From: Richard Henderson <richard.henderson@linaro.org>
To: Jonathan Behrens <fintelia@gmail.com>,
Palmer Dabbelt <palmer@sifive.com>
Cc: "qemu-devel@nongnu.org Developers" <qemu-devel@nongnu.org>,
Peter Maydell <peter.maydell@linaro.org>,
Alistair Francis <alistair.francis@wdc.com>,
"open list:RISC-V" <qemu-riscv@nongnu.org>,
Hesham Almatary <Hesham.Almatary@cl.cam.ac.uk>
Subject: Re: [Qemu-devel] [Qemu-riscv] [PULL 10/34] RISC-V: Fix a PMP check with the correct access size
Date: Thu, 27 Jun 2019 20:23:20 +0200 [thread overview]
Message-ID: <c64fa0e8-fd9c-8e86-418c-0553f56a0f34@linaro.org> (raw)
In-Reply-To: <CANnJOVF3F_k1LpSYp8OdxSx6LtQR5p-XR5fMKCsXg_0pxySg+Q@mail.gmail.com>
On 6/27/19 7:44 PM, Jonathan Behrens wrote:
> I think this patch is slightly incorrect. If the PMP region is valid for
> the size of the access, but not the rest of the page then a few lines down
> in this function the entire page should not be placed into the TLB. Instead
> only the portion of the page that passed the access check should be
> included. To give an example of where this goes wrong, in the code below
> access to address 0x90000008 should always fail due to PMP rules, but if
> the TLB has already been primed by loading the (allowed) address 0x90000000
> then no fault will be triggered. Notably, this code also executes
> improperly without the patch because the first `ld` instruction traps when
> it shouldn't.
>
> li t0, 0x0000000024000000 // region[0]: 0x90000000..0x90000007
> csrw pmpaddr0, t0
>
> li t0, 0x00000000240001FF // region[1]: 0x90000000..0x90000fff
> csrw pmpaddr1, t0
>
> li t0, 0x1F0000000000989F // cfg[0] = LXRW, cfg[1] = L
> csrw pmpcfg0, t0
>
> sfence.vma
>
> li t0, 0x90000000
> ld s0, 0(t0)
> ld s1, 8(t0) // NO TRAP: address is incorrectly in TLB!
Nice test case.
> I think that the proper fix would be to first do a PMP check for the full
> PAGE_SIZE and execute normally if it passes. Then in the event the full
> page fails, there could be a more granular PMP check with only the accessed
> region inserted as an entry in the TLB.
This feature looks to be almost identical to the ARM m-profile MPU.
The fix is:
If the PMP check is valid for the entire page, then continue to call
tlb_set_page with size=TARGET_PAGE_SIZE.
If the PMP check is valid for the current access, but not for the entire page,
then call tlb_set_page with any size < TARGET_PAGE_SIZE. This change alone is
sufficient, even though the full argument tuple (paddr, vaddr, size) no longer
quite make perfect sense. (For the arm mpu, we compute some 1 << rsize, but
the actual value is never used; setting size=1 would be sufficient.)
Any size < TARGET_PAGE_SIZE will cause TLB_RECHECK to be set for the page,
which will force all accesses to the page to go back through riscv_cpu_tlb_fill
for re-validation.
> Unrelated question: should I be sending "Reviewed By" lines if I read
> through patches that seem reasonable? Or there some formal process I'd have
> to go through first to be approved?
