erebion/coreboot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
coreboot/payloads/libpayload/include/stdlib.h
Julius Werner 702dc50f1d libpayload: ehci: Cache management is hard, let's go copying... 
It turns out that my previous commit to make the EHCI stack cache aware
on ARM devices wasn't quite correct, and the problem is actually much
trickier than I thought. After having some fun with more weird transfer
problems that appear/disappear based on stack alignment, this is my
current worst-case threat model that any cache managing implementation
would need to handle correctly:

Some upper layer calls ehci_bulk() with a transfer buffer on its stack.
Due to stack alignment, it happens to start just at the top of a cache
line, so up to 64 - 4 bytes of ehci_bulk's stack will share that line.
ehci_bulk() calls dcache_clean() and initializes the USB transfer.
Between that point and the call to dcache_invalidate() at the end of
ehci_bulk(), any access to the stack variables in that cache line (even
a speculative prefetch) will refetch the line into the cache. Afterwards
any other access to a random memory location that just happens to get
aliased to the same cache line may evict it again, causing the processor
to write out stale data to the transfer buffer and possibly overwrite
data that has already been received over USB.

In short, any dcache_clean/dcache_invalidate-based implementation that
preserves correctness while allowing any arbitrary (non cache-aligned)
memory location as a transfer buffer is presumed to be impossible.
Instead, this patch causes all transfer data to be copied to/from a
cache-coherent bounce buffer. It will still transfer directly if the
supplied buffer is already cache-coherent, which can be used by callers
to optimize their transfers (and is true by default on x86).

CQ-DEPEND=CL:169170
BUG=chrome-os-partner:21969
TEST=Make sure Snow still boots from the USB 2.0 port.

Change-Id: I112908410bdbc8ca028d44f2f5d388c529f8057f
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/169231
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
2013-09-14 01:31:18 +00:00

153 lines
4.7 KiB
C
Raw Blame History

/*
* This file is part of the libpayload project.
*
* Copyright (C) 2008 Advanced Micro Devices, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef _STDLIB_H
#define _STDLIB_H
#include <stddef.h>
/**
* @defgroup malloc Memory allocation functions
* @{
*/
#if defined(CONFIG_LP_DEBUG_MALLOC) && !defined(IN_MALLOC_C)
#define free(p) \
({ \
extern void print_malloc_map(void); \
extern void free(void *); \
printf("free(%p) called from %s:%s:%d...\n", p, __FILE__, __func__, \
__LINE__);\
printf("PRE free()\n"); \
print_malloc_map(); \
free(p); \
printf("POST free()\n"); \
print_malloc_map(); \
})
#define malloc(s) \
({ \
extern void print_malloc_map(void); \
extern void *malloc(size_t); \
void *ptr; \
printf("malloc(%u) called from %s:%s:%d...\n", s, __FILE__, __func__, \
__LINE__);\
printf("PRE malloc\n"); \
print_malloc_map(); \
ptr = malloc(s); \
printf("POST malloc (ptr = %p)\n", ptr); \
print_malloc_map(); \
ptr; \
})
#define calloc(n,s) \
({ \
extern void print_malloc_map(void); \
extern void *calloc(size_t,size_t); \
void *ptr; \
printf("calloc(%u, %u) called from %s:%s:%d...\n", n, s, __FILE__, \
__func__, __LINE__);\
printf("PRE calloc\n"); \
print_malloc_map(); \
ptr = calloc(n,s); \
printf("POST calloc (ptr = %p)\n", ptr); \
print_malloc_map(); \
ptr; \
})
#define realloc(p,s) \
({ \
extern void print_malloc_map(void); \
extern void *realloc(void*,size_t); \
void *ptr; \
printf("realloc(%p, %u) called from %s:%s:%d...\n", p, s, __FILE__, \
__func__, __LINE__);\
printf("PRE realloc\n"); \
print_malloc_map(); \
ptr = realloc(p,s); \
printf("POST realloc (ptr = %p)\n", ptr); \
print_malloc_map(); \
ptr; \
})
#define memalign(a,s) \
({ \
extern void print_malloc_map(void); \
extern void *memalign(size_t, size_t); \
void *ptr; \
printf("memalign(%u, %u) called from %s:%s:%d...\n", a, s, __FILE__, \
__func__, __LINE__);\
printf("PRE memalign\n"); \
print_malloc_map(); \
ptr = memalign(a,s); \
printf("POST realloc (ptr = %p)\n", ptr); \
print_malloc_map(); \
ptr; \
})
#else
void free(void *ptr);
void *malloc(size_t size);
void *calloc(size_t nmemb, size_t size);
void *realloc(void *ptr, size_t size);
void *memalign(size_t align, size_t size);
#endif
void init_dma_memory(void *start, u32 size);
void *dma_malloc(size_t size);
void *dma_memalign(size_t align, size_t size);
int dma_initialized(void);
int dma_coherent(void *ptr);
/** @} */
/**
* @defgroup stdlib String conversion functions
* @{
*/
long int strtol(const char *s, char **nptr, int base);
unsigned long int strtoul(const char *s, char **nptr, int base);
unsigned long long int strtoull(const char *s, char **nptr, int base);
long atol(const char *nptr);
/** @} */
/**
* @defgroup rand Random number generator functions
* @{
*/
int rand_r(unsigned int *seed);
int rand(void);
void srand(unsigned int seed);
/** @} */
/**
* Stop execution and halt the processor (this function does not return).
*/
void halt(void) __attribute__ ((noreturn));
void exit(int status) __attribute__ ((noreturn));
#define abort() halt() /**< Alias for the halt() function */
/** @} */
void qsort(void *aa, size_t n, size_t es, int (*cmp)(const void *, const void *));
char *getenv(const char*);
#endif
Reference in a new issue View git blame Copy permalink