| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Jul 2021 08:39:59 +0530
From: Anshuman Khandual <anshuman.khandual@....com>
To: Suzuki K Poulose <suzuki.poulose@....com>,
linux-arm-kernel@...ts.infradead.org
Cc: coresight@...ts.linaro.org, linux-kernel@...r.kernel.org,
al.grant@....com, leo.yan@...aro.org, mathieu.poirier@...aro.org,
mike.leach@...aro.org, peterz@...radead.org, Tamas.Zsoldos@....com,
will@...nel.org
Subject: Re: [PATCH 5/5] coresight: trbe: Prohibit tracing while handling an
IRQ
A small nit. Paragraphs in the commit message do not seem to be aligned
properly to a maximum 75 characters width.
On 7/12/21 5:08 PM, Suzuki K Poulose wrote:
> When the TRBE generates an IRQ, we stop the TRBE, collect the trace
> and then reprogram the TRBE with the updated buffer pointers in case
> of a spurious IRQ. We might also leave the TRBE disabled, on an
> overflow interrupt, without touching the ETE. This means the
> the ETE is only disabled when the event is disabled later (via irq_work).
> This is incorrect, as the ETE trace is still ON without actually being
> captured and may be routed to the ATB.
I had an assumption that when the TRBE is stopped, ETE would also stop
implicitly given that the trace packets are not being accepted anymore.
But if that assumption does not always hold true, then yes trace must
be stopped upon a TRBE IRQ.
>
> So, we move the CPU into trace prohibited state (for all exception
> levels) upon entering the IRQ handler. The state is restored before
> enabling the TRBE back. Otherwise the trace remains prohibited.
> Since, the ETM/ETE driver controls the TRFCR_EL1 per session,
> (from commit "coresight: etm4x: Use Trace Filtering controls dynamically")
commit SHA ID ?
> the tracing can be restored/enabled back when the event is rescheduled
> in.
Makes sense.
>
> Fixes: 3fbf7f011f24 ("coresight: sink: Add TRBE driver")
> Cc: Anshuman Khandual <anshuman.khandual@....com>
> Cc: Mathieu Poirier <mathieu.poirier@...aro.org>
> Cc: Mike Leach <mike.leach@...aro.org>
> Cc: Leo Yan <leo.yan@...aro.org>
> Signed-off-by: Suzuki K Poulose <suzuki.poulose@....com>
> ---
> drivers/hwtracing/coresight/coresight-trbe.c | 43 ++++++++++++++++++--
> 1 file changed, 40 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/hwtracing/coresight/coresight-trbe.c b/drivers/hwtracing/coresight/coresight-trbe.c
> index c0c264264427..e4d88e0de2a8 100644
> --- a/drivers/hwtracing/coresight/coresight-trbe.c
> +++ b/drivers/hwtracing/coresight/coresight-trbe.c
> @@ -83,6 +83,31 @@ struct trbe_drvdata {
> struct platform_device *pdev;
> };
>
> +static inline void write_trfcr(u64 val)
> +{
> + write_sysreg_s(val, SYS_TRFCR_EL1);
> + isb();
> +}
> +
There is another instance of write_trfcr() in coresight-etm4x-core.c and
some other writes into SYS_TRFCR_EL1 elsewhere. write_trfcr() should be
factored out and moved to a common place.
> +/*
> + * Prohibit the CPU tracing at all ELs, in preparation to collect
> + * the trace buffer.
> + *
> + * Returns the original value of the trfcr for restoring later.
> + */
> +static u64 cpu_prohibit_tracing(void)
> +{
> + u64 trfcr = read_sysreg_s(SYS_TRFCR_EL1);
> +
> + write_trfcr(trfcr & ~(TRFCR_ELx_ExTRE | TRFCR_ELx_E0TRE));
> + return trfcr;
> +}
This also should be factored out along with etm4x_prohibit_trace()
usage and moved to a common header instead.
> +
> +static void cpu_restore_tracing(u64 trfcr)
> +{
> + write_trfcr(trfcr);
> +}
> +
> static int trbe_alloc_node(struct perf_event *event)
> {
> if (event->cpu == -1)
> @@ -681,7 +706,7 @@ static int arm_trbe_disable(struct coresight_device *csdev)
> return 0;
> }
>
> -static void trbe_handle_spurious(struct perf_output_handle *handle)
> +static void trbe_handle_spurious(struct perf_output_handle *handle, u64 trfcr)
> {
> struct trbe_buf *buf = etm_perf_sink_config(handle);
>
> @@ -691,6 +716,7 @@ static void trbe_handle_spurious(struct perf_output_handle *handle)
> trbe_drain_and_disable_local();
> return;
> }
A small comment here would be great because this will be the only
IRQ handler path, where it actually restores the tracing back.
> + cpu_restore_tracing(trfcr);
> trbe_enable_hw(buf);
> }
>
> @@ -760,7 +786,18 @@ static irqreturn_t arm_trbe_irq_handler(int irq, void *dev)
> struct perf_output_handle **handle_ptr = dev;
> struct perf_output_handle *handle = *handle_ptr;
> enum trbe_fault_action act;
> - u64 status;
> + u64 status, trfcr;
> +
> + /*
> + * Prohibit the tracing, while we process this. We turn
> + * things back right, if we get to enabling the TRBE
> + * back again. Otherwise, the tracing still remains
> + * prohibited, until the perf event state changes
> + * or another event is scheduled. This ensures that
> + * the trace is not generated when it cannot be
> + * captured.
> + */
Right.
But a small nit though. Please keep the comments here formatted and
aligned with the existing ones.
> + trfcr = cpu_prohibit_tracing();
>
> /*
> * Ensure the trace is visible to the CPUs and
> @@ -791,7 +828,7 @@ static irqreturn_t arm_trbe_irq_handler(int irq, void *dev)
> trbe_handle_overflow(handle);
> break;
> case TRBE_FAULT_ACT_SPURIOUS:
> - trbe_handle_spurious(handle);
> + trbe_handle_spurious(handle, trfcr);
> break;
> case TRBE_FAULT_ACT_FATAL:
> trbe_stop_and_truncate_event(handle);
>
But stopping the trace (even though from a sink IRQ handler) is a source
device action. Should not this be done via a new coresight_ops_source
callback instead ?
Powered by blists - more mailing lists