From: Marc Zyngier <maz@kernel.org>
To: Ard Biesheuvel <ardb+git@google.com>
Cc: linux-arm-kernel@lists.infradead.org,
Ard Biesheuvel <ardb@kernel.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Mark Rutland <mark.rutland@arm.com>
Subject: Re: [PATCH 2/2] arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H
Date: Mon, 15 Apr 2024 09:22:39 +0100 [thread overview]
Message-ID: <868r1frq5s.wl-maz@kernel.org> (raw)
In-Reply-To: <20240415075412.2347624-6-ardb+git@google.com>
On Mon, 15 Apr 2024 08:54:15 +0100,
Ard Biesheuvel <ardb+git@google.com> wrote:
>
> From: Ard Biesheuvel <ardb@kernel.org>
>
> Even though the boot protocol stipulates otherwise, an exception has
> been made for the EFI stub, and entering the core kernel with the MMU
> enabled is permitted. This allows a substantial amount of cache
> maintenance to be elided, wich is significant when fast boot times are
> critical (e.g., for booting micro-VMs)
>
> Once the initial ID map has been populated, the MMU is disabled as part
> of the logic sequence that puts all system registers into a known state.
> Any code that needs to execute within the window where the MMU is off is
> cleaned to the PoC explicitly, which includes all of HYP text when
> entering at EL2.
>
> However, the current sequence of initializing the EL2 system registers
> is not safe: HCR_EL2 is set to its nVHE initial state before SCTLR_EL2
> is reprogrammed, and this means that a VHE-to-nVHE switch may occur
> while the MMU is enabled. This switch causes some system registers as
> well as page table descriptors to be interpreted in a different way,
> potentially resulting in spurious exceptions relating to MMU
> translation.
>
> So disable the MMU explicitly first when entering in EL2 with the MMU
> and caches enabled.
>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> ---
> arch/arm64/kernel/head.S | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
> index b8bbd72cb194..cb68adcabe07 100644
> --- a/arch/arm64/kernel/head.S
> +++ b/arch/arm64/kernel/head.S
> @@ -289,6 +289,11 @@ SYM_INNER_LABEL(init_el2, SYM_L_LOCAL)
> adr_l x1, __hyp_text_end
> adr_l x2, dcache_clean_poc
> blr x2
> +
> + mov_q x0, INIT_SCTLR_EL2_MMU_OFF
> + pre_disable_mmu_workaround
> + msr sctlr_el2, x0
> + isb
> 0:
> mov_q x0, HCR_HOST_NVHE_FLAGS
>
Acked-by: Marc Zyngier <maz@kernel.org>
M.
--
Without deviation from the norm, progress is not possible.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2024-04-15 8:22 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-15 7:54 [PATCH 0/2] arm64 head.S fixes Ard Biesheuvel
2024-04-15 7:54 ` [PATCH 1/2] arm64/head: Drop unnecessary pre-disable-MMU workaround Ard Biesheuvel
2024-04-15 8:20 ` Marc Zyngier
2024-04-15 8:29 ` Mark Rutland
2024-04-15 7:54 ` [PATCH 2/2] arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H Ard Biesheuvel
2024-04-15 8:22 ` Marc Zyngier [this message]
2024-04-15 8:32 ` Mark Rutland
2024-04-18 17:02 ` [PATCH 0/2] arm64 head.S fixes Catalin Marinas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=868r1frq5s.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=ardb+git@google.com \
--cc=ardb@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.