLY_BITS_PER_VA - 1),
> + attrs_uncached_mem());
> create_sections((void *)ttb, membase, membase, memsize, CACHED_MEM);
> tlb_invalidate();
> isb();
> diff --git a/arch/arm/cpu/mmu_64.c b/arch/arm/cpu/mmu_64.c
> index 8181658952..14d955cd96 100644
> --- a/arch/arm/cpu/mmu_64.c
> +++ b/arch/arm/cpu/mmu_64.c
> @@ -165,7 +165,7 @@ int arch_remap_range(void *_start, size_t size, unsigned flags)
> attrs = CACHED_MEM;
> break;
> case MAP_UNCACHED:
> - attrs = UNCACHED_MEM;
> + attrs = attrs_uncached_mem();
> break;
> default:
> return -EINVAL;
> @@ -201,7 +201,7 @@ void __mmu_init(bool mmu_on)
> pr_debug("ttb: 0x%p\n", ttb);
>
> /* create a flat mapping */
> - create_sections(0, 0, 1UL << (BITS_PER_VA - 1), UNCACHED_MEM);
> + create_sections(0, 0, 1UL << (BITS_PER_VA - 1), attrs_uncached_mem());
>
> /* Map sdram cached. */
> for_each_memory_bank(bank)
> diff --git a/arch/arm/cpu/mmu_64.h b/arch/arm/cpu/mmu_64.h
> index a2a5477569..9bbb62fc6b 100644
> --- a/arch/arm/cpu/mmu_64.h
> +++ b/arch/arm/cpu/mmu_64.h
> @@ -8,6 +8,23 @@
> PTE_BLOCK_OUTER_SHARE | \
> PTE_BLOCK_AF)
>
> +static inline unsigned long attrs_uncached_mem(void)
> +{
> + unsigned long attrs = UNCACHED_MEM;
> +
> + switch (current_el()) {
> + case 3:
> + case 2:
> + attrs |= PTE_BLOCK_UXN;
> + break;
> + default:
> + attrs |= PTE_BLOCK_UXN | PTE_BLOCK_PXN;
> + break;
> + }
> +
> + return attrs;
> +}
> +
> /*
> * Do it the simple way for now and invalidate the entire tlb
> */
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox
