M-Labs
/
libfringe
3
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

RISC-V (32 bits): PMP support with 4k stack alignment #1

Merged
sb10q merged 2 commits from occheung/libfringe:4k-align into master 2021-10-08 12:08:52 +08:00
Conversation 0 Commits 2 Files Changed 1
occheung commented 2021-10-08 12:06:02 +08:00

One-line Summary

This patch inserts an environment call (ecall) on context switching for 32 bits RISC-V target, to support 4k aligned stack and potentially physical memorgy protection (PMP) modification in runtime.

(Note: PMP manipulation through ecall is not within the scope of this library).

Relevant issue

artiq: Trivial memory protection unit (stack overflow protection)

Changes

All changes are made towards the arch/riscv32.rs file.

Stack alignment

Stack of any thread requested by libfringe is now 4k aligned.

Context switching

An environment call will be issued during context switch arch::swap(), to prompt adjustment of PMP regions. If switching to a new context, the base address of the stack guard is required.

Invoking ecall will trigger an EnvCall related exception.

Assumption

All allocated stack must have a stack limit at a non-zero address.

Switching into a new context

It is when arch::swap() is called with new_stack holding a value (i.e. Some(&Stack). The stack limit new_stack.limit() is passed to the enviroment call.

Switching away from a new context

It is when arch::swap() is called with new_stack not holding a value (i.e. None. The value 0 is passed to the enviroment call instead.

ecall ABI

The argument is passed through register a7.

Caller saved register is expected to be saved by the exception handler that ecall will transfer to. See an example implementation in riscv-rt repository.

Exception PC register should be incremented by ONE instruction length before returning from the exception handler.

For example,

  • C extension (compressed instruction) is not implemented
  • Exception is handled with machine privilege
    Increment mepc by 4 before calling mret.

Expected privilege

If ecall is implemented to support PMP adjustment during runtime, threads created by this library using riscv32 target expect non-machine privilege (e.g. User).

# One-line Summary This patch inserts an environment call (`ecall`) on context switching for 32 bits RISC-V target, to support 4k aligned stack and *potentially* physical memorgy protection (PMP) modification in runtime. (Note: PMP manipulation through `ecall` is not within the scope of this library). # Relevant issue [artiq: Trivial memory protection unit (stack overflow protection)](https://github.com/m-labs/artiq/issues/544) # Changes All changes are made towards the `arch/riscv32.rs` file. ## Stack alignment Stack of any thread requested by libfringe is now 4k aligned. ## Context switching An environment call will be issued during context switch `arch::swap()`, to prompt adjustment of PMP regions. If switching to a new context, the base address of the stack guard is required. Invoking `ecall` will trigger an `EnvCall` related exception. ### Assumption All allocated stack must have a stack limit at a non-zero address. ### Switching into a new context It is when `arch::swap()` is called with `new_stack` holding a value (i.e. `Some(&Stack)`. The stack limit `new_stack.limit()` is passed to the enviroment call. ### Switching away from a new context It is when `arch::swap()` is called with `new_stack` **not** holding a value (i.e. `None`. The value 0 is passed to the enviroment call instead. ## `ecall` ABI The argument is passed through register `a7`. Caller saved register is expected to be saved by the exception handler that `ecall` will transfer to. See an example implementation in [riscv-rt](https://github.com/rust-embedded/riscv-rt/blob/master/asm.S) repository. Exception PC register should be incremented by ONE instruction length before returning from the exception handler. For example, - C extension (compressed instruction) is not implemented - Exception is handled with machine privilege Increment `mepc` by 4 before calling `mret`. ## Expected privilege If `ecall` is implemented to support PMP adjustment during runtime, threads created by this library using `riscv32` target expect non-machine privilege (e.g. User).
occheung added 2 commits 2021-10-08 12:06:02 +08:00
sb10q merged commit 3ecbe53f76 into master 2021-10-08 12:08:52 +08:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: M-Labs/libfringe#1
There is no content yet.
Delete Branch "occheung/libfringe:4k-align"

Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?