mirror of
				https://github.com/smaeul/u-boot.git
				synced 2025-10-26 09:38:14 +00:00 
			
		
		
		
	OpenSBI uses a relocation lottery to determine the hart to relocate
OpenSBI to its link address. In the U-Boot SPL boot flow, the main hart
schedules the secondary harts to enter OpenSBI before doing so itself.
One of the secondary harts will therefore always be the winner of the
relocation lottery. This is problematic if the link address ranges of
OpenSBI and U-Boot SPL overlap. OpenSBI will be relocated and therefore
overwrite U-Boot SPL while some harts may still run it, leading to code
corruption.
Avoid this problem by specifying the main hart as the preferred boot
hart to perform the OpenSBI relocation. The main hart will be the last
hart to enter OpenSBI, relocation can therefore occur safely.
The boot hart field was added to version 2 of the OpenSBI FW_DYNAMIC
info structure. The header file include/opensbi.h is synchronized with
include/sbi/fw_dynamic.h from the OpenSBI project to update the info
structure. The header file is recent as of commit
7a13beb21326 ("firmware: Add preferred boot HART field in struct
fw_dynamic_info").
Reported-by: Rick Chen <rick@andestech.com>
Suggested-by: Anup Patel <Anup.Patel@wdc.com>
Signed-off-by: Lukas Auer <lukas.auer@aisec.fraunhofer.de>
Reviewed-by: Rick Chen <rick@andestech.com>
Tested-by: Rick Chen <rick@andestech.com>
Reviewed-by: Anup Patel <anup.patel@wdc.com>
		
	
			
		
			
				
	
	
		
			57 lines
		
	
	
		
			1.8 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			57 lines
		
	
	
		
			1.8 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /* SPDX-License-Identifier: BSD-2-Clause */
 | |
| /*
 | |
|  * Copyright (c) 2019 Western Digital Corporation or its affiliates.
 | |
|  *
 | |
|  * Based on include/sbi/{fw_dynamic.h,sbi_scratch.h} from the OpenSBI project.
 | |
|  */
 | |
| #ifndef OPENSBI_H
 | |
| #define OPENSBI_H
 | |
| 
 | |
| /** Expected value of info magic ('OSBI' ascii string in hex) */
 | |
| #define FW_DYNAMIC_INFO_MAGIC_VALUE		0x4942534f
 | |
| 
 | |
| /** Maximum supported info version */
 | |
| #define FW_DYNAMIC_INFO_VERSION			0x2
 | |
| 
 | |
| /** Possible next mode values */
 | |
| #define FW_DYNAMIC_INFO_NEXT_MODE_U		0x0
 | |
| #define FW_DYNAMIC_INFO_NEXT_MODE_S		0x1
 | |
| #define FW_DYNAMIC_INFO_NEXT_MODE_M		0x3
 | |
| 
 | |
| enum sbi_scratch_options {
 | |
| 	/** Disable prints during boot */
 | |
| 	SBI_SCRATCH_NO_BOOT_PRINTS = (1 << 0),
 | |
| };
 | |
| 
 | |
| /** Representation dynamic info passed by previous booting stage */
 | |
| struct fw_dynamic_info {
 | |
| 	/** Info magic */
 | |
| 	unsigned long magic;
 | |
| 	/** Info version */
 | |
| 	unsigned long version;
 | |
| 	/** Next booting stage address */
 | |
| 	unsigned long next_addr;
 | |
| 	/** Next booting stage mode */
 | |
| 	unsigned long next_mode;
 | |
| 	/** Options for OpenSBI library */
 | |
| 	unsigned long options;
 | |
| 	/**
 | |
| 	 * Preferred boot HART id
 | |
| 	 *
 | |
| 	 * It is possible that the previous booting stage uses same link
 | |
| 	 * address as the FW_DYNAMIC firmware. In this case, the relocation
 | |
| 	 * lottery mechanism can potentially overwrite the previous booting
 | |
| 	 * stage while other HARTs are still running in the previous booting
 | |
| 	 * stage leading to boot-time crash. To avoid this boot-time crash,
 | |
| 	 * the previous booting stage can specify last HART that will jump
 | |
| 	 * to the FW_DYNAMIC firmware as the preferred boot HART.
 | |
| 	 *
 | |
| 	 * To avoid specifying a preferred boot HART, the previous booting
 | |
| 	 * stage can set it to -1UL which will force the FW_DYNAMIC firmware
 | |
| 	 * to use the relocation lottery mechanism.
 | |
| 	 */
 | |
| 	unsigned long boot_hart;
 | |
| } __packed;
 | |
| 
 | |
| #endif
 |