lib: Don't return any invalid error from SBI ecall

We should only return valid error codes from SBI ecalls as defined by the RISC-V SBI spec. To achieve this: 1. We use SBI_Exxxx defines for OpenSBI internal errors with error values starting from -1000 2. We use SBI_ERR_xxxx defines for errors defined by SBI spec 3. We map some of the SBI_Exxxx defines to SBI_ERR_xxxx defines which are semantically same 4. We throw a error print and force return error code to SBI_ERR_FAILED in sbi_ecall_handler() if we see an invalid error code being returned to S-mode Signed-off-by: Anup Patel <anup.patel@wdc.com> Reviewed-by: Atish Patra <atish.patra@wdc.com>
2020-06-10 18:39:53 +05:30
parent 9bd5f8f17d
commit 2314101989
5 changed files with 43 additions and 20 deletions
--- a/lib/sbi/sbi_ecall.c
+++ b/lib/sbi/sbi_ecall.c
@@ -7,6 +7,7 @@
 *   Anup Patel <anup.patel@wdc.com>
 */

+#include <sbi/sbi_console.h>
 #include <sbi/sbi_ecall.h>
 #include <sbi/sbi_ecall_interface.h>
 #include <sbi/sbi_error.h>
@@ -124,6 +125,13 @@ int sbi_ecall_handler(struct sbi_trap_regs *regs)
 		trap.epc = regs->mepc;
 		sbi_trap_redirect(regs, &trap);
 	} else {
+		if (ret < SBI_LAST_ERR) {
+			sbi_printf("%s: Invalid error %d for ext=0x%lx "
+				   "func=0x%lx\n", __func__, ret,
+				   extension_id, func_id);
+			ret = SBI_ERR_FAILED;
+		}
+
 		/*
 		 * This function should return non-zero value only in case of
 		 * fatal error. However, there is no good way to distinguish
--- a/lib/sbi/sbi_hart.c
+++ b/lib/sbi/sbi_hart.c
@@ -200,7 +200,7 @@ int sbi_hart_pmp_check_addr(struct sbi_scratch *scratch, unsigned long addr,
 			continue;
 		if (tempaddr <= addr && addr <= tempaddr + size)
 			if (!(prot & attr))
-				return SBI_INVALID_ADDR;
+				return SBI_EINVALID_ADDR;
 	}

 	return SBI_OK;
--- a/lib/sbi/sbi_hsm.c
+++ b/lib/sbi/sbi_hsm.c
@@ -219,7 +219,7 @@ int sbi_hsm_hart_start(struct sbi_scratch *scratch, u32 hartid,
 	hstate = atomic_cmpxchg(&hdata->state, SBI_HART_STOPPED,
 				SBI_HART_STARTING);
 	if (hstate == SBI_HART_STARTED)
-		return SBI_EALREADY_STARTED;
+		return SBI_EALREADY;

 	/**
 	 * if a hart is already transition to start or stop, another start call
@@ -263,7 +263,7 @@ int sbi_hsm_hart_stop(struct sbi_scratch *scratch, bool exitnow)
 	if (oldstate != SBI_HART_STARTED) {
 		sbi_printf("%s: ERR: The hart is in invalid state [%u]\n",
 			   __func__, oldstate);
-		return SBI_DENIED;
+		return SBI_EDENIED;
 	}

 	if (exitnow)