From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mx0b-002e3701.pphosted.com (mx0b-002e3701.pphosted.com [148.163.143.35])
 by mx.groups.io with SMTP id smtpd.web12.15235.1595410532328066176
 for <devel@edk2.groups.io>;
 Wed, 22 Jul 2020 02:35:32 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: hpe.com, ip: 148.163.143.35, mailfrom: prvs=0472e5d610=abner.chang@hpe.com)
Received: from pps.filterd (m0134423.ppops.net [127.0.0.1])
	by mx0b-002e3701.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 06M9XbHV017043;
	Wed, 22 Jul 2020 09:35:31 GMT
Received: from g4t3427.houston.hpe.com (g4t3427.houston.hpe.com [15.241.140.73])
	by mx0b-002e3701.pphosted.com with ESMTP id 32ej9mrajm-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Wed, 22 Jul 2020 09:35:31 +0000
Received: from g4t3433.houston.hpecorp.net (g4t3433.houston.hpecorp.net [16.208.49.245])
	by g4t3427.houston.hpe.com (Postfix) with ESMTP id C9D8266;
	Wed, 22 Jul 2020 09:35:30 +0000 (UTC)
Received: from UB16Abner.asiapacific.hpqcorp.net (unknown [15.119.209.39])
	by g4t3433.houston.hpecorp.net (Postfix) with ESMTP id 558EB5D;
	Wed, 22 Jul 2020 09:35:29 +0000 (UTC)
From: "Abner Chang" <abner.chang@hpe.com>
To: devel@edk2.groups.io
Cc: abner.chang@hpe.com, Daniel Schaefer <daniel.schaefer@hpe.com>,
        Michael D Kinney <michael.d.kinney@intel.com>,
        Liming Gao <liming.gao@intel.com>,
        Leif Lindholm <leif.lindholm@linaro.org>
Subject: [PATCH v2 1/1] BaseLib:Fix RISC-V Supervisor mode (S-Mode) trap handler reentry issue.
Date: Wed, 22 Jul 2020 16:53:51 +0800
Message-Id: <20200722085351.6153-1-abner.chang@hpe.com>
X-Mailer: git-send-email 2.25.0
MIME-Version: 1.0
X-HPE-SCL: -1
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235,18.0.687
 definitions=2020-07-22_04:2020-07-22,2020-07-22 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 spamscore=0
 impostorscore=0 mlxlogscore=921 priorityscore=1501 phishscore=0
 clxscore=1015 malwarescore=0 lowpriorityscore=0 suspectscore=1 bulkscore=0
 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2006250000 definitions=main-2007220072
Content-Transfer-Encoding: quoted-printable

While RISC-V hart is trapped into S-Mode, the S-Mode interrupt
CSR (SIE) is disabled by RISC-V hart. However the (SIE) is enabled
again by RestoreTPL, this causes the second S-Mode trap is triggered
by the machine mode (M-Mode)timer interrupt redirection. The SRET
instruction clear Supervisor Previous Privilege (SPP) to zero
(User mode) in the second S-Mode interrupt according to the RISC-V
spec. Above brings hart to the user mode (U-Mode) when execute
SRET in the nested S-Mode interrupt handler because SPP is set to
User Mode in the second interrupt. Afterward, system runs in U-Mode
and any accesses to S-Mode CSR causes the invalid instruction exception.

Signed-off-by: Abner Chang <abner.chang@hpe.com>
Reviewed-by: Daniel Schaefer <daniel.schaefer@hpe.com>

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Daniel Schaefer <daniel.schaefer@hpe.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
---
 .../Library/BaseLib/RiscV64/RiscVInterrupt.S  | 45 ++++++++++++++++---
 1 file changed, 38 insertions(+), 7 deletions(-)

diff --git a/MdePkg/Library/BaseLib/RiscV64/RiscVInterrupt.S b/MdePkg/Libra=
ry/BaseLib/RiscV64/RiscVInterrupt.S
index 766fcfb9cb..e821124781 100644
--- a/MdePkg/Library/BaseLib/RiscV64/RiscVInterrupt.S
+++ b/MdePkg/Library/BaseLib/RiscV64/RiscVInterrupt.S
@@ -12,21 +12,52 @@ ASM_GLOBAL ASM_PFX(RiscVDisableSupervisorModeInterrupts)
 ASM_GLOBAL ASM_PFX(RiscVEnableSupervisorModeInterrupt)=0D
 ASM_GLOBAL ASM_PFX(RiscVGetSupervisorModeInterrupts)=0D
 =0D
-# define  MSTATUS_SIE    0x00000002=0D
-# define  CSR_SSTATUS    0x100=0D
+#define  SSTATUS_SIE                 0x00000002=0D
+#define  CSR_SSTATUS                 0x100=0D
+#define  SSTATUS_SPP_BIT_POSITION    8=0D
 =0D
+//=0D
+// This routine disables supervisor mode interrupt=0D
+//=0D
 ASM_PFX(RiscVDisableSupervisorModeInterrupts):=0D
-  li   a1, MSTATUS_SIE=0D
-  csrc CSR_SSTATUS, a1=0D
+  add   sp, sp, -(__SIZEOF_POINTER__)=0D
+  sd    a1, (sp)=0D
+  li    a1, SSTATUS_SIE=0D
+  csrc  CSR_SSTATUS, a1=0D
+  ld    a1, (sp)=0D
+  add   sp, sp, (__SIZEOF_POINTER__)=0D
   ret=0D
 =0D
+//=0D
+// This routine enables supervisor mode interrupt=0D
+//=0D
 ASM_PFX(RiscVEnableSupervisorModeInterrupt):=0D
-  li   a1, MSTATUS_SIE=0D
-  csrs CSR_SSTATUS, a1=0D
+  add   sp, sp, -2*(__SIZEOF_POINTER__)=0D
+  sd    a0, (0*__SIZEOF_POINTER__)(sp)=0D
+  sd    a1, (1*__SIZEOF_POINTER__)(sp)=0D
+=0D
+  csrr  a0, CSR_SSTATUS=0D
+  and   a0, a0, (1 << SSTATUS_SPP_BIT_POSITION)=0D
+  bnez  a0, InTrap      // We are in supervisor mode (SMode)=0D
+                        // trap handler.=0D
+                        // Skip enabling SIE becasue SIE=0D
+                        // is set to disabled by RISC-V hart=0D
+                        // when the trap takes hart to SMode.=0D
+=0D
+  li    a1, SSTATUS_SIE=0D
+  csrs  CSR_SSTATUS, a1=0D
+InTrap:=0D
+  ld    a0, (0*__SIZEOF_POINTER__)(sp)=0D
+  ld    a1, (1*__SIZEOF_POINTER__)(sp)=0D
+  add   sp, sp, 2*(__SIZEOF_POINTER__)=0D
   ret=0D
 =0D
+//=0D
+// This routine returns supervisor mode interrupt=0D
+// status.=0D
+//=0D
 ASM_PFX(RiscVGetSupervisorModeInterrupts):=0D
   csrr a0, CSR_SSTATUS=0D
-  andi a0, a0, MSTATUS_SIE=0D
+  andi a0, a0, SSTATUS_SIE=0D
   ret=0D
 =0D
--=20
2.25.0