Because the riscv32/riscv64 is redundant, one can get the same
information combining CONFIG_ARCH + CONFIG_64BIT.
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
Fixes z_isr_install() and z_isr_uninstall() routines to check the isr
table index against the correct number of isr table entries. This
prevents out-of-bounds isr table accesses when
CONFIG_GEN_IRQ_START_VECTOR is greater than zero, such as on the ARC
architecture.
Coverity-CID: 347187
Coverity-CID: 347189
Coverity-CID: 347097
Coverity-CID: 347203
Coverity-CID: 347210
Signed-off-by: Maureen Helm <maureen.helm@analog.com>
Use _current_cpu->id instead of CURR_CPU since that works
with/without multicore and contains additional checks.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Some applications turn logging off. It makes impossible to get information
about exceptions if it occures.
This PR restores correct behavior of Error_Dump messages, and
exception dump is printed anyway independent on CONFIG_LOG.
ARC_EXCEPTION_DEBUG added to default boards configs in addition to nsim.
CONFIG_FAULT_DUMP removed from ARC branch as it has been unused
since v1.8.0
Signed-off-by: Nikolay Agishev <agishev@synopsys.com>
This fix removes the zephyr/ prefix from linker included files.
With this prefix the build works only for Ninja and not for
other build tools.
Linking in Zephyr / CMake:
- Ninja invokes linking directly from <build>.
- Make invokes linking form <build>/zephyr.
The linker default uses cwd for looking up INCLUDE directives if not found
in list of includes.
Zephyr always adds <build>/zephyr as link include using CMake,
and this is passed to ld as -L<build>/zephyr therefore using
INCLUDE isr_tables_swi.ld ensures it will be correctly found in all cases.
Signed-off-by: Radosław Koppel <radoslaw.koppel@nordicsemi.no>
This commit removes the need of swi_tables.ld file if the
ISR table generator is not configured to use it.
Signed-off-by: Radosław Koppel <radoslaw.koppel@nordicsemi.no>
This commit updates the arm and arm64 architecture files
to support the new ISR handlers creation parser.
Signed-off-by: Radosław Koppel <radoslaw.koppel@nordicsemi.no>
This commit implements the possibility to locally create an interrupt
table entry. This changes the way interrput table is created,
now it should not be created as an source file but rather it would be
constructed by the linker.
Signed-off-by: Radosław Koppel <radoslaw.koppel@nordicsemi.no>
This commit moves all the functionality related to the current
interrupt parser into gen_isr_tables_parser_carrays.py file.
The new parser file gen_isr_tables_parser_local.py file is
implemented with the new parser that.
Additional information added to the generated interrupt header
that contains data required by the new parser.
Signed-off-by: Radosław Koppel <radoslaw.koppel@nordicsemi.no>
This commit updates the definition of z_shared_isr_table_entry
to use _isr_table_entry instead of specially created z_shared_isr_client.
Signed-off-by: Radosław Koppel <radoslaw.koppel@nordicsemi.no>
This commit adds missing __used attribute it int_list_header,
preventing it from being optimized out.
Signed-off-by: Radosław Koppel <radoslaw.koppel@nordicsemi.no>
The ZSR_FLUSH scratch register is only needed if kconfig
CONFIG_KERNEL_COHERENCE is enabled. So update gen_zsr.py
for that.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Print THREADPTR when dumping stack just like other registers.
There is no need to guard that behind CONFIG_USERSPACE.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
add interface for encode irq flags from acpica to arch specfic.
Currently enabled only for x86 archiecture.
Signed-off-by: Najumon B.A <najumon.ba@intel.com>
Disable Thread Local Storage for some configurations of ARC architecture.
For cores with more then one RGF_NUM_BANKS the parameter is disabled
by-default because banks syncronization requires significant time,
and it slows down performance.
Signed-off-by: Nikolay Agishev <agishev@synopsys.com>
In case of ARCv3 we have shared cache disabled after
reset (in ARCv2 it was enabled by default). Let's
enable it at early boot phase (if it's available in HW).
