From: Ahmad Fatoum <a.fatoum@pengutronix.de>
To: Michael Tretter <m.tretter@pengutronix.de>
Cc: barebox@lists.infradead.org
Subject: Re: [PATCH 2/2] uimage: disable zero page when loading to SDRAM at address 0x0
Date: Thu, 15 Oct 2020 11:12:40 +0200 [thread overview]
Message-ID: <0b72273d-ded1-97d0-50ba-044a1f82113e@pengutronix.de> (raw)
In-Reply-To: <20201015074005.GC5487@pengutronix.de>
Hello,
On 10/15/20 9:40 AM, Michael Tretter wrote:
> On Wed, 14 Oct 2020 18:33:25 +0200, Ahmad Fatoum wrote:
>> On 10/14/20 5:08 PM, Michael Tretter wrote:
>>> If the SDRAM is mapped to address 0x0 and an image should be loaded to
>>> to the SDRAM without offset, Barebox would normally trap the access as a
>>> null pointer.
>>>
>>> However, since Linux kernel commit cfa7ede20f13 ("arm64: set TEXT_OFFSET
>>> to 0x0 in preparation for removing it entirely") no offset is the
>>> default for arm64. Therefore, copying the image to 0x0 of the SDRAM is
>>> necessary.
>>>
>>> Disable the zero page trap for copying an image to address 0x0.
>>>
>>> Signed-off-by: Michael Tretter <m.tretter@pengutronix.de>
>>> ---
>>> common/uimage.c | 18 ++++++++++++++++--
>>> 1 file changed, 16 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/common/uimage.c b/common/uimage.c
>>> index a84b8fddc4e7..b1e9b402e98a 100644
>>> --- a/common/uimage.c
>>> +++ b/common/uimage.c
>>> @@ -27,6 +27,7 @@
>>> #include <rtc.h>
>>> #include <filetype.h>
>>> #include <memory.h>
>>> +#include <zero_page.h>
>>>
>>> static inline int uimage_is_multi_image(struct uimage_handle *handle)
>>> {
>>> @@ -359,7 +360,13 @@ static int uimage_sdram_flush(void *buf, unsigned int len)
>>> }
>>> }
>>>
>>> - memcpy(uimage_buf + uimage_size, buf, len);
>>> + if (zero_page_contains((unsigned long)uimage_buf + uimage_size)) {
>>> + zero_page_disable();
>>> + memcpy(uimage_buf + uimage_size, buf, len);
>>> + zero_page_enable();
>>
>> If this remains, please add a memcpy_notrap or something.
>
> Should I check the destination before calling memcpy_notrap or should I always
> call the memcpy_notrap if there is a possibility to copy to 0x0 and check for
> the destination within the function?
>
> I fear that having such a "simple" function would encourage to use it more
> often. I would prefer to make the code to use it more clumsy and make it
> (similar to data_abort_mask()) the responsibility of the caller to be aware
> that bad things might happen when the zero_page is disabled.
Give it a scary name then.
>
>>
>>> + } else {
>>> + memcpy(uimage_buf + uimage_size, buf, len);
>>> + }
>>>
>>> uimage_size += len;
>>>
>>> @@ -388,7 +395,14 @@ struct resource *file_to_sdram(const char *filename, unsigned long adr)
>>> goto out;
>>> }
>>>
>>> - now = read_full(fd, (void *)(res->start + ofs), BUFSIZ);
>>> + if (zero_page_contains(res->start + ofs)) {
>>> + zero_page_disable();
>>> + now = read_full(fd, (void *)(res->start + ofs), BUFSIZ);
>>> + zero_page_enable();
>>
>> And use that new memcpy_notrap here to copy from an intermediate buffer. You open quite a can
>> of worms when you treat NULL as a valid address. Better have this contained in a single
>> file instead of hoping the compiler doesn't do a NULL-can't-happen-here optimization
>> in all that block/cdev/fs code that read_full may call into.
>
> Could you explain, what kind of optimization you would expect?
Real world example: https://lwn.net/Articles/342330/
Kernel and barebox both have -fno-delete-null-pointer-checks to avoid this, but
you can't be sure that other null pointer optimizations are avoided.
For example, the transformation of
static void func(unsigned *ptr, bool x) { if (!x) return; *ptr = 0xDEADBEEF; }
void f(void *ptr, bool x) { func(ptr, x); }
to
static void func(unsigned *ptr) { if (!ptr) return; *ptr = 0xDEADBEEF }
void f(void *ptr, bool x) { if (!x) ptr = NULL; func(ptr); }
is valid as far the standard is concerned.
Better play it safe and reduce the surface where optimization can go awry.
Cheers,
Ahmad
>
> Michael
>
>>
>>> + } else {
>>> + now = read_full(fd, (void *)(res->start + ofs), BUFSIZ);
>>> + }
>>> +
>>> if (now < 0) {
>>> release_sdram_region(res);
>>> res = NULL;
>>>
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
next prev parent reply other threads:[~2020-10-15 9:12 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-14 15:08 [PATCH 1/2] ARM: mmu64: allow to disable null pointer trap on zero page Michael Tretter
2020-10-14 15:08 ` [PATCH 2/2] uimage: disable zero page when loading to SDRAM at address 0x0 Michael Tretter
2020-10-14 16:33 ` Ahmad Fatoum
2020-10-15 7:40 ` Michael Tretter
2020-10-15 8:35 ` Sascha Hauer
2020-10-15 9:12 ` Ahmad Fatoum [this message]
2020-10-14 16:29 ` [PATCH 1/2] ARM: mmu64: allow to disable null pointer trap on zero page Ahmad Fatoum
[not found] ` <20201015073331.GA29491@pengutronix.de>
2020-10-15 8:14 ` Ahmad Fatoum
2020-10-15 8:40 ` Michael Tretter
2020-10-15 8:44 ` Sascha Hauer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0b72273d-ded1-97d0-50ba-044a1f82113e@pengutronix.de \
--to=a.fatoum@pengutronix.de \
--cc=barebox@lists.infradead.org \
--cc=m.tretter@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox