OpenCloudOS-Kernel/drivers/of
Andre Przywara df5cd36987 of/fdt: Ignore disabled memory nodes
When we boot a machine using a devicetree, the generic DT code goes
through all nodes with a 'device_type = "memory"' property, and collects
all memory banks mentioned there. However it does not check for the
status property, so any nodes which are explicitly "disabled" will still
be added as a memblock.
This ends up badly for QEMU, when booting with secure firmware on
arm/arm64 machines, because QEMU adds a node describing secure-only
memory:
===================
	secram@e000000 {
		secure-status = "okay";
		status = "disabled";
		reg = <0x00 0xe000000 0x00 0x1000000>;
		device_type = "memory";
	};
===================

The kernel will eventually use that memory block (which is located below
the main DRAM bank), but accesses to that will be answered with an
SError:
===================
[    0.000000] Internal error: synchronous external abort: 96000050 [#1] PREEMPT SMP
[    0.000000] Modules linked in:
[    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 5.18.0-rc6-00014-g10c8acb8b679 #524
[    0.000000] Hardware name: linux,dummy-virt (DT)
[    0.000000] pstate: 200000c5 (nzCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[    0.000000] pc : new_slab+0x190/0x340
[    0.000000] lr : new_slab+0x184/0x340
[    0.000000] sp : ffff80000a4b3d10
....
==================
The actual crash location and call stack will be somewhat random, and
depend on the specific allocation of that physical memory range.

As the DT spec[1] explicitly mentions standard properties, add a simple
check to skip over disabled memory nodes, so that we only use memory
that is meant for non-secure code to use.

That fixes booting a QEMU arm64 VM with EL3 enabled ("secure=on"), when
not using UEFI. In this case the QEMU generated DT will be handed on
to the kernel, which will see the secram node.
This issue is reproducible when using TF-A together with U-Boot as
firmware, then booting with the "booti" command.

When using U-Boot as an UEFI provider, the code there [2] explicitly
filters for disabled nodes when generating the UEFI memory map, so we
are safe.
EDK/2 only reads the first bank of the first DT memory node [3] to learn
about memory, so we got lucky there.

[1] https://github.com/devicetree-org/devicetree-specification/blob/main/source/chapter3-devicenodes.rst#memory-node (after the table)
[2] https://source.denx.de/u-boot/u-boot/-/blob/master/lib/fdtdec.c#L1061-1063
[3] https://github.com/tianocore/edk2/blob/master/ArmVirtPkg/PrePi/FdtParser.c

Reported-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Rob Herring <robh@kernel.org>
Link: https://lore.kernel.org/r/20220517101410.3493781-1-andre.przywara@arm.com
2022-05-17 13:06:32 -05:00
..
unittest-data of: overlay: unittest: add tests for overlay notifiers 2022-05-03 11:53:15 -05:00
Kconfig of: net: move of_net under net/ 2021-10-07 13:39:51 +01:00
Makefile of: net: move of_net under net/ 2021-10-07 13:39:51 +01:00
address.c of: Move of_dma_set_restricted_buffer() into device.c 2021-08-23 06:32:02 -04:00
base.c Revert "of: base: Introduce of_alias_get_alias_list() to check alias IDs" 2022-03-21 11:35:29 -05:00
device.c of: Check 'of_node_reused' flag on of_match_device() 2022-01-20 12:55:26 -06:00
dynamic.c of: Add missing 'Return' section in kerneldoc comments 2021-03-27 12:59:03 -06:00
fdt.c of/fdt: Ignore disabled memory nodes 2022-05-17 13:06:32 -05:00
fdt_address.c of: Use SPDX license tag for DT files 2018-01-08 08:22:45 -06:00
irq.c of/irq: Use interrupts-extended to find parent 2022-04-12 13:21:16 -05:00
kexec.c memblock: rename memblock_free to memblock_phys_free 2021-11-06 13:30:41 -07:00
kobj.c of: kobj: make of_node_is_(initialized|attached) parameters const 2021-10-20 13:37:25 -05:00
of_numa.c of, numa: Fetch empty NUMA node ID from distance map 2021-10-04 13:13:44 -05:00
of_private.h of: kobj: make of_node_is_(initialized|attached) parameters const 2021-10-20 13:37:25 -05:00
of_reserved_mem.c cma: factor out minimum alignment requirement 2022-03-22 15:57:05 -07:00
overlay.c of: overlay: do not free changeset when of_overlay_apply returns error 2022-05-03 11:53:15 -05:00
pdt.c of: Remove struct device_node.type pointer 2019-01-10 16:24:44 -06:00
platform.c of/platform: Drop static setup of IRQ resource from DT core 2022-04-04 19:55:03 -05:00
property.c of: of_property_read_string return -ENODATA when !length 2022-04-19 10:19:18 -05:00
resolver.c of: overlay: log the error cause on resolver failure 2020-03-02 11:32:44 -06:00
unittest.c of: overlay: do not free changeset when of_overlay_apply returns error 2022-05-03 11:53:15 -05:00