[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v4 00/17] arm_gic: Add security and grouping support
From: |
Peter Maydell |
Subject: |
[Qemu-devel] [PATCH v4 00/17] arm_gic: Add security and grouping support |
Date: |
Fri, 1 May 2015 18:50:26 +0100 |
This patch series adds support for GICv1 and GICv2 security
extensions, as well as support for GIC interrupt grouping on GICv2.
This is based on the work originally by Fabian and then by Greg.
I've gone through and dealt with all the issues I raised in code
review, and a few others I noticed as I was working on it.
The general structure of the changes is still the same, though
I've reordered one or two of the patches; I've touched most of
the lines of code in the series, though, as well as deleting
quite a few (the patches now add ~375 lines of code rather than
over 475).
I think these patches are in a suitable state to apply (and
they have no dependencies that aren't in master), assuming no
further issues found in review.
With this patchset the security extensions are still disabled
on all boards, so the actual functional change is that GICv2
now correctly implements interrupt grouping. This is enabled
always for GICv2, because the programming model is fully backwards
compatible with treating the GIC like one which doesn't support
groups (which is what Linux does).
The next part of this work is going to be actually enabling
the security extensions. Here's a sketch of my plan for that:
* the a15mpcore and a9mpcore wrapper objects will default to
enabling the security extensions in the GIC they create
(unless the GIC is the KVM one). They also provide a
QOM property to override this
* for the set of legacy boards which are currently disabling
has_el3 on their CPUs, we also have them disable TZ in the GIC
(a non-TZ CPU and a TZ GIC is a bad combo because the CPU
has no way to put the interrupts into Group1 where it can
use them, so the whole system is busted)
* the virt board creates its GIC directly, so it should also
set the has-security-extensions property as needed
* if boot.c is starting the CPUs directly in NonSecure
mode (because we're booting a kernel directly rather than
starting firmware, and arm_boot_info::secure_boot is false)
then it must also manually configure the GIC distributor
to put all interrupts into Group1. This is boot.c having
to do a firmware configuration job since it's effectively
acting as lightweight builtin firmware.
I think we could reasonably review and commit this patchseries
without waiting for that bit of board-wiring work; let me know
if you disagree.
Major changes since v3:
* renamed property to 'has-security-extensions', to be a bit
more in line with the CPU's 'has_el3'. I'm not wedded to this
name so if anybody wants to suggest something better (or
tell me our convention for prop names is underscores!) feel free
* error on realize if security extensions turned on for a GIC
which doesn't support them
* new patch: switch to read/write_with_attrs MMIO callbacks so
we can get at the Secure/NonSecure tx attribute
* make the GIC_*_GROUP macros work like the others, with a simple
SET/CLEAR/TEST semantic
* new patch: save and restore GICD_IGROUPRn state when using KVM
now we have the state struct fields to keep it in [the kernel
doesn't implement grouping, but if it ever does we will be ready]
* rather than having a 2-element array for storing the S and NS
banked versions of GICD_CTLR and GICC_CTLR, just store the S
version, since in both cases the NS view is just an alias of
a subset of bits from the S register. This allows us to nicely
simplify a lot of the logic that deals with these registers.
* fixed bug in handling of GICC_BPR for GICv2-without-TZ
* added missing masks in gic_set_priority_mask() and gic_set_priority()
* make AckCtl operate on GICv2-without-TZ
* handle an UNPREDICTABLE case (Secure EOI of a Group1 irq
with AckCtl == 0) in a way more convenient for the implementation
* reuse gic_get_current_pending_irq() in implementation of IAR writes,
rather than reimplementing equivalent logic
* new patch: support grouping in a single gic_update function (rather
than having split update functions for the two cases)
* new patch: wire FIQ up on highbank/midway; this means we're now
consistent in having FIQ wired up on all our boards with GICv2
* lots of minor formatting tweaks, etc; see individual commit messages
Fabian Aggeler (12):
hw/intc/arm_gic: Create outbound FIQ lines
hw/intc/arm_gic: Add Security Extensions property
hw/intc/arm_gic: Add Interrupt Group Registers
hw/intc/arm_gic: Make ICDDCR/GICD_CTLR banked
hw/intc/arm_gic: Make ICCBPR/GICC_BPR banked
hw/intc/arm_gic: Make ICCICR/GICC_CTLR banked
hw/intc/arm_gic: Implement Non-secure view of RPR
hw/intc/arm_gic: Restrict priority view
hw/intc/arm_gic: Handle grouping for GICC_HPPIR
hw/intc/arm_gic: Change behavior of EOIR writes
hw/intc/arm_gic: Change behavior of IAR writes
hw/arm/vexpress.c: Wire FIQ between CPU <> GIC
Greg Bellows (1):
hw/arm/virt.c: Wire FIQ between CPU <> GIC
Peter Maydell (4):
hw/intc/arm_gic: Switch to read/write callbacks with tx attributes
hw/intc/arm_gic_kvm.c: Save and restore GICD_IGROUPRn state
hw/intc/arm_gic: Add grouping support to gic_update()
hw/arm/highbank.c: Wire FIQ between CPU <> GIC
hw/arm/highbank.c | 3 +
hw/arm/vexpress.c | 2 +
hw/arm/virt.c | 2 +
hw/intc/arm_gic.c | 469 ++++++++++++++++++++++++++++++++-------
hw/intc/arm_gic_common.c | 22 +-
hw/intc/arm_gic_kvm.c | 51 +++--
hw/intc/armv7m_nvic.c | 8 +-
hw/intc/gic_internal.h | 29 ++-
include/hw/intc/arm_gic_common.h | 24 +-
9 files changed, 492 insertions(+), 118 deletions(-)
--
1.9.1
- [Qemu-devel] [PATCH v4 00/17] arm_gic: Add security and grouping support,
Peter Maydell <=
- [Qemu-devel] [PATCH v4 17/17] hw/arm/highbank.c: Wire FIQ between CPU <> GIC, Peter Maydell, 2015/05/01
- [Qemu-devel] [PATCH v4 16/17] hw/arm/vexpress.c: Wire FIQ between CPU <> GIC, Peter Maydell, 2015/05/01
- [Qemu-devel] [PATCH v4 15/17] hw/arm/virt.c: Wire FIQ between CPU <> GIC, Peter Maydell, 2015/05/01
- [Qemu-devel] [PATCH v4 14/17] hw/intc/arm_gic: Add grouping support to gic_update(), Peter Maydell, 2015/05/01
- [Qemu-devel] [PATCH v4 02/17] hw/intc/arm_gic: Add Security Extensions property, Peter Maydell, 2015/05/01
- [Qemu-devel] [PATCH v4 11/17] hw/intc/arm_gic: Handle grouping for GICC_HPPIR, Peter Maydell, 2015/05/01