From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:47517)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <rth7680@gmail.com>) id 1an7Mn-0002qr-Qw
	for qemu-devel@nongnu.org; Mon, 04 Apr 2016 12:28:42 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <rth7680@gmail.com>) id 1an7Mk-0007Zw-99
	for qemu-devel@nongnu.org; Mon, 04 Apr 2016 12:28:41 -0400
Received: from mail-qg0-x230.google.com ([2607:f8b0:400d:c04::230]:33167)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <rth7680@gmail.com>) id 1an7Mk-0007Zm-47
	for qemu-devel@nongnu.org; Mon, 04 Apr 2016 12:28:38 -0400
Received: by mail-qg0-x230.google.com with SMTP id j35so156789220qge.0
	for <qemu-devel@nongnu.org>; Mon, 04 Apr 2016 09:28:37 -0700 (PDT)
Sender: Richard Henderson <rth7680@gmail.com>
References: <CAFEAcA8c4opwvO6LJ-Ecai3x77goxyhj7P8OuzgB64As752Fiw@mail.gmail.com>
From: Richard Henderson <rth@twiddle.net>
Message-ID: <57029630.3070300@twiddle.net>
Date: Mon, 4 Apr 2016 09:28:32 -0700
MIME-Version: 1.0
In-Reply-To: <CAFEAcA8c4opwvO6LJ-Ecai3x77goxyhj7P8OuzgB64As752Fiw@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] best way to implement emulation of AArch64 tagged
	addresses
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Peter Maydell <peter.maydell@linaro.org>, QEMU Developers <qemu-devel@nongnu.org>
Cc: Thomas Hanson <thomas.hanson@linaro.org>

On 04/04/2016 08:51 AM, Peter Maydell wrote:
> I thought of two possible ways to approach implementing this.
> Option (1) would be to change the codegen in translate-a64.c so that
> we mask out high bits before doing the QEMU load/store TCG op.
> Option (2) leaves the VA that we pass to the TCG load/store alone
> (ie with tag bits intact) and tries to handle this all in the va-to-pa
> code.
>
> I think option (1) is a non-starter because of that requirement to
> report the full address with tags in the FAR (as well as being slower
> due to all the extra masking on memory operations). So that leaves
> option (2), possibly with some help from common code to make things
> a bit less awkward.

Agreed.

> In particular I think if you just do the relevant handling of the tag
> bits in target-arm's get_phys_addr() and its subroutines then this
> should work ok, with the exceptions that:
>   * the QEMU TLB code will think that [tag A + address X] and
>     [tag B + address X] are different virtual addresses and they will
>     miss each other in the TLB

Yep.  Not only miss, but actively contend with each other.

>   * tlb invalidate by address becomes nasty because we need to invalidate
>     [every tag + address X]

Hmm.  We should require only one flush for X.  But the common code doesn't know 
that...  I suppose a new tlb_flush_page_mask would do the trick.

> Can we fix those just by having arm_tlb_fill() call
> tlb_set_page_with_attrs() with the vaddr with the tag masked out?

No, that misses when we perform the full vaddr+tag comparison on the TCG fast path.

> [NB: this is all assuming softmmu; getting tagged addresses to work
> in linux-user mode would require doing the masking in translate.c,
> but I definitely don't want two implementations so I guess we just
> ignore linux-user here.]

Let's just say it's another user for the oft wished for softmmu-in-linux-user.


r~