metta-systems
/
vesper
1
1
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
vesper/nucleus/src/arch/aarch64/boot.rs

445 lines
13 KiB
Rust
Raw Blame History

/*
* SPDX-License-Identifier: BlueOak-1.0.0
* Copyright (c) Berkus Decker <berkus+vesper@metta.systems>
*
* Based on ideas from Jorge Aparicio, Andre Richter, Phil Oppenheimer, Sergio Benitez.
*/
//! Low-level boot of the Raspberry's processor
//! <http://infocenter.arm.com/help/topic/com.arm.doc.dai0527a/DAI0527A_baremetal_boot_code_for_ARMv8_A_processors.pdf>
use {
crate::endless_sleep,
cortex_a::{asm, regs::*},
};
//use crate::arch::caps::{CapNode, Capability};
// Stack placed before first executable instruction
const STACK_START: u64 = 0x0008_0000; // Keep in sync with linker script
/// Type check the user-supplied entry function.
#[macro_export]
macro_rules! entry {
($path:path) => {
/// # Safety
/// Only type-checks!
#[export_name = "main"]
pub unsafe fn __main() -> ! {
// type check the given path
let f: fn() -> ! = $path;
f()
}
};
}
/// Reset function.
///
/// Initializes the bss section before calling into the user's `main()`.
///
/// # Safety
///
/// Totally unsafe! We're in the hardware land.
#[link_section = ".text.boot"]
unsafe fn reset() -> ! {
extern "C" {
// Boundaries of the .bss section, provided by the linker script
static mut __BSS_START: u64;
static mut __BSS_END: u64;
}
// Zeroes the .bss section
r0::zero_bss(&mut __BSS_START, &mut __BSS_END);
extern "Rust" {
fn main() -> !;
}
main()
}
// [ARMv6 unaligned data access restrictions](https://developer.arm.com/documentation/ddi0333/h/unaligned-and-mixed-endian-data-access-support/unaligned-access-support/armv6-unaligned-data-access-restrictions?lang=en)
// dictates that compatibility bit U in CP15 must be set to 1 to allow Unaligned accesses while MMU is off.
// (In addition to SCTLR_EL1.A being 0)
// See also [CP15 C1 docs](https://developer.arm.com/documentation/ddi0290/g/system-control-coprocessor/system-control-processor-registers/c1--control-register).
// #[link_section = ".text.boot"]
// #[inline]
// fn enable_armv6_unaligned_access() {
// unsafe {
// asm!(
// "mrc p15, 0, {u}, c1, c0, 0",
// "or {u}, {u}, {CR_U}",
// "mcr p15, 0, {u}, c1, c0, 0",
// u = out(reg) _,
// CR_U = const 1 << 22
// );
// }
// }
#[link_section = ".text.boot"]
#[inline]
fn shared_setup_and_enter_pre() {
// Enable timer counter registers for EL1
CNTHCTL_EL2.write(CNTHCTL_EL2::EL1PCEN::SET + CNTHCTL_EL2::EL1PCTEN::SET);
// No virtual offset for reading the counters
CNTVOFF_EL2.set(0);
// Set System Control Register (EL1)
// Make memory non-cacheable and disable MMU mapping.
// Disable alignment checks, because Rust fmt module uses a little optimization
// that happily reads and writes half-words (ldrh/strh) from/to unaligned addresses.
SCTLR_EL1.write(
SCTLR_EL1::I::NonCacheable
+ SCTLR_EL1::C::NonCacheable
+ SCTLR_EL1::M::Disable
+ SCTLR_EL1::A::Disable
+ SCTLR_EL1::SA::Disable
+ SCTLR_EL1::SA0::Disable,
);
// enable_armv6_unaligned_access();
// Set Hypervisor Configuration Register (EL2)
// Set EL1 execution state to AArch64
// @todo Explain the SWIO bit (SWIO hardwired on Pi3)
HCR_EL2.write(HCR_EL2::RW::EL1IsAarch64 + HCR_EL2::SWIO::SET);
}
#[link_section = ".text.boot"]
#[inline]
fn shared_setup_and_enter_post() -> ! {
// Set up SP_EL1 (stack pointer), which will be used by EL1 once
// we "return" to it.
SP_EL1.set(STACK_START);
// Use `eret` to "return" to EL1. This will result in execution of
// `reset()` in EL1.
asm::eret()
}
/// Real hardware boot-up sequence.
///
/// Prepare and execute transition from EL2 to EL1.
#[link_section = ".text.boot"]
#[inline]
fn setup_and_enter_el1_from_el2() -> ! {
// Set Saved Program Status Register (EL2)
// Set up a simulated exception return.
//
// Fake a saved program status, where all interrupts were
// masked and SP_EL1 was used as a stack pointer.
