1ca825890SJens Wiklander // SPDX-License-Identifier: BSD-2-Clause 2ca825890SJens Wiklander /* 393dc6b29SJens Wiklander * Copyright (c) 2016-2022, Linaro Limited 4ca825890SJens Wiklander * Copyright (c) 2014, STMicroelectronics International N.V. 5ca825890SJens Wiklander * Copyright (c) 2020-2021, Arm Limited 6ca825890SJens Wiklander */ 7ca825890SJens Wiklander 8ca825890SJens Wiklander #include <config.h> 993dc6b29SJens Wiklander #include <crypto/crypto.h> 10ca825890SJens Wiklander #include <kernel/asan.h> 11b89b3da2SVincent Chuang #include <kernel/boot.h> 12ca825890SJens Wiklander #include <kernel/lockdep.h> 13ca825890SJens Wiklander #include <kernel/misc.h> 14ca825890SJens Wiklander #include <kernel/panic.h> 15ca825890SJens Wiklander #include <kernel/spinlock.h> 16ca825890SJens Wiklander #include <kernel/thread.h> 17ca825890SJens Wiklander #include <kernel/thread_private.h> 18ca825890SJens Wiklander #include <mm/mobj.h> 19ca825890SJens Wiklander 20ca825890SJens Wiklander struct thread_ctx threads[CFG_NUM_THREADS]; 21ca825890SJens Wiklander 22ca825890SJens Wiklander struct thread_core_local thread_core_local[CFG_TEE_CORE_NB_CORE] __nex_bss; 23ca825890SJens Wiklander 24ca825890SJens Wiklander /* 25ca825890SJens Wiklander * Stacks 26ca825890SJens Wiklander * 27ca825890SJens Wiklander * [Lower addresses on the left] 28ca825890SJens Wiklander * 29ca825890SJens Wiklander * [ STACK_CANARY_SIZE/2 | STACK_CHECK_EXTRA | STACK_XXX_SIZE | STACK_CANARY_SIZE/2 ] 30ca825890SJens Wiklander * ^ ^ ^ ^ 31ca825890SJens Wiklander * stack_xxx[n] "hard" top "soft" top bottom 32ca825890SJens Wiklander */ 33ca825890SJens Wiklander 34ca825890SJens Wiklander #ifdef CFG_WITH_STACK_CANARIES 35b89b3da2SVincent Chuang static uint32_t start_canary_value = 0xdedede00; 36b89b3da2SVincent Chuang static uint32_t end_canary_value = 0xababab00; 37ca825890SJens Wiklander #define GET_START_CANARY(name, stack_num) name[stack_num][0] 38ca825890SJens Wiklander #define GET_END_CANARY(name, stack_num) \ 39ca825890SJens Wiklander name[stack_num][sizeof(name[stack_num]) / sizeof(uint32_t) - 1] 40ca825890SJens Wiklander #endif 41ca825890SJens Wiklander 42ca825890SJens Wiklander #define DECLARE_STACK(name, num_stacks, stack_size, linkage) \ 43ca825890SJens Wiklander linkage uint32_t name[num_stacks] \ 44ca825890SJens Wiklander [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \ 45ca825890SJens Wiklander STACK_ALIGNMENT) / sizeof(uint32_t)] \ 46ca825890SJens Wiklander __attribute__((section(".nozi_stack." # name), \ 47ca825890SJens Wiklander aligned(STACK_ALIGNMENT))) 48ca825890SJens Wiklander 49ca825890SJens Wiklander #define GET_STACK(stack) ((vaddr_t)(stack) + STACK_SIZE(stack)) 50ca825890SJens Wiklander 515956c77eSJerome Forissier DECLARE_STACK(stack_tmp, CFG_TEE_CORE_NB_CORE, STACK_TMP_SIZE, 525956c77eSJerome Forissier /* global linkage */); 53ca825890SJens Wiklander DECLARE_STACK(stack_abt, CFG_TEE_CORE_NB_CORE, STACK_ABT_SIZE, static); 54ca825890SJens Wiklander #ifndef CFG_WITH_PAGER 555956c77eSJerome Forissier DECLARE_STACK(stack_thread, CFG_NUM_THREADS, STACK_THREAD_SIZE, static); 56ca825890SJens Wiklander #endif 57ca825890SJens Wiklander 58ca825890SJens Wiklander #define GET_STACK_TOP_HARD(stack, n) \ 59ca825890SJens Wiklander ((vaddr_t)&(stack)[n] + STACK_CANARY_SIZE / 2) 60ca825890SJens Wiklander #define GET_STACK_TOP_SOFT(stack, n) \ 61ca825890SJens Wiklander (GET_STACK_TOP_HARD(stack, n) + STACK_CHECK_EXTRA) 62ca825890SJens Wiklander #define GET_STACK_BOTTOM(stack, n) ((vaddr_t)&(stack)[n] + sizeof(stack[n]) - \ 63ca825890SJens Wiklander STACK_CANARY_SIZE / 2) 64ca825890SJens Wiklander 65ca825890SJens Wiklander const uint32_t stack_tmp_stride __section(".identity_map.stack_tmp_stride") = 66ca825890SJens Wiklander sizeof(stack_tmp[0]); 67ca825890SJens Wiklander 68ca825890SJens Wiklander /* 69528dabb2SJerome Forissier * This stack setup info is required by secondary boot cores before they 70ca825890SJens Wiklander * each locally enable the pager (the mmu). Hence kept in pager sections. 