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Evgeniy Paltsev <PaltsevEvgeniy@gmail.com>
ARCv3 processors have HW prefetch feature which is disabled
after reset. Let's enable it.
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Evgeniy Paltsev <PaltsevEvgeniy@gmail.com>
When COMPILER_WARNINGS_AS_ERRORS is set, let's also have the
native simulator runner (and anything Zephyr requests built with it)
be built with the same option to treat warnings as errors.
Otherwise we will miss those by default in CI.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
The arm64_cpu_boot_params will be read on other cores
call sys_cache_data_flush_range flush the data from the cache to RAM.
This ensures that other cores can access the correct data.
Signed-off-by: honglin leng <a909204013@gmail.com>
Do not define these macros globally, but instead
define them only for this library and when needed.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
This constant is supposed to be defined as a long instead of an int,
presumably to support systems where int isn't large enough.
Signed-off-by: Keith Packard <keithp@keithp.com>
Disabling the MPU doesn't clear regions configuration. There is a risk
in multi-image environment that there are some old region setting e.g.
stack guard. This may cause a memory fault, because of different images
layout e.g. RO/RW.
Just clear and disable all regions configuration before the new
initialization.
Signed-off-by: Dawid Niedzwiecki <dawidn@google.com>
It looks like all SoCs in tree check if an exception comes from an IRQ
the same way, so let's provide a common logic by default, still
customizable if the SoC selects RISCV_SOC_ISR_CHECK.
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
It looks like some soc_offsets.h files need to be included before
kernel_offsets, otherwise there are some header race conditions due to
the infamous soc.h. This problem is exposed if all soc.h are removed
from RISC-V arch header files (see the upcoming commits). It can be
reproduced by building rv32m1_vega_ri5cy board after applying all the
patches in this series (excluding this one, of course).
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
There is no need to sync in every xtlb invalidation. Sync only
after all tlb autofill ways invalidation.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Xtensa's arch level atomic implementation requries S32C1I
support which may not exist as Xtensa cores are highly
configurable. Implying CONFIG_ATOMIC_OPERATIONS_ARCH at
arch level has a side effect that it is enabled
regardless if the other options are enabled. Given how
the header file's #ifdef is structured, only C atomic
ops can override this, which means enabling
CONFIG_ATOMIC_OPERATIONS_BUILTIN has no effect at all.
So let the SoC or board decide which atomic ops are
being used instead.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
According to the clic specification
(https://github.com/riscv/riscv-fast-interrupt), the mnxti register has
be written, in order to clear the pending bit for non-vectored
interrupts. For vectored interrupts, this is automatically done.
From the spec:
"If the pending interrupt is edge-triggered, hardware will automatically
clear the corresponding pending bit when the CSR instruction that
accesses xnxti includes a write."
I added a kconfig `RISCV_SOC_HAS_CUSTOM_IRQ_HANDLING` to allow custom
irq handling. If enabled, `__soc_handle_all_irqs` has to be implemented.
For clic, non-vectored mode, I added a `__soc_handle_all_irqs`, that
handles the pending interrupts according to the pseudo code in the spec.
Signed-off-by: Greter Raffael <rgreter@baumer.com>
The irq priority has to be called for dynamic and direct irqs, too. For
direct isrs, this was missing completely, for direct irqs just for the
clic.
For dynamic irqs, I replaced the current implementation with
`z_riscv_irq_priority_set`. For the plic, this is exaclty the same.
Signed-off-by: Greter Raffael <rgreter@baumer.com>
For some reason, unrelated code change triggered compiler
warning about this function returns even though it is
marked nonreturn. So add CODE_UNREACHABLE to silence
the warning, possibly to catch any errors.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
wsr.UPPERCASE can lead to compiler errors when UPPERCASE matches
a macro defined in the special register header file.
Signed-off-by: Peter Mitsis <peter.mitsis@intel.com>
rsr.UPPERCASE can lead to compiler errors when UPPERCASE matches
a macro defined in the special register header file.
