For platforms not having TIME CSR, we trap-n-emulate TIME CSR
read/write in OpenSBI. Same rationale applies to HTIMEDELTA CSR
as well so we trap-n-emulate HTIMEDELTA CSR for platforms not
having TIME CSR.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Current implementation of get_insn() is not suitable for reading
instruction from VS/VU mode because we have to set SSTATUS_MXR bit
in VSSTATUS CSR for reading instruction from VS/VU mode.
This patch extends get_insn() to read instruction from VS/VU mode.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
The WFI will trap as illegal instruction trap when executed
in VS/VU mode so we just forward/redirect it to HS-mode so
that hypervisor can deal with it appropriately.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
When hypervisor extension is available, we can get traps from VS/VU
modes. We should be able to force redirect some of these traps to
HS-mode. In other words, we should be able forward traps from VS/VU
mode to HS-mode using sbi_trap_redirect() hence this patch.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
This patch extends sbi_hart_switch_mode() to support entering
VS/VU modes when hypervisor extension is available.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
When hypervisor extension is available, we only handle hypervisor
ecalls coming from HS-mode and we let hypervisor handle ecalls coming
from VS-mode.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
The machine-level MSIP bits are written by accesses to memory-mapped
control registers. Only use CSR instruction for SSIP and USIP.
There is no effect that using CSR instruction to write MSIP when testing
on unleashed board and QEMU.
Signed-off-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Anup Patel <anup.patel@wdc.com>
Currently, the tlb range flush threshold is fixed and set to 4k for
all platforms. However, it should be platform specific as it completely
depends upon how platform actually implements sfence instruction.
Define a platform feature that allows every individual platform to set
different values. If a platform doesn't define it, just use a page size as
the threshold.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Anup Patel <anup.patel@wdc.com>
Currently, we upgrade to a full tlb flush only If a tlb flush request
size is greater than the threshold. This is done as sfence in RISC-V
can only flush 4KB at a time. Doing a large number of flushes page by
page impacts the performance. It is better to do a full tlbflush if the
request size is at least equal to the threshold size.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Anup Patel <anup.patel@wdc.com>
If compiler supports riscv atomic instructions, we should
use them instead of legacy gcc built-in macros
__sync_lock_test_and_set in atomic exchange functions.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Anup Patel <anup.patel@wdc.com>
To read 64bit time in 32 bit we have to read lower & upper half
separately and 'or' them together. However, upper half time may
have changed by the time we read lower half. Thus, the resultant
64 bit time may not be accurate.
Consider lower half time value only if upper half time value has
not changed.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Anup Patel <anup.patel@wdc.com>
OpenSBI includes a version, but that is only updated when tagged. For
users that are using the git releases we instead end up with an
ambiguous version number, which makes it hard to figure out what
everyone is using. This patch checks for a git directory and prints out
the result of `git describe`, which is a mix of pretty and unambiguous.
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
OpenSBI manages outstanding TLB flush requests by queueing
them in a fifo synchronously. An ipi sync which uses an
atomic operation on MMIO address is no longer required.
Remove the ipi sync method from platform header and all usage.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Reviewed-by: Anup Patel <anup.patel@wdc.com>
Linux kernel expects tlb flush SBI call to be completely synchronous i.e.
the SBI call should only return once corresponding *fence* instruction is
executed.
OpenSBI manages the outstanding TLB flush requests by keeping them in a
per hart based fifo. However, there are few corner cases that may lead to
race conditions while updating the fifo.
Currently, the caller hart waits for IPI acknowledgement via clint
address which is not a very good method as synchronization on MMIO may not
be supported in every platform. Moreover, the waiter doesn't have any way of
identifying if the IPI is received for specific tlb flush request or any
other IPI. This may lead to unpredictable behavior in supervisor/user space.
Fix this by waiting on individual fifo entries rather than MMIO address.
Currently, a relaxed loop is being used because wfi again involves MMIO write
which would be slower compared to relaxed loop. To avoid deadlock, fifo
is processed every time a hart loops for fifo enqueue or fifo sync to consume
the tlb flush requests sent by other harts.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Signed-off-by: Atish Patra <atish.patra@wdc.com>
We can get a page/access trap when doing unpriv load/store in
get_insn() function because on a SMP system Linux swapper running
on HART A can unmap pages from page table used by HART B.