71ca825890SJens Wiklander */ 72ca825890SJens Wiklander DECLARE_KEEP_PAGER(stack_tmp_stride); 73ca825890SJens Wiklander 74ca825890SJens Wiklander static unsigned int thread_global_lock __nex_bss = SPINLOCK_UNLOCK; 75ca825890SJens Wiklander 76ca825890SJens Wiklander void thread_init_canaries(void) 77ca825890SJens Wiklander { 78ca825890SJens Wiklander #ifdef CFG_WITH_STACK_CANARIES 79ca825890SJens Wiklander size_t n; 80ca825890SJens Wiklander #define INIT_CANARY(name) \ 81ca825890SJens Wiklander for (n = 0; n < ARRAY_SIZE(name); n++) { \ 82ca825890SJens Wiklander uint32_t *start_canary = &GET_START_CANARY(name, n); \ 83ca825890SJens Wiklander uint32_t *end_canary = &GET_END_CANARY(name, n); \ 84ca825890SJens Wiklander \ 85b89b3da2SVincent Chuang *start_canary = start_canary_value; \ 86b89b3da2SVincent Chuang *end_canary = end_canary_value; \ 87ca825890SJens Wiklander } 88ca825890SJens Wiklander 89ca825890SJens Wiklander INIT_CANARY(stack_tmp); 90ca825890SJens Wiklander INIT_CANARY(stack_abt); 91b76b2296SJerome Forissier #if !defined(CFG_WITH_PAGER) && !defined(CFG_NS_VIRTUALIZATION) 92ca825890SJens Wiklander INIT_CANARY(stack_thread); 93ca825890SJens Wiklander #endif 94ca825890SJens Wiklander #endif/*CFG_WITH_STACK_CANARIES*/ 95ca825890SJens Wiklander } 96ca825890SJens Wiklander 97b89b3da2SVincent Chuang #if defined(CFG_WITH_STACK_CANARIES) 98b89b3da2SVincent Chuang void thread_update_canaries(void) 99b89b3da2SVincent Chuang { 100b89b3da2SVincent Chuang uint32_t canary[2] = { }; 101b89b3da2SVincent Chuang uint32_t exceptions = 0; 102b89b3da2SVincent Chuang 103b89b3da2SVincent Chuang plat_get_random_stack_canaries(canary, ARRAY_SIZE(canary), 104b89b3da2SVincent Chuang sizeof(canary[0])); 105b89b3da2SVincent Chuang 106b89b3da2SVincent Chuang exceptions = thread_mask_exceptions(THREAD_EXCP_ALL); 107b89b3da2SVincent Chuang 108b89b3da2SVincent Chuang thread_check_canaries(); 109b89b3da2SVincent Chuang 110b89b3da2SVincent Chuang start_canary_value = canary[0]; 111b89b3da2SVincent Chuang end_canary_value = canary[1]; 112b89b3da2SVincent Chuang thread_init_canaries(); 113b89b3da2SVincent Chuang 114b89b3da2SVincent Chuang thread_unmask_exceptions(exceptions); 115b89b3da2SVincent Chuang } 116b89b3da2SVincent Chuang #endif 117b89b3da2SVincent Chuang 118ca825890SJens Wiklander #define CANARY_DIED(stack, loc, n, addr) \ 119ca825890SJens Wiklander do { \ 120ca825890SJens Wiklander EMSG_RAW("Dead canary at %s of '%s[%zu]' (%p)", #loc, #stack, \ 121ca825890SJens Wiklander n, (void *)addr); \ 122ca825890SJens Wiklander panic(); \ 123ca825890SJens Wiklander } while (0) 124ca825890SJens Wiklander 125ca825890SJens Wiklander void thread_check_canaries(void) 126ca825890SJens Wiklander { 127ca825890SJens Wiklander #ifdef CFG_WITH_STACK_CANARIES 128ca825890SJens Wiklander uint32_t *canary = NULL; 129ca825890SJens Wiklander size_t n = 0; 130ca825890SJens Wiklander 131ca825890SJens Wiklander for (n = 0; n < ARRAY_SIZE(stack_tmp); n++) { 132ca825890SJens Wiklander canary = &GET_START_CANARY(stack_tmp, n); 133b89b3da2SVincent Chuang if (*canary != start_canary_value) 134ca825890SJens Wiklander CANARY_DIED(stack_tmp, start, n, canary); 135ca825890SJens Wiklander canary = &GET_END_CANARY(stack_tmp, n); 136b89b3da2SVincent Chuang if (*canary != end_canary_value) 137ca825890SJens Wiklander CANARY_DIED(stack_tmp, end, n, canary); 138ca825890SJens Wiklander } 139ca825890SJens Wiklander 140ca825890SJens Wiklander for (n = 0; n < ARRAY_SIZE(stack_abt); n++) { 141ca825890SJens Wiklander canary = &GET_START_CANARY(stack_abt, n); 142b89b3da2SVincent Chuang if (*canary != start_canary_value) 143ca825890SJens Wiklander CANARY_DIED(stack_abt, start, n, canary); 144ca825890SJens Wiklander canary = &GET_END_CANARY(stack_abt, n); 145b89b3da2SVincent Chuang if (*canary != end_canary_value) 146ca825890SJens Wiklander CANARY_DIED(stack_abt, end, n, canary); 147ca825890SJens Wiklander } 148b76b2296SJerome Forissier #if !defined(CFG_WITH_PAGER) && !defined(CFG_NS_VIRTUALIZATION) 149ca825890SJens Wiklander for (n = 0; n < ARRAY_SIZE(stack_thread); n++) { 150ca825890SJens Wiklander canary = &GET_START_CANARY(stack_thread, n); 151b89b3da2SVincent Chuang if (*canary != start_canary_value) 152ca825890SJens Wiklander CANARY_DIED(stack_thread, start, n, canary); 153ca825890SJens Wiklander canary = &GET_END_CANARY(stack_thread, n); 154b89b3da2SVincent Chuang if (*canary != end_canary_value) 155ca825890SJens Wiklander CANARY_DIED(stack_thread, end, n, canary); 156ca825890SJens Wiklander } 157ca825890SJens Wiklander #endif 158ca825890SJens Wiklander #endif/*CFG_WITH_STACK_CANARIES*/ 159ca825890SJens Wiklander } 160ca825890SJens Wiklander 161ca825890SJens Wiklander void thread_lock_global(void) 162ca825890SJens Wiklander { 163ca825890SJens