Signed-off-by: Peter Mitsis <peter.mitsis@intel.com>
Instead of custom SOC_MCAUSE_EXP_MASK definition. Note that SoCs
selecting RISCV_PRIVILEGED already used such config indirectly (see
changes in soc_common.h).
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
As defined in Table 3.6 of "The RISC-V Instruction Set Manual, Volume
II: Privileged Architecture". Delete all spread definitions of the same,
weirdly prefixed with "SOC".
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
Initial implementation of `sched_getparam()` and `sched_getscheduler()`
POSIX APIs as a part of PSE53 `_POSIX_PRIORITY_SCHEDULING` option group.
Both functions are actually placeholders and just return `ENOSYS`
since Zephyr does not yet support processes or process scheduling.
Signed-off-by: Dmitrii Golovanov <dmitrii.golovanov@intel.com>
Because it was exclusively used by the "common" RISC-V privileged code
to build CPU idle routines that are now handled by arch level code.
Also, all platforms defaulted to "y", making it pointless in practice.
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
While going to idle may require SoC specific implementations, provide a
more sensible default implementation.
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
The constant used to calculate TLB entries for the way six was wrong
and causing an integer overflow. Consequently only the first 512MB where
being unmapped from the TLB.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Use the arch-cache functions instead of the sys-cache-functions
in z_arm_init_arch_hw_at_boot to ensure that the caches are
disabled even when CONFIG_CACHE_MANAGEMENT is disabled.
Signed-off-by: Benedikt Schmidt <benedikt.schmidt@embedded-solutions.at>
Use sys_cache_data_enable instead of arch_dcache_enable to enable
the cache. This will ensure that CONFIG_CACHE_MANAGEMENT
is considered correctly.
Signed-off-by: Benedikt Schmidt <benedikt.schmidt@embedded-solutions.at>
The interface to flush fpu is not unique to one architecture, make it a
generic, optional interface that can be implemented (and overriden) by a
platform.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Different architecture are doing this in custom ways and using different
naming conventions, unify this interface and make it part of the arch
implementation for SMP.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Introduce a new arch level Kconfig option to signal the implementation
of the RISCV Privileged ISA spec. This replaces
SOC_FAMILY_RISCV_PRIVILEGED, because this is not a SoC specific
property, nor a SoC family.
Note that the SoC family naming scheme will be fixed in upcoming
commits.
Signed-off-by: Gerard Marull-Paretas <gerard@teslabs.com>
This adds a kconfig to enable invalidating the TLBs related to
the incoming thread's memory domain during page table swaps.
It provides a workaround, if needed, to clear out stale TLB
entries used by the thread being swapped out. Those stale
entries may contain incorrect permissions and rings.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
There are several subsystems and boards which require a relatively large
system heap (used by k_malloc()) to function properly. This became even
more notable with the recent introduction of the ACPICA library, which
causes ACPI-using boards to require a system heap of up to several
megabytes in size.
Until now, subsystems and boards have tried to solve this by having
Kconfig overlays which modify the default value of HEAP_MEM_POOL_SIZE.
This works ok, except when applications start explicitly setting values
in their prj.conf files:
$ git grep CONFIG_HEAP_MEM_POOL_SIZE= tests samples|wc -l
157
The vast majority of values set by current sample or test applications
is much too small for subsystems like ACPI, which results in the
application not being able to run on such boards.
To solve this situation, we introduce support for subsystems to specify
their own custom system heap size requirement. Subsystems do
this by defining Kconfig options with the prefix HEAP_MEM_POOL_ADD_SIZE_.
The final value of the system heap is the sum of the custom
minimum requirements, or the value existing HEAP_MEM_POOL_SIZE option,
whichever is greater.
We also introduce a new HEAP_MEM_POOL_IGNORE_MIN Kconfig option which
applications can use to force a lower value than what subsystems have
specficied, however this behavior is disabled by default.
