From: Mark Rutland <mark.rutland@arm.com>
To: Julien Grall <julien.grall@arm.com>
Cc: sstabellini@kernel.org,
Razvan Cojocaru <rcojocaru@bitdefender.com>,
steve.capper@arm.com, proskurin@sec.in.tum.de,
xen-devel@lists.xen.org, Tamas K Lengyel <tamas@tklengyel.com>,
wei.chen@linaro.org
Subject: Re: [RFC 21/22] xen/arm: p2m: Re-implement p2m_set_mem_access using p2m_{set, get}_entry
Date: Mon, 1 Aug 2016 17:34:52 +0100 [thread overview]
Message-ID: <20160801163429.GC17831@leverpostej> (raw)
In-Reply-To: <cabc8ad0-5af6-c9c3-5cb1-f774265c5bc9@arm.com>
Hi Julien,
On Mon, Aug 01, 2016 at 04:40:50PM +0100, Julien Grall wrote:
> Hi Razvan,
>
> On 28/07/16 16:04, Razvan Cojocaru wrote:
> >On 07/28/2016 05:51 PM, Julien Grall wrote:
> >>The function p2m_set_mem_access can be re-implemented using the generic
> >>functions p2m_get_entry and __p2m_set_entry.
> >>
> >>Note that because of the implementation of p2m_get_entry, a TLB
> >>invalidation instruction will be issued for each 4KB page. Therefore the
> >>performance of memaccess will be impacted, however the function is now
> >>safe on all the processors.
> >>
> >>Also the function apply_p2m_changes is dropped completely as it is not
> >>unused anymore.
> >>
> >>Signed-off-by: Julien Grall <julien.grall@arm.com>
> >>Cc: Razvan Cojocaru <rcojocaru@bitdefender.com>
> >>Cc: Tamas K Lengyel <tamas@tklengyel.com>
> >>
> >>---
> >> I have not ran any performance test with memaccess for now, but I
> >> expect an important and unavoidable impact because of how memaccess
> >> has been designed to workaround hardware limitation. Note that might
> >> be possible to re-work memaccess work on superpage but this should
> >> be done in a separate patch.
> >>---
> >> xen/arch/arm/p2m.c | 329 +++++++----------------------------------------------
> >> 1 file changed, 38 insertions(+), 291 deletions(-)
> >
> >Thanks for the CC!
> >
> >This seems to only impact ARM, are there any planned changes for x86
> >along these lines as well?
>
> Actually, it might be possible to remove the TLB for each 4KB entry
> in the memaccess case.
Could you clarify what you mean by "remove the TLB"? Do you mean a TLBI
instruction?
> After I read again multiple time the ARM ARM (D4-1732 in ARM DDI
> 0487A.i) and spoke with various ARM folks, changing the permission
> (i.e read, write, execute) does not require the break-before-make
> sequence.
Regardless of whether Break-Before-Make (BBM) is required, TLB
invalidation is still required to ensure the new permissions have taken
effect after *any* modification to page tables, unless:
* The prior entry was not permitted to be held in a TLB, and:
* No TLB held an entry for the address range.
> However, I noticed a latent bug in the memaccess code when the
> permission restriction are removed/changed.
>
> In the current implementation (i.e without this series), the TLB
> invalidation is deferred until the p2m is released. Until that time,
> a vCPU may still run with the previous permission and trap into the
> hypervisor the permission fault. However, as the permission as
> changed, p2m_memaccess_check may fail and we will inject an abort to
> the guest.
>
> The problem is very similar to [1]. This will still be true with
> this series applied if I relaxed the use of the break-before-make
> sequence. The two ways I can see to fix this are either try again
> the instruction (we would trap again if the permission was not
> correct) or keep the break-before-make.
Why can you not have TLB invalidation without the full BBM sequence?