Wiklander cpu_spin_lock(&thread_global_lock); 164ca825890SJens Wiklander } 165ca825890SJens Wiklander 166ca825890SJens Wiklander void thread_unlock_global(void) 167ca825890SJens Wiklander { 168ca825890SJens Wiklander cpu_spin_unlock(&thread_global_lock); 169ca825890SJens Wiklander } 170ca825890SJens Wiklander 171ca825890SJens Wiklander static struct thread_core_local * __nostackcheck 172ca825890SJens Wiklander get_core_local(unsigned int pos) 173ca825890SJens Wiklander { 174ca825890SJens Wiklander /* 175ca825890SJens Wiklander * Foreign interrupts must be disabled before playing with core_local 176ca825890SJens Wiklander * since we otherwise may be rescheduled to a different core in the 177ca825890SJens Wiklander * middle of this function. 178ca825890SJens Wiklander */ 179ca825890SJens Wiklander assert(thread_get_exceptions() & THREAD_EXCP_FOREIGN_INTR); 180ca825890SJens Wiklander 181ca825890SJens Wiklander assert(pos < CFG_TEE_CORE_NB_CORE); 182ca825890SJens Wiklander return &thread_core_local[pos]; 183ca825890SJens Wiklander } 184ca825890SJens Wiklander 185ca825890SJens Wiklander struct thread_core_local * __nostackcheck thread_get_core_local(void) 186ca825890SJens Wiklander { 187ca825890SJens Wiklander unsigned int pos = get_core_pos(); 188ca825890SJens Wiklander 189ca825890SJens Wiklander return get_core_local(pos); 190ca825890SJens Wiklander } 191ca825890SJens Wiklander 192ca825890SJens Wiklander #ifdef CFG_CORE_DEBUG_CHECK_STACKS 193ca825890SJens Wiklander static void print_stack_limits(void) 194ca825890SJens Wiklander { 195ca825890SJens Wiklander size_t n = 0; 196ca825890SJens Wiklander vaddr_t __maybe_unused start = 0; 197ca825890SJens Wiklander vaddr_t __maybe_unused end = 0; 198ca825890SJens Wiklander 199ca825890SJens Wiklander for (n = 0; n < CFG_TEE_CORE_NB_CORE; n++) { 200ca825890SJens Wiklander start = GET_STACK_TOP_SOFT(stack_tmp, n); 201ca825890SJens Wiklander end = GET_STACK_BOTTOM(stack_tmp, n); 202ca825890SJens Wiklander DMSG("tmp [%zu] 0x%" PRIxVA "..0x%" PRIxVA, n, start, end); 203ca825890SJens Wiklander } 204ca825890SJens Wiklander for (n = 0; n < CFG_TEE_CORE_NB_CORE; n++) { 205ca825890SJens Wiklander start = GET_STACK_TOP_SOFT(stack_abt, n); 206ca825890SJens Wiklander end = GET_STACK_BOTTOM(stack_abt, n); 207ca825890SJens Wiklander DMSG("abt [%zu] 0x%" PRIxVA "..0x%" PRIxVA, n, start, end); 208ca825890SJens Wiklander } 209ca825890SJens Wiklander for (n = 0; n < CFG_NUM_THREADS; n++) { 210ca825890SJens Wiklander end = threads[n].stack_va_end; 21128d6e35aSJerome Forissier start = end - STACK_THREAD_SIZE + STACK_CHECK_EXTRA; 212ca825890SJens Wiklander DMSG("thr [%zu] 0x%" PRIxVA "..0x%" PRIxVA, n, start, end); 213ca825890SJens Wiklander } 214ca825890SJens Wiklander } 215ca825890SJens Wiklander 216ca825890SJens Wiklander static void check_stack_limits(void) 217ca825890SJens Wiklander { 218ca825890SJens Wiklander vaddr_t stack_start = 0; 219ca825890SJens Wiklander vaddr_t stack_end = 0; 220ca825890SJens Wiklander /* Any value in the current stack frame will do */ 221ca825890SJens Wiklander vaddr_t current_sp = (vaddr_t)&stack_start; 222ca825890SJens Wiklander 223ca825890SJens Wiklander if (!get_stack_soft_limits(&stack_start, &stack_end)) 224ca825890SJens Wiklander panic("Unknown stack limits"); 225ca825890SJens Wiklander if (current_sp < stack_start || current_sp > stack_end) { 22628d6e35aSJerome Forissier EMSG("Stack pointer out of range: 0x%" PRIxVA " not in [0x%" 22728d6e35aSJerome Forissier PRIxVA " .. 0x%" PRIxVA "]", current_sp, stack_start, 22828d6e35aSJerome Forissier stack_end); 229ca825890SJens Wiklander print_stack_limits(); 230ca825890SJens Wiklander panic(); 231ca825890SJens Wiklander } 232ca825890SJens Wiklander } 233ca825890SJens Wiklander 234ca825890SJens Wiklander static bool * __nostackcheck get_stackcheck_recursion_flag(void) 235ca825890SJens Wiklander { 236ca825890SJens Wiklander uint32_t exceptions = thread_mask_exceptions(THREAD_EXCP_FOREIGN_INTR); 237ca825890SJens Wiklander unsigned int pos = get_core_pos(); 238ca825890SJens Wiklander struct thread_core_local *l = get_core_local(pos); 239ca825890SJens Wiklander int ct = l->curr_thread; 240ca825890SJens Wiklander bool *p = NULL; 241ca825890SJens Wiklander 242ca825890SJens Wiklander if (l->flags & (THREAD_CLF_ABORT | THREAD_CLF_TMP)) 243ca825890SJens Wiklander p = &l->stackcheck_recursion; 244ca825890SJens Wiklander else