Whenever the minimum is greater than the requested value a CMake warning
will be issued in the build output.
This patch ends up modifying several places outside of kernel code,
since the presence of the system heap is no longer detected using a
non-zero CONFIG_HEAP_MEM_POOL_SIZE value, rather it's now detected using
a new K_HEAP_MEM_POOL_SIZE value that's evaluated at build.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This commit adds implementation of GDB stub for 32-bit ARM. It has been
tested only on the Zynq-7000 SoC and I would like to get any feedback
from others.
The stub still has these issues:
- To implement single stepping, it uses instruction address mismatch
breakpoint, as recommended in ARMv7 reference. The breakpoint control
register is configured (the state control fields) for the "PL0,
Supervisor and System modes only" option. Otherwise the breakpoint
would also halt the processor in abort mode, in which the stub loop
runs. Zephyr kernel runs in the system mode. This works well until the
kernel enables interrupts, as interrupt handlers typically run in
Supervisor mode. Single stepping therefore sometimes "catches" a
handler instead of the next application instruction. I have not tried
User mode, because Cortex-A SoCs do not appear to have the
ARCH_HAS_USERSPACE flag.
Cc: Michal Sojka <michal.sojka@cvut.cz>
Signed-off-by: Marek Vedral <marek.vedral@gmail.com>
The only difference in the two enums are some entries related to
relocation sections. However, these entries are not used in the
code, so they can be safely removed, along with the mapping function.
Use LLEXT_MEM_* to avoid confusion with low-level "section" names.
Signed-off-by: Luca Burelli <l.burelli@arduino.cc>
Change exception code to use LOG_ERR and align with all other
architectures when CONFIG_EXCEPTION_DEBUG is enabled.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
It should be possible to disable exception debug, which is enabled by
default to reduce image size. Add missing guards now that the option is
cross architecture.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Rename xtensa_asm2.c to have a more meaningful name to actually
reflect the content of the file. This file is mostly about
handling interrupts and exceptions (via the predefined vectors
in Xtensa core).
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Fold z_arch_get_next_switch_handle() into return_to(). This is
not exactly an arch interface, and is simple enough to be
moved into return_to().
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
This gets rid of the z_ prefix.
Note that z_xt_*() are being used by the HAL so they cannot be
renamed.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
This follows the idea to remove any z_ prefix. Since MMU has
a large number of these, separate out these changes into one
commit to ease review effort.
Since these are no longer have z_, these need proper doxygen
doc. So add them too.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
z_xtensa_dump_stack() and z_xtensa_exccause() are both arch
internal functions that should not be exposed in public API.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Header files under arch/xtensa/include are considered internal
to architecture. There is really no need for two places to
house architecture internal header files.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
... from xtensa_asm2.c. Other architectures have
z_irq_spurious() and *_irq_is_enabled() test in irq_manage.c.
So follow the trend here.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
... from xtensa_asm2.c.
Everything has been stuffed inside xtensa_asm2.c where
they are all mangled together. So extract thread related
stuff into its own file.
Note that arch_float_*() may not be thread related but
most other architectures put them into thread.c. So we
also do it here.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
arch_spin_relax() does not really fit into the scheme of
xtensa_asm2.c as it is mainly about handling interrupts
and exceptions. So move it into smp.c, similar to other
architectures which arch_spin_relax() defined.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Simply to provide some consistencies on file naming under
arch/xtensa.
These are all internally used files and are not public.
So there is no need to provide a deprecation path for
them.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
xtensa-asm2.h only contains the function declaration of
xtensa_init_stack() which is only used in one file. So
make the actual implementation a static function in that
file. Also there is really no need to expose stack init
function as arch public API. So remove xtensa-asm2.h.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
* Wording on CONFIG_SIMULATOR_XTENSA
* Remove "default n" as default is no anyway.
