unmap_ptes is not complete

unmap_ptes is not complete

[Raz]

[-- Attachment #1.1: Type: text/plain, Size: 306 bytes --]

Hey
in mmu.c unmap_ptes() you invalidate *pte but not the pte itself. This
leads to inconsistency in el2 translation tables. ie; the pte entry is
cleared in the cached memory but not in the RAM, so the entry may still be
valid in EL2 translation tables.
You should also clear pte itself.

Kind Regards
Raz

[-- Attachment #1.2: Type: text/html, Size: 395 bytes --]

[-- Attachment #2: Type: text/plain, Size: 151 bytes --]

_______________________________________________
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm

Re: unmap_ptes is not complete

[Christoffer Dall]

Hi Raz,

On Mon, Nov 27, 2017 at 09:10:56PM +0000, Raz wrote:
> Hey
> in mmu.c unmap_ptes() you invalidate *pte but not the pte itself. This
> leads to inconsistency in el2 translation tables. ie; the pte entry is
> cleared in the cached memory but not in the RAM, so the entry may still be
> valid in EL2 translation tables.

I'm not sure which code you're talking about.  Perhaps try sending a
patch?

> You should also clear pte itself.
> 

If you're talking about unmap_stage2_ptes(), then I must be missing
something, because I don't see why setting the pointer to 0 should
matter, and what you say about cached memory and RAM doesn't sound
correct, as all virtualization-capable ARM CPUs have coherent page table
walks.

Thanks,
-Christoffer