lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 3 May 2019 15:28:03 +0300
From:   Oleksandr <olekstysh@...il.com>
To:     Geert Uytterhoeven <geert@...ux-m68k.org>
Cc:     Linux-Renesas <linux-renesas-soc@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Julien Grall <julien.grall@....com>,
        Simon Horman <horms@...ge.net.au>,
        Magnus Damm <magnus.damm@...il.com>,
        Russell King <linux@...linux.org.uk>,
        Biju Das <biju.das@...renesas.com>,
        Oleksandr Tyshchenko <oleksandr_tyshchenko@...m.com>
Subject: Re: [PATCH V2] ARM: mach-shmobile: Don't init CNTVOFF if PSCI is
 available


On 03.05.19 14:38, Geert Uytterhoeven wrote:
> Hi Oleksandr,

Hi Geert


>
> On Fri, May 3, 2019 at 1:21 PM Oleksandr Tyshchenko <olekstysh@...il.com> wrote:
>> From: Oleksandr Tyshchenko <oleksandr_tyshchenko@...m.com>
>>
>> If PSCI is available then most likely we are running on PSCI-enabled
>> U-Boot which, we assume, has already taken care of resetting CNTVOFF
>> before switching to non-secure mode and we don't need to.
>>
>> Also, don't init CNTVOFF if we are running on top of Xen hypervisor,
>> as CNTVOFF is controlled by hypervisor itself and shouldn't be touched
>> by Dom0 in such case.
>>
>> Signed-off-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@...m.com>
>> CC: Julien Grall <julien.grall@....com>
> Thanks for your patch!

Thank you for review!


>
>> ---
>>     You can find previous discussion here:
>>     https://lkml.org/lkml/2019/4/17/810
>>
>>     Changes in v2:
>>        - Clarify patch subject/description
>>        - Don't use CONFIG_ARM_PSCI option, check whether the PSCI is available,
>>          by using psci_smp_available()
>>        - Check whether we are running on top of Xen, by using xen_domain()
>> ---
>>   arch/arm/mach-shmobile/setup-rcar-gen2.c | 13 ++++++++++++-
>>   1 file changed, 12 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/arm/mach-shmobile/setup-rcar-gen2.c b/arch/arm/mach-shmobile/setup-rcar-gen2.c
>> index eea60b2..bc8537b 100644
>> --- a/arch/arm/mach-shmobile/setup-rcar-gen2.c
>> +++ b/arch/arm/mach-shmobile/setup-rcar-gen2.c
>> @@ -17,7 +17,9 @@
>>   #include <linux/of.h>
>>   #include <linux/of_fdt.h>
>>   #include <linux/of_platform.h>
>> +#include <xen/xen.h>
>>   #include <asm/mach/arch.h>
>> +#include <asm/psci.h>
>>   #include <asm/secure_cntvoff.h>
>>   #include "common.h"
>>   #include "rcar-gen2.h"
>> @@ -63,7 +65,16 @@ void __init rcar_gen2_timer_init(void)
>>          void __iomem *base;
>>          u32 freq;
>>
>> -       secure_cntvoff_init();
>> +       /*
>> +        * If PSCI is available then most likely we are running on PSCI-enabled
>> +        * U-Boot which, we assume, has already taken care of resetting CNTVOFF
>> +        * before switching to non-secure mode and we don't need to.
>> +        * Another check is to be sure that we are not running on top of Xen
>> +        * hypervisor, as CNTVOFF is controlled by hypervisor itself and
>> +        * shouldn't be touched by Dom0 in such case.
>> +        */
>> +       if (!psci_smp_available() && !xen_domain())
>> +               secure_cntvoff_init();
>>
>>          if (of_machine_is_compatible("renesas,r8a7745") ||
>>              of_machine_is_compatible("renesas,r8a77470") ||
> How do you prevent secure_cntvoff_init() from being called for secondary
> CPUs in arch/arm/mach-shmobile/headsmp-apmu.S?

Good question.


>
> With PSCI, it is not called if "enable-method" in DT is "psci"', so that case
> is covered, I guess.

Yes.

>
> What about XEN? Do you override the "enable-method"?
> If yes, perhaps a check for "renesas,apmu" is more appropriate?

No, I don't override.


The correct way to run Xen would be to use PSCI, so Linux shouldn't do 
any platform low level operation with secondary CPU cores (on/off, 
reset, etc) by itself when running on top of Xen hypervisor.

As Xen brings available secondary cores up before starting first domain 
(Dom0) using PSCI CPU_ON call to FW, and these cores are entered Xen in 
Hyp mode, so any attempts from Dom0 to perform CPU power management 
directly (using APMU, RST, etc) may result in something not good. I 
think that in case when someone wants to run Xen on R-Car Gen2 system 
(which is SMP) without PSCI enabled, we need to forbid even trying to 
start secondary cores using APMU.

What do you think?


>
> Gr{oetje,eeting}s,
>
>                          Geert
>
-- 
Regards,

Oleksandr Tyshchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