Attempt a fix for memcpy_trap

checkra1n · Feb 23, 2025 · 8d9ad65 · 8d9ad65
1 parent 4c989fe
commit 8d9ad65
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 40 deletions.
diff --git a/Makefile b/Makefile
@@ -112,7 +112,7 @@ ifdef DEV_BUILD
 endif
 
 # Pongo options
-PONGO_LD_FLAGS              ?= -static -L$(LIB)/fixup -lc -Wl,-preload -Wl,-no_uuid -Wl,-e,start -Wl,-order_file,$(SRC)/sym_order.txt -Wl,-image_base,0x100000000 -Wl,-sectalign,__DATA,__common,0x8 -Wl,-segalign,0x4000 $(PONGO_LDFLAGS)
+PONGO_LD_FLAGS              ?= -static -L$(LIB)/fixup -lc -Wl,-preload -Wl,-no_uuid -Wl,-e,start -Wl,-order_file,$(SRC)/sym_order.txt -Wl,-image_base,0x100000000 -Wl,-sectalign,__DATA,__common,0x10 -Wl,-segalign,0x4000 $(PONGO_LDFLAGS)
 PONGO_CC_FLAGS              ?= -Os -moutline -DPONGO_VERSION='"$(PONGO_VERSION)"' -DPONGO_BUILD='"$(PONGO_BUILD)"' -DPONGO_PRIVATE=1 -I$(SRC)/lib -I$(INC) -Iapple-include -I$(SRC)/kernel -I$(SRC)/drivers $(PONGO_LD_FLAGS) $(PONGO_CFLAGS)
 
 # KPF options

diff --git a/src/kernel/lowlevel.c b/src/kernel/lowlevel.c
@@ -36,19 +36,15 @@ __asm__(
     ".globl _set_vbar_el1\n"
     ".globl __enable_interrupts\n"
     ".globl __disable_interrupts\n"
-    ".globl _get_mpidr\n"
     ".globl _get_migsts\n"
     ".globl _set_migsts\n"
-    ".globl _get_mmfr0\n"
     ".globl _invalidate_icache\n"
     ".globl _enable_mmu_el1\n"
     ".globl _disable_mmu_el1\n"
     ".globl _get_ticks\n"
     ".globl _panic_new_fp\n"
     ".globl _copy_safe_internal\n"
     ".globl _copy_retn\n"
-    ".globl _pan_on\n"
-    ".globl _pan_off\n"
     ".globl _cache_invalidate\n"
     ".globl _cache_clean_and_invalidate\n"
     ".globl _cache_clean\n"
@@ -78,18 +74,12 @@ __asm__(
     "    isb\n"
     "    ret\n"
 
-    "_get_mpidr:\n"
-    "    mrs x0, MPIDR_EL1\n"
-    "    ret\n"
     "_get_migsts:\n"
     "    mrs x0, S3_4_c15_c0_4\n"
     "    ret\n"
     "_set_migsts:\n"
     "    msr S3_4_c15_c0_4, x0\n"
     "    ret\n"
-    "_get_mmfr0:\n"
-    "    mrs x0, id_aa64mmfr0_el1\n"
-    "    ret\n"
     "_invalidate_icache:\n"
     "    dsb ish\n"
     "    ic iallu\n"
@@ -136,12 +126,6 @@ __asm__(
     "    isb sy\n"
     "    mrs x0, cntpct_el0\n"
     "    ret\n"
-    "_pan_on:\n"
-    ".long 0xd500419f\n"
-    "    ret\n"
-    "_pan_off:\n"
-    ".long 0xd500409f\n"
-    "    ret\n"
 
     "_panic_new_fp:\n"
     "    mov x29, 0\n"
@@ -231,31 +215,40 @@ __asm__(
     "   ret\n"
 );
 
+uint64_t exception_stack[0x4000/8] __attribute__((aligned(0x10))) = {};
+uint64_t sched_stack[0x4000/8] __attribute__((aligned(0x10))) = {};
+
 extern void copy_retn(void);
-extern size_t copy_trap_internal(void* dest, void* src, size_t size);
-uint64_t exception_stack[0x4000/8] = {};
-uint64_t sched_stack[0x4000/8] = {};
-size_t memcpy_trap(void* dest, void* src, size_t size) {
+extern size_t copy_trap_internal(void *dest, void *src, size_t size);
+size_t memcpy_trap(void *dest, void *src, size_t size)
+{
     disable_interrupts();
-    if (!task_current()) panic("memcpy_trap requires task_current() to be populated");
-    if (task_current()->fault_catch) panic("memcpy_trap called with fault hook already populated");
-    task_current()->fault_catch = copy_retn;
-    uint64_t ID_MMFR3_EL1;
-    asm volatile("mrs %0, ID_MMFR3_EL1" : "=r"(ID_MMFR3_EL1));
 
-    if (ID_MMFR3_EL1 & 0xF0000) // PAN exists!
+    struct task *t = task_current();
+    if(!t)
+    {
+        panic("memcpy_trap requires task_current() to be populated");
+    }
+    if(t->fault_catch)
+    {
+        panic("memcpy_trap called with fault hook already populated");
+    }
+    t->fault_catch = copy_retn;
+
+    size_t retn;
+    if((__builtin_arm_rsr64("id_aa64mmfr1_el1") & 0xf00000) != 0 && __builtin_arm_rsr64("s3_0_c4_c2_3") != 0) // PAN
     {
-        extern volatile void pan_off(void);
-        pan_off();
+        __asm__ volatile(".4byte 0xd500409f"); // msr pan, 0
+        retn = copy_trap_internal(dest, src, size);
+        __asm__ volatile(".4byte 0xd500419f"); // msr pan, 1
     }
-    size_t retn = copy_trap_internal(dest, src, size);
-    if (ID_MMFR3_EL1 & 0xF0000) // PAN exists!
+    else
     {
-        extern volatile void pan_on(void);
-        pan_on();
+        retn = copy_trap_internal(dest, src, size);
     }
 
-    task_current()->fault_catch = NULL;
+    t->fault_catch = NULL;
+
     enable_interrupts();
     return retn;
 }

diff --git a/src/kernel/pongo.h b/src/kernel/pongo.h
@@ -454,9 +454,7 @@ extern uint32_t exception_vector[];
 extern void set_vbar_el1(uint64_t vec);
 extern void rebase_pc(uint64_t vec);
 extern void rebase_sp(uint64_t vec);
-extern uint64_t get_mmfr0(void);
 extern uint64_t get_migsts(void);
-extern uint64_t get_mpidr(void);
 extern void set_migsts(uint64_t val);
 extern void enable_mmu_el1(uint64_t ttbr0, uint64_t tcr, uint64_t mair, uint64_t ttbr1);
 extern void disable_mmu_el1(void);
@@ -467,13 +465,16 @@ extern uint64_t linear_kvm_alloc(uint32_t size);
 extern void _command_register_internal(const char* name, const char* desc, void (*cb)(const char* cmd, char* args), bool hidden);
 static inline _Bool is_16k(void)
 {
-    return ((get_mmfr0() >> 20) & 0xf) == 0x1;
+    return ((__builtin_arm_rsr64("id_aa64mmfr0_el1") >> 20) & 0xf) == 0x1;
 }
 static inline void flush_tlb(void)
 {
-    __asm__ volatile("isb");
-    __asm__ volatile("tlbi vmalle1\n");
-    __asm__ volatile("dsb sy");
+    __asm__ volatile
+    (
+        "isb\n"
+        "tlbi vmalle1\n"
+        "dsb sy\n"
+    );
 }
 extern void task_real_unlink(struct task* task);
 #include "hal/hal.h"