From patchwork Tue Nov 20 15:44:33 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 151605 Delivered-To: patch@linaro.org Received: by 2002:a2e:299d:0:0:0:0:0 with SMTP id p29-v6csp754245ljp; Tue, 20 Nov 2018 07:44:41 -0800 (PST) X-Google-Smtp-Source: AFSGD/WO8072m8YBsA3aUH1KkQqYoXCEDk7OwMie1yOETgY9mwJq7qiSQXsdpOk8/968vMGrfEKY X-Received: by 2002:a63:5207:: with SMTP id g7mr2365041pgb.253.1542728681340; Tue, 20 Nov 2018 07:44:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542728681; cv=none; d=google.com; s=arc-20160816; b=mO6Od0IIn28RCDhJxNOq7gxnM6vLe2YpOQGZQJ7G1SO4tAnI57EwAutYXnwfCXEqAr 0l1ZB3WvzgecQAMs4vt7j54jG6Qr3M6Wybh4L49IADDMOS+y/RElmgr1aNXJRMCv6DcH qpmvAmtJfca90B92K/vomMF7rMPm8/o1i7/KiRXvNfjzPkzu36PYc+RLg8RUUM7vt11I NB01GWLOR4Ww9JhnPZV8PHaBd1fFqwxwOd79t0/AoXPPKOMGu2GJfDaneFLxHTfVQ1qk EAxiEDx57iHCjOc0U97pNuYREhm8pdeXXApowoIO7P5DcPUXf04IaunhmN6zdioSqHW3 vyOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:message-id:date:to:from:dkim-signature :delivered-to; bh=XAulYt01OD/mT5zco5EKVnLoWm/T6wenuaK8g4B+ClU=; b=Ku4dD5XW2z2MYn5q0ijTMaHYYMpcDArGftsk3SO7d0e6dcUbi0Hdx6eJIacXnWSeWZ XwUx2bg4nNJtLt3bNSGKYwR/eab00Y8FwrbxAbX149/p9EDFgpUuORgaWbQYapff6VLT eJ6xjY3q0LOFL86VTAHmEQ2vmWMLNTjO67T4y3jXE1Fhf3ImOi/SnTdi2M87tIJX445l HWmS94joDbs9N1FX25mFcqrV0PdA2o5vjJpUDY+g90hRbpwF7oqZNhNc1kThwsrBTI9W m0On3fs5uoEaub1NCW7E5eWASc5u6zSWp/Gbd7UqQQB+rbgcJNyF3UmKBhQFR5XAZDJG i3Cw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b="XdkGr/Ax"; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from ml01.01.org (ml01.01.org. [2001:19d0:306:5::1]) by mx.google.com with ESMTPS id g12si34262327pgd.567.2018.11.20.07.44.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 20 Nov 2018 07:44:41 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) client-ip=2001:19d0:306:5::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b="XdkGr/Ax"; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 669C32119359F; Tue, 20 Nov 2018 07:44:40 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a00:1450:4864:20::544; helo=mail-ed1-x544.google.com; envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-ed1-x544.google.com (mail-ed1-x544.google.com [IPv6:2a00:1450:4864:20::544]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 7818621193598 for ; Tue, 20 Nov 2018 07:44:38 -0800 (PST) Received: by mail-ed1-x544.google.com with SMTP id r27so2349672eda.0 for ; Tue, 20 Nov 2018 07:44:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=f5+PidltMkDry3UImrncie26eZUfGNToZfC1lzhDl7Y=; b=XdkGr/Axj3D/TyfE9er7sA0nfTJqNyFE+lUfH7ewefmN3WYO1NQW6dbAusJxncNcbQ YFRKyayIx/8reMuK4FD7tj3t9Jenf8hTJKp8wcU5ZJerc+GCV8MufHvZSEexQiySb8cB VBG5bXnwmH5q2PVBvfQHYeLeIMlA7Vt3wO/6Q= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=f5+PidltMkDry3UImrncie26eZUfGNToZfC1lzhDl7Y=; b=ESUG7apfiezSKeWG41h6Yo6bijfgYMolDb8ga91XXitQjVFlHXWRJtXvO5p4iKYrmC 3oajwYI7S26pdaeonBn6wvPm4n619X3EIszVyBeWbHKh2xtRY3MoxYWx99V8dVawHOO7 n3yDA7HV+NVsBkylc+TzHaS/jevqCMmew2e4nbECU92krF3hamWJVYTFaMQs2PH2w5oE Eq1fHBXyYKqSfWbX4gf1TwRXKbGHWkwJK/HLUbcquLPu0YIow62vWcyXVV30D8N625O7 yQq34t8kaky7EQfeV1KBRSBQTtV7MqYZ4d2r+XV7MkA4s53dTO8xPh9+3n1kA7fIpKN0 MZFw== X-Gm-Message-State: AGRZ1gK07uC0AW1hpyqV6i+iMD1UOHH8Vde/RK7VQVY8XTaXqRzzePXq bqcBZppQAymJHH4HUgC4fQaoqjqUjTEzgQ== X-Received: by 2002:a17:906:d41:: with SMTP id r1-v6mr2311145ejh.186.1542728676427; Tue, 20 Nov 2018 07:44:36 -0800 (PST) Received: from mba13.wifi.ns.nl (dhcp-077-251-017-237.chello.nl. [77.251.17.237]) by smtp.gmail.com with ESMTPSA id b2sm3283147ede.30.2018.11.20.07.44.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 20 Nov 2018 07:44:35 -0800 (PST) From: Ard Biesheuvel To: edk2-devel@lists.01.org Date: Tue, 20 Nov 2018 16:44:33 +0100 Message-Id: <20181120154433.14167-1-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 Subject: [edk2] [PATCH v2] ArmPkg/ArmSmcPsciResetSystemLib: add missing call to ExitBootServices() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Our poor man's implementation of EnterS3WithImmediateWake () currently sets a high TPL level to disable interrupts, and simply calls the PEI entrypoint again after disabling the MMU. Unfortunately, this is not sufficient: DMA capable devices such as network controllers or USB controllers may still be enabled and writing to memory, e.g., in response to incoming network packets. So instead, do the full ExitBootServices() dance: allocate space and get the memory map, call ExitBootServices(), and in case it fails, get the memory map again and call ExitBootServices() again. This ensures that all cleanup related to DMA capable devices is performed before doing the warm reset. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Ard Biesheuvel --- v2: - add asm routines to ensure that we don't access memory after disabling the MMU and caches - set MemMap to NULL ArmPkg/Library/ArmSmcPsciResetSystemLib/AArch64/Reset.S | 30 +++++++++++ ArmPkg/Library/ArmSmcPsciResetSystemLib/AArch64/Reset.asm | 35 ++++++++++++ ArmPkg/Library/ArmSmcPsciResetSystemLib/Arm/Reset.S | 29 ++++++++++ ArmPkg/Library/ArmSmcPsciResetSystemLib/Arm/Reset.asm | 34 ++++++++++++ ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.c | 57 +++++++++++++++++--- ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.inf | 8 +++ 6 files changed, 187 insertions(+), 6 deletions(-) -- 2.17.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel Reviewed-by: Leif Lindholm diff --git a/ArmPkg/Library/ArmSmcPsciResetSystemLib/AArch64/Reset.S b/ArmPkg/Library/ArmSmcPsciResetSystemLib/AArch64/Reset.S new file mode 100644 index 000000000000..1edca941cb8f --- /dev/null +++ b/ArmPkg/Library/ArmSmcPsciResetSystemLib/AArch64/Reset.S @@ -0,0 +1,30 @@ +/** @file + ResetSystemLib implementation using PSCI calls + + Copyright (c) 2018, Linaro Ltd. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include + +ASM_FUNC(DisableMmuAndReenterPei) + stp x29, x30, [sp, #-16]! + mov x29, sp + + bl ArmDisableMmu + + // no memory accesses after MMU and caches have been disabled + + MOV64 (x0, FixedPcdGet64 (PcdFvBaseAddress)) + blr x0 + + // never returns + nop diff --git a/ArmPkg/Library/ArmSmcPsciResetSystemLib/AArch64/Reset.asm b/ArmPkg/Library/ArmSmcPsciResetSystemLib/AArch64/Reset.asm new file mode 100644 index 000000000000..b3dca150c150 --- /dev/null +++ b/ArmPkg/Library/ArmSmcPsciResetSystemLib/AArch64/Reset.asm @@ -0,0 +1,35 @@ +/** @file + ResetSystemLib implementation using PSCI calls + + Copyright (c) 2018, Linaro Ltd. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + + AREA Reset, CODE, READONLY + + EXPORT DisableMmuAndReenterPei + IMPORT ArmDisableMmu + +DisableMmuAndReenterPei + stp x29, x30, [sp, #-16]! + mov x29, sp + + bl ArmDisableMmu + + ; no memory accesses after MMU and caches have been disabled + + movl x0, FixedPcdGet64 (PcdFvBaseAddress) + blr x0 + + ; never returns + nop + + END diff --git a/ArmPkg/Library/ArmSmcPsciResetSystemLib/Arm/Reset.S b/ArmPkg/Library/ArmSmcPsciResetSystemLib/Arm/Reset.S new file mode 100644 index 000000000000..b6fe2bd82baa --- /dev/null +++ b/ArmPkg/Library/ArmSmcPsciResetSystemLib/Arm/Reset.S @@ -0,0 +1,29 @@ +/** @file + ResetSystemLib implementation using PSCI calls + + Copyright (c) 2018, Linaro Ltd. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include + +ASM_FUNC(DisableMmuAndReenterPei) + push {lr} + + bl ArmDisableMmu + + // no memory accesses after MMU and caches have been disabled + + MOV32 (r0, FixedPcdGet64 (PcdFvBaseAddress)) + blx r0 + + // never returns + nop diff --git a/ArmPkg/Library/ArmSmcPsciResetSystemLib/Arm/Reset.asm b/ArmPkg/Library/ArmSmcPsciResetSystemLib/Arm/Reset.asm new file mode 100644 index 000000000000..f098b352418b --- /dev/null +++ b/ArmPkg/Library/ArmSmcPsciResetSystemLib/Arm/Reset.asm @@ -0,0 +1,34 @@ +/** @file + ResetSystemLib implementation using PSCI calls + + Copyright (c) 2018, Linaro Ltd. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + + INCLUDE AsmMacroExport.inc + PRESERVE8 + + IMPORT ArmDisableMmu + +RVCT_ASM_EXPORT DisableMmuAndReenterPei + push {lr} + + bl ArmDisableMmu + + ; no memory accesses after MMU and caches have been disabled + + mov32 r0, FixedPcdGet64 (PcdFvBaseAddress) + blx r0 + + ; never returns + nop + + END diff --git a/ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.c b/ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.c index 10ceafd14d5d..3f7b8ae0b169 100644 --- a/ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.c +++ b/ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.c @@ -1,7 +1,7 @@ /** @file ResetSystemLib implementation using PSCI calls - Copyright (c) 2017, Linaro Ltd. All rights reserved.
+ Copyright (c) 2017 - 2018, Linaro Ltd. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -81,6 +81,8 @@ ResetShutdown ( ArmCallSmc (&ArmSmcArgs); } +VOID DisableMmuAndReenterPei (VOID); + /** This function causes the system to enter S3 and then wake up immediately. @@ -92,7 +94,12 @@ EnterS3WithImmediateWake ( VOID ) { - VOID (*Reset)(VOID); + EFI_PHYSICAL_ADDRESS Alloc; + EFI_MEMORY_DESCRIPTOR *MemMap; + UINTN MemMapSize; + UINTN MapKey, DescriptorSize; + UINT32 DescriptorVersion; + EFI_STATUS Status; if (FeaturePcdGet (PcdArmReenterPeiForCapsuleWarmReboot) && !EfiAtRuntime ()) { @@ -101,11 +108,49 @@ EnterS3WithImmediateWake ( // immediate wake (which is used by capsule update) by disabling the MMU // and interrupts, and jumping to the PEI entry point. // - Reset = (VOID (*)(VOID))(UINTN)FixedPcdGet64 (PcdFvBaseAddress); - gBS->RaiseTPL (TPL_HIGH_LEVEL); - ArmDisableMmu (); - Reset (); + // + // Obtain the size of the memory map + // + MemMapSize = 0; + MemMap = NULL; + Status = gBS->GetMemoryMap (&MemMapSize, MemMap, &MapKey, &DescriptorSize, + &DescriptorVersion); + ASSERT (Status == EFI_BUFFER_TOO_SMALL); + + // + // Add some slack to the allocation to cater for changes in the memory + // map if ExitBootServices () fails the first time around. + // + MemMapSize += SIZE_4KB; + Status = gBS->AllocatePages (AllocateAnyPages, EfiBootServicesData, + EFI_SIZE_TO_PAGES (MemMapSize), &Alloc); + ASSERT_EFI_ERROR (Status); + + MemMap = (EFI_MEMORY_DESCRIPTOR *)(UINTN)Alloc; + + Status = gBS->GetMemoryMap (&MemMapSize, MemMap, &MapKey, &DescriptorSize, + &DescriptorVersion); + ASSERT_EFI_ERROR (Status); + + Status = gBS->ExitBootServices (gImageHandle, MapKey); + if (EFI_ERROR (Status)) { + // + // ExitBootServices () may fail the first time around if an event fired + // right after the call to GetMemoryMap() which allocated or freed memory. + // Since that first call to ExitBootServices () will disarm the timer, + // this is guaranteed not to happen again, so one additional attempt + // should suffice. + // + Status = gBS->GetMemoryMap (&MemMapSize, MemMap, &MapKey, &DescriptorSize, + &DescriptorVersion); + ASSERT_EFI_ERROR (Status); + + Status = gBS->ExitBootServices (gImageHandle, MapKey); + ASSERT_EFI_ERROR (Status); + } + + DisableMmuAndReenterPei (); } } diff --git a/ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.inf b/ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.inf index 19021cd1e8b6..3b8925c6f9cd 100644 --- a/ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.inf +++ b/ArmPkg/Library/ArmSmcPsciResetSystemLib/ArmSmcPsciResetSystemLib.inf @@ -21,6 +21,14 @@ VERSION_STRING = 1.0 LIBRARY_CLASS = ResetSystemLib +[Sources.AARCH64] + AArch64/Reset.S | GCC + AArch64/Reset.asm | MSFT + +[Sources.ARM] + Arm/Reset.S | GCC + Arm/Reset.asm | RVCT + [Sources] ArmSmcPsciResetSystemLib.c