Commit d55c5f28 authored by Sudeep Holla's avatar Sudeep Holla Committed by Will Deacon
Browse files

arm64: smp: disable hotplug on trusted OS resident CPU 



The trusted OS may reject CPU_OFF calls to its resident CPU, so we must
avoid issuing those. We never migrate a Trusted OS and we already take
care to prevent CPU_OFF PSCI call. However, this is not reflected
explicitly to the userspace. Any user can attempt to hotplug trusted OS
resident CPU. The entire motion of going through the various state
transitions in the CPU hotplug state machine gets executed and the
PSCI layer finally refuses to make CPU_OFF call.

This results is unnecessary unwinding of CPU hotplug state machine in
the kernel. Instead we can mark the trusted OS resident CPU as not
available for hotplug, so that the user attempt or request to do the
same will get immediately rejected.

Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will.deacon@arm.com>
Signed-off-by: default avatarSudeep Holla <sudeep.holla@arm.com>
Signed-off-by: default avatarWill Deacon <will@kernel.org>
parent 9ffeb6d0

arch/arm64/include/asm/cpu_ops.h

+3 −0
Original line number Diff line number Diff line
@@ -23,6 +23,8 @@ 
 * @cpu_boot:	Boots a cpu into the kernel.

 * @cpu_postboot: Optionally, perform any post-boot cleanup or necesary

 *		synchronisation. Called from the cpu being booted.

 * @cpu_can_disable: Determines whether a CPU can be disabled based on

 *		mechanism-specific information.

 * @cpu_disable: Prepares a cpu to die. May fail for some mechanism-specific

 * 		reason, which will cause the hot unplug to be aborted. Called

 * 		from the cpu to be killed.
@@ -42,6 +44,7 @@ struct cpu_operations { 
	int		(*cpu_boot)(unsigned int);

	void		(*cpu_postboot)(void);

#ifdef CONFIG_HOTPLUG_CPU

	bool		(*cpu_can_disable)(unsigned int cpu);

	int		(*cpu_disable)(unsigned int cpu);

	void		(*cpu_die)(unsigned int cpu);

	int		(*cpu_kill)(unsigned int cpu);

arch/arm64/kernel/psci.c

+6 −0
Original line number Diff line number Diff line
@@ -46,6 +46,11 @@ static int cpu_psci_cpu_boot(unsigned int cpu) 
}



#ifdef CONFIG_HOTPLUG_CPU

static bool cpu_psci_cpu_can_disable(unsigned int cpu)

{

	return !psci_tos_resident_on(cpu);

}



static int cpu_psci_cpu_disable(unsigned int cpu)

{

	/* Fail early if we don't have CPU_OFF support */
@@ -109,6 +114,7 @@ const struct cpu_operations cpu_psci_ops = { 
	.cpu_prepare	= cpu_psci_cpu_prepare,

	.cpu_boot	= cpu_psci_cpu_boot,

#ifdef CONFIG_HOTPLUG_CPU

	.cpu_can_disable = cpu_psci_cpu_can_disable,

	.cpu_disable	= cpu_psci_cpu_disable,

	.cpu_die	= cpu_psci_cpu_die,

	.cpu_kill	= cpu_psci_cpu_kill,

arch/arm64/kernel/setup.c

+10 −1
Original line number Diff line number Diff line
@@ -357,6 +357,15 @@ void __init setup_arch(char **cmdline_p) 
	}

}



static inline bool cpu_can_disable(unsigned int cpu)

{

#ifdef CONFIG_HOTPLUG_CPU

	if (cpu_ops[cpu] && cpu_ops[cpu]->cpu_can_disable)

		return cpu_ops[cpu]->cpu_can_disable(cpu);

#endif

	return false;

}



static int __init topology_init(void)

{

	int i;
@@ -366,7 +375,7 @@ static int __init topology_init(void) 


	for_each_possible_cpu(i) {

		struct cpu *cpu = &per_cpu(cpu_data.cpu, i);

		cpu->hotpluggable = 1;

		cpu->hotpluggable = cpu_can_disable(i);

		register_cpu(cpu, i);

	}

CRA Git | Maintained and supported by SUSTech CRA and CCSE