• Jeenu Viswambharan's avatar
    SDEI: Make dispatches synchronous · cdb6ac94
    Jeenu Viswambharan authored
    
    
    SDEI event dispatches currently only sets up the Non-secure context
    before returning to the caller. The actual dispatch only happens upon
    exiting EL3 next time.
    
    However, for various error handling scenarios, it's beneficial to have
    the dispatch happen synchronously. I.e. when receiving SDEI interrupt,
    or for a successful sdei_dispatch_event() call, the event handler is
    executed; and upon the event completion, dispatcher execution resumes
    after the point of dispatch. The jump primitives introduced in the
    earlier patch facilitates this feature.
    
    With this patch:
    
      - SDEI interrupts and calls to sdei_dispatch_event prepares the NS
        context for event dispatch, then sets a jump point, and immediately
        exits EL3. This results in the client handler executing in
        Non-secure.
    
      - When the SDEI client completes the dispatched event, the SDEI
        dispatcher does a longjmp to the jump pointer created earlier. For
        the caller of the sdei_dispatch_event() in particular, this would
        appear as if call returned successfully.
    
    The dynamic workaround for CVE_2018_3639 is slightly shifted around as
    part of related minor refactoring. It doesn't affect the workaround
    functionality.
    
    Documentation updated.
    
    NOTE: This breaks the semantics of the explicit dispatch API, and any
    exiting usages should be carefully reviewed.
    
    Change-Id: Ib9c876d27ea2af7fb22de49832e55a0da83da3f9
    Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
    cdb6ac94
sdei.rst 14.1 KB