From: Will Deacon <will@kernel.org>
To: Alexandru Elisei <alexandru.elisei@arm.com>
Cc: Marc Zyngier <maz@kernel.org>,
kvmarm@lists.linux.dev, mark.rutland@arm.com,
linux-arm-kernel@lists.infradead.org,
Oliver Upton <oupton@kernel.org>,
James Clark <james.clark@linaro.org>, Leo Yan <leo.yan@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Fuad Tabba <tabba@google.com>
Subject: Re: [PATCH] KVM: arm64: Disable TRBE Trace Buffer Unit when running in guest context
Date: Tue, 17 Feb 2026 12:13:24 +0000 [thread overview]
Message-ID: <aZRbZOT13aT60Z70@willie-the-truck> (raw)
In-Reply-To: <aZNPdDAHiLpTvGnS@willie-the-truck>
On Mon, Feb 16, 2026 at 05:10:17PM +0000, Will Deacon wrote:
> On Mon, Feb 16, 2026 at 03:53:54PM +0000, Alexandru Elisei wrote:
> > Hi,
> >
> > On Mon, Feb 16, 2026 at 02:29:31PM +0000, Marc Zyngier wrote:
> > > On Mon, 16 Feb 2026 13:09:59 +0000,
> > > Will Deacon <will@kernel.org> wrote:
> > > >
> > > > The nVHE world-switch code relies on zeroing TRFCR_EL1 to disable trace
> > > > generation in guest context when self-hosted TRBE is in use by the host.
> > > >
> > > > Per D3.2.1 ("Controls to prohibit trace at Exception levels"), clearing
> > > > TRFCR_EL1 means that trace generation is prohibited at EL1 and EL0 but
> > > > per R_YCHKJ the Trace Buffer Unit will still be enabled if
> > > > TRBLIMITR_EL1.E is set. R_SJFRQ goes on to state that, when enabled, the
> > > > Trace Buffer Unit can perform address translation for the "owning
> > > > exception level" even when it is out of context.
> > >
> > > Great. So TRBE violates all the principles that we hold true in the
> > > architecture. Does SPE suffer from the same level of brokenness?
> >
> > I think not currently - I_JZRDG from DDI0487M.a.a says that after a PSB + DSB
> > 'no new memory accesses using the lower Exception level translation table
> > entries occur'.
> >
> > But looks like the behaviour will be changed so that it will be similar to TRBE,
> > according to the Arm known issues document [1], added in D23136:
> >
> > 'When the Profiling Buffer is enabled, profiling is not stopped, and Discard mode
> > is not enabled, the Statistical Profiling Unit might cause speculative
> > translations for the owning translation regime, including when the owning
> > translation regime is out-of-context'.
>
> I think SPE is ok, as __debug_save_spe() clears PMSCR_EL1 and (unlike
> TRBE) PMSCR_EL1.ExSPE _are_ factored into whether or not profiling is
> "enabled".
>
> So there's a funny asymmetry between SPE and TRBE, which I assume is due
> to the coresight much associated with the latter.
Urgh...
Alex and I spoke a bit about this on irc and we think SPE might suffer
from the same problem after all. It just uses different terminology, so
it's not as obvious to shake out from the TRBE example.
With TRBE the problem is that we have:
* TRFCR_EL1 controls whether or not trace generation is "prohibited"
* TRBLIMITR controls whether or not the trace buffer unit is "enabled"
With SPE we have:
* PMSCR_EL1 controls whether or not *profiling* is "enabled"
* PMBLIMITR controls whether or not the *profiling buffer* is "enabled"
Unlike TRBE, the SPE spec doesn't talk concretely about address
translation but I think it's safest to assume that the profiling buffer
being enabled means that it can translate out of context, similarly to
TRBE.
So we'll need to zap PMBLIMITR as well. I'll cook something for v2 but,
as before, I'm going to struggle to test this (I think SPE got whacked
at EL3 for a bunch of errata on the devices I have).
Will
next prev parent reply other threads:[~2026-02-17 12:13 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-16 13:09 [PATCH] KVM: arm64: Disable TRBE Trace Buffer Unit when running in guest context Will Deacon
2026-02-16 14:29 ` Marc Zyngier
2026-02-16 15:05 ` James Clark
2026-02-16 15:51 ` Marc Zyngier
2026-02-16 16:10 ` James Clark
2026-02-16 16:49 ` Marc Zyngier
2026-02-20 11:42 ` James Clark
2026-02-24 11:19 ` Marc Zyngier
2026-02-20 15:48 ` Leo Yan
2026-02-24 11:22 ` Marc Zyngier
2026-02-16 18:14 ` Will Deacon
2026-02-17 14:19 ` Leo Yan
2026-02-17 14:52 ` Will Deacon
2026-02-17 19:01 ` Leo Yan
2026-02-19 13:54 ` Will Deacon
2026-02-19 18:58 ` Leo Yan
2026-02-19 19:06 ` Leo Yan
2026-02-25 12:09 ` Leo Yan
2026-02-27 18:07 ` Will Deacon
2026-03-03 10:36 ` Leo Yan
2026-03-03 10:47 ` Suzuki K Poulose
2026-02-16 15:53 ` Alexandru Elisei
2026-02-16 17:10 ` Will Deacon
2026-02-17 12:13 ` Will Deacon [this message]
2026-02-16 17:32 ` Will Deacon
2026-02-17 12:20 ` James Clark
2026-02-17 12:26 ` Will Deacon
2026-02-17 13:58 ` James Clark
2026-02-16 15:13 ` James Clark
2026-02-16 17:05 ` Will Deacon
2026-02-17 9:18 ` James Clark
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aZRbZOT13aT60Z70@willie-the-truck \
--to=will@kernel.org \
--cc=alexandru.elisei@arm.com \
--cc=james.clark@linaro.org \
--cc=kvmarm@lists.linux.dev \
--cc=leo.yan@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=oupton@kernel.org \
--cc=suzuki.poulose@arm.com \
--cc=tabba@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox