Conversation
sangho2
changed the title
sangho2
changed the title
sangho2
changed the title
sangho2
force-pushed
the
sanghle/hypervisor/bootloader
branch
from
7d79944 to
65341b9
Compare
sangho2
changed the title
sangho2
force-pushed
the
sanghle/hypervisor/bootloader
branch
from
a2ff438 to
b77ec38
Compare
sangho2
changed the title
sangho2
force-pushed
the
sanghle/hypervisor/bootloader
branch
from
34085b4 to
fb312be
Compare
|
@sangho2 would it make sense to move the changes to the lvbs platform to a separate PR? |
Sorry. I meant to merge it into the LiteBox repo. :-) |
The are simple bug fixes but I agree that a separate PR makes more sense. |
wdcui
left a comment
wdcui
left a comment
There was a problem hiding this comment.
Thank you for creating this minimal kernel platform, Sangho. I left some minor comments. Please wait for comments from John and Weiteng.
sangho2
force-pushed
the
sanghle/hypervisor/bootloader
branch
2 times, most recently
from
a3977b4 to
62f5896
Compare
sangho2
force-pushed
the
sanghle/hypervisor/bootloader
branch
from
927a573 to
eb4cb38
Compare
|
🤖 SemverChecks 🤖 No breaking API changes detected Note: this does not mean API is unchanged, or even that there are no breaking changes; simply, none of the detections triggered. |
| #[unsafe(naked)] | ||
| unsafe extern "C" fn syscall_entry_wrapper() { | ||
| naked_asm!( | ||
| "swapgs", |
There was a problem hiding this comment.
We may also need to swap stack?
There was a problem hiding this comment.
Yes, definitely.
syscall is pretty tricky to get right in the general case (e.g., what happens if you get an NMI before you swap GS? Does your NMI handler look at GS?). A simpler approach, which we'll take in Coconut initially, is to not enable the syscall instruction, so that a syscall causes a #UD exception. Then, in the #UD handler, you can read two bytes at RIP, and if it's a syscall instruction, you can emulate it. This is slower than syscall but is easier to reason about.
There was a problem hiding this comment.
Now we are using the kernel stack. Disabling syscall sounds interesting.
| "pop r11", | ||
| "pop rbp", | ||
| "swapgs", | ||
| "sysretq", |
There was a problem hiding this comment.
Similar to the syscall side of things, I suggest we start with iret here. I like the way Linux handles this--they treat sysret as an optimization for switching to user mode when rcx == rip and r11 == rflags. It doesn't matter if they entered from an interrupt or exception or syscall, just that the context matches what would happen if they entered via a syscall.
There was a problem hiding this comment.
now we are using iretq instead of sysretq.
| /// Represent a user space pointer to a read-only object | ||
| #[repr(C)] | ||
| #[derive(Clone)] | ||
| pub struct UserConstPtr<T> { |
There was a problem hiding this comment.
Can we use the existing common_providers implementation right away instead of cloning another copy of this?
|
Draft for now. I'll enhance it while transferring portions of it to the LVBS platform. |
sangho2
added
the
must-not-merge:prototype
|
Overall Progress/Plan:
|
sangho2
added
must-not-merge:undergoing-restructuring
4 participants
This PR covers an initial effort to have a minimal LiteBox kernel platform and a test runner to use the kernel platform on top of a virtual machine (i.e., QEMU, KVM) to run a hello-world OP-TEE TA.