pongoOS 2.2.0

- addition of memory manager
- run pongoOS at secure EL1 on EL3 devices
- user-mode tasks
  note: ttbr1 is swapped instead of what you'd expect conventionally, which is having
ttbr0 for user-mode and ttbr1 for kernel.
- proper exception handling
- proper use of spsel
- stack guards
  note: those don't apply to exception stacks yet

Makefile

@@ -18,7 +18,7 @@ ifeq ($(HOST_OS),Linux)
 endif
 endif
 
-PONGO_VERSION := 2.1.0-$(shell git log -1 --pretty=format:"%H" | cut -c1-8)
+PONGO_VERSION := 2.2.0-$(shell git log -1 --pretty=format:"%H" | cut -c1-8)
 ROOT := $(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
 SRC := $(ROOT)/src
 AUX := $(ROOT)/tools
@@ -38,7 +38,6 @@ STAGE3_ENTRY_C := $(patsubst %, $(SRC)/boot/%, stage3.c clearhook.S pat
 PONGO_C := $(wildcard $(SRC)/kernel/*.c) $(wildcard $(SRC)/kernel/support/*.c) $(wildcard $(SRC)/dynamic/*.c) $(wildcard $(SRC)/kernel/*.S) $(wildcard $(SRC)/shell/*.c)
 PONGO_DRIVERS_C := $(wildcard $(SRC)/drivers/*/*.c) $(wildcard $(SRC)/drivers/*/*.S) $(wildcard $(SRC)/linux/*/*.c) $(wildcard $(SRC)/linux/*.c) $(wildcard $(SRC)/lib/*/*.c)
 
-
 .PHONY: all clean
 
 all: $(BUILD)/Pongo.bin | $(BUILD)

src/boot/entry.S

@@ -69,13 +69,54 @@ copyloop_3:
  ret
 
 start$l0:
- sub sp, x5, #0x400
  mov x1, x0
  mov x0, x9
  mov x29, xzr
+ sub x5, x5, #0x400
+ and x5, x5, #~0xf
+ bl _set_exception_stack_core0
+ mov sp, x5
  bl _trampoline_entry
  b .
 
+.globl _setup_el1
+_setup_el1:
+ stp x29, x30, [sp, #-0x10]!
+ mov x20, x1
+ mov x21, x2
+ mrs x16, currentel
+ cmp x16, #0x4
+ b.eq el1_entry
+ cmp x16, #0xc
+ b.ne .
+
+el3_entry:
+
+ adr x16, _exception_vector_el3
+ msr vbar_el3, x16
+ mov x16, #0x430
+ msr scr_el3, x16
+ mov x16, #4
+ msr spsr_el3, x16
+ adr x16, el1_entry
+ msr elr_el3, x0
+ eret
+
+el1_entry:
+ blr x0
+ b .
+
+.globl _set_exception_stack_core0
+_set_exception_stack_core0:
+ msr spsel, #1
+ adrp x8, _exception_stack@PAGE
+ add x8, x8, _exception_stack@PAGEOFF
+ add x8, x8, #0x4000
+ and x8, x8, #~0xf
+ mov sp, x8
+ msr spsel, #0
+ ret
+
 .globl _smemcpy128
 _smemcpy128:
  cbz w2, nullsub
@@ -96,3 +137,46 @@ memset$continue:
 
 nullsub:
  ret
+
+.align 12
+.globl _exception_vector_el3
+_exception_vector_el3:
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ /* Lower EL with Aarch64 */
+ mov x18, #0xc
+ msr spsr_el3, x18
+ mrs x18, elr_el3
+ add x18, x18, #4
+ msr elr_el3, x18
+ eret
+
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+.balign 128
+ b .
+

src/boot/stage3.c

@@ -123,8 +123,8 @@ void stage3_exit_to_el1_image(void* boot_args, void* boot_entry_point) {
  // hypv
  *(void**)(gboot_args + 0x20) = boot_args;
  *(void**)(gboot_args + 0x28) = boot_entry_point;
+ asm("smc #0"); // elevate to EL3
  }
- extern void screen_puts(const char* str);
  jump_to_image((uint64_t)gboot_entry_point, (uint64_t)gboot_args);
 }
 
@@ -144,12 +144,16 @@ void trampoline_entry(void* boot_image, void* boot_args)
  strcpy(boot_image + 0x200, "Stage2 KJC Loader");
  patch_bootloader(boot_image);
  } else {
+
  gboot_args = boot_args;
  gboot_entry_point = boot_image;
+ extern volatile void setup_el1(void * entryp,uint64_t,uint64_t);
+
+
  extern volatile void smemset(void*, uint8_t, uint64_t);
  smemset(&__bss_start, 0, ((uint64_t)__bss_end) - ((uint64_t)__bss_start));
- void main (void);
- main();
+ extern void main (void);
+ setup_el1(main, (uint64_t)boot_image, (uint64_t)boot_args);
  }
  jump_to_image((uint64_t)boot_image, (uint64_t)boot_args);
 }

src/drivers/framebuffer/fb.c

@@ -160,9 +160,22 @@ void screen_init() {
  gRowPixels = gBootArgs->Video.v_rowBytes >> 2;
  uint16_t width = gWidth = gBootArgs->Video.v_width;
  uint16_t height = gHeight = gBootArgs->Video.v_height;
+ uint64_t fbbase = gBootArgs->Video.v_baseAddr;
  uint64_t fbsize = gHeight * gRowPixels * 4;
- map_range(0xfb0000000ULL, gBootArgs->Video.v_baseAddr, (fbsize+0x3fff) & ~0x3fff, 3, 1, true);
- gFramebuffer = (uint32_t*)(0xfb0000000ULL);
+ uint64_t fboff;
+ if(is_16k())
+ {
+ fboff = fbbase & 0x3fffULL;
+ fbsize = (fbsize + fboff + 0x3fffULL) & ~0x3fffULL;
+ }
+ else
+ {
+ fboff = fbbase & 0xfffULL;
+ fbsize = (fbsize + fboff + 0xfffULL) & ~0xfffULL;
+ }
+ map_range(0xfb0000000ULL, fbbase - fboff, fbsize, 3, 1, true);
+ gFramebuffer = (uint32_t*)(0xfb0000000ULL + fboff);
+
 
  height &= 0xfff0;
  scale_factor = 2;

src/drivers/usb/synopsys_otg.c

@@ -1835,7 +1835,7 @@ void usb_init() {
  }
 
  uint64_t dma_page_v = (uint64_t) alloc_contig(4 * DMA_BUFFER_SIZE);
- uint64_t dma_page_p = vatophys(dma_page_v);
+ uint64_t dma_page_p = vatophys_static((void*)dma_page_v);
  bzero((void*)dma_page_v,4 * DMA_BUFFER_SIZE);
  cache_clean_and_invalidate((void*)dma_page_v, 4 * DMA_BUFFER_SIZE);
 
@@ -1894,7 +1894,7 @@ void usb_init() {
 }
 void usb_teardown() {
  if (!gSynopsysOTGBase) return;
- gSynopsysOTGBase = 0;
+ reg_write(rGAHBCFG, 0x2e);
  *(volatile uint32_t*)(gSynopsysOTGBase + 0x4) &= ~2;
  clock_gate(reg3, 0);
  clock_gate(reg2, 0);

src/dynamic/modload.c

@@ -82,17 +82,30 @@ struct pongo_exports public_api[] = {
  EXPORT_SYMBOL(dt_alloc_memmap),
  EXPORT_SYMBOL(bzero),
  EXPORT_SYMBOL(memset),
+ EXPORT_SYMBOL(memcpy_trap),
+ EXPORT_SYMBOL(vm_space_deallocate),
+ EXPORT_SYMBOL(vm_deallocate),
+ EXPORT_SYMBOL(vm_space_allocate),
+ EXPORT_SYMBOL(vm_allocate),
  EXPORT_SYMBOL(strcmp),
  EXPORT_SYMBOL(queue_rx_string),
  EXPORT_SYMBOL(strlen),
  EXPORT_SYMBOL(strcpy),
+ EXPORT_SYMBOL(task_create),
  EXPORT_SYMBOL(task_create_extended),
+ EXPORT_SYMBOL(task_restart_and_link),
+ EXPORT_SYMBOL(task_critical_enter),
+ EXPORT_SYMBOL(task_critical_exit),
  EXPORT_SYMBOL(task_bind_to_irq),
  EXPORT_SYMBOL(task_release),
+ EXPORT_SYMBOL(task_reference),
  EXPORT_SYMBOL(tz0_calculate_encrypted_block_addr),
  EXPORT_SYMBOL(tz_blackbird),
  EXPORT_SYMBOL(tz_lockdown),
  EXPORT_SYMBOL(vatophys),
+ EXPORT_SYMBOL(lock_take),
+ EXPORT_SYMBOL(lock_take_spin),
+ EXPORT_SYMBOL(lock_release),
  EXPORT_SYMBOL(memmove),
  EXPORT_SYMBOL(memmem),
  EXPORT_SYMBOL(memstr),

src/kernel/alloc.c

@@ -39,7 +39,7 @@ void alloc_init() {
  alloc_heap_base = (((uint64_t)__bss_end) + 0x7fff) & (~0x3fff);
  alloc_heap_base &= 0xFFFFFFFF;
  alloc_heap_base += kCacheableView;
- alloc_heap_end = (((uint64_t)((kCacheableView - 0x800000000 + gBootArgs->physBase) + gBootArgs->memSize)) + 0x3fff) & (~0x3fff) - 1024*1024;
+ alloc_heap_end = (((uint64_t)(phystokv(gBootArgs->physBase) + gBootArgs->memSize)) + 0x3fff) & (~0x3fff) - 1024*1024;
 
  uint64_t alloc_static_hardcap = alloc_static_base + (1024 * 1024 * 64);
  if (alloc_static_end > alloc_static_hardcap) {
@@ -63,6 +63,16 @@ void* alloc_static(uint32_t size) { // memory returned by this will be added to
  return rv;
 }
 
+uint64_t alloc_phys(uint32_t size) { // memory returned by this will be added to the xnu static region, thus will persist after xnu boot
+ if (!alloc_static_base) {
+ alloc_init();
+ }
+ uint64_t rv = vatophys(alloc_heap_current);
+ alloc_heap_current += (size + 0x3fff) & (~0x3fff);
+ if (alloc_heap_current > alloc_heap_end) return 0;
+ return rv;
+}
+
 void* alloc_contig(uint32_t size) {
  if (!alloc_static_base) {
  alloc_init();
@@ -73,3 +83,9 @@ void* alloc_contig(uint32_t size) {
  return rv;
 }
 
+void* phystokv(uint64_t paddr) {
+ return (void*)(paddr - 0x800000000 + kCacheableView);
+}
+uint64_t vatophys_static(void* kva) {
+ return (((uint64_t)kva) - kCacheableView + 0x800000000);
+}

src/kernel/dtree.c

@@ -115,7 +115,7 @@ void* dt_prop(dt_node_t* node, const char* key, uint32_t* lenp)
 {
  dt_prop_cb_t arg = { key, NULL, 0 };
  dt_parse(node, -1, NULL, NULL, NULL, &dt_prop_cb, &arg);
- if (arg.val)
+ if (arg.val && lenp)
  *lenp = arg.len;
  return arg.val;
 }