if (!l->flags) 245ca825890SJens Wiklander p = &threads[ct].tsd.stackcheck_recursion; 246ca825890SJens Wiklander 247ca825890SJens Wiklander thread_unmask_exceptions(exceptions); 248ca825890SJens Wiklander return p; 249ca825890SJens Wiklander } 250ca825890SJens Wiklander 251ca825890SJens Wiklander void __cyg_profile_func_enter(void *this_fn, void *call_site); 252ca825890SJens Wiklander void __nostackcheck __cyg_profile_func_enter(void *this_fn __unused, 253ca825890SJens Wiklander void *call_site __unused) 254ca825890SJens Wiklander { 255ca825890SJens Wiklander bool *p = get_stackcheck_recursion_flag(); 256ca825890SJens Wiklander 257ca825890SJens Wiklander assert(p); 258ca825890SJens Wiklander if (*p) 259ca825890SJens Wiklander return; 260ca825890SJens Wiklander *p = true; 261ca825890SJens Wiklander check_stack_limits(); 262ca825890SJens Wiklander *p = false; 263ca825890SJens Wiklander } 264ca825890SJens Wiklander 265ca825890SJens Wiklander void __cyg_profile_func_exit(void *this_fn, void *call_site); 266ca825890SJens Wiklander void __nostackcheck __cyg_profile_func_exit(void *this_fn __unused, 267ca825890SJens Wiklander void *call_site __unused) 268ca825890SJens Wiklander { 269ca825890SJens Wiklander } 270ca825890SJens Wiklander #else 271ca825890SJens Wiklander static void print_stack_limits(void) 272ca825890SJens Wiklander { 273ca825890SJens Wiklander } 274ca825890SJens Wiklander #endif 275ca825890SJens Wiklander 276ca825890SJens Wiklander void thread_init_boot_thread(void) 277ca825890SJens Wiklander { 278ca825890SJens Wiklander struct thread_core_local *l = thread_get_core_local(); 279ca825890SJens Wiklander 280ca825890SJens Wiklander thread_init_threads(); 281ca825890SJens Wiklander 282ca825890SJens Wiklander l->curr_thread = 0; 283ca825890SJens Wiklander threads[0].state = THREAD_STATE_ACTIVE; 284ca825890SJens Wiklander } 285ca825890SJens Wiklander 286ca825890SJens Wiklander void __nostackcheck thread_clr_boot_thread(void) 287ca825890SJens Wiklander { 288ca825890SJens Wiklander struct thread_core_local *l = thread_get_core_local(); 289ca825890SJens Wiklander 290ca825890SJens Wiklander assert(l->curr_thread >= 0 && l->curr_thread < CFG_NUM_THREADS); 291ca825890SJens Wiklander assert(threads[l->curr_thread].state == THREAD_STATE_ACTIVE); 292ca825890SJens Wiklander threads[l->curr_thread].state = THREAD_STATE_FREE; 293ca825890SJens Wiklander l->curr_thread = THREAD_ID_INVALID; 294ca825890SJens Wiklander } 295ca825890SJens Wiklander 296ca825890SJens Wiklander void __nostackcheck *thread_get_tmp_sp(void) 297ca825890SJens Wiklander { 298ca825890SJens Wiklander struct thread_core_local *l = thread_get_core_local(); 299ca825890SJens Wiklander 300ca825890SJens Wiklander /* 301ca825890SJens Wiklander * Called from assembly when switching to the temporary stack, so flags 302ca825890SJens Wiklander * need updating 303ca825890SJens Wiklander */ 304ca825890SJens Wiklander l->flags |= THREAD_CLF_TMP; 305ca825890SJens Wiklander 306ca825890SJens Wiklander return (void *)l->tmp_stack_va_end; 307ca825890SJens Wiklander } 308ca825890SJens Wiklander 309ca825890SJens Wiklander vaddr_t thread_stack_start(void) 310ca825890SJens Wiklander { 311ca825890SJens Wiklander struct thread_ctx *thr; 312ca825890SJens Wiklander int ct = thread_get_id_may_fail(); 313ca825890SJens Wiklander 314ca825890SJens Wiklander if (ct == THREAD_ID_INVALID) 315ca825890SJens Wiklander return 0; 316ca825890SJens Wiklander 317ca825890SJens Wiklander thr = threads + ct; 318ca825890SJens Wiklander return thr->stack_va_end - STACK_THREAD_SIZE; 319ca825890SJens Wiklander } 320ca825890SJens Wiklander 321ca825890SJens Wiklander size_t thread_stack_size(void) 322ca825890SJens Wiklander { 323ca825890SJens Wiklander return STACK_THREAD_SIZE; 324ca825890SJens Wiklander } 325ca825890SJens Wiklander 326ca825890SJens Wiklander bool get_stack_limits(vaddr_t *start, vaddr_t *end, bool hard) 327ca825890SJens Wiklander { 328ca825890SJens Wiklander uint32_t exceptions = thread_mask_exceptions(THREAD_EXCP_FOREIGN_INTR); 329ca825890SJens Wiklander unsigned int pos = get_core_pos(); 330ca825890SJens Wiklander struct thread_core_local *l = get_core_local(pos); 331ca825890SJens Wiklander int ct = l->curr_thread; 332ca825890SJens Wiklander bool ret = false; 333ca825890SJens Wiklander 334ca825890SJens Wiklander if (l->flags & THREAD_CLF_TMP) { 335ca825890SJens Wiklander if (hard) 336ca825890SJens