* Remove some tabs as we almost never indent inside a if block
in Zephyr.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
There is no in-tree user. Also, it is misleading as we use
SCOMPARE1 for spinlock too, not just IPC.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
CONFIG_SYS_CLOCK_HW_CYCLES_PER_SEC should be defined at the SoC
or the board level since Xtensa cores are high configurable.
The default is just for ISS (Instruction Set Simulator). So
remove it from the arch level.
The xt-sim board is the only one in tree that is targeting
the ISS, so add it there.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
We follow the path of the header to define the guard, aarch32 was
removed some time ago and the guards still had AARCH32 in them, just
remove it and keep the guard consistent and short.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Instruction cache related functions (see include/zephyr/arch/cache.h)
are not implemented in x86, thus let's not set CONFIG_CPU_HAS_ICACHE
which may end up in build failure if one sets CONFIG_ICACHE.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
It did not build in x86_64 due to the fact that cr0 is a 64bits
register in such architecture, instead of being a 32bits one originaly
so the place holder has to follow that size. Such place holder must be
initialized to 0 to make sure no upper 32 bits ends up set which would
conclude in a general protection error.
Operand size specifier (l, q ...) is useless as well in this context.
Clearing up the masks by using proper macros.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Fix the way we read the current l1 page table set in the mmu.
We use it check if the current page table is different from the
running thread.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
We use ptevaddr_get to know the address the page table is set.
It happens that for this use, we should just use the ptebase field
of ptevaddr register.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The ring field in the pte mapping a memory partition should
be based in the partition attribute and not in the domain
asid that is used only to set the ASID (in RASID) position for
user ring.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The arm_core_tz.c trustzone driver was developed by Nordic and was
previously used by Nordic, but it is not used by us any more. Since we
stopped using it I can see that it has bit rotted (the include path
for tz.h is not available), so no else has started using it either
evidently.
Remove the broken and dead code.
We keep the HAS_ARM_SAU Kconfig as it is selected by a myriad of
platforms and determines if __SAUREGION_PRESENT is defined. I have
been unable to prove that this define is also unused.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Add `BUILD_ASSERT`s to make sure that the interrupt bits
allocated to each levels are enough to cover the number of
IRQs in each respective level.
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
Assert that the `local_irq` of each levels should only ranges
from `0` to `CONFIG_MAX_IRQ_PER_AGGREGATOR`, so that it doesn't
overflow the other aggregators.
Also, assert that the output of `z_get_sw_isr_table_idx` shouldn't
overflow the ISR table.
Update the `sw_isr_table` tests to test the range of
`CONFIG_MAX_IRQ_PER_AGGREGATOR` instead of the entire range of
level bits.
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
The `CAT_3RD_LVL_LIST` macro is only used when
`CONFIG_3RD_LEVEL_INTERRUPTS` is enabled, so move it into the
compiler guard.
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
The `irq` argument of the `Z_IF_DT_INTC_IRQN_EQ` macro
coincides with the `'irq'` argument passed into the `DT_IRQ`
macro, the former was supposed to be a number, while the latter
is a string/type, together this means that it was intepreted
as:
```c
DT_IRQ(node_id, <some_number>)
```
instead of
```c
DT_IRQ(node_id, irq)
```
as intended, so the macros never managed to match a device with
the IRQ properly, resulting in the `dev` member of the table
being NULL.
Solve this by renaming all the `irq` args in the macros to
`_irq` to avoid mixed usage.
Signed-off-by: Yong Cong Sin <ycsin@meta.com>
The comment applies to all POSIX arch based targets,
not just native_posix.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Add GDBSTUB_TRACE config option to extend GDB backend debug logging
for remote commands received and to debug the GDB stub itself.
Signed-off-by: Dmitrii Golovanov <dmitrii.golovanov@intel.com>
Some libraries (like Openthread's spinel code) define their
API as externally linkable. This will make those symbols
remain as externally linkable by default after the
Zephyr build has produced the native simulator library
(MCU code).
When building an AMP native_simulator executable with
several MCUs each including these, the linker will see
those symbols as still linkable and duplicated, and
throw an error.
