Add preemption timer to bound TA execution#907
Merged
Conversation
sangho2
changed the title
sangho2
changed the title
sangho2
changed the title
sangho2
changed the title
sangho2
force-pushed
the
sanghle/lvbs/timebomb
branch
3 times, most recently
from
7bea3f7 to
e5adb24
Compare
sangho2
force-pushed
the
sanghle/lvbs/timebomb
branch
from
4ac37cb to
d795648
Compare
sangho2
force-pushed
the
sanghle/lvbs/timebomb
branch
3 times, most recently
from
d2d638b to
d7f79ae
Compare
sangho2
added
the
must-not-merge:blocked-on-other-changes
Contributor
Author
|
Potential conflict with PR #865. Merge it first and then this one. |
wdcui
approved these changes
Jun 15, 2026
sangho2
removed
the
must-not-merge:blocked-on-other-changes
sangho2
force-pushed
the
sanghle/lvbs/timebomb
branch
from
4fa6489 to
677b90c
Compare
|
🤖 SemverChecks 🤖 No breaking API changes detected Note: this does not mean API is unchanged, or even that there are no breaking changes; simply, none of the detections triggered. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR adds a timer-based mechanism for preempting TAs on the LVBS platform. In OP-TEE, TA execution is unbounded because there is no secure-world scheduler: if a TA spins in an infinite loop, it can hold the (V)CPU indefinitely. On Arm TrustZone, the normal world can eventually regain control by interrupting the secure world. However, in Hyper-V, VTL0 is not allowed to interrupt VTL1.
To overcome this problem, this PR implements a VTL1-local one-shot preemption timer based on the Hyper-V synthetic timer to limit the execution time of each TA command invocation (which could span multiple syscalls). If it fires, the VTL1 kernel kills the TA and returns back to VTL0.