Use the refactored UpdateRegionMapping () to traverse the translation
tables, splitting block entries along the way if required, and apply
a mask + or on each to set or clear the PXN/UXN/XN or RO bits.
For now, the 32-bit ARM versions remain unimplemented.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18587 6f19259b-4bc3-4df7-8a09-765794883524
Move the page table traversal and splitting logic to a separate function
UpdateRegionMapping() and refactor it slightly so we can reuse it later to
implement non-executable regions, for the stack. This primarly involves
adding a value/mask pair to the function prototype that allows us to flip
arbitrary bits on each block entry as the page tables are traversed.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18586 6f19259b-4bc3-4df7-8a09-765794883524
The non-privileged execute never (UXN) page table bit defined for the
EL1&0 translation regime and the execute never (XN) bit defined for the
EL2 and EL3 translation regimes happen to share the same bit position,
but they are in fact defined distinctly by the architecture. So define
both bits explicitly, and add comments in places where we take advantage
of the fact that they share the same bit position.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18585 6f19259b-4bc3-4df7-8a09-765794883524
All our page tables are allocated from memory whose cacheability
attributes are inherited by the cacheability bits in the MMU control
register, so there is no need for explicit cache maintenance after
updating the page tables. And even if there were, Set/Way operations
are not appropriate anyway for ensuring that these changes make it to
main memory. So just remove the explicit cache maintenance completely.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18570 6f19259b-4bc3-4df7-8a09-765794883524
Now that the AArch64 MMU code correctly identifies and handles
naturally aligned regions of more than 2 MB in size, it will happily
try to use block mappings at level 0 to map huge memory regions, such
as the single cacheable 1:1 mapping we use for Xen domU to map the
entire PA space. However, block mappings are not supported at level 0
so the resulting translation tables will be incorrect, causing
execution to fail as soon as the MMU is enabled.
So use level 1 as the minimum level at which to perform block
translations.
Reported-by: Julien Grall <julien.grall@citrix.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Tested-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18568 6f19259b-4bc3-4df7-8a09-765794883524
During page entry attribute update, if there are table entries
between starting BlockEntry and LastBlockEntry, table entries will be
set as block entries and the allocated memory of the tables will be
leaked.
So instead, we break the inner loop when we find a table entry and run
outer loop again to step into the table by the same logic.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
[ardb: move termination condition check inside the loop]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18425 6f19259b-4bc3-4df7-8a09-765794883524
Below code has bug since *BlockEntrySize and *TableLevel are not
updated accordingly:
if (IndexLevel == PageLevel) {
// And get the appropriate BlockEntry at the next level
BlockEntry = (UINT64*)TT_GET_ENTRY_FOR_ADDRESS (TranslationTable, \
IndexLevel + 1, RegionStart);
// Set the last block for this new table
*LastBlockEntry = TT_LAST_BLOCK_ADDRESS(TranslationTable, \
TT_ENTRY_COUNT);
}
Also it doesn't check recursively to get the last level, e.g. the
initial PageLevel is 1 and we already have level 2 and 3 tables at
this address.
What's more, *LastBlockEntry was not updated when we get a table and
IndexLevel != PageLevel.
So we reorganize the sequence, only updating TranslationTable,
PageLevel and BlockEntry in the loop, and setting the other output
parameters with the final PageLevel before returning.
And LastBlockEntry is only an OUT parameter.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18424 6f19259b-4bc3-4df7-8a09-765794883524
There is a hidden bug for below code:
(1 << BaseAddressAlignment) & *BlockEntrySize
From disassembly code, we can see the literal number 1 will be treated
as INT32 by compiler by default, and we'll get 0xFFFFFFFF80000000 when
BaseAddressAlignment is equal to 31. So we will always get 31 when
alignment is larger than 31.
if ((1 << BaseAddressAlignment) & *BlockEntrySize) {
5224: f9404be0 ldr x0, [sp,#144]
5228: 2a0003e1 mov w1, w0
522c: 52800020 mov w0, #0x1 // #1
5230: 1ac12000 lsl w0, w0, w1
5234: 93407c01 sxtw x1, w0
The bug can be replayed on QEMU AARCH64; by adding some debug print,
we can see lots of level 1 tables created (for block of 1GB) even
when the region is large enough to use 512GB block size.
Use LowBitSet64() in BaseLib instead to fix the bug.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18423 6f19259b-4bc3-4df7-8a09-765794883524
The bug can be triggered when alignment of Base is larger than Length
by 2 level of page granularity, e.g.
Base is 0x4000_0000, Length is 0x1000
The original code will change 2MB page level and we will get a
negative remaining length.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18422 6f19259b-4bc3-4df7-8a09-765794883524
The code has a simple bug on calculating aligned page table address.
We can just use AllocateAlignedPages in MemoryAllocationLib instead.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18421 6f19259b-4bc3-4df7-8a09-765794883524
We need to use msr instruction to write system register. It seems the
code was simply copied from ArmReadCntkCtl.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Heyi Guo <heyi.guo@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17440 6f19259b-4bc3-4df7-8a09-765794883524
This removes the range size threshold for virtual address based cache
maintenance instructions that operate on VA ranges to be 'promoted' to
use set/way instructions.
Doing so is unsafe: set/way operations are fundamentally different
from VA operations, and really only suitable for cleaning or invalidating
a cache when turning it on or off.
To quote the ARM ARM (DDI0487A_d G3.4):
"""
Since the set/way instructions are performed only locally, there is no
guarantee of the atomicity of cache maintenance between different PEs,
even if those different PEs are each performing the same cache maintenance
instructions at the same time. Since any cacheable line can be allocated
into the cache at any time, it is possible for [a] cache line to migrate
from an entry in the cache of one PE to the cache of a different PE in a
manner that the cache line avoids being affected by set/way based cache
maintenance. Therefore, ARM strongly discourages the use of set/way
instructions to manage coherency in coherent systems.
"""
Contributed-under: TianoCore Contribution Agreement 1.0
Reviewed-by: Olivier Martin <Olivier.Martin@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17176 6f19259b-4bc3-4df7-8a09-765794883524
From the AArch64 Procedure Call Standard (ARM IHI 0055B):
5.2.2.1 Universal stack constraints
At all times the following basic constraints must hold:
- SP mod 16 = 0. The stack must be quad-word aligned.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16327 6f19259b-4bc3-4df7-8a09-765794883524
ArmInvalidateInstructionAndDataTlb() was doing the same thing as
ArmInvalidateTlb().
Both invalidate Data and Instruction TLBs.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16253 6f19259b-4bc3-4df7-8a09-765794883524
Prior to this change, when a new page table was created at level N+1,
the reference to the table was added to the level N translation table,
before being initialized.
It means if virtual addresses were in the address range defined by
this new table the CPU would crash as the address range was not
initialized.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16206 6f19259b-4bc3-4df7-8a09-765794883524
Move TimerDxe and ArmArchTimerLib to ArmGenericTimerCounterLib, and update all
platforms to select the physical counter instance they have been using
implicitly all along.
Contributed-under: TianoCore Contribution Agreement 1.0
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-By: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16078 6f19259b-4bc3-4df7-8a09-765794883524
The ArmArchTimerLib.h include file is not directly related to the TimerLib
instance ArmArchTimerLib, so the name is confusing. Rename to ArmArchTimer.h
instead.
Contributed-under: TianoCore Contribution Agreement 1.0
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-By: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16073 6f19259b-4bc3-4df7-8a09-765794883524
Cache maintenance operations by Set/Way require that the Write Buffer
be drained before the cache is flushed. Without that, the flush can
miss the most recent values written as they are still "pipelined".
That has unfortunate consequences, especially where code is being
copied to RAM.
The fix is to add DSB instructions before the affected operations.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15551 6f19259b-4bc3-4df7-8a09-765794883524
AARCH64 does not have a BIC-with-immediate instruction. GAS assembles it as a
AND with the immediate inverted, but Clang's integrated assembler emits an
error.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brendan Jackman <brendan.jackman@arm.com>
Reviewed-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15509 6f19259b-4bc3-4df7-8a09-765794883524
This ensures the .type directive is used to mark them as function symbols
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brendan Jackman <brendan.jackman@arm.com>
Reviewed-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15506 6f19259b-4bc3-4df7-8a09-765794883524
Some non-GCC toolchain might support the GNU assembly language.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brendan Jackman <brendan.jackman@arm.com>
Reviewed-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15504 6f19259b-4bc3-4df7-8a09-765794883524
There are several instances of asserts which do not also handle
the error condition in Release builds.
Because these functions are called in different location of the
code and their parameters might change during the execution, it
is safer to handle the error.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15399 6f19259b-4bc3-4df7-8a09-765794883524
The function ArmReadMidr has been recently added, but that functionality was
already present under other names such as Cp15IdCode and ArmMainIdCode. This
change removes redundant code and moves the function to the Common library.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15276 6f19259b-4bc3-4df7-8a09-765794883524
Several assembler macros use a loop at the label "dead" to trap an error.
This is difficult to debug as there is no indication of how one arrived at the loop.
This change replaces dead with distinct loops locally in the macro,
which means the cause of the hang is detectable to the debugger.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15273 6f19259b-4bc3-4df7-8a09-765794883524
Update the LastBlockEntry return value when allocating a new page table block
and the parent page table entry is not valid. Discovered when producing page
table entries for a memory region that spans multiple page table entries of a
parent page table block. Not very memory space efficient because the rest of
the code could calculate a required page level that is deeper than some blocks
of the memory region might require. Case that found the problem:
MemoryRegion->VirtualBase = 0
MemoryRegion->Length = 0x7F000000
This fix will create an un-needed level of page table for address
range 0 -> 0x40000000
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Garrett Kirkendall <garrett.kirkendall@amd.com>
Reviewed-By: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15177 6f19259b-4bc3-4df7-8a09-765794883524
The shift by 1 on the left was expected. It eases the access to CSSELR and set/way operations
where the cache level field is at the BIT1 position.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14704 6f19259b-4bc3-4df7-8a09-765794883524
This macro return the address of the last entry of a translation table.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14565 6f19259b-4bc3-4df7-8a09-765794883524
'tlb alle1' was used to invalidate the TLBs in EL1. Expect this instruction can only
be invoked from EL2.
The correct instruction to invalidate TLBs in EL1 is 'tlbi vmalle1' - it invalidates
the TLBs of the current VMID.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14509 6f19259b-4bc3-4df7-8a09-765794883524