From: Nanyong Sun <sunnanyong@huawei.com>
To: Alex Ghiti <alex@ghiti.fr>, Palmer Dabbelt <palmer@dabbelt.com>
Cc: Paul Walmsley <paul.walmsley@sifive.com>, <aou@eecs.berkeley.edu>,
"Anup Patel" <Anup.Patel@wdc.com>,
<linux-riscv@lists.infradead.org>, <linux-kernel@vger.kernel.org>,
Atish Patra <Atish.Patra@wdc.com>, <wangkefeng.wang@huawei.com>,
<tiantao6@hisilicon.com>, <qiuwenbo@phytium.com.cn>,
<rppt@kernel.org>, <jszhang@kernel.org>, <mick@ics.forth.gr>
Subject: Re: [PATCH v2 -next] riscv: mm: remove redundant trampoline PGD for 64bit
Date: Thu, 9 Sep 2021 11:23:30 +0800 [thread overview]
Message-ID: <678f7a40-988a-ce60-0b7a-2a70fe28ecd1@huawei.com> (raw)
In-Reply-To: <13c4d471-dc3b-32d8-6535-36d3862592d4@ghiti.fr>
On 2021/9/8 16:56, Alex Ghiti wrote:
> Hi Nanyong,
>
> Le 8/09/2021 à 08:42, Nanyong Sun a écrit :
>>
>> On 2021/8/14 6:08, Palmer Dabbelt wrote:
>>> On Mon, 02 Aug 2021 05:43:02 PDT (-0700), alex@ghiti.fr wrote:
>>>> Hi Nanyong,
>>>>
>>>> Le 28/07/2021 à 13:55, Alex Ghiti a écrit :
>>>>>
>>>>>
>>>>> Le 28/07/2021 à 04:49, Nanyong Sun a écrit :
>>>>>> Remove redundant trampoline PGD for 64bit and add more comment
>>>>>> for why 32bit systems need trampoline PGD.
>>>>>>
>>>>>>
>>>>>> +load_kernel_pgd:
>>>>>> + /*
>>>>>> + * Switch to kernel page tables. A full fence is necessary
>>>>>> in order to
>>>>>> + * avoid using the trampoline translations, which are only
>>>>>> correct for
>>>>>> + * the first superpage. Fetching the fence is guarnteed
>>>>>> to work
>>>>>> + * because that first superpage is translated the same way.
>>>>>> + */
>>>>>> + csrw CSR_SATP, a2
>>>>>> + sfence.vma
>>>>>> +
>>>>>> +load_done:
>>>>>> /* Set trap vector to spin forever to help debug */
>>>>>> la a0, .Lsecondary_park
>>>>>> csrw CSR_TVEC, a0
>>>>
>>>>
>>>> I suppose stvec was set this way to catch any problem with
>>>> early_pg_dir,
>>>> you moved that and then this defeats this original purpose.
>>>
>> Hi Alex,
>>
>> I don't think so, before set early_pg_dir to satp, it's the
>> physical address world, we must set stvec as
>>
>> the first place in virtual address world we want jump to. And I don't
>> think ".Lsecondary_park " can catch
>>
>> problem of bad early_pg_dir, if the basic page table is wrong, CPU
>> also can not go to the virtual address stored in stvec correctly.
>
> But I think then that it loops forever at the stvec address which
> allows to know where the boot failed.
If satp had a problem, then cpu can not fetch instruction where stvec
pointing to, as what palmer said: if you end up in a position where the
processer is unable to commit an instruction you also
lose the ability to do anything meaningful with the debugger, thus
essentially locking up the system.
>
>>
>> More, in the original code, before set trampoline_pg_dir, what if the
>> trampoline_pg_dir had a problem?
>
> You're right but this debug 'feature' was not installed, I guess
> somebody had a hard time at some point with the early page table and
> not the trampoline :)
>
> Anyway, I was just pointing that you 'broke' the current way things
> work and unless this is for an explicit good reason, that should not
> happen.
>
The design logic is: at the first time cpu convert to virtual address
world from physical world, actually stvec is a real "trampoline", it
can not be set
as a pointer to spin trap, it should be set to the first place in
virtual world where we wanna go. After that, then we set stvec as a spin
trap to catch
any problem in later running.
So, for 64bit system, if we want to delete trampoline_pg_dir, the
design principle is not broken here. For 32bit system, I really need
change back.
>>
>>> Essentially.
>>>
>>> The specific issue is that the JTAG debug spec is defined (or at
>>> least was when I was using it, it's been years since I've needed to
>>> do that) in terms of committed instructions. Thus if you end up in
>>> a position where the processer is unable to commit an instruction
>>> you also lose the ability to do anything meaningful with the
>>> debugger, thus essentially locking up the system.
>>>
>>> The most common way to end up in a situation where the processor is
>>> unable to commit an instruction is to have a fault with an invalid
>>> trap vector: maybe dangling from M-mode, the last boot, reset,
>>> whatever. Then as soon as you take a trap the system locks up. Any
>>> trap before we have a working trap handler