Wiklander *start = GET_STACK_TOP_HARD(stack_tmp, pos); 337ca825890SJens Wiklander else 338ca825890SJens Wiklander *start = GET_STACK_TOP_SOFT(stack_tmp, pos); 339ca825890SJens Wiklander *end = GET_STACK_BOTTOM(stack_tmp, pos); 340ca825890SJens Wiklander ret = true; 341ca825890SJens Wiklander } else if (l->flags & THREAD_CLF_ABORT) { 342ca825890SJens Wiklander if (hard) 343ca825890SJens Wiklander *start = GET_STACK_TOP_HARD(stack_abt, pos); 344ca825890SJens Wiklander else 345ca825890SJens Wiklander *start = GET_STACK_TOP_SOFT(stack_abt, pos); 346ca825890SJens Wiklander *end = GET_STACK_BOTTOM(stack_abt, pos); 347ca825890SJens Wiklander ret = true; 348ca825890SJens Wiklander } else if (!l->flags) { 349ca825890SJens Wiklander if (ct < 0 || ct >= CFG_NUM_THREADS) 350ca825890SJens Wiklander goto out; 351ca825890SJens Wiklander 352ca825890SJens Wiklander *end = threads[ct].stack_va_end; 353ca825890SJens Wiklander *start = *end - STACK_THREAD_SIZE; 354ca825890SJens Wiklander if (!hard) 355ca825890SJens Wiklander *start += STACK_CHECK_EXTRA; 356ca825890SJens Wiklander ret = true; 357ca825890SJens Wiklander } 358ca825890SJens Wiklander out: 359ca825890SJens Wiklander thread_unmask_exceptions(exceptions); 360ca825890SJens Wiklander return ret; 361ca825890SJens Wiklander } 362ca825890SJens Wiklander 363ca825890SJens Wiklander bool thread_is_from_abort_mode(void) 364ca825890SJens Wiklander { 365ca825890SJens Wiklander struct thread_core_local *l = thread_get_core_local(); 366ca825890SJens Wiklander 367ca825890SJens Wiklander return (l->flags >> THREAD_CLF_SAVED_SHIFT) & THREAD_CLF_ABORT; 368ca825890SJens Wiklander } 369ca825890SJens Wiklander 370ca825890SJens Wiklander /* 371ca825890SJens Wiklander * This function should always be accurate, but it might be possible to 372ca825890SJens Wiklander * implement a more efficient depending on cpu architecture. 373ca825890SJens Wiklander */ 374ca825890SJens Wiklander bool __weak thread_is_in_normal_mode(void) 375ca825890SJens Wiklander { 376ca825890SJens Wiklander uint32_t exceptions = thread_mask_exceptions(THREAD_EXCP_FOREIGN_INTR); 377ca825890SJens Wiklander struct thread_core_local *l = thread_get_core_local(); 378ca825890SJens Wiklander bool ret; 379ca825890SJens Wiklander 380ca825890SJens Wiklander /* 381ca825890SJens Wiklander * If any bit in l->flags is set aside from THREAD_CLF_TMP we're 382ca825890SJens Wiklander * handling some exception. 383ca825890SJens Wiklander */ 384ca825890SJens Wiklander ret = (l->curr_thread != THREAD_ID_INVALID) && 385ca825890SJens Wiklander !(l->flags & ~THREAD_CLF_TMP); 386ca825890SJens Wiklander thread_unmask_exceptions(exceptions); 387ca825890SJens Wiklander 388ca825890SJens Wiklander return ret; 389ca825890SJens Wiklander } 390ca825890SJens Wiklander 391239420cbSJerome Forissier short int __noprof thread_get_id_may_fail(void) 392ca825890SJens Wiklander { 393ca825890SJens Wiklander /* 394ca825890SJens Wiklander * thread_get_core_local() requires foreign interrupts to be disabled 395ca825890SJens Wiklander */ 396ca825890SJens Wiklander uint32_t exceptions = thread_mask_exceptions(THREAD_EXCP_FOREIGN_INTR); 397ca825890SJens Wiklander struct thread_core_local *l = thread_get_core_local(); 398ca825890SJens Wiklander short int ct = l->curr_thread; 399ca825890SJens Wiklander 400ca825890SJens Wiklander thread_unmask_exceptions(exceptions); 401ca825890SJens Wiklander return ct; 402ca825890SJens Wiklander } 403ca825890SJens Wiklander 4048577287cSJerome Forissier short int __noprof thread_get_id(void) 405ca825890SJens Wiklander { 406ca825890SJens Wiklander short int ct = thread_get_id_may_fail(); 407ca825890SJens Wiklander 408ca825890SJens Wiklander /* Thread ID has to fit in a short int */ 409ca825890SJens Wiklander COMPILE_TIME_ASSERT(CFG_NUM_THREADS <= SHRT_MAX); 410ca825890SJens Wiklander assert(ct >= 0 && ct < CFG_NUM_THREADS); 411ca825890SJens Wiklander return ct; 412ca825890SJens Wiklander } 413ca825890SJens Wiklander 414ca825890SJens Wiklander #ifdef CFG_WITH_PAGER 415ca825890SJens Wiklander static void init_thread_stacks(void) 416ca825890SJens Wiklander { 417ca825890SJens Wiklander size_t n = 0; 418ca825890SJens Wiklander 419ca825890SJens Wiklander /* 420ca825890SJens Wiklander * Allocate virtual memory for thread stacks. 