| From 64d5628c8439e4649e9c1da9b9e02ebd5c7fb8cf Mon Sep 17 00:00:00 2001 |
| From: Ben Horgan <ben.horgan@arm.com> |
| Date: Thu, 28 Apr 2022 15:53:31 +0000 |
| Subject: [PATCH 5/5] Revert "fix(ff-a): check receiver's attributes on memory |
| retrieve" |
| |
| This reverts commit a98603aa965e3ff3ca5383249213e2fd1a96d850. |
| |
| Change-Id: Ia71ce3ac52e9b2e85578372c24eb8d593b62435f |
| Signed-off-by: Ben Horgan <ben.horgan@arm.com> |
| --- |
| src/ffa_memory.c | 76 ++++++----------- |
| test/vmapi/el0_partitions/memory_sharing.c | 81 ------------------- |
| .../primary_with_secondaries/memory_sharing.c | 81 ------------------- |
| 3 files changed, 25 insertions(+), 213 deletions(-) |
| |
| diff --git a/src/ffa_memory.c b/src/ffa_memory.c |
| index ab47929..2fcc386 100644 |
| --- a/src/ffa_memory.c |
| +++ b/src/ffa_memory.c |
| @@ -1344,42 +1344,6 @@ static struct ffa_value ffa_memory_send_complete( |
| return ffa_mem_success(share_state->memory_region->handle); |
| } |
| |
| -/** |
| - * Check that the memory attributes match Hafnium expectations: |
| - * Normal Memory, Inner shareable, Write-Back Read-Allocate |
| - * Write-Allocate Cacheable. |
| - */ |
| -static struct ffa_value ffa_memory_attributes_validate( |
| - ffa_memory_access_permissions_t attributes) |
| -{ |
| - enum ffa_memory_type memory_type; |
| - enum ffa_memory_cacheability cacheability; |
| - enum ffa_memory_shareability shareability; |
| - |
| - memory_type = ffa_get_memory_type_attr(attributes); |
| - if (memory_type != FFA_MEMORY_NORMAL_MEM) { |
| - dlog_verbose("Invalid memory type %#x, expected %#x.\n", |
| - memory_type, FFA_MEMORY_NORMAL_MEM); |
| - return ffa_error(FFA_DENIED); |
| - } |
| - |
| - cacheability = ffa_get_memory_cacheability_attr(attributes); |
| - if (cacheability != FFA_MEMORY_CACHE_WRITE_BACK) { |
| - dlog_verbose("Invalid cacheability %#x, expected %#x.\n", |
| - cacheability, FFA_MEMORY_CACHE_WRITE_BACK); |
| - return ffa_error(FFA_DENIED); |
| - } |
| - |
| - shareability = ffa_get_memory_shareability_attr(attributes); |
| - if (shareability != FFA_MEMORY_INNER_SHAREABLE) { |
| - dlog_verbose("Invalid shareability %#x, expected #%x.\n", |
| - shareability, FFA_MEMORY_INNER_SHAREABLE); |
| - return ffa_error(FFA_DENIED); |
| - } |
| - |
| - return (struct ffa_value){.func = FFA_SUCCESS_32}; |
| -} |
| - |
| /** |
| * Check that the given `memory_region` represents a valid memory send request |
| * of the given `share_func` type, return the clear flag and permissions via the |
| @@ -1400,7 +1364,10 @@ static struct ffa_value ffa_memory_send_validate( |
| uint32_t constituents_length; |
| enum ffa_data_access data_access; |
| enum ffa_instruction_access instruction_access; |
| - struct ffa_value ret; |
| + ffa_memory_access_permissions_t attributes; |
| + enum ffa_memory_type memory_type; |
| + enum ffa_memory_cacheability memory_cacheability; |
| + enum ffa_memory_shareability memory_shareability; |
| |
| assert(permissions != NULL); |