No formal process. More eyes are always welcome.
r~
next prev parent reply other threads:[~2019-06-27 18:25 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-27 15:19 [Qemu-devel] [PULL] RISC-V Patches for the 4.1 Soft Freeze, Part 2 Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 01/34] target/riscv: Allow setting ISA extensions via CPU props Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 02/34] sifive_prci: Read and write PRCI registers Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 03/34] target/riscv: Fix PMP range boundary address bug Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 04/34] target/riscv: Implement riscv_cpu_unassigned_access Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 05/34] RISC-V: Only Check PMP if MMU translation succeeds Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 06/34] RISC-V: Raise access fault exceptions on PMP violations Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 07/34] RISC-V: Check for the effective memory privilege mode during PMP checks Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 08/34] RISC-V: Check PMP during Page Table Walks Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 09/34] RISC-V: Fix a PMP bug where it succeeds even if PMP entry is off Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 10/34] RISC-V: Fix a PMP check with the correct access size Palmer Dabbelt
2019-06-27 17:44 ` [Qemu-devel] [Qemu-riscv] " Jonathan Behrens
2019-06-27 18:23 ` Richard Henderson [this message]
2019-07-08 12:46 ` Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 11/34] riscv: virt: Correct pci "bus-range" encoding Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 12/34] RISC-V: Fix a memory leak when realizing a sifive_e Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 13/34] target/riscv: Restructure deprecatd CPUs Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 14/34] target/riscv: Add the privledge spec version 1.11.0 Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 15/34] target/riscv: Add the mcountinhibit CSR Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 16/34] target/riscv: Set privledge spec 1.11.0 as default Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 17/34] qemu-deprecated.texi: Deprecate the RISC-V privledge spec 1.09.1 Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 18/34] target/riscv: Require either I or E base extension Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 19/34] target/riscv: Remove user version information Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 20/34] target/riscv: Add support for disabling/enabling Counters Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 21/34] RISC-V: Add support for the Zifencei extension Palmer Dabbelt
2019-06-27 15:19 ` [Qemu-devel] [PULL 22/34] RISC-V: Add support for the Zicsr extension Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 23/34] RISC-V: Clear load reservations on context switch and SC Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 24/34] RISC-V: Update syscall list for 32-bit support Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 25/34] riscv: virt: Add cpu-topology DT node Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 26/34] disas/riscv: Disassemble reserved compressed encodings as illegal Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 27/34] disas/riscv: Fix `rdinstreth` constraint Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 28/34] riscv: sifive_u: Do not create hard-coded phandles in DT Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 29/34] riscv: sifive_u: Update the plic hart config to support multicore Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 30/34] hw/riscv: Split out the boot functions Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 31/34] hw/riscv: Add support for loading a firmware Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 32/34] hw/riscv: Extend the kernel loading support Palmer Dabbelt
2019-06-27 15:20 ` [Qemu-devel] [PULL 33/34] roms: Add OpenSBI version 0.3 Palmer Dabbelt
2019-06-28 9:46 ` Jonathan Cameron
2019-06-28 16:12 ` Alistair Francis
2019-06-28 17:10 ` Palmer Dabbelt
2019-07-01 12:40 ` Jonathan Cameron
2019-07-01 13:23 ` [Qemu-devel] [Qemu-riscv] " Anup Patel
2019-07-01 16:39 ` Alistair Francis
2019-07-01 16:54 ` [Qemu-devel] " Peter Maydell
2019-07-01 17:50 ` Alistair Francis
2019-07-01 18:01 ` Peter Maydell
2019-07-01 18:09 ` Alistair Francis
2019-07-01 18:13 ` Peter Maydell
2019-07-01 18:19 ` Alistair Francis
2019-07-02 7:02 ` [Qemu-devel] [Qemu-riscv] " Anup Patel
2019-07-02 4:12 ` [Qemu-devel] " Markus Armbruster
2019-07-02 10:32 ` Paolo Bonzini
2019-07-02 16:07 ` Alistair Francis
2019-07-04 16:00 ` Stefan Hajnoczi
2019-07-04 19:35 ` Alistair Francis
2019-06-27 15:20 ` [Qemu-devel] [PULL 34/34] hw/riscv: Load OpenSBI as the default firmware Palmer Dabbelt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c64fa0e8-fd9c-8e86-418c-0553f56a0f34@linaro.org \
--to=richard.henderson@linaro.org \
--cc=Hesham.Almatary@cl.cam.ac.uk \
--cc=alistair.francis@wdc.com \
--cc=fintelia@gmail.com \
--cc=palmer@sifive.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-riscv@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).