Xen project Mailing List

Re: [PATCH v3 05/12] xen/riscv: add kernel loading support

To: Oleksii Kurochko <oleksii.kurochko@xxxxxxxxx>

Date: Tue, 21 Apr 2026 10:57:41 +0200

Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=google header.d=suse.com header.i="@suse.com" header.h="Content-Transfer-Encoding:In-Reply-To:Autocrypt:From:Content-Language:References:Cc:To:Subject:User-Agent:MIME-Version:Date:Message-ID"

Autocrypt: addr=jbeulich@xxxxxxxx; keydata= xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A nAuWpQkjM1ASeQwSHEeAWPgskBQL

Cc: Romain Caritey <Romain.Caritey@xxxxxxxxxxxxx>, Alistair Francis <alistair.francis@xxxxxxx>, Connor Davis <connojdavis@xxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

Delivery-date: Tue, 21 Apr 2026 08:57:51 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 10.04.2026 17:54, Oleksii Kurochko wrote: > --- a/xen/arch/riscv/include/asm/config.h > +++ b/xen/arch/riscv/include/asm/config.h > @@ -151,6 +151,19 @@ > extern unsigned long phys_offset; /* = load_start - XEN_VIRT_START */ > #endif > > +/* > + * KERNEL_LOAD_ADDR_ALIGNMENT is defined based on paragraph of > + * "Kernel location" of boot.rst: > + * https://docs.kernel.org/arch/riscv/boot.html#kernel-location I.e. this is entirely Linux-centric? If so, maybe the patch subject should then reflect this? > --- /dev/null > +++ b/xen/arch/riscv/kernel.c > @@ -0,0 +1,230 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > + > +#include <xen/bug.h> > +#include <xen/compiler.h> > +#include <xen/errno.h> > +#include <xen/fdt-kernel.h> > +#include <xen/guest_access.h> > +#include <xen/init.h> > +#include <xen/libfdt/libfdt.h> > +#include <xen/mm.h> > +#include <xen/types.h> > +#include <xen/vmap.h> > + > +#include <asm/setup.h> > + > +#define IMAGE64_MAGIC_V2 0x05435352 /* Magic number 2, le, "RSC\x05" */ > + > +static void __init place_modules(struct kernel_info *info, paddr_t kernbase, > + paddr_t kernend) > +{ > + const struct boot_module *mod = info->bd.initrd; > + const struct membanks *banks = kernel_info_get_mem_const(info); > + const paddr_t initrd_len = ROUNDUP(mod ? mod->size : 0, > + KERNEL_LOAD_ADDR_ALIGNMENT); > + const paddr_t dtb_len = ROUNDUP(fdt_totalsize(info->fdt), > + KERNEL_LOAD_ADDR_ALIGNMENT); > + const paddr_t modsize = initrd_len + dtb_len; > + int bi; Please can variables used for array indexing be of unsigned types? The use ... > + BUG_ON(modsize < initrd_len); > + > + /* > + * Place modules as high in RAM as possible, scanning banks from > + * last to first so that the end of the last bank is preferred. > + */ > + for ( bi = banks->nr_banks - 1; bi >= 0; bi-- ) ... here can easily be replaced: for ( bi = banks->nr_banks; bi-- > 0; ) Or you could have unsigned int bi = banks->nr_banks; ... while ( bi-- > 0 ) . > + { > + const struct membank *bank = &banks->bank[bi]; > + const paddr_t bank_end = bank->start + bank->size; > + paddr_t modbase; > + > + if ( modsize > bank->size ) > + continue; > + > + modbase = ROUNDDOWN(bank_end - modsize, KERNEL_LOAD_ADDR_ALIGNMENT); > + > + if ( modbase < bank->start ) > + continue; > + > + /* > + * If the kernel resides in this bank, ensure modules do not > + * overlap with it. > + */ > + if ( (kernbase >= bank->start) && (kernbase < bank_end) && > + (modbase < ROUNDUP(kernend, KERNEL_LOAD_ADDR_ALIGNMENT)) && > + (modbase + modsize > kernbase) ) > + continue; Can't this be had with only two comparisons? Same bank or not doesn't really matter - if it's different banks, there'll be no overlap anyway. So all you need here is that the module range doesn't overlap the kernel range, entirely independent of the bank. What is