Re: [PATCH 01/17] accel/tcg: Store section pointer in CPUTLBEntryFull

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ilya Leoshkevich <iii@linux.ibm.com>
To: Jim Shu <jim.shu@sifive.com>
Cc: qemu-devel@nongnu.org, qemu-riscv@nongnu.org,
	"Richard Henderson" <richard.henderson@linaro.org>,
	"Paolo Bonzini" <pbonzini@redhat.com>,
	"Palmer Dabbelt" <palmer@dabbelt.com>,
	"Alistair Francis" <alistair.francis@wdc.com>,
	"Weiwei Li" <liwei1518@gmail.com>,
	"Daniel Henrique Barboza" <dbarboza@ventanamicro.com>,
	"Liu Zhiwei" <zhiwei_liu@linux.alibaba.com>,
	"Eduardo Habkost" <eduardo@habkost.net>,
	"Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
	"Philippe Mathieu-Daudé" <philmd@linaro.org>,
	"Yanan Wang" <wangyanan55@huawei.com>,
	"Zhao Liu" <zhao1.liu@intel.com>, "Peter Xu" <peterx@redhat.com>,
	"David Hildenbrand" <david@redhat.com>,
	"Michael Rolnik" <mrolnik@gmail.com>,
	"Helge Deller" <deller@gmx.de>, "Song Gao" <gaosong@loongson.cn>,
	"Laurent Vivier" <laurent@vivier.eu>,
	"Edgar E. Iglesias" <edgar.iglesias@gmail.com>,
	"Aurelien Jarno" <aurelien@aurel32.net>,
	"Jiaxun Yang" <jiaxun.yang@flygoat.com>,
	"Aleksandar Rikalo" <arikalo@gmail.com>,
	"Stafford Horne" <shorne@gmail.com>,
	"Nicholas Piggin" <npiggin@gmail.com>,
	"Yoshinori Sato" <ysato@users.sourceforge.jp>,
	"Thomas Huth" <thuth@redhat.com>,
	"Mark Cave-Ayland" <mark.cave-ayland@ilande.co.uk>,
	"Artyom Tarasenko" <atar4qemu@gmail.com>,
	"Bastian Koppelmann" <kbastian@mail.uni-paderborn.de>,
	"Max Filippov" <jcmvbkbc@gmail.com>,
	qemu-ppc@nongnu.org, qemu-s390x@nongnu.org
Subject: Re: [PATCH 01/17] accel/tcg: Store section pointer in CPUTLBEntryFull
Date: Tue, 15 Apr 2025 11:12:02 +0200	[thread overview]
Message-ID: <2dd5952a93aca15bbae4b5624b680637@linux.ibm.com> (raw)
In-Reply-To: <20250415081231.21186-2-jim.shu@sifive.com>

On 2025-04-15 10:12, Jim Shu wrote:
> 'CPUTLBEntryFull.xlat_section' stores section_index in last 12 bits to
> find the correct section when CPU access the IO region over the IOTLB
> (iotlb_to_section()).
> 
> However, section_index is only unique inside single AddressSpace. If
> address space translation is over IOMMUMemoryRegion, it could return
> section from other AddressSpace. 'iotlb_to_section()' API only finds 
> the
> sections from CPU's AddressSpace so that it couldn't find section in
> other AddressSpace. Thus, using 'iotlb_to_section()' API will find the
> wrong section and QEMU will have wrong load/store access.
> 
> To fix this bug, store complete MemoryRegionSection pointer in
> CPUTLBEntryFull instead of section_index.
> 
> This bug occurs only when
> (1) IOMMUMemoryRegion is in the path of CPU access.
> (2) IOMMUMemoryRegion returns different target_as and the section is in
> the IO region.
> 
> Common IOMMU devices don't have this issue since they are only in the
> path of DMA access. Currently, the bug only occurs when ARM MPC device
> (hw/misc/tz-mpc.c) returns 'blocked_io_as' to emulate blocked access
> handling. Upcoming RISC-V wgChecker device is also affected by this 
> bug.
> 
> Signed-off-by: Jim Shu <jim.shu@sifive.com>
> ---
>  accel/tcg/cputlb.c    | 19 +++++++++----------
>  include/hw/core/cpu.h |  3 +++
>  2 files changed, 12 insertions(+), 10 deletions(-)

Does this mean that there can be more than 4k sections now and the
assertion in phys_section_add() can be removed?

next prev parent reply	other threads:[~2025-04-15  9:13 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-04-15  8:12 [PATCH 00/17] Implements RISC-V WorldGuard extension v0.4 Jim Shu
2025-04-15  8:12 ` [PATCH 01/17] accel/tcg: Store section pointer in CPUTLBEntryFull Jim Shu
2025-04-15  9:12   ` Ilya Leoshkevich [this message]
2025-04-15 16:38     ` Jim Shu
2025-04-15  8:12 ` [PATCH 02/17] accel/tcg: memory access from CPU will pass access_type to IOMMU Jim Shu
2025-04-15  8:12 ` [PATCH 03/17] exec: Add RISC-V WorldGuard WID to MemTxAttrs Jim Shu
2025-04-15  8:12 ` [PATCH 04/17] hw/misc: riscv_worldguard: Add RISC-V WorldGuard global config Jim Shu
2025-04-15  8:12 ` [PATCH 05/17] target/riscv: Add CPU options of WorldGuard CPU extension Jim Shu
2025-04-15  8:12 ` [PATCH 06/17] target/riscv: Add hard-coded CPU state of WG extension Jim Shu
2025-04-15  8:12 ` [PATCH 07/17] target/riscv: Add defines for WorldGuard CSRs Jim Shu
2025-04-15  8:12 ` [PATCH 08/17] target/riscv: Allow global WG config to set WG CPU callbacks Jim Shu
2025-04-15  8:12 ` [PATCH 09/17] target/riscv: Implement WorldGuard CSRs Jim Shu
2025-04-15  8:12 ` [PATCH 10/17] target/riscv: Add WID to MemTxAttrs of CPU memory transactions Jim Shu
2025-04-15  8:12 ` [PATCH 11/17] target/riscv: Expose CPU options of WorldGuard Jim Shu
2025-04-15  8:12 ` [PATCH 12/17] hw/misc: riscv_worldguard: Add API to enable WG extension of CPU Jim Shu
2025-04-15  8:12 ` [PATCH 13/17] hw/misc: riscv_wgchecker: Implement RISC-V WorldGuard Checker Jim Shu
2025-04-15  8:12 ` [PATCH 14/17] hw/misc: riscv_wgchecker: Implement wgchecker slot registers Jim Shu
2025-04-15  8:12 ` [PATCH 15/17] hw/misc: riscv_wgchecker: Implement correct block-access behavior Jim Shu
2025-04-15  8:12 ` [PATCH 16/17] hw/misc: riscv_wgchecker: Check the slot settings in translate Jim Shu
2025-04-15  8:12 ` [PATCH 17/17] hw/riscv: virt: Add WorldGuard support Jim Shu
2025-04-15 13:20   ` Daniel Henrique Barboza
2025-04-15 14:47     ` Jim Shu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2dd5952a93aca15bbae4b5624b680637@linux.ibm.com \
    --to=iii@linux.ibm.com \
    --cc=alistair.francis@wdc.com \
    --cc=arikalo@gmail.com \
    --cc=atar4qemu@gmail.com \
    --cc=aurelien@aurel32.net \
    --cc=david@redhat.com \
    --cc=dbarboza@ventanamicro.com \
    --cc=deller@gmx.de \
    --cc=edgar.iglesias@gmail.com \
    --cc=eduardo@habkost.net \
    --cc=gaosong@loongson.cn \
    --cc=jcmvbkbc@gmail.com \
    --cc=jiaxun.yang@flygoat.com \
    --cc=jim.shu@sifive.com \
    --cc=kbastian@mail.uni-paderborn.de \
    --cc=laurent@vivier.eu \
    --cc=liwei1518@gmail.com \
    --cc=marcel.apfelbaum@gmail.com \
    --cc=mark.cave-ayland@ilande.co.uk \
    --cc=mrolnik@gmail.com \
    --cc=npiggin@gmail.com \
    --cc=palmer@dabbelt.com \
    --cc=pbonzini@redhat.com \
    --cc=peterx@redhat.com \
    --cc=philmd@linaro.org \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-ppc@nongnu.org \
    --cc=qemu-riscv@nongnu.org \
    --cc=qemu-s390x@nongnu.org \
    --cc=richard.henderson@linaro.org \
    --cc=shorne@gmail.com \
    --cc=thuth@redhat.com \
    --cc=wangyanan55@huawei.com \
    --cc=ysato@users.sourceforge.jp \
    --cc=zhao1.liu@intel.com \
    --cc=zhiwei_liu@linux.alibaba.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.