SPSR_EL2.write(
SPSR_EL2::D::Masked
+ SPSR_EL2::A::Masked
+ SPSR_EL2::I::Masked
+ SPSR_EL2::F::Masked
+ SPSR_EL2::M::EL1h, // Use SP_EL1
);
// Make the Exception Link Register (EL2) point to reset().
ELR_EL2.set(reset as *const () as u64);
shared_setup_and_enter_post()
}
/// QEMU boot-up sequence.
///
/// Processors enter EL3 after reset.
/// ref: http://infocenter.arm.com/help/topic/com.arm.doc.dai0527a/DAI0527A_baremetal_boot_code_for_ARMv8_A_processors.pdf
/// section: 5.5.1
/// However, GPU init code must be switching it down to EL2.
/// QEMU can't emulate Raspberry Pi properly (no VC boot code), so it starts in EL3.
///
/// Prepare and execute transition from EL3 to EL1.
/// (from https://github.com/s-matyukevich/raspberry-pi-os/blob/master/docs/lesson02/rpi-os.md)
#[cfg(qemu)]
#[link_section = ".text.boot"]
#[inline]
fn setup_and_enter_el1_from_el3() -> ! {
// Set Secure Configuration Register (EL3)
SCR_EL3.write(SCR_EL3::RW::NextELIsAarch64 + SCR_EL3::NS::NonSecure);
// Set Saved Program Status Register (EL3)
// Set up a simulated exception return.
//
// Fake a saved program status, where all interrupts were
// masked and SP_EL1 was used as a stack pointer.
SPSR_EL3.write(
SPSR_EL3::D::Masked
+ SPSR_EL3::A::Masked
+ SPSR_EL3::I::Masked
+ SPSR_EL3::F::Masked
+ SPSR_EL3::M::EL1h, // Use SP_EL1
);
// Make the Exception Link Register (EL3) point to reset().
ELR_EL3.set(reset as *const () as u64);
shared_setup_and_enter_post()
}
/// Entrypoint of the processor.
///
/// Parks all cores except core0 and checks if we started in EL2/EL3. If
/// so, proceeds with setting up EL1.
///
/// This is invoked from the linker script, does arch-specific init
/// and passes control to the kernel boot function reset().
///
/// Dissection of various RPi core boot stubs is available
/// [here](https://leiradel.github.io/2019/01/20/Raspberry-Pi-Stubs.html).
///
#[no_mangle]
#[link_section = ".text.boot.entry"]
pub unsafe extern "C" fn _boot_cores() -> ! {
const CORE_0: u64 = 0;
const CORE_MASK: u64 = 0x3;
// Can't match values with dots in match, so use intermediate consts.
#[cfg(qemu)]
const EL3: u64 = CurrentEL::EL::EL3.value;
const EL2: u64 = CurrentEL::EL::EL2.value;
const EL1: u64 = CurrentEL::EL::EL1.value;
// Set stack pointer. Used in case we started in EL1.
SP.set(STACK_START);
shared_setup_and_enter_pre();
if CORE_0 == MPIDR_EL1.get() & CORE_MASK {
match CurrentEL.get() {
#[cfg(qemu)]
EL3 => setup_and_enter_el1_from_el3(),
EL2 => setup_and_enter_el1_from_el2(),
EL1 => reset(),
_ => endless_sleep(),
}
}
// if not core0 or not EL3/EL2/EL1, infinitely wait for events
endless_sleep()
}
/*
// caps and mem regions init
enum KernelInitError {}
fn map_kernel_window() {}
/**
* This and only this function initialises the CPU.
* It does NOT initialise any kernel state.
*/
fn init_cpu() -> Result<(), KernelInitError> {
activate_global_pd();
}
/**
* This and only this function initialises the platform.
* It does NOT initialise any kernel state.