dependent on the bank is that the bank may fit both kernel and module even if there is an overlap as per your current calculation: You may be able to place the module below the kernel if it doesn't fit above. > +static paddr_t __init kernel_image_place(struct kernel_info *info) > +{ > + paddr_t load_addr = INVALID_PADDR; > + uint64_t image_size = info->image.image_size ?: info->image.len; > + const struct membanks *banks = kernel_info_get_mem_const(info); > + unsigned int nr_banks = banks->nr_banks; > + unsigned int bi; > + > + dprintk(XENLOG_DEBUG, "nr_banks(%u)\n", nr_banks); > + > + /* > + * At the moment, RISC-V's Linux kernel should be always position > + * independent based on "Per-MMU execution" of boot.rst: > + * https://docs.kernel.org/arch/riscv/boot.html#pre-mmu-execution > + * > + * But just for the case when RISC-V's Linux kernel isn't position > + * independent it is needed to take load address from > + * info->image.start. > + * > + * If `start` is zero, the Image is position independent. > + */ > + if ( likely(!info->image.start) ) > + { > + for ( bi = 0; bi != nr_banks; bi++ ) > + { > + const struct membank *bank = &banks->bank[bi]; > + paddr_t bank_start = bank->start; > + /* > + * According to boot.rst kernel load address should be properly > + * aligned: > + * https://docs.kernel.org/arch/riscv/boot.html#kernel-location > + * > + * As Image in this case is PIC we can ignore > + * info->image.text_offset. > + */ > + paddr_t aligned_start = ROUNDUP(bank_start, > KERNEL_LOAD_ADDR_ALIGNMENT); > + paddr_t bank_end = bank_start + bank->size; > + paddr_t bank_size; > + > + if ( aligned_start > bank_end ) > + continue; > + > + bank_size = bank_end - aligned_start; > + > + dprintk(XENLOG_DEBUG, "bank[%u].start=%"PRIpaddr"\n", bi, > bank->start); > + > + if ( image_size <= bank_size ) > + { > + load_addr = aligned_start; > + break; > + } > + } > + } > + else > + { > + load_addr = info->image.start + info->image.text_offset; Why does stuff ahead of text_offset not need loading? > + WARN_ON(!IS_ALIGNED(load_addr, KERNEL_LOAD_ADDR_ALIGNMENT)); > + > + for ( bi = 0; bi != nr_banks; bi++ ) > + { > + const struct membank *bank = &banks->bank[bi]; > + paddr_t bank_start = bank->start; > + paddr_t bank_end = bank_start + bank->size; > + > + if ( (load_addr >= bank_start) && (load_addr < bank_end) && > + (bank_end - load_addr) >= image_size ) Do we have to fear overflow? (If so, shouldn't such an image be rejected rather than an attempt being made to place it?) If not, simply: if ( (load_addr >= bank_start) && (load_addr + image_size <= bank_end) ) Also, does image_size really only cover space starting from .text_offset, rather than from .start? > +static void __init kernel_image_load(struct kernel_info *info) > +{ > + int rc; > + paddr_t load_addr = kernel_image_place(info); > + paddr_t paddr = info->image.kernel_addr; > + paddr_t len = info->image.len; > + paddr_t effective_size = info->image.image_size ?: len; > + void *kernel; > + > + place_modules(info, load_addr, load_addr + effective_size); > + > + printk("Loading Image from %"PRIpaddr" to %"PRIpaddr"-%"PRIpaddr"\n", > + paddr, load_addr, load_addr + effective_size); As on earlier occasions: Please represent ranges as mathematical ones, to disambiguate whether the bounds (the upper one in particular) are inclusive or exclusive. > +int __init kernel_image_probe(struct kernel_info *info, paddr_t addr, > + paddr_t size) > +{ > +#ifdef CONFIG_RISCV_64 > + return kernel_image64_probe(info, addr, size); > +#else > + return -EOPNOTSUPP; Better #error, as you have it elsewhere (iirc)? Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.