Thanks,
Mark.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-08-01 16:34 UTC|newest]
Thread overview: 98+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-28 14:51 [RFC 00/22] xen/arm: Rework the P2M code to follow break-before-make sequence Julien Grall
2016-07-28 14:51 ` [RFC 01/22] xen/arm: do_trap_instr_abort_guest: Move the IPA computation out of the switch Julien Grall
2016-08-16 0:21 ` Stefano Stabellini
2016-08-16 16:20 ` Julien Grall
2016-08-31 10:01 ` Julien Grall
2016-08-31 19:43 ` Stefano Stabellini
2016-09-06 14:54 ` Julien Grall
2016-07-28 14:51 ` [RFC 02/22] xen/arm: p2m: Store in p2m_domain whether we need to clean the entry Julien Grall
2016-08-16 0:35 ` Stefano Stabellini
2016-08-31 10:29 ` Julien Grall
2016-07-28 14:51 ` [RFC 03/22] xen/arm: p2m: Rename parameter in p2m_{remove, write}_pte Julien Grall
2016-08-16 0:36 ` Stefano Stabellini
2016-07-28 14:51 ` [RFC 04/22] xen/arm: p2m: Use typesafe gfn in p2m_mem_access_radix_set Julien Grall
2016-08-16 0:39 ` Stefano Stabellini
2016-07-28 14:51 ` [RFC 05/22] xen/arm: traps: Move MMIO emulation code in a separate helper Julien Grall
2016-08-16 0:49 ` Stefano Stabellini
2016-08-31 10:36 ` Julien Grall
2016-07-28 14:51 ` [RFC 06/22] xen/arm: traps: Check the P2M before injecting a data/instruction abort Julien Grall
2016-08-23 1:05 ` Stefano Stabellini
2016-08-31 10:58 ` Julien Grall
2016-07-28 14:51 ` [RFC 07/22] xen/arm: p2m: Rework p2m_put_l3_page Julien Grall
2016-08-23 1:10 ` Stefano Stabellini
2016-07-28 14:51 ` [RFC 08/22] xen/arm: p2m: Invalidate the TLBs when write unlocking the p2m Julien Grall
2016-08-23 1:18 ` Stefano Stabellini
2016-07-28 14:51 ` [RFC 09/22] xen/arm: p2m: Change the type of level_shifts from paddr_t to unsigned int Julien Grall
2016-08-23 1:20 ` Stefano Stabellini
2016-08-31 11:04 ` Julien Grall
2016-07-28 14:51 ` [RFC 10/22] xen/arm: p2m: Move the lookup helpers at the top of the file Julien Grall
2016-07-28 14:51 ` [RFC 11/22] xen/arm: p2m: Introduce p2m_get_root_pointer and use it in __p2m_lookup Julien Grall
2016-08-23 1:34 ` Stefano Stabellini
2016-07-28 14:51 ` [RFC 12/22] xen/arm: p2m: Introduce p2m_get_entry and use it to implement __p2m_lookup Julien Grall
2016-07-30 18:37 ` Tamas K Lengyel
2016-08-31 0:30 ` [RFC 12/22] xen/arm: p2m: Introduce p2m_get_entry and use it to implement __p2m_lookupo Stefano Stabellini
2016-08-31 12:25 ` Julien Grall
2016-08-31 19:33 ` Stefano Stabellini
2016-09-01 11:37 ` Julien Grall
2016-07-28 14:51 ` [RFC 13/22] xen/arm: p2m: Replace all usage of __p2m_lookup with p2m_get_entry Julien Grall
2016-07-28 17:29 ` Tamas K Lengyel
2016-07-28 17:36 ` Tamas K Lengyel
2016-07-29 15:06 ` Julien Grall
2016-07-29 22:36 ` Tamas K Lengyel
2016-07-28 17:51 ` Julien Grall
2016-09-05 20:45 ` Stefano Stabellini
2016-07-28 14:51 ` [RFC 14/22] xen/arm: p2m: Re-implement p2m_cache_flush using p2m_get_entry Julien Grall
2016-09-05 21:13 ` Stefano Stabellini
2016-09-06 14:56 ` Julien Grall
2016-07-28 14:51 ` [RFC 15/22] xen/arm: p2m: Re-implement relinquish_p2m_mapping " Julien Grall
2016-09-05 21:58 ` Stefano Stabellini
2016-09-06 15:05 ` Julien Grall
2016-09-06 18:21 ` Stefano Stabellini
2016-09-07 7:37 ` Julien Grall
2016-07-28 14:51 ` [RFC 16/22] xen/arm: p2m: Make p2m_{valid, table, mapping} helpers inline Julien Grall
2016-09-05 22:00 ` Stefano Stabellini
2016-07-28 14:51 ` [RFC 17/22] xen/arm: p2m: Introduce a helper to check if an entry is a superpage Julien Grall
2016-09-05 22:03 ` Stefano Stabellini
2016-07-28 14:51 ` [RFC 18/22] xen/arm: p2m: Introduce p2m_set_entry and __p2m_set_entry Julien Grall
2016-07-30 18:40 ` Tamas K Lengyel
2016-08-15 10:22 ` Sergej Proskurin
2016-09-06 1:08 ` Stefano Stabellini
2016-09-06 17:12 ` Julien Grall
2016-09-06 18:51 ` Stefano Stabellini
2016-09-07 8:18 ` Julien Grall
2016-09-09 23:14 ` Stefano Stabellini
2016-07-28 14:51 ` [RFC 19/22] xen/arm: p2m: Re-implement p2m_remove_using using p2m_set_entry Julien Grall
2016-09-06 18:53 ` Stefano Stabellini
2016-07-28 14:51 ` [RFC 20/22] xen/arm: p2m: Re-implement p2m_insert_mapping " Julien Grall
2016-09-06 18:57 ` Stefano Stabellini
2016-09-15 10:38 ` Julien Grall
2016-07-28 14:51 ` [RFC 21/22] xen/arm: p2m: Re-implement p2m_set_mem_access using p2m_{set, get}_entry Julien Grall
2016-07-28 15:04 ` Razvan Cojocaru
2016-07-28 15:16 ` Julien Grall
2016-08-01 15:40 ` Julien Grall
2016-08-01 15:59 ` Tamas K Lengyel
2016-08-01 16:15 ` Julien Grall
2016-08-01 16:27 ` Tamas K Lengyel
2016-08-01 16:33 ` Julien Grall
2016-08-01 16:41 ` Tamas K Lengyel
2016-08-02 6:07 ` Razvan Cojocaru
2016-08-01 16:34 ` Mark Rutland [this message]
2016-08-01 16:57 ` Julien Grall
2016-08-01 17:26 ` Mark Rutland
2016-08-01 18:22 ` Mark Rutland
2016-08-02 9:58 ` Julien Grall
2016-08-02 10:26 ` Mark Rutland
2016-07-28 17:21 ` Tamas K Lengyel
2016-09-06 19:06 ` Stefano Stabellini
2016-09-06 19:16 ` Razvan Cojocaru
2016-09-06 19:17 ` Stefano Stabellini
2016-09-07 6:56 ` Julien Grall
2016-09-07 7:03 ` Razvan Cojocaru
2016-07-28 14:51 ` [RFC 22/22] xen/arm: p2m: Do not handle shattering in p2m_create_table Julien Grall
2016-09-06 18:59 ` Stefano Stabellini
2016-07-28 17:46 ` [RFC 00/22] xen/arm: Rework the P2M code to follow break-before-make sequence Tamas K Lengyel
2016-07-29 16:23 ` Julien Grall
2016-07-29 19:05 ` Julien Grall
2016-08-15 10:24 ` Julien Grall
2016-08-15 15:06 ` Edgar E. Iglesias
2016-08-17 2:28 ` Shanker Donthineni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160801163429.GC17831@leverpostej \
--to=mark.rutland@arm.com \
--cc=julien.grall@arm.com \
--cc=proskurin@sec.in.tum.de \
--cc=rcojocaru@bitdefender.com \
--cc=sstabellini@kernel.org \
--cc=steve.capper@arm.com \
--cc=tamas@tklengyel.com \
--cc=wei.chen@linaro.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).