To tackle this we extend get_insn() implementation so that if
we get trap in get_insn() then we redirect it to S-mode as fetch
page/access fault.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
In order to prevent a possible null pointer dereference, return early if
either one of 'in' or 'data' is null.
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
In the last argument to sbi_memset() we essentially have the following
multiplication:
size_t = u16 * u16
Due to C's integer semantics, both u16's are implicitly converted to int
before the multiplication, which cannot hold all possible values of a
u16 * u16. If the multiplication overflows, the intermediate result will
be a negative number. On 64-bit platforms, this will be sign-extended to
a huge integer in the conversion to a u64 (aka size_t). Being the size
argument to sbi_memset(), this could potentially cause a large
out-of-bounds write. The solution is to manually cast one of the u16 to
a size_t, which will make it large enough to avoid the implicit
conversion and any overflow.
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
The error check 'plic_off < 0' does nothing, since plic_off is stored as
a u32. Fix this by changing it to an int, which matches the return type of
fdt_node_offset_by_compatible().
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
!(mipval && MIP_MSIP) simplifies to !mipval, which checks if the entire
variable is zero, not just a single bit. Fix this to use bitwise &
instead.
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
We should sbi_dprintf() instead of sbi_printf() for invalid CSRs
because we are forwarding invalid CSR access back to S-mode.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This patch introduces new sbi_dprintf() API for runtime debug
prints. The sbi_dprintf() will print to console for a given
HART only when SBI_SCRATCH_DEBUG_PRINTS option in enabled in
sbi_scratch for this HART.
We can now add debug prints using sbi_dprintf() at important
places in OpenSBI sources. These debug prints will only show
up when previous booting stage or compile time parameter sets
the SBI_SCRATCH_DEBUG_PRINTS option in scratch space.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Currently, we mandate 'F' and 'D' extension in riscv_fp.h so that
misaligned load/store emulation has access to FP registers.
The above is too restrictive and we should certainly allow compilation
for soft-FP toolchains and explicit PLATFORM_RISCV_ISA not having 'F'
and 'D' extensions.
This patch extends riscv_fp.h and misaligned load/store emulation to
allow compiling OpenSBI without FP support.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Although it does not make a functional difference, both cpu_to_fdt32()
and fdt32_to_cpu() pass on to CPU_TO_FDT32, we should use cpu_to_fdt32()
to be semantically correct.
Signed-off-by: Georg Kotheimer <georg.kotheimer@kernkonzept.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
Acked-by: Anup Patel <anup.patel@wdc.com>
tinyfdt.c was originally added to provide a minimal implementation of
fdt parsing. However, we have already included libfdt in OpenSBI for
more complicated operations.
Remove tinfdt and replace its functiolity using libfdt.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Acked-by: Anup Patel <anup.patel@wdc.com>
The drivers and libfdt are built as libsbiutils.a
instead of libplatsbi.a.
libsbiutils.a are not built per platform specific. Thus,
enable all drivers by default.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Acked-by: Anup Patel <anup.patel@wdc.com>
All string functions are part of libsbi. It makes more sense
to rename them to sbi_string.x as the libsbi can be linked
with external libraries that can have similar implementation.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Acked-by: Anup Patel <anup.patel@wdc.com>
Currently, platform/common contains platform/non-platform specific
common minimal drivers and libraries. This is helpful is all platforms
are built within opensbi framework.
Move them to lib/utils so that any external platform code also can
reuse the minimalistic drivers or other common libraries.
This patch doesn't introduce any functional changes.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Acked-by: Anup Patel <anup.patel@wdc.com>
libsbi needs some of the custom libc functions. It should be directly
included in libsbi instead of platform specific libraries.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Acked-by: Anup Patel <anup.patel@wdc.com>
The unpriv load/store instruction from M-mode can cause page/access
fault to M-mode if S-mode page table did not have mappings OR it did
not have PMP access permission.
To tackle this, we redirect trap back to S-mode if unpriv load/store
instruction traps in M-mode.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
This patch adds per-HART trap info pointer which can be used to
communicate trap information to sbi_trap_handler().
