Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[imm_rom_ext] Add immutable ROM_EXT ePMP reconfiguration #25310

Merged
merged 1 commit into from
Jan 9, 2025
Merged

[imm_rom_ext] Add immutable ROM_EXT ePMP reconfiguration #25310

merged 1 commit into from
Jan 9, 2025

Conversation

sasdf
Copy link
Contributor

@sasdf sasdf commented Nov 22, 2024
edited
Loading

The immutable ROM_EXT data segment is also covered in ROM_EXT code region due to ROM limitation,
This PR let immutable ROM_EXT reconfigure ePMP first to remove executable permission on the data segment.

Jumping from IMM_ROM_EXT -> ROM / mutable ROM_EXT

We propose to use the following new ePMP layout before jumping to the mutable ROM_EXT:

 *    0: ROM      ----- ----
 *    1: ROM        TOR LX-R
 *    2: ROM      NAPOT L--R
 *    3: -------  ----- ----
 *    4: -------  ----- ----
 *    5: -------  ----- ----
 *    6: IM_EXT   ----- ----
 *    7: IM_EXT     TOR LX-R
 *    8: MU_EXT   ----- ----
 *    9: MU_EXT     TOR LX-R
 *   10: VIRTUAL  NAPOT L--R
 *   11: STACK      NA4 L---
 *   12: RvDM     NAPOT LXWR
 *   13: FLASH    NAPOT L--R
 *   14: MMIO     NAPOT L-WR
 *   15: RAM      NAPOT L-WR

MU_EXT stands for mutable part of rom_ext text segment, and IM_EXT is the immutable part.

Slot 10 will be empty if address translation is not enabled, and stack guard
is added back to slot 11.

Slot 12 and 13 are also swapped, so that the chip in production LCS has one more contiguous free entry.

Jumping from ROM_EXT -> Owner SW

Before jumping to Owner SW, all lock bits will be cleared, so all entries can
be reclaimed by Owner SW. Entries 8 ~ 11 ( &12 in prod LCS ) can be safely reconfigure by Owner SW.

 *    0: -------  ----- ----
 *    1: -------  ----- ----
 *    2: OWNER    ----- ----
 *    3: OWNER      TOR -X-R
 *    4: OWNER_V  NAPOT ---R
 *    5: -------  ----- ----
 *    6: -------  ----- ----
 *    7: -------  ----- ----
 *    8: MU_EXT   ----- ----
 *    9: MU_EXT     TOR -X-R
 *   10: VIRTUAL  NAPOT ---R
 *   11: STACK      NA4 ----
 *   12: RvDM     NAPOT -XWR
 *   13: FLASH    NAPOT ---R
 *   14: MMIO     NAPOT --WR
 *   15: RAM      NAPOT --WR

Owner SW ePMP will be placed at the entries 2, 3 and 4 same as before.

When the rom_ext is linked directly to the immutable lib instead of prebuilt immutable section, the IM_EXT region (6 & 7) will covers whole ROM_EXT text section. This is the current behavior since prebuilt section is not ready yet.

@sasdf sasdf changed the title Mg id9b6cd68 [imm_rom_ext] Add immutable ROM_EXT ePMP reconfiguration Nov 22, 2024
@sasdf sasdf force-pushed the mgId9b6cd68 branch 2 times, most recently from 3fc2073 to d207455 Compare November 25, 2024 14:44
@sasdf sasdf force-pushed the mgId9b6cd68 branch 2 times, most recently from b8340d1 to 9d1f432 Compare December 17, 2024 09:41
@pamaury pamaury requested a review from engdoreis December 17, 2024 09:41
@lchiawei lchiawei mentioned this pull request Dec 17, 2024
Merged
@timothytrippel
Copy link
Contributor

@sasdf I think this can be re-based now and marked ready for review

@sasdf
[imm_rom_ext] Add immutable ROM_EXT ePMP reconfiguration
a626269 
Reconfigure ePMP in immutable ROM_EXT to remove executable permission on the
immutable data segment.

Now, ePMP will be reconfigured to the following layout before jumping to the
mutable ROM_EXT:
```
 *    6: MU_EXT   ----- ----
 *    7: MU_EXT     TOR LX-R
 *    8: IM_EXT   ----- ----
 *    9: IM_EXT     TOR LX-R
 *   10: VIRTUAL  NAPOT L--R
 *   11: STACK      NA4 L---
```

MU_EXT stands for mutable part of rom_ext, and IM_EXT is the immutable part.

Slot 10 will be empty if address translation is not enabled, and stack guard
is added back to slot 11.

Before jumping to Owner SW, all lock bits will be cleared, so all entries can
be recycled by Owner SW.

Owner SW will be placed at the same entries as before (2, 3, 4).

Change-Id: Id9b6cd68cc24a5816d3e3dc8374b5533a7c6eb75
Signed-off-by: Yi-Hsuan Deng <[email protected]>
@sasdf sasdf marked this pull request as ready for review December 18, 2024 01:53
@sasdf sasdf requested a review from a team as a code owner December 18, 2024 01:53
@sasdf sasdf requested a review from cfrantz December 19, 2024 07:34
@timothytrippel timothytrippel merged commit 437e299 into lowRISC:master Jan 9, 2025
38 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anthonychen1251 anthonychen1251 anthonychen1251 left review comments

@timothytrippel timothytrippel timothytrippel approved these changes

@pamaury pamaury Awaiting requested review from pamaury

@engdoreis engdoreis Awaiting requested review from engdoreis

@cfrantz cfrantz Awaiting requested review from cfrantz

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sasdf @timothytrippel @anthonychen1251