On Thu, Oct 06, 2016 at 11:41:40PM +0100, Maciej W. Rozycki wrote:
> On Thu, 6 Oct 2016, James Hogan wrote:
> 
> > >  How can we install a handler then when we don't know what the upper 32 
> > > bits of EBase are?
> > 
> > Right now its assumed the default upper 32 bits are sign extension of
> > bit 31 in that case (i.e. thats what upper 32bits are clobbered to). I
> > think the only case where that might not be true would be where WG is
> > implemented and the bootloader has changed them to e.g. somewhere in
> > XKPhys, and then cleared WG. We could catch that most of the time by
> > detecting changed bits 31:30 (as I think you suggested before), but it
> > still isn't watertight (e.g. xkphys+0x80000000), so if in doubt we
> > should probably be sure to allocate our own exception vector instead of
> > guessing at the boot one. What a mess :-(.
> 
>  Does it really matter in reality though?

Good question. The whole thing is based on paranoia really.

> 
>  By keeping EBase unchanged we try to install exception handlers in memory 
> assigned by the firmware.  This may not necessarily be safe.  I think we 
> actually ought to set EBase ourselves, perhaps on a CPU by CPU basis in an 
> MP system, pointing to memory we know we can use at will.  If this is 
> going to consume say a page of memory per CPU, then still I don't think 
> it's a huge waste, and any firmware memory safe to reclaim after boostrap 
> we can use for other purposes.
> 
>  Have I missed anything?

I don't particularly object to always allocating our own vector when
EBase is present. It'd probably break KVM, but that's KVM's fault for
not emulating EBase properly yet.

I suppose there is also an advantage to keeping the bootloader exception
vector as alive as possible at least until Linux has set up its own one,
as it allows early bugs to be caught by the bootloader, which can dump
registers etc and even return to the bootloader prompt.

Cheers
James