| |
| @@ -1536,9 +1503,26 @@ static struct ffa_value ffa_memory_send_validate( |
| * Normal Memory, Inner shareable, Write-Back Read-Allocate |
| * Write-Allocate Cacheable. |
| */ |
| - ret = ffa_memory_attributes_validate(memory_region->attributes); |
| - if (ret.func != FFA_SUCCESS_32) { |
| - return ret; |
| + attributes = memory_region->attributes; |
| + memory_type = ffa_get_memory_type_attr(attributes); |
| + if (memory_type != FFA_MEMORY_NORMAL_MEM) { |
| + dlog_verbose("Invalid memory type %#x, expected %#x.\n", |
| + memory_type, FFA_MEMORY_NORMAL_MEM); |
| + return ffa_error(FFA_INVALID_PARAMETERS); |
| + } |
| + |
| + memory_cacheability = ffa_get_memory_cacheability_attr(attributes); |
| + if (memory_cacheability != FFA_MEMORY_CACHE_WRITE_BACK) { |
| + dlog_verbose("Invalid cacheability %#x, expected %#x.\n", |
| + memory_cacheability, FFA_MEMORY_CACHE_WRITE_BACK); |
| + return ffa_error(FFA_INVALID_PARAMETERS); |
| + } |
| + |
| + memory_shareability = ffa_get_memory_shareability_attr(attributes); |
| + if (memory_shareability != FFA_MEMORY_INNER_SHAREABLE) { |
| + dlog_verbose("Invalid shareability %#x, expected %#x.\n", |
| + memory_shareability, FFA_MEMORY_INNER_SHAREABLE); |
| + return ffa_error(FFA_INVALID_PARAMETERS); |
| } |
| |
| return (struct ffa_value){.func = FFA_SUCCESS_32}; |
| @@ -2376,6 +2360,7 @@ struct ffa_value ffa_memory_retrieve(struct vm_locked to_locked, |
| * Check permissions from sender against permissions requested by |
| * receiver. |
| */ |
| + /* TODO: Check attributes too. */ |
| sent_permissions = |
| memory_region->receivers[0].receiver_permissions.permissions; |
| sent_data_access = ffa_get_data_access_attr(sent_permissions); |
| @@ -2453,17 +2438,6 @@ struct ffa_value ffa_memory_retrieve(struct vm_locked to_locked, |
| panic("Got unexpected FFA_INSTRUCTION_ACCESS_RESERVED. Should " |
| "be checked before this point."); |
| } |
| - |
| - /* |
| - * Ensure receiver's attributes are compatible with how Hafnium maps |
| - * memory: Normal Memory, Inner shareable, Write-Back Read-Allocate |
| - * Write-Allocate Cacheable. |
| - */ |
| - ret = ffa_memory_attributes_validate(retrieve_request->attributes); |
| - if (ret.func != FFA_SUCCESS_32) { |
| - goto out; |
| - } |
| - |
| memory_to_attributes = ffa_memory_permissions_to_mode( |
| permissions, share_state->sender_orig_mode); |
| ret = ffa_retrieve_check_update( |
| diff --git a/test/vmapi/el0_partitions/memory_sharing.c b/test/vmapi/el0_partitions/memory_sharing.c |
| index 3756d7d..c29f029 100644 |
| --- a/test/vmapi/el0_partitions/memory_sharing.c |
| +++ b/test/vmapi/el0_partitions/memory_sharing.c |
| @@ -2160,87 +2160,6 @@ TEST(memory_sharing, ffa_validate_retrieve_req_mbz) |
| } |
| } |
| |
| -/** |
| - * Memory can't be shared with arbitrary attributes because Hafnium maps pages |
| - * with hardcoded values and doesn't support custom mappings. |
| - */ |
| -TEST(memory_sharing, ffa_validate_retrieve_req_attributes) |
| -{ |