421ca825890SJens Wiklander */ 422ca825890SJens Wiklander for (n = 0; n < CFG_NUM_THREADS; n++) { 423ca825890SJens Wiklander tee_mm_entry_t *mm = NULL; 424ca825890SJens Wiklander vaddr_t sp = 0; 425ca825890SJens Wiklander size_t num_pages = 0; 426ca825890SJens Wiklander struct fobj *fobj = NULL; 427ca825890SJens Wiklander 428ca825890SJens Wiklander /* Find vmem for thread stack and its protection gap */ 4299b0ee59dSJens Wiklander mm = tee_mm_alloc(&core_virt_mem_pool, 430ca825890SJens Wiklander SMALL_PAGE_SIZE + STACK_THREAD_SIZE); 431ca825890SJens Wiklander assert(mm); 432ca825890SJens Wiklander 433ca825890SJens Wiklander /* Claim eventual physical page */ 434ca825890SJens Wiklander tee_pager_add_pages(tee_mm_get_smem(mm), tee_mm_get_size(mm), 435ca825890SJens Wiklander true); 436ca825890SJens Wiklander 437ca825890SJens Wiklander num_pages = tee_mm_get_bytes(mm) / SMALL_PAGE_SIZE - 1; 438ca825890SJens Wiklander fobj = fobj_locked_paged_alloc(num_pages); 439ca825890SJens Wiklander 440ca825890SJens Wiklander /* Add the region to the pager */ 441ca825890SJens Wiklander tee_pager_add_core_region(tee_mm_get_smem(mm) + SMALL_PAGE_SIZE, 442ca825890SJens Wiklander PAGED_REGION_TYPE_LOCK, fobj); 443ca825890SJens Wiklander fobj_put(fobj); 444ca825890SJens Wiklander 445ca825890SJens Wiklander /* init effective stack */ 446ca825890SJens Wiklander sp = tee_mm_get_smem(mm) + tee_mm_get_bytes(mm); 447ca825890SJens Wiklander asan_tag_access((void *)tee_mm_get_smem(mm), (void *)sp); 448*980d32c4SJens Wiklander threads[n].stack_va_end = sp; 449ca825890SJens Wiklander } 450ca825890SJens Wiklander } 451ca825890SJens Wiklander #else 452ca825890SJens Wiklander static void init_thread_stacks(void) 453ca825890SJens Wiklander { 454ca825890SJens Wiklander size_t n; 455ca825890SJens Wiklander 456ca825890SJens Wiklander /* Assign the thread stacks */ 457*980d32c4SJens Wiklander for (n = 0; n < CFG_NUM_THREADS; n++) 458*980d32c4SJens Wiklander threads[n].stack_va_end = GET_STACK_BOTTOM(stack_thread, n); 459ca825890SJens Wiklander } 460ca825890SJens Wiklander #endif /*CFG_WITH_PAGER*/ 461ca825890SJens Wiklander 462ca825890SJens Wiklander void thread_init_threads(void) 463ca825890SJens Wiklander { 464ca825890SJens Wiklander size_t n = 0; 465ca825890SJens Wiklander 466ca825890SJens Wiklander init_thread_stacks(); 467ca825890SJens Wiklander print_stack_limits(); 468ca825890SJens Wiklander pgt_init(); 469ca825890SJens Wiklander 470ca825890SJens Wiklander mutex_lockdep_init(); 471ca825890SJens Wiklander 472e17e7a56SJens Wiklander for (n = 0; n < CFG_NUM_THREADS; n++) 473ca825890SJens Wiklander TAILQ_INIT(&threads[n].tsd.sess_stack); 474ca825890SJens Wiklander } 475ca825890SJens Wiklander 476ca825890SJens Wiklander void __nostackcheck thread_init_thread_core_local(void) 477ca825890SJens Wiklander { 478ca825890SJens Wiklander size_t n = 0; 479ca825890SJens Wiklander struct thread_core_local *tcl = thread_core_local; 480ca825890SJens Wiklander 481ca825890SJens Wiklander for (n = 0; n < CFG_TEE_CORE_NB_CORE; n++) { 482ca825890SJens Wiklander tcl[n].curr_thread = THREAD_ID_INVALID; 483ca825890SJens Wiklander tcl[n].flags = THREAD_CLF_TMP; 484ca825890SJens Wiklander } 485ca825890SJens Wiklander tcl[0].tmp_stack_va_end = GET_STACK_BOTTOM(stack_tmp, 0); 486ca825890SJens Wiklander } 487ca825890SJens Wiklander 488a7a0664eSJerome Forissier void __nostackcheck thread_init_core_local_stacks(void) 489ca825890SJens Wiklander { 490ca825890SJens Wiklander size_t n = 0; 491ca825890SJens Wiklander struct thread_core_local *tcl = thread_core_local; 492ca825890SJens Wiklander 493ca825890SJens Wiklander for (n = 0; n < CFG_TEE_CORE_NB_CORE; n++) { 494ca825890SJens Wiklander tcl[n].tmp_stack_va_end = GET_STACK_BOTTOM(stack_tmp, n) - 495ca825890SJens Wiklander STACK_TMP_OFFS; 496ca825890SJens Wiklander tcl[n].abt_stack_va_end = GET_STACK_BOTTOM(stack_abt, n); 497ca825890SJens Wiklander } 498ca825890SJens Wiklander } 499ca825890SJens Wiklander 50093dc6b29SJens Wiklander #if defined(CFG_CORE_PAUTH) 50193dc6b29SJens Wiklander void thread_init_thread_pauth_keys(void) 50293dc6b29SJens Wiklander { 50393dc6b29SJens Wiklander size_t n = 0; 50493dc6b29SJens Wiklander 50593dc6b29SJens Wiklander for (n = 0; n < CFG_NUM_THREADS; n++) 50693dc6b29SJens Wiklander if (crypto_rng_read(&threads[n].keys, sizeof(threads[n].keys))) 50793dc6b29SJens Wiklander panic("Failed to init thread pauth keys"); 50893dc6b29SJens Wiklander } 50993dc6b29SJens Wiklander 51093dc6b29SJens Wiklander void thread_init_core_local_pauth_keys(void) 51193dc6b29SJens Wiklander { 51293dc6b29SJens Wiklander struct thread_core_local *tcl = thread_core_local; 51393dc6b29SJens Wiklander size_t n = 0; 51493dc6b29SJens Wiklander 51593dc6b29SJens Wiklander for (n = 0; n < CFG_TEE_CORE_NB_CORE; n++) 51693dc6b29SJens Wiklander if (crypto_rng_read(&tcl[n].keys, sizeof(tcl[n].keys))) 51793dc6b29SJens Wiklander panic("Failed to init core local pauth keys"); 51893dc6b29SJens Wiklander } 51993dc6b29SJens Wiklander #endif 52093dc6b29SJens Wiklander 5218577287cSJerome Forissier struct thread_specific_data * __noprof thread_get_tsd(void) 522ca825890SJens Wiklander { 523ca825890SJens Wiklander return &threads[thread_get_id()].tsd; 524ca825890SJens Wiklander } 525ca825890SJens Wiklander 526ca825890SJens Wiklander struct thread_ctx_regs * __nostackcheck thread_get_ctx_regs(void) 527ca825890SJens Wiklander { 528ca825890SJens Wiklander struct thread_core_local *l = thread_get_core_local(); 529ca825890SJens Wiklander 530ca825890SJens Wiklander assert(l->curr_thread != THREAD_ID_INVALID); 531ca825890SJens Wiklander return &threads[l->curr_thread].regs; 532ca825890SJens Wiklander } 533ca825890SJens Wiklander 534ca825890SJens Wiklander void thread_set_foreign_intr(bool enable) 535ca825890SJens Wiklander { 536ca825890SJens Wiklander /* thread_get_core_local() requires foreign interrupts to be disabled */ 537ca825890SJens Wiklander uint32_t exceptions = thread_mask_exceptions(THREAD_EXCP_FOREIGN_INTR); 538ca825890SJens Wiklander struct thread_core_local *l; 539ca825890SJens Wiklander 540ca825890SJens Wiklander l = thread_get_core_local(); 541ca825890SJens Wiklander 542ca825890SJens Wiklander assert(l->curr_thread != THREAD_ID_INVALID); 543ca825890SJens Wiklander 544ca825890SJens Wiklander if (enable) { 545ca825890SJens Wiklander threads[l->curr_thread].flags |= 546ca825890SJens Wiklander THREAD_FLAGS_FOREIGN_INTR_ENABLE; 547ca825890SJens Wiklander thread_set_exceptions(exceptions & ~THREAD_EXCP_FOREIGN_INTR); 548ca825890SJens Wiklander } else { 549ca825890SJens Wiklander /* 550ca825890SJens Wiklander * No need to disable foreign interrupts here since they're 551ca825890SJens Wiklander * already disabled above. 552ca825890SJens Wiklander */ 553ca825890SJens Wiklander threads[l->curr_thread].flags &= 554ca825890SJens Wiklander ~THREAD_FLAGS_FOREIGN_INTR_ENABLE; 555ca825890SJens Wiklander } 556ca825890SJens Wiklander } 557ca825890SJens Wiklander 558ca825890SJens Wiklander void thread_restore_foreign_intr(void) 559ca825890SJens Wiklander { 560ca825890SJens Wiklander /* thread_get_core_local() requires foreign interrupts to be disabled */ 561ca825890SJens Wiklander uint32_t exceptions = thread_mask_exceptions(THREAD_EXCP_FOREIGN_INTR); 562ca825890SJens Wiklander struct thread_core_local *l; 563ca825890SJens Wiklander 564ca825890SJens Wiklander l = thread_get_core_local(); 565ca825890SJens Wiklander 566ca825890SJens Wiklander assert(l->curr_thread != THREAD_ID_INVALID); 567ca825890SJens Wiklander 568ca825890SJens Wiklander if (threads[l->curr_thread].flags & THREAD_FLAGS_FOREIGN_INTR_ENABLE) 569ca825890SJens Wiklander thread_set_exceptions(exceptions & ~THREAD_EXCP_FOREIGN_INTR); 570ca825890SJens Wiklander } 571ca825890SJens Wiklander 572ca825890SJens Wiklander static struct mobj *alloc_shm(enum thread_shm_type shm_type, size_t size) 573ca825890SJens Wiklander { 574ca825890SJens Wiklander switch (shm_type) { 575ca825890SJens Wiklander case THREAD_SHM_TYPE_APPLICATION: 576ca825890SJens Wiklander return thread_rpc_alloc_payload(size); 577ca825890SJens Wiklander case THREAD_SHM_TYPE_KERNEL_PRIVATE: 578ca825890SJens Wiklander return thread_rpc_alloc_kernel_payload(size); 579ca825890SJens Wiklander case THREAD_SHM_TYPE_GLOBAL: 580ca825890SJens Wiklander return thread_rpc_alloc_global_payload(size); 581ca825890SJens Wiklander default: 582ca825890SJens Wiklander return NULL; 583ca825890SJens Wiklander } 584ca825890SJens Wiklander } 585ca825890SJens Wiklander 586ca825890SJens Wiklander static void clear_shm_cache_entry(struct thread_shm_cache_entry *ce) 587ca825890SJens Wiklander { 588ca825890SJens Wiklander if (ce->mobj) { 589ca825890SJens Wiklander switch (ce->type) { 590ca825890SJens Wiklander case THREAD_SHM_TYPE_APPLICATION: 591ca825890SJens Wiklander thread_rpc_free_payload(ce->mobj); 592ca825890SJens Wiklander break; 593ca825890SJens Wiklander case THREAD_SHM_TYPE_KERNEL_PRIVATE: 