qemu: handle 32-bit address limit

Signed-off-by: Axel Heider <axel.heider@hensoldt.net>
Hensoldt-Cyber · Dec 13, 2022 · dcdab92 · dcdab92
1 parent 2493fc1
commit dcdab92
Show file tree

Hide file tree

Showing 4 changed files with 79 additions and 0 deletions.
diff --git a/src/plat/qemu-arm-virt/config.cmake b/src/plat/qemu-arm-virt/config.cmake
@@ -135,6 +135,13 @@ if(KernelPlatformQEMUArmVirt)
                 # 2 GiB, which seems a good trade-off nowadays. It's sufficient
                 # for test/demo systems, but still something the host can
                 # provide without running short on resources.
+                # The memory starts at 1 GiB (0x40000000), so up to 7 GiB can be
+                # accessed before exceeding the 32-bit address space. For 32-bit
+                # systems, using memory beyond this point is non-trivial. While
+                # the LPAE MMU model supports accessing up to a 1 TiB (40-bit)
+                # physical address space even on 32-bit systems, the 32-bit
+                # version of seL4 can access physical addresses in the 32-bit
+                # range only.
                 set(QEMU_MEMORY "1024")
             endif()
 
@@ -219,6 +226,10 @@ if(KernelPlatformQEMUArmVirt)
 
     list(APPEND KernelDTSList "${QEMU_DTS}" "${CMAKE_CURRENT_LIST_DIR}/overlay-qemu-arm-virt.dts")
 
+    if(KernelSel4ArchAarch32)
+        list(APPEND KernelDTSList "${CMAKE_CURRENT_LIST_DIR}/overlay-qemu-arm-virt32.dts")
+    endif()
+
     if(KernelArmHypervisorSupport OR KernelSel4ArchArmHyp)
         list(APPEND KernelDTSList "${CMAKE_CURRENT_LIST_DIR}/overlay-reserve-vm-memory.dts")
     endif()

diff --git a/src/plat/qemu-arm-virt/overlay-qemu-arm-virt32.dts b/src/plat/qemu-arm-virt/overlay-qemu-arm-virt32.dts
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2022, HENSOLDT Cyber
+ *
+ *  * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/ {
+    reserved-memory {
+        #address-cells = <0x02>;
+        #size-cells = <0x02>;
+        ranges;
+
+        /* This is a hack to:
+         *  - cope with the current inability of the seL4 build scripts to
+         *    handle a full 4 GiB address space without overflows.
+         *  - handle configurations where a 32-bit QEMU has RAM beyond the
+         *    4 GiB border.
+         * Reserving all memory beyond 0xffffffff solves this. It avoids that
+         * the seL4 build scripts generate regions addresses >= 0x100000000,
+         * which break compilation, because such values don't fit into 32-bit
+         * variables used for physical addresses on 32-bit systems.
+         * The long term solution should be a fix in the builds scripts, so:
+         *   - a full 4 GiB address space is usable.
+         *   - everything beyond 4 GiB is ignored.
+         */
+        reserved-memory@ffffffff{
+            reg = < 0x00000000 0xffffffff 0xffffffff 0x00000001 >;
+            no-map;
+        };
+
+    };
+};
diff --git a/src/plat/qemu-riscv-virt/config.cmake b/src/plat/qemu-riscv-virt/config.cmake
@@ -188,6 +188,10 @@ if(KernelPlatformQEMURiscVVirt)
 
     list(APPEND KernelDTSList "${QEMU_DTS}" "${CMAKE_CURRENT_LIST_DIR}/overlay-qemu-riscv-virt.dts")
 
+    if(KernelSel4ArchRiscV32)
+        list(APPEND KernelDTSList "${CMAKE_CURRENT_LIST_DIR}/overlay-qemu-riscv-virt32.dts")
+    endif()
+
     # QEMU emulates a SiFive PLIC/CLINT with 127 interrupt sources by default.
     # The CLINT timer pretends to run at 10 MHz, but this speed may not hold in
     # practical measurements.

diff --git a/src/plat/qemu-riscv-virt/overlay-qemu-riscv-virt32.dts b/src/plat/qemu-riscv-virt/overlay-qemu-riscv-virt32.dts
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2022, HENSOLDT Cyber
+ *
+ *  * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/ {
+    reserved-memory {
+        #address-cells = <0x02>;
+        #size-cells = <0x02>;
+        ranges;
+
+        /* This is a hack to:
+         *  - cope with the current inability of the seL4 build scripts to
+         *    handle a full 4 GiB address space without overflows.
+         *  - handle configurations where a 32-bit QEMU has RAM beyond the
+         *    4 GiB border.
+         * Reserving all memory beyond 0xffffffff solves this. It avoids that
+         * the seL4 build scripts generate regions addresses >= 0x100000000,
+         * which break compilation, because such values don't fit into 32-bit
+         * variables used for physical addresses on 32-bit systems.
+         * The long term solution should be a fix in the builds scripts, so:
+         *   - a full 4 GiB address space is usable.
+         *   - everything beyond 4 GiB is ignored.
+         */
+        reserved-memory@ffffffff{
+            reg = < 0x00000000 0xffffffff 0xffffffff 0x00000001 >;
+            no-map;
+        };
+
+    };
+};