| - struct ffa_value ret; |
| - struct mailbox_buffers mb = set_up_mailbox(); |
| - uint32_t msg_size; |
| - ffa_memory_handle_t handle; |
| - |
| - struct ffa_value (*send_function[])(uint32_t, uint32_t) = { |
| - ffa_mem_share, |
| - ffa_mem_lend, |
| - }; |
| - |
| - struct ffa_memory_region_constituent constituents[] = { |
| - {.address = (uint64_t)pages, .page_count = 2}, |
| - {.address = (uint64_t)pages + PAGE_SIZE * 3, .page_count = 1}, |
| - }; |
| - |
| - SERVICE_SELECT(SERVICE_VM1, "ffa_memory_share_fail", mb.send); |
| - |
| - struct { |
| - enum ffa_memory_type memory_type; |
| - enum ffa_memory_cacheability memory_cacheability; |
| - enum ffa_memory_shareability memory_shareability; |
| - } invalid_attributes[] = { |
| - /* Invalid memory type */ |
| - {FFA_MEMORY_DEVICE_MEM, FFA_MEMORY_CACHE_WRITE_BACK, |
| - FFA_MEMORY_INNER_SHAREABLE}, |
| - /* Invalid cacheability */ |
| - {FFA_MEMORY_NORMAL_MEM, FFA_MEMORY_CACHE_NON_CACHEABLE, |
| - FFA_MEMORY_INNER_SHAREABLE}, |
| - /* Invalid shareability */ |
| - {FFA_MEMORY_NORMAL_MEM, FFA_MEMORY_CACHE_WRITE_BACK, |
| - FFA_MEMORY_SHARE_NON_SHAREABLE}, |
| - {FFA_MEMORY_NORMAL_MEM, FFA_MEMORY_CACHE_WRITE_BACK, |
| - FFA_MEMORY_OUTER_SHAREABLE}}; |
| - |
| - for (uint32_t i = 0; i < ARRAY_SIZE(send_function); i++) { |
| - /* Prepare memory region, and set all flags */ |
| - EXPECT_EQ(ffa_memory_region_init( |
| - mb.send, HF_MAILBOX_SIZE, HF_PRIMARY_VM_ID, |
| - SERVICE_VM1, constituents, |
| - ARRAY_SIZE(constituents), 0, 0, |
| - FFA_DATA_ACCESS_RW, |
| - FFA_INSTRUCTION_ACCESS_NOT_SPECIFIED, |
| - FFA_MEMORY_NORMAL_MEM, |
| - FFA_MEMORY_CACHE_WRITE_BACK, |
| - FFA_MEMORY_INNER_SHAREABLE, NULL, &msg_size), |
| - 0); |
| - |
| - ret = send_function[i](msg_size, msg_size); |
| - EXPECT_EQ(ret.func, FFA_SUCCESS_32); |
| - |
| - handle = ffa_mem_success_handle(ret); |
| - |
| - for (uint32_t j = 0; j < ARRAY_SIZE(invalid_attributes); ++j) { |
| - msg_size = ffa_memory_retrieve_request_init( |
| - mb.send, handle, HF_PRIMARY_VM_ID, SERVICE_VM1, |
| - 0, 0, FFA_DATA_ACCESS_RW, |
| - FFA_INSTRUCTION_ACCESS_NOT_SPECIFIED, |
| - invalid_attributes[j].memory_type, |
| - invalid_attributes[j].memory_cacheability, |
| - invalid_attributes[j].memory_shareability); |
| - |
| - EXPECT_LE(msg_size, HF_MAILBOX_SIZE); |
| - |
| - EXPECT_EQ(ffa_msg_send(HF_PRIMARY_VM_ID, SERVICE_VM1, |
| - msg_size, 0) |
| - .func, |
| - FFA_SUCCESS_32); |
| - |
| - ffa_run(SERVICE_VM1, 0); |
| - } |
| - |
| - EXPECT_EQ(ffa_mem_reclaim(handle, 0).func, FFA_SUCCESS_32); |
| - } |
| -} |
| - |
| /** |
| * If memory is shared can't request zeroing of memory at both send and |
| * relinquish. |
| diff --git a/test/vmapi/primary_with_secondaries/memory_sharing.c b/test/vmapi/primary_with_secondaries/memory_sharing.c |
| index 6080709..4bcf252 100644 |
| --- a/test/vmapi/primary_with_secondaries/memory_sharing.c |
| +++ b/test/vmapi/primary_with_secondaries/memory_sharing.c |