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
Currently, the unprivilege load/store functions are inline functions.
We will be extending these functions to track whether a page/access
fault occurs when we execute unprivilege load/store instruction.
To make things simpler and debugable, we reduce number of places which
can potentially generate a page/access fault by making all unprivilege
load/store functions as regular (non-inline) functions.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
This patch factor-out TLB management from IPI management to separate
sources sbi_tlb.c and sbi_tlb.h.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
We have extra space above scratch space (sbi_scratch) which we are
currently using to manage per-HART IPI data and TLB request management.
In future, more parts of OpenSBI will use the extra scratch space so
it will become difficult to manage extra scratch space using just
defines and macros.
This patch adds a simple brain-dead allocator to manage extra scratch
space. This allocator never expects anything to be free-ed hence it
keeps incrementing to next allocation offset until it runs-out of space.
In future, we can have more sophisticated allocator which will allow
us to re-claim free-ed space and also allows us to track owner of
allocated space.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
On latest Linux kernel (i.e. 5.2-rc1), we get large TLB flush
request for user space addresses (typically, start=x and end=-1).
This is caused by Linux kernel commit a21344dfc6 ("riscv: fix
sbi_remote_sfence_vma{,_asid}").
It's not practical to execute large number of sfence instructions
for a large TLB flush range because it takes too much time and
eventually causes CPU stall in Linux kernel.
This patch addresses above issue by upgrading TLB flush range to
TLB flush all whenever TLB flush range is greater than 1GB.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Reviewed-by: Atish Patra <atish.patra@wdc.com>
Noisy commit, no functional changes.
Generated with an current upstream clang-format and:
clang-format -i $(find . -name \*.[ch])
Signed-off-by: Olof Johansson <olof@lixom.net>
In case we didn't handle a trap with one of the available
handlers, check if the trap comes from S or U mode and
redirect it to S mode's trap handler.
Signed-off-by: Nick Kossifidis <mick@ics.forth.gr>
Simulatenous requests for tlbflush IPIs can have overlapping address
ranges.
Ignore if address range is same or within already existing fifo entries.
Update the tlb flush info in fifo directly if the one of the existing
entry lies within the new flush request.
Delete all entries if flush all request is recieved for the vma.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
Implement a lock enabled iteration for fifo so that
caller can determine if next entry can be skipped or
any existing entries in fifo can be updated before enqueue.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
This patch reduces memory consumed by struct sbi_fifo by droping
redundant "head" member and using u16 in-place of "unsigned long".
Signed-off-by: Anup Patel <anup.patel@wdc.com>
This patch does following improvements to sbi_fifo:
1. Use valid SBI_Exxxx error codes instead of -1
2. The sbi_fifo_is_full() and sbi_fifo_is_empty() did
not acquire qlock before accessing head and tail
hence fixed it
3. Added avail member for ease in debugging and simplifying
head/tail updates.
Due to above changes size of sbi_fifo changes from 48 bytes
to 56 bytes.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
Currently, there is no provision for tracking multiple IPIs sent
to a single hart at the same time by different harts.
Use a fifo manage the outstanding requests. While dequeueing, read all
the entries once, because we have only 1 bit to track the type of IPI.
Once the queue is full, busy wait until the there is space available in
queue. This is not the most elegant approach. It should be changed in
favor of a wakeup event once available in opensbi.
Signed-off-by: Atish Patra <atish.patra@wdc.com>
The mstatus parameter of get_insn() is used to return MSTATUS CSR
value which get_insn() saw. Most of the get_insn() callers don't
use the value returned in mstatus so this patch makes mstatus
parameter optional for get_insn().
Signed-off-by: Anup Patel <anup.patel@wdc.com>
The sbi_unpriv.h has quite a few load_xyz() and store_xyz() helper
routines based on RISC-V inline assembly for unpriviledged accesses
from M-mode. These helper routines are similar to helper routines
present in riscv_locks.h, riscv_io.h, and riscv_atomic.h so let's
rename sbi_unpriv.h to riscv_unpriv.h.
Signed-off-by: Anup Patel <anup.patel@wdc.com>
