Invalidate TLB entries during warm boot

During the warm boot sequence:

1. The MMU is enabled with the data cache disabled. The MMU table walker
   is set up to access the translation tables as in cacheable memory,
   but its accesses are non-cacheable because SCTLR_EL3.C controls them
   as well.
2. The interconnect is set up and the CPU enters coherency with the
   rest of the system.
3. The data cache is enabled.

If the support for dynamic translation tables is enabled and another CPU
makes changes to a region, the changes may only be present in the data
cache, not in RAM. The CPU that is booting isn't in coherency with the
rest of the system, so the table walker of that CPU isn't either. This
means that it may read old entries from RAM and it may have invalid TLB
entries corresponding to the dynamic mappings.

This is not a problem for the boot code because the mapping is 1:1 and
the regions are static. However, the code that runs after the boot
sequence may need to access the dynamically mapped regions.

This patch invalidates all TLBs during warm boot when the dynamic
translation tables support is enabled to prevent this problem.

Change-Id: I80264802dc0aa1cb3edd77d0b66b91db6961af3d
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

diff --git a/lib/psci/aarch32/psci_helpers.S b/lib/psci/aarch32/psci_helpers.S
index 9373d4f1654d5a3da9f920ee5daa6ecd0438a83f..a29a29c4937bb9e544df156c212066641d5778d4 100644 (file)
--- a/lib/psci/aarch32/psci_helpers.S
+++ b/lib/psci/aarch32/psci_helpers.S
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -91,6 +91,28 @@ func psci_do_pwrup_cache_maintenance
        stcopr  r0, SCTLR
        isb
 
+#if PLAT_XLAT_TABLES_DYNAMIC
+       /* ---------------------------------------------
+        * During warm boot the MMU is enabled with data
+        * cache disabled, then the interconnect is set
+        * up and finally the data cache is enabled.
+        *
+        * During this period, if another CPU modifies
+        * the translation tables, the MMU table walker
+        * may read the old entries. This is only a
+        * problem for dynamic regions, the warm boot
+        * code isn't affected because it is static.
+        *
+        * Invalidate all TLB entries loaded while the
+        * CPU wasn't coherent with the rest of the
+        * system.
+        * ---------------------------------------------
+        */
+       stcopr  r0, TLBIALL
+       dsb     ish
+       isb
+#endif
+
        pop     {r12, pc}
 endfunc psci_do_pwrup_cache_maintenance
 

diff --git a/lib/psci/aarch64/psci_helpers.S b/lib/psci/aarch64/psci_helpers.S
index afe21ebe4b1018e35cf8bea85621c3aa7b05c7b8..d37ca764a5b97ea42a5d16e047fb1af04ba19b73 100644 (file)
--- a/lib/psci/aarch64/psci_helpers.S
+++ b/lib/psci/aarch64/psci_helpers.S
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2014-2016, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2018, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -115,6 +115,28 @@ func psci_do_pwrup_cache_maintenance
        msr     sctlr_el3, x0
        isb
 
+#if PLAT_XLAT_TABLES_DYNAMIC
+       /* ---------------------------------------------
+        * During warm boot the MMU is enabled with data
+        * cache disabled, then the interconnect is set
+        * up and finally the data cache is enabled.
+        *
+        * During this period, if another CPU modifies
+        * the translation tables, the MMU table walker
+        * may read the old entries. This is only a
+        * problem for dynamic regions, the warm boot
+        * code isn't affected because it is static.
+        *
+        * Invalidate all TLB entries loaded while the
+        * CPU wasn't coherent with the rest of the
+        * system.
+        * ---------------------------------------------
+        */
+       tlbi    alle3
+       dsb     ish
+       isb
+#endif
+
        ldp     x29, x30, [sp], #16
        ret
 endfunc psci_do_pwrup_cache_maintenance