From: Alexandru Elisei <alexandru.elisei@arm.com>
To: James Clark <james.clark@linaro.org>
Cc: Will Deacon <will@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Anshuman Khandual <Anshuman.Khandual@arm.com>,
Rob Herring <Rob.Herring@arm.com>,
Suzuki Poulose <Suzuki.Poulose@arm.com>,
Robin Murphy <Robin.Murphy@arm.com>,
linux-arm-kernel@lists.infradead.org,
linux-perf-users@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/3] perf: arm_spe: Disable buffer before writing to PMBPTR_EL1 or PMBSR_EL1
Date: Wed, 9 Jul 2025 11:09:32 +0100 [thread overview]
Message-ID: <aG4_3D1RG8CWncBF@raptor> (raw)
In-Reply-To: <20250701-james-spe-vm-interface-v1-2-52a2cd223d00@linaro.org>
Hi James,
On Tue, Jul 01, 2025 at 04:31:58PM +0100, James Clark wrote:
> DEN0154 states that writes to PMBPTR_EL1 or PMBSR_EL1 must be done while
> the buffer is disabled (PMBLIMITR_EL1.E == 0). Re-arrange the interrupt
> handler to always disable the buffer for non-spurious interrupts before
> doing either.
>
> Most of arm_spe_pmu_disable_and_drain_local() is now always done, so for
> faults the only thing left to do is clear PMSCR_EL1.
>
> Elaborate the comment in arm_spe_pmu_disable_and_drain_local() to
> explain the ramifications of not doing it in the right order.
>
> Fixes: d5d9696b0380 ("drivers/perf: Add support for ARMv8.2 Statistical Profiling Extension")
> Signed-off-by: James Clark <james.clark@linaro.org>
> ---
> drivers/perf/arm_spe_pmu.c | 33 +++++++++++++++++++++------------
> 1 file changed, 21 insertions(+), 12 deletions(-)
>
> diff --git a/drivers/perf/arm_spe_pmu.c b/drivers/perf/arm_spe_pmu.c
> index 6235ca7ecd48..5829947c8871 100644
> --- a/drivers/perf/arm_spe_pmu.c
> +++ b/drivers/perf/arm_spe_pmu.c
> @@ -559,7 +559,12 @@ static void arm_spe_perf_aux_output_end(struct perf_output_handle *handle)
>
> static void arm_spe_pmu_disable_and_drain_local(void)
> {
> - /* Disable profiling at EL0 and EL1 */
> + /*
> + * To prevent the CONSTRAINED UNPREDICTABLE behavior of either writing
> + * to memory after the buffer is disabled, or SPE reporting an access
> + * not allowed event, we must disable sampling before draining the
> + * buffer.
> + */
> write_sysreg_s(0, SYS_PMSCR_EL1);
> isb();
>
> @@ -661,16 +666,24 @@ static irqreturn_t arm_spe_pmu_irq_handler(int irq, void *dev)
> */
> irq_work_run();
>
> + /*
> + * arm_spe_pmu_buf_get_fault_act() already drained, and PMBSR_EL1.S == 1
> + * means that StatisticalProfilingEnabled() == false. So now we can
> + * safely disable the buffer.
> + */
> + write_sysreg_s(0, SYS_PMBLIMITR_EL1);
> + isb();
> +
> + /* Status can be cleared now that PMBLIMITR_EL1.E == 0 */
> + write_sysreg_s(0, SYS_PMBSR_EL1);
I've been trying to figure out if we need an ISB here to order clearing the
service bit before the PMBLIMITR_EL1 write in arm_spe_perf_aux_output_begin().
arm_spe_perf_aux_output_begin() is called only when the buffer is full, and this
rules out the event having the discard attribute (buffer management events are
not generated in discard mode).
If a new buffer cannot be allocated (perf_aux_output_begin() returns NULL), then
PMBLIMITR_EL1.E remains 0, so no need to order the two writes.
The only other path remaining in arm_spe_perf_aux_output_begin() is
reprogramming the buffer, in which case there's an ISB before the write to
PMBLIMITR_EL1.
In conclusion, I think it's correct not to have an ISB here.