So let's give the option for users/developers of those
libraries to define extra symbols they want
to localize before assembling the final executable.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Remove old outdated include, causing build error. The acpi.h is not
needed since it is already included if ACPI is enabled and
INTEL_VTD_ICTL depends on ACPI.
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Caches are optional on cortex-m7, having CPU_HAS_*CACHE in CPU_CORTEX_M7
definition renders them mandatory.
Signed-off-by: Wilfried Chauveau <wilfried.chauveau@arm.com>
Use the returned reason from the secure fault handle function.
I see no reason why this was ignored, and it is used in the hardfault
handler.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add support for relocating local symbols, as specified in the
.rela.dyn section.
Signed-off-by: Guennadi Liakhovetski <guennadi.liakhovetski@linux.intel.com>
io_mapped seems to always exist even though it's not set anywhere, so
testing if it is different to 0 to actually define
UART_IS_IOPORT_ACCESS.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Most x86 build configurations enable the UART console. Since EFI console
has also defaulted to enabled, this means that the EFI covers the early
part of the boot until UART takes over.
This is all fine, except that enabling EFI console has the effect of
disabling PRINTK_SYNC. This in turn has the effect of causing garbled
output over UART, which has led to several bug reports on x86 platforms
(in particular on up_squared).
Since EFI console should really only be used for early platform bringup
and debugging purposes, it's not really ideal to unconditionally have it
enabled by default. Instead, change the default enabling to be
conditional to the UART console being disabled.
Fixes#54861Fixes#55071
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
introduce global DSP_SHARING and CPU_HAS_DSP to be used by all
architectures and change existing usage in ARC to use those global
configs.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This PR fixes https://github.com/zephyrproject-rtos/zephyr/issues/64268
MWDT supposes .device_states section as BSS because .device_states
variables defined as uninitialized. This causes the section marked
as NOLOAD section and OpenOCD does not take it in account while
flashing it into board memory.
Finally .device_states variables becomes initialized with garbage
from RAM.
In this PR it's suggested to clean .device_states in early init stage.
Signed-off-by: Nikolay Agishev <agishev@synopsys.com>
This moves including of demand_paging.h out of kernel/mm.h,
so that users of demand paging APIs must include the header
explicitly. Since the main user is kernel itself, we can be
more discipline about header inclusion.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Remove limitation of enabling FP when building TF-M NS application.
FP support have been fixed in the tf-m-tests repository for NS
application.
Board support for NS executable may still be lacking for some boards.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Despite what the TF-M documentation says about SFN model not supporting
Floating Point, it does support it, according to TF-M developers.
Remove SFN limitation not supported with FP Hard ABI.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Annotate posix_exit() and nsi_exit() as noreturn
mainly to ease the life of static analysis tools.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Andy Ross re-implementation of MMU layer with some subtle changes,
like re-using existent macros, fix page table cache property when
direct mapping it in TLB.
From Andy's original commit message:
This is a reworked MMU layer, sitting cleanly below the page table
handling in the OS. Notable differences from the original work:
+ Significantly smaller code and simpler API (just three functions to
be called from the OS/userspace/ptable layer).
+ Big README-MMU document containing my learnings over the process, so
hopefully fewer people need to go through this in the future.
+ No TLB flushing needed. Clean separation of ASIDs, just requires
that the upper levels match the ASID to the L1 page table page
consistently.
+ Vector mapping is done with a 4k page and not a 4M page, leading to
much more flexibility with hardware memory layout. The original
scheme required that the 4M region containing vecbase be mapped
virtually to a location other than the hardware address, which makes
confusing linkage with call0 and difficult initialization
constraints where the exception vectors run at different addresses
before and after MMU setup (effectively forcing them to be PIC
code).
+ More provably correct initialization, all MMU changes happen in a
single asm block with no memory accesses which would generate a
refill.
Signed-off-by: Andy Ross <andyross@google.com>
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This file doesn't need the asm2 header, and the preprocessor logic
around whether to include the backtrace header is needless (all it
does is declare functions).
Signed-off-by: Andy Ross <andyross@google.com>
Add a Kconfig option (and build warning) alerting about the problem
of the kernel spilling register in behave of the userspace.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Use thread local storage to check whether or not a thread is running
in user mode. This allows to use threadptr to properly support tls.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Only clear the user stack to 0xAA if CONFIG_INIT_STACKS is
enabled. Otherwise, write 0x00 as if the stack is in BSS.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
During arch_kernel_init(), the interrupt stack is being
initialized. However, if the current in-use stack is
the interrupt stack, it would wipe all the data up to
that point in stack, and might result in crash. So skip
initializing the interrupt stack if the current stack
pointer is within the boundary of interrupt stack.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
We need to use the mmu spin lock when invalidating the cache during
tlb shootdown, otherwise it is possible that this happens when another
thread is updating the page tables.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
When the target has a cache way size (cache size / cache wasy) bigger
than the page size we have cache aliasing, since the number of bits
required by the cache index is bigger than the number of bits in the page
offset.
To avoid this problem we flush the whole cache on context switch or when
the current page table is changed.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Swap page tables at exit of exception handler if we are going to
be restored to another thread context. Or else we would be using
the outgoing thread's page tables which is not going to work
correctly due to mapping and permissions.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
When adding a thread to a memory domain, we need to also update
the mapped page table if it is the current running thread on
the same CPU. If it's not on the same CPU, we need to notify
the other CPUs in case the thread is running in one of them.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
After changing content of page table(s), it is needed to notify
the other CPUs that the page table(s) have been changed so they
can do the necessary steps to use the updated version. Note that
the actual way to send IPI is SoC specific as Xtensa does not
have a common way to do this at the moment.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
When kernel OOPS is raised, we need to actually go through
the process of terminating the offending thread, instead of
simply printing the stack and continue running. This change
employs similar mechanism to xtensa_arch_except() to use
illegal instruction to raise hardware exception, and going
through the fatal exception path.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Trigger exception on Xtensa requires kernel privileges. Add
a new syscall that is used when ARCH_EXCEPT is invoked from userspace.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This extracts the printing of fatal exception information into
its own function to declutter xtensa_excint1_c().
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
There are known exceptions which are not fatal, and we need to
handle them properly by returning to the fixup addresses as
indicated. This adds the code necessary in the exception
handler for this situation.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
When MMU is enabled, we need some scratch registers to preload
page table entries. So update gen_zsr.py to that.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This changes the TLB misses handling back to the assembly
in user exception, and any page faults during TLB misses to be
handled in double exception handler. This should speed up
simple TLB miss handling as we don't have to go all the way to
the C handler.
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Userspace support for Xtensa architecture using Xtensa MMU.
Some considerations:
- Syscalls are not inline functions like in other architectures because
some compiler issues when using multiple registers to pass parameters
to the syscall. So here we have a function call so we can use
registers as we need.
- TLS is not supported by xcc in xtensa and reading PS register is
a privileged instruction. So, we have to use threadptr to know if a
thread is an user mode thread.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Simplify the logic around xtensa_mmu_init.
- Do not have a different path to init part of kernel
- Call xtensa_mmu_init from C
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Replace all autorefill helpers with only one that invalidates both,
DTLB and ITLB, since that is what is really needed.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This register alias was originally introduced to allow A0 to be used
as a scratch register when handling exceptions from MOVSP
instructions. (It replaced some upstream code from Cadence that
hard-coded EXCSAVE1). Now the MMU code is now using too, and for
exactly the same purpose.
Calling it "ALLOCA" is only confusing. Rename it to make it clear
what it's doing.
Signed-off-by: Andy Ross <andyross@google.com>
TF-M only suports floating point in IPC model, not the SFN model.
Since floating point is a basic feature of the architecture and TF-M
has the limitation it makes more sense for the dependency to exist in
TF-M and and limit the TF-M model choice instead of limiting the
option to enable floating point.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
