Re: [PATCH 0/6] target/riscv: Fix PMP related problem

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 0/6] target/riscv: Fix PMP related problem

From:	Weiwei Li
Subject:	Re: [PATCH 0/6] target/riscv: Fix PMP related problem
Date:	Tue, 18 Apr 2023 11:36:52 +0800
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0


On 2023/4/18 11:07, LIU Zhiwei wrote:

On 2023/4/13 17:01, Weiwei Li wrote:
This patchset tries to fix the PMP bypass problem issuehttps://gitlab.com/qemu-project/qemu/-/issues/1542
Please add your analysis of this issue here.

By the way, I think this problem is introduced by

https://www.mail-archive.com/qemu-devel@nongnu.org/msg939331.html


It seems have no relationship with this commit.

I think there are several problems for this issue:

1. TLB will not be cached only when the access address have matched PMPentry. So the other address access may hit the TLB(if first access ofthe page didn't hit the PMP entry)


and bypass the pmp check. This is fixed by patch 1.

2. Writing to pmpaddr  didn't trigger tlb flush. This is fixed by patch 3.

3. The tb isn't flushed when PMP permission changes, so It also may hitthe tb and bypass the changed PMP check for instruction fetch. This isfixed by patch 5.

4. We set the tlb_size to 1 to make the TLB_INVALID_MASK set. Howeverthis flag will be cleared after fill_tlb, and this will make the hostaddress be cached, and let the following instruction fetch in the sametb bypass the PMP check. This is fixed by patch 6.


Regards,

Weiwei Li

I have commented on how to correct this patch. But by accident, it hasbeen merged.


Zhiwei


The port is available here:
https://github.com/plctlab/plct-qemu/tree/plct-pmp-fix

Weiwei Li (6):
   target/riscv: Update pmp_get_tlb_size()
   target/riscv: Move pmp_get_tlb_size apart from
     get_physical_address_pmp
   target/riscv: flush tlb when pmpaddr is updated
   target/riscv: Flush TLB only when pmpcfg/pmpaddr really changes
   target/riscv: flush tb when PMP entry changes
   accel/tcg: Remain TLB_INVALID_MASK in the address when TLB is
     re-filled

  accel/tcg/cputlb.c        |  7 -----
  target/riscv/cpu_helper.c | 19 ++++---------
  target/riscv/pmp.c        | 60 ++++++++++++++++++++++++++-------------
  target/riscv/pmp.h        |  3 +-
  4 files changed, 47 insertions(+), 42 deletions(-)

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 1/6] target/riscv: Update pmp_get_tlb_size(), (continued)
- [PATCH 6/6] accel/tcg: Remain TLB_INVALID_MASK in the address when TLB is re-filled, Weiwei Li, 2023/04/13
  - Re: [PATCH 6/6] accel/tcg: Remain TLB_INVALID_MASK in the address when TLB is re-filled, Daniel Henrique Barboza, 2023/04/17
    - Re: [PATCH 6/6] accel/tcg: Remain TLB_INVALID_MASK in the address when TLB is re-filled, Weiwei Li, 2023/04/17
    - Re: [PATCH 6/6] accel/tcg: Remain TLB_INVALID_MASK in the address when TLB is re-filled, Richard Henderson, 2023/04/18
    - Re: [PATCH 6/6] accel/tcg: Remain TLB_INVALID_MASK in the address when TLB is re-filled, Richard Henderson, 2023/04/18
    - Re: [PATCH 6/6] accel/tcg: Remain TLB_INVALID_MASK in the address when TLB is re-filled, Weiwei Li, 2023/04/18
- [PATCH 5/6] target/riscv: flush tb when PMP entry changes, Weiwei Li, 2023/04/13
  - Re: [PATCH 5/6] target/riscv: flush tb when PMP entry changes, LIU Zhiwei, 2023/04/18
- Re: [PATCH 0/6] target/riscv: Fix PMP related problem, LIU Zhiwei, 2023/04/17
  - Re: [PATCH 0/6] target/riscv: Fix PMP related problem, Weiwei Li <=
    - Re: [PATCH 0/6] target/riscv: Fix PMP related problem, LIU Zhiwei, 2023/04/18
    - Re: [PATCH 0/6] target/riscv: Fix PMP related problem, Weiwei Li, 2023/04/18

Prev by Date: Re: [PATCH 0/6] target/riscv: Fix PMP related problem
Next by Date: [PATCH V2] virtio: i2c: Check notifier helpers for VIRTIO_CONFIG_IRQ_IDX
Previous by thread: Re: [PATCH 0/6] target/riscv: Fix PMP related problem
Next by thread: Re: [PATCH 0/6] target/riscv: Fix PMP related problem
Index(es):
- Date
- Thread