From: Julien Grall <julien.grall@arm.com>
To: Stefano Stabellini <sstabellini@kernel.org>
Cc: andrew.cooper3@citrix.com, andre.przywara@linaro.org,
xen-devel@lists.xen.org
Subject: Re: [PATCH 1/3] xen/arm: io: Distinguish unhandled IO from aborted one
Date: Wed, 31 Jan 2018 12:17:19 +0000 [thread overview]
Message-ID: <85c0be04-c01c-a77a-30e4-3ffacaacc9ac@arm.com> (raw)
In-Reply-To: <alpine.DEB.2.10.1801301108460.11958@sstabellini-ThinkPad-X260>
Hi Stefano,
On 30/01/18 19:09, Stefano Stabellini wrote:
> On Tue, 30 Jan 2018, Julien Grall wrote:
>>>> diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c
>>>> index c8534d6cff..843adf4959 100644
>>>> --- a/xen/arch/arm/traps.c
>>>> +++ b/xen/arch/arm/traps.c
>>>> @@ -1864,10 +1864,10 @@ static inline bool hpfar_is_valid(bool s1ptw,
>>>> uint8_t fsc)
>>>> return s1ptw || (fsc == FSC_FLT_TRANS &&
>>>> !check_workaround_834220());
>>>> }
>>>> -static bool try_handle_mmio(struct cpu_user_regs *regs,
>>>> - const union hsr hsr,
>>>> - paddr_t gpa)
>>>> -{
>>>> +static enum io_state try_handle_mmio(struct cpu_user_regs *regs,
>>>> + const union hsr hsr,
>>>> + paddr_t gpa)
>>>> + {
>>>> const struct hsr_dabt dabt = hsr.dabt;
>>>> mmio_info_t info = {
>>>> .gpa = gpa,
>>>> @@ -1879,11 +1879,11 @@ static bool try_handle_mmio(struct cpu_user_regs
>>>> *regs,
>>>> /* stage-1 page table should never live in an emulated MMIO region
>>>> */
>>>> if ( dabt.s1ptw )
>>>> - return false;
>>>> + return IO_UNHANDLED;
>>>> /* All the instructions used on emulated MMIO region should be
>>>> valid */
>>>> if ( !dabt.valid )
>>>> - return false;
>>>> + return IO_UNHANDLED;
>>>> /*
>>>> * Erratum 766422: Thumb store translation fault to Hypervisor may
>>>> @@ -1896,11 +1896,11 @@ static bool try_handle_mmio(struct cpu_user_regs
>>>> *regs,
>>>> if ( rc )
>>>> {
>>>> gprintk(XENLOG_DEBUG, "Unable to decode instruction\n");
>>>> - return false;
>>>> + return IO_ABORT;
>>>> }
>>>> }
>>>
>>> Why do the first two error checks result in IO_UNHANDLED, while the
>>> third result in IO_ABORT? Specifically in relation to pagetable walk
>>> failures due to someone else changing stage-2 entry simultaneously (see
>>> comment toward the end of do_trap_stage2_abort_guest)?
>>
>> Good question. Somehow I considered the first two as part of looking up the
>> proper handler and not the device itself.
>>
>> But I guess that at this stage we know that IO was targeting an emulated
>> region. So we can return IO_ABORT.
>
> That is what I thought as well
Actually, I have said something completely wrong yesterday. Must have
been too tired :/.
At the time you call try_handle_mmio, you still don't know whether the
fault was because of accessing an emulated MMIO region. You will only be
sure when find_mmio_handler() has returned a non-NULL pointer (see
handle_mmio()).
So returning IO_UNHANDLED here is correct as you want to try another
method to handle the fault.
However, it also means that even bad access to emulated region will
result to fallback on another method. While this should not be issue, I
don't think this is future proof (I am mostly worry on the ACPI case
where MMIO are mapped on-demand).
So I will send a patch to fold try_handle_mmio() into handle_mmio().
>
>
>> On a side note, it looks like the check dabt.s1ptw is unnecessary because a
>> stage 2 abort on stage 1 translation table lookup will not return a valid
>> instruction syndrome (see B3-1433 in DDI 0406C.c and D10-2460 in DDI 0487C.a).
>
> in that case, go ahead and remove it as part of this patch, mention it
> in the commit message
I will do that in a patch that fold try_handle_mmio() in handle_mmio().
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2018-01-31 12:17 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-30 16:14 [PATCH 0/3] xen/arm: Inject an exception to the guest rather than crashing it Julien Grall
2018-01-30 16:14 ` [PATCH 1/3] xen/arm: io: Distinguish unhandled IO from aborted one Julien Grall
2018-01-30 18:14 ` Stefano Stabellini
2018-01-30 18:31 ` Julien Grall
2018-01-30 19:09 ` Stefano Stabellini
2018-01-31 12:17 ` Julien Grall [this message]
2018-02-01 0:39 ` Stefano Stabellini
2018-01-30 16:14 ` [PATCH 2/3] xen/arm: Don't crash domain on bad MMIO emulation Julien Grall
2018-01-30 18:18 ` Stefano Stabellini
2018-01-30 16:14 ` [PATCH 3/3] xen/arm: Don't crash the domain on invalid HVC immediate Julien Grall
2018-01-30 18:24 ` Stefano Stabellini
2018-01-30 18:26 ` Julien Grall
2018-01-30 16:38 ` [PATCH 0/3] xen/arm: Inject an exception to the guest rather than crashing it Andrew Cooper
2018-01-30 17:00 ` Julien Grall
2018-01-30 18:29 ` Andrew Cooper
2018-01-30 18:46 ` Julien Grall
2018-01-30 19:09 ` Andrew Cooper
2018-01-30 19:21 ` Stefano Stabellini
2018-01-30 19:23 ` Andrew Cooper
2018-01-31 11:53 ` Julien Grall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=85c0be04-c01c-a77a-30e4-3ffacaacc9ac@arm.com \
--to=julien.grall@arm.com \
--cc=andre.przywara@linaro.org \
--cc=andrew.cooper3@citrix.com \
--cc=sstabellini@kernel.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).