*/
fn init_plat() -> Result<(), KernelInitError> {
initIRQController();
initTimer();
initL2Cache();
}
fn arch_init_freemem() -> Result<(), KernelInitError> {
unimplemented!();
}
fn create_domain_cap() -> Result<(), KernelInitError> {
unimplemented!();
}
fn init_irqs() -> Result<(), KernelInitError> {
for (irq_t i = 0; i <= maxIRQ; i++) {
setIRQState(IRQInactive, i);
}
setIRQState(IRQTimer, GPT9_IRQ);
/* provide the IRQ control cap */
write_slot((((slot_ptr_t)((pptr_t)cap_get_capPtr(root_cnode_cap))) + (seL4_CapIRQControl)), cap_irq_control_cap_new());
}
fn create_bootinfo_cap() -> Result<(), KernelInitError> {
unimplemented!();
}
fn create_asid_pool_for_initial_thread() -> Result<(), KernelInitError> {
unimplemented!();
}
fn create_idle_thread() -> Result<(), KernelInitError> {
unimplemented!();
}
fn clean_invalidate_l1_caches() -> Result<(), KernelInitError> {
unimplemented!();
}
fn create_initial_thread() -> Result<(), KernelInitError> {
unimplemented!();
}
fn init_core_state(_: Result<(), KernelInitError>) -> Result<(), KernelInitError> {
unimplemented!();
}
fn create_untypeds() -> Result<(), KernelInitError> {
unimplemented!();
}
fn finalise_bootinfo() -> Result<(), KernelInitError> {
unimplemented!();
}
fn invalidate_local_tlb() -> Result<(), KernelInitError> {
unimplemented!();
}
fn lock_kernel_node() -> Result<(), KernelInitError> {
unimplemented!();
}
fn schedule() {
unimplemented!();
}
fn activate_thread() {
unimplemented!();
}
#[link_section = ".text.boot"]
// #[used]
fn try_init_kernel() -> Result<(), KernelInitError> {
map_kernel_window();
init_cpu()?;
init_plat()?;
println!("Booting kernel");
init_free_memory()?; // arch_init_freemem()
let root_capnode_cap = create_root_capnode()?;
create_domain_cap(root_capnode_cap);
// ...create IRQ CapNode...
init_irqs(root_capnode_cap)?;
//fill in boot info and
// create bootinfo frame
// create initial address space covering init thread
// user image and ipc buffer and bootinfo frame
// create and map bootinfo frame cap
create_bootinfo_cap();
// create initial thread IPC buffer
// create userland image frames
// create initial thread ASID pool
let it_asid_pool_cap = create_asid_pool_for_initial_thread(root_capnode_cap)?;
// create the idle thread
create_idle_thread()?;
/* Before creating the initial thread (which also switches to it)
* we clean the cache so that any page table information written
* as a result of calling create_frames_of_region will be correctly
* read by the hardware page table walker */
clean_invalidate_l1_caches();
let it = create_initial_thread(root_capnode_cap)?;
/* create all of the untypeds. Both devices and kernel window memory */
create_untypeds(root_capnode_cap)?;
finalise_bootinfo();
/* make everything written by the kernel visible to userland. Cleaning to PoC is not
* strictly neccessary, but performance is not critical here so clean and invalidate
* everything to PoC */
clean_invalidate_l1_caches();
invalidate_local_tlb();
/* Export selected CPU features for access by EL0 */
arch_init_user_access();
Ok(())
}
fn try_init_kernel_secondary_core() -> Result<(), KernelInitError>
{
init_cpu();
/* Enable per-CPU timer interrupts */
maskInterrupt(false, KERNEL_TIMER_IRQ);
lock_kernel_node;
ksNumCPUs++; // increase global cpu counter - this should be done differently?
init_core_state(SchedulerAction_ResumeCurrentThread);
Ok(())
}
fn init_kernel() {
try_init_kernel()?;
// or for AP:
// try_init_kernel_secondary_core();
schedule();
activate_thread();
}
const CONFIG_ROOT_CAPNODE_SIZE_BITS: usize = 12;
const wordBits: usize = 64;
fn create_root_capnode() -> Capability // Attr(BOOT_CODE)
{
// write the number of root CNode slots to global state
boot_info.max_slot_pos = 1 << CONFIG_ROOT_CAPNODE_SIZE_BITS; // 12 bits => 4096 slots
// seL4_SlotBits = 32 bytes per entry, 4096 entries =>
// create an empty root CapNode
// this goes into the kernel startup/heap memory (one of the few items that kernel DOES allocate).
let region_size = core::mem::size_of::<Capability> * boot_info.max_slot_pos; // 12 + 5 => 131072 (128Kb)
let pptr = alloc_region(region_size); // GlobalAllocator::alloc_zeroed instead?
if pptr.is_none() {
println!("Kernel init failing: could not create root capnode");
return Capability(NullCap::Type::value);
}
let Some(pptr) = pptr;
memzero(pptr, region_size); // CTE_PTR(pptr) ?
// transmute into a type? (you can use ptr.write() to just write a type into memory location)
let cap = CapNode::new_root(pptr);
// this cnode contains a cap to itself...
/* write the root CNode cap into the root CNode */
// @todo rootCapNode.write_slot(CapInitThreadCNode, cap); -- where cap and rootCapNode are synonyms!
write_slot(SLOT_PTR(pptr, seL4_CapInitThreadCNode), cap);
cap // reference to pptr is here
}
*/
// create initial thread
// - vspace
// - cpace
// - tcb
//
// requires:
// - alloc_region
// - copy_global_mappings
// - create pt/pd caps -- this is arch-specific?
// - root capnode with write_slot()
//
// init thread domain = 0
// init thread asid = 1 (asidInvalid = 0)
//
Reference in New Issue View Git Blame Copy Permalink