594ca825890SJens Wiklander thread_rpc_free_kernel_payload(ce->mobj); 595ca825890SJens Wiklander break; 596ca825890SJens Wiklander case THREAD_SHM_TYPE_GLOBAL: 597ca825890SJens Wiklander thread_rpc_free_global_payload(ce->mobj); 598ca825890SJens Wiklander break; 599ca825890SJens Wiklander default: 600ca825890SJens Wiklander assert(0); /* "can't happen" */ 601ca825890SJens Wiklander break; 602ca825890SJens Wiklander } 603ca825890SJens Wiklander } 604ca825890SJens Wiklander ce->mobj = NULL; 605ca825890SJens Wiklander ce->size = 0; 606ca825890SJens Wiklander } 607ca825890SJens Wiklander 608ca825890SJens Wiklander static struct thread_shm_cache_entry * 609ca825890SJens Wiklander get_shm_cache_entry(enum thread_shm_cache_user user) 610ca825890SJens Wiklander { 611ca825890SJens Wiklander struct thread_shm_cache *cache = &threads[thread_get_id()].shm_cache; 612ca825890SJens Wiklander struct thread_shm_cache_entry *ce = NULL; 613ca825890SJens Wiklander 614ca825890SJens Wiklander SLIST_FOREACH(ce, cache, link) 615ca825890SJens Wiklander if (ce->user == user) 616ca825890SJens Wiklander return ce; 617ca825890SJens Wiklander 618ca825890SJens Wiklander ce = calloc(1, sizeof(*ce)); 619ca825890SJens Wiklander if (ce) { 620ca825890SJens Wiklander ce->user = user; 621ca825890SJens Wiklander SLIST_INSERT_HEAD(cache, ce, link); 622ca825890SJens Wiklander } 623ca825890SJens Wiklander 624ca825890SJens Wiklander return ce; 625ca825890SJens Wiklander } 626ca825890SJens Wiklander 627ca825890SJens Wiklander void *thread_rpc_shm_cache_alloc(enum thread_shm_cache_user user, 628ca825890SJens Wiklander enum thread_shm_type shm_type, 629ca825890SJens Wiklander size_t size, struct mobj **mobj) 630ca825890SJens Wiklander { 631ca825890SJens Wiklander struct thread_shm_cache_entry *ce = NULL; 632ca825890SJens Wiklander size_t sz = size; 633ca825890SJens Wiklander paddr_t p = 0; 634ca825890SJens Wiklander void *va = NULL; 635ca825890SJens Wiklander 636ca825890SJens Wiklander if (!size) 637ca825890SJens Wiklander return NULL; 638ca825890SJens Wiklander 639ca825890SJens Wiklander ce = get_shm_cache_entry(user); 640ca825890SJens Wiklander if (!ce) 641ca825890SJens Wiklander return NULL; 642ca825890SJens Wiklander 643ca825890SJens Wiklander /* 644ca825890SJens Wiklander * Always allocate in page chunks as normal world allocates payload 645ca825890SJens Wiklander * memory as complete pages. 646ca825890SJens Wiklander */ 647ca825890SJens Wiklander sz = ROUNDUP(size, SMALL_PAGE_SIZE); 648ca825890SJens Wiklander 649ca825890SJens Wiklander if (ce->type != shm_type || sz > ce->size) { 650ca825890SJens Wiklander clear_shm_cache_entry(ce); 651ca825890SJens Wiklander 652ca825890SJens Wiklander ce->mobj = alloc_shm(shm_type, sz); 653ca825890SJens Wiklander if (!ce->mobj) 654ca825890SJens Wiklander return NULL; 655ca825890SJens Wiklander 656ca825890SJens Wiklander if (mobj_get_pa(ce->mobj, 0, 0, &p)) 657ca825890SJens Wiklander goto err; 658ca825890SJens Wiklander 659ca825890SJens Wiklander if (!IS_ALIGNED_WITH_TYPE(p, uint64_t)) 660ca825890SJens Wiklander goto err; 661ca825890SJens Wiklander 662ca825890SJens Wiklander va = mobj_get_va(ce->mobj, 0, sz); 663ca825890SJens Wiklander if (!va) 664ca825890SJens Wiklander goto err; 665ca825890SJens Wiklander 666ca825890SJens Wiklander ce->size = sz; 667ca825890SJens Wiklander ce->type = shm_type; 668ca825890SJens Wiklander } else { 669ca825890SJens Wiklander va = mobj_get_va(ce->mobj, 0, sz); 670ca825890SJens Wiklander if (!va) 671ca825890SJens Wiklander goto err; 672ca825890SJens Wiklander } 673ca825890SJens Wiklander *mobj = ce->mobj; 674ca825890SJens Wiklander 675ca825890SJens Wiklander return va; 676ca825890SJens Wiklander err: 677ca825890SJens Wiklander clear_shm_cache_entry(ce); 678ca825890SJens Wiklander return NULL; 679ca825890SJens Wiklander } 680ca825890SJens Wiklander 681ca825890SJens Wiklander void thread_rpc_shm_cache_clear(struct thread_shm_cache *cache) 682ca825890SJens Wiklander { 683ca825890SJens Wiklander while (true) { 684ca825890SJens Wiklander struct thread_shm_cache_entry *ce = SLIST_FIRST(cache); 685ca825890SJens Wiklander 686ca825890SJens Wiklander if (!ce) 687ca825890SJens Wiklander break; 688ca825890SJens Wiklander SLIST_REMOVE_HEAD(cache, link); 689ca825890SJens Wiklander clear_shm_cache_entry(ce); 690ca825890SJens Wiklander free(ce); 691ca825890SJens Wiklander } 692ca825890SJens Wiklander } 693