| @@ -2307,87 +2307,6 @@ TEST(memory_sharing, ffa_validate_retrieve_req_mbz) |
| } |
| } |
| |
| -/** |
| - * Memory can't be shared with arbitrary attributes because Hafnium maps pages |
| - * with hardcoded values and doesn't support custom mappings. |
| - */ |
| -TEST(memory_sharing, ffa_validate_retrieve_req_attributes) |
| -{ |
| - struct ffa_value ret; |
| - struct mailbox_buffers mb = set_up_mailbox(); |
| - uint32_t msg_size; |
| - ffa_memory_handle_t handle; |
| - |
| - struct ffa_value (*send_function[])(uint32_t, uint32_t) = { |
| - ffa_mem_share, |
| - ffa_mem_lend, |
| - }; |
| - |
| - struct ffa_memory_region_constituent constituents[] = { |
| - {.address = (uint64_t)pages, .page_count = 2}, |
| - {.address = (uint64_t)pages + PAGE_SIZE * 3, .page_count = 1}, |
| - }; |
| - |
| - SERVICE_SELECT(SERVICE_VM1, "ffa_memory_share_fail_denied", mb.send); |
| - |
| - struct { |
| - enum ffa_memory_type memory_type; |
| - enum ffa_memory_cacheability memory_cacheability; |
| - enum ffa_memory_shareability memory_shareability; |
| - } invalid_attributes[] = { |
| - /* Invalid memory type */ |
| - {FFA_MEMORY_DEVICE_MEM, FFA_MEMORY_CACHE_WRITE_BACK, |
| - FFA_MEMORY_INNER_SHAREABLE}, |
| - /* Invalid cacheability */ |
| - {FFA_MEMORY_NORMAL_MEM, FFA_MEMORY_CACHE_NON_CACHEABLE, |
| - FFA_MEMORY_INNER_SHAREABLE}, |
| - /* Invalid shareability */ |
| - {FFA_MEMORY_NORMAL_MEM, FFA_MEMORY_CACHE_WRITE_BACK, |
| - FFA_MEMORY_SHARE_NON_SHAREABLE}, |
| - {FFA_MEMORY_NORMAL_MEM, FFA_MEMORY_CACHE_WRITE_BACK, |
| - FFA_MEMORY_OUTER_SHAREABLE}}; |
| - |
| - for (uint32_t i = 0; i < ARRAY_SIZE(send_function); i++) { |
| - /* Prepare memory region, and set all flags */ |
| - EXPECT_EQ(ffa_memory_region_init( |
| - mb.send, HF_MAILBOX_SIZE, HF_PRIMARY_VM_ID, |
| - SERVICE_VM1, constituents, |
| - ARRAY_SIZE(constituents), 0, 0, |
| - FFA_DATA_ACCESS_RW, |
| - FFA_INSTRUCTION_ACCESS_NOT_SPECIFIED, |
| - FFA_MEMORY_NORMAL_MEM, |
| - FFA_MEMORY_CACHE_WRITE_BACK, |
| - FFA_MEMORY_INNER_SHAREABLE, NULL, &msg_size), |
| - 0); |
| - |
| - ret = send_function[i](msg_size, msg_size); |
| - EXPECT_EQ(ret.func, FFA_SUCCESS_32); |
| - |
| - handle = ffa_mem_success_handle(ret); |
| - |
| - for (uint32_t j = 0; j < ARRAY_SIZE(invalid_attributes); ++j) { |
| - msg_size = ffa_memory_retrieve_request_init( |
| - mb.send, handle, HF_PRIMARY_VM_ID, SERVICE_VM1, |
| - 0, 0, FFA_DATA_ACCESS_RW, |
| - FFA_INSTRUCTION_ACCESS_NOT_SPECIFIED, |
| - invalid_attributes[j].memory_type, |
| - invalid_attributes[j].memory_cacheability, |
| - invalid_attributes[j].memory_shareability); |
| - |
| - EXPECT_LE(msg_size, HF_MAILBOX_SIZE); |
| - |
| - EXPECT_EQ(ffa_msg_send(HF_PRIMARY_VM_ID, SERVICE_VM1, |
| - msg_size, 0) |
| - .func, |
| - FFA_SUCCESS_32); |
| - |
| - ffa_run(SERVICE_VM1, 0); |
| - } |
| - |
| - EXPECT_EQ(ffa_mem_reclaim(handle, 0).func, FFA_SUCCESS_32); |
| - } |
| -} |
| - |
| /** |
| * If memory is shared can't request zeroing of memory at both send and |
| * relinquish. |
| -- |
| 2.17.1 |
| |