From: Ard Biesheuvel <ardb@kernel.org>
To: Jean-Philippe Brucker <jean-philippe@linaro.org>
Cc: "Gavin Shan" <gshan@redhat.com>,
"Itaru Kitayama" <itaru.kitayama@linux.dev>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
qemu-devel@nongnu.org, qemu-arm <qemu-arm@nongnu.org>,
"Richard Henderson" <richard.henderson@linaro.org>
Subject: Re: Unexpected error in rme_configure_one() at ../target/arm/kvm-rme.c:159
Date: Tue, 4 Jun 2024 21:04:50 +0200 [thread overview]
Message-ID: <CAMj1kXGiXucTF_Zxix4KeZXufdcDPpBHA5wOubQHHyt=E7w10Q@mail.gmail.com> (raw)
In-Reply-To: <20240604180836.GC875061@myrica>
On Tue, 4 Jun 2024 at 20:08, Jean-Philippe Brucker
<jean-philippe@linaro.org> wrote:
>
> On Fri, May 31, 2024 at 05:24:44PM +0200, Ard Biesheuvel wrote:
> > > I'm able to reproduce this even without RME. This code was introduced
> > > recently by c98f7f755089 ("ArmVirtPkg: Use dynamic PCD to set the SMCCC
> > > conduit"). Maybe Ard (Cc'd) knows what could be going wrong here.
> > >
> > > A slightly reduced reproducer:
> > >
> > > $ cd edk2/
> > > $ build -b DEBUG -a AARCH64 -t GCC5 -p ArmVirtPkg/ArmVirtQemuKernel.dsc
> > > $ cd ..
> > >
> > > $ git clone https://github.com/ARM-software/arm-trusted-firmware.git tf-a
> > > $ cd tf-a/
> > > $ make -j CROSS_COMPILE=aarch64-linux-gnu- PLAT=qemu DEBUG=1 LOG_LEVEL=40 QEMU_USE_GIC_DRIVER=QEMU_GICV3 BL33=../edk2/Build/ArmVirtQemuKernel-AARCH64/DEBUG_GCC5/FV/QEMU_EFI.fd all fip && \
> > > dd if=build/qemu/debug/bl1.bin of=flash.bin && \
> > > dd if=build/qemu/debug/fip.bin of=flash.bin seek=64 bs=4096
> > > $ qemu-system-aarch64 -M virt,virtualization=on,secure=on,gic-version=3 -cpu max -m 2G -smp 8 -monitor none -serial mon:stdio -nographic -bios flash.bin
> > >
> >
> > Hmm, this is not something I anticipated.
> >
> > The problem here is that ArmVirtQemuKernel does not actually support
> > dynamic PCDs, so instead, the PCD here is 'patchable', which means
> > that the underlying value is just overwritten in the binary image, and
> > does not propagate to the rest of the firmware. I assume the write
> > ends up targettng a location that does not tolerate this.
>
> Yes, the QemuVirtMemInfoLib declares this region read-only, so we end up
> with a permission fault
>
> // Map the FV region as normal executable memory
> VirtualMemoryTable[2].PhysicalBase = PcdGet64 (PcdFvBaseAddress);
> VirtualMemoryTable[2].VirtualBase = VirtualMemoryTable[2].PhysicalBase;
> VirtualMemoryTable[2].Length = FixedPcdGet32 (PcdFvSize);
> VirtualMemoryTable[2].Attributes = ARM_MEMORY_REGION_ATTRIBUTE_WRITE_BACK_RO;
>
> Making it writable doesn't seem sufficient, since I then get a "HVC issued
> at EL2" fault. I'll keep debugging.
>
That is expected, sadly. As I said, this code was never intended to run at EL2.
The dynamic PCD will propagate to other boot stages. However, the
'patchable' PCD that we use in ArmVirtQemuKernel is local to the
driver, and other users of the PCD will see the default value of
'HVC'. Which would be fine if we only executed at EL1.
So I know exactly what is wrong and have an idea how to fix it - I
just need to find the time for it.
next prev parent reply other threads:[~2024-06-04 19:06 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-30 4:30 Unexpected error in rme_configure_one() at ../target/arm/kvm-rme.c:159 Itaru Kitayama
2024-05-30 13:30 ` Peter Maydell
2024-05-30 13:30 ` Philippe Mathieu-Daudé
2024-05-31 4:19 ` Itaru Kitayama
2024-05-31 6:23 ` Gavin Shan
2024-05-31 15:09 ` Jean-Philippe Brucker
2024-05-31 15:24 ` Ard Biesheuvel
2024-06-04 18:08 ` Jean-Philippe Brucker
2024-06-04 19:04 ` Ard Biesheuvel [this message]
2024-06-01 10:14 ` Gavin Shan
2024-06-03 8:24 ` Jean-Philippe Brucker
2024-06-04 3:02 ` Gavin Shan
2024-06-04 11:15 ` Jean-Philippe Brucker
2024-06-05 1:28 ` Gavin Shan
2024-06-05 15:56 ` Jean-Philippe Brucker
2024-06-06 5:05 ` Gavin Shan
2024-06-06 10:13 ` Gavin Shan
2024-06-06 11:03 ` Jean-Philippe Brucker
2024-05-31 9:57 ` Peter Maydell
2024-05-31 10:21 ` Jean-Philippe Brucker
2024-05-31 14:16 ` Itaru Kitayama
2024-05-31 16:09 ` Jean-Philippe Brucker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAMj1kXGiXucTF_Zxix4KeZXufdcDPpBHA5wOubQHHyt=E7w10Q@mail.gmail.com' \
--to=ardb@kernel.org \
--cc=gshan@redhat.com \
--cc=itaru.kitayama@linux.dev \
--cc=jean-philippe@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).