[PATCH v2 8/8] lib: sbi_domain_context: preserve firmware PMP entries during domain context switch
Anup Patel
anup at brainfault.org
Sun Nov 2 03:41:35 PST 2025
On Wed, Oct 8, 2025 at 2:15 PM Yu-Chien Peter Lin <peter.lin at sifive.com> wrote:
>
> When SmePMP is enabled, clearing firmware PMP entries during a domain
> context switch can temporarily revoke access to OpenSBI’s own code and
> data, leading to faults.
>
> Keep firmware PMP entries enabled across switches so firmware regions
> remain accessible and executable.
>
> Signed-off-by: Yu-Chien Peter Lin <peter.lin at sifive.com>
LGTM.
Reviewed-by: Anup Patel <anup at brainfault.org>
Thanks,
Anup
> ---
> lib/sbi/sbi_domain_context.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/lib/sbi/sbi_domain_context.c b/lib/sbi/sbi_domain_context.c
> index fb04d81d..51534de1 100644
> --- a/lib/sbi/sbi_domain_context.c
> +++ b/lib/sbi/sbi_domain_context.c
> @@ -116,6 +116,10 @@ static void switch_to_next_domain_context(struct hart_context *ctx,
>
> /* Reconfigure PMP settings for the new domain */
> for (int i = 0; i < pmp_count; i++) {
> + /* Don't revoke firmware access permissions */
> + if (sbi_hart_smepmp_is_fw_region(i))
> + continue;
> +
> sbi_platform_pmp_disable(sbi_platform_thishart_ptr(), i);
> pmp_disable(i);
> }
> --
> 2.48.0
>
More information about the opensbi
mailing list