> +
> switch (act) {
> case SPE_PMU_BUF_FAULT_ACT_FATAL:
> /*
> - * If a fatal exception occurred then leaving the profiling
> - * buffer enabled is a recipe waiting to happen. Since
> - * fatal faults don't always imply truncation, make sure
> - * that the profiling buffer is disabled explicitly before
> - * clearing the syndrome register.
> + * To complete the full disable sequence, also disable profiling
> + * at EL0 and EL1, we don't want to continue at all anymore.
> */
> - arm_spe_pmu_disable_and_drain_local();
> + write_sysreg_s(0, SYS_PMSCR_EL1);
Before:
arm_spe_pmu_buf_get_fault_act:
<drain buffer>
ISB
arm_spe_pmu_disable_and_drain_local:
PMSCR_EL1 = 0
ISB # disables profiling
<drain buffer>
PMBLIMITR_EL1=0
PMBSR_EL1=0
ERET # synchronizes the two writes above
Now:
arm_spe_pmu_buf_get_fault_act:
<drain buffer>
ISB
PMBLIMITR_EL1=0
ISB # disables profiling
PMBSR_EL1=0
PMSCR_EL1=0
ERET # synchronizes the two writes above
This looks correct to me.
Thanks,
Alex
> break;
> case SPE_PMU_BUF_FAULT_ACT_OK:
> /*
> @@ -679,18 +692,14 @@ static irqreturn_t arm_spe_pmu_irq_handler(int irq, void *dev)
> * PMBPTR might be misaligned, but we'll burn that bridge
> * when we get to it.
> */
> - if (!(handle->aux_flags & PERF_AUX_FLAG_TRUNCATED)) {
> + if (!(handle->aux_flags & PERF_AUX_FLAG_TRUNCATED))
> arm_spe_perf_aux_output_begin(handle, event);
> - isb();
> - }
> break;
> case SPE_PMU_BUF_FAULT_ACT_SPURIOUS:
> /* We've seen you before, but GCC has the memory of a sieve. */
> break;
> }
>
> - /* The buffer pointers are now sane, so resume profiling. */
> - write_sysreg_s(0, SYS_PMBSR_EL1);
> return IRQ_HANDLED;
> }
>
>
> --
> 2.34.1
>
next prev parent reply other threads:[~2025-07-09 12:03 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-01 15:31 [PATCH 0/3] perf: arm_spe: Add support for SPE VM interface James Clark
2025-07-01 15:31 ` [PATCH 1/3] perf: arm_spe: Add barrier before enabling profiling buffer James Clark
2025-07-04 14:04 ` Leo Yan
2025-07-07 11:22 ` James Clark
2025-07-08 14:40 ` Alexandru Elisei
2025-09-08 14:48 ` James Clark
2025-09-08 13:41 ` Will Deacon
2025-09-08 13:54 ` James Clark
2025-09-08 13:57 ` Will Deacon
2025-09-08 14:35 ` James Clark
2025-07-01 15:31 ` [PATCH 2/3] perf: arm_spe: Disable buffer before writing to PMBPTR_EL1 or PMBSR_EL1 James Clark
2025-07-04 15:50 ` Leo Yan
2025-07-07 11:39 ` James Clark
2025-07-07 15:37 ` Leo Yan
2025-07-08 14:45 ` Alexandru Elisei
2025-07-09 10:08 ` Alexandru Elisei
2025-07-14 8:58 ` Leo Yan
2025-07-21 13:20 ` James Clark
2025-07-21 15:21 ` Leo Yan
2025-07-22 14:46 ` James Clark
2025-07-30 9:50 ` Alexandru Elisei
2025-07-09 10:09 ` Alexandru Elisei [this message]
2025-09-08 14:01 ` Will Deacon
2025-07-01 15:31 ` [PATCH 3/3] perf: arm_spe: Add support for SPE VM interface James Clark
2025-08-01 13:28 ` [PATCH 0/3] " Alexandru Elisei
2025-08-04 16:00 ` James Clark
2025-08-04 21:49 ` Suzuki K Poulose
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aG4_3D1RG8CWncBF@raptor \
--to=alexandru.elisei@arm.com \
--cc=Anshuman.Khandual@arm.com \
--cc=Rob.Herring@arm.com \
--cc=Robin.Murphy@arm.com \
--cc=Suzuki.Poulose@arm.com \
--cc=catalin.marinas@arm.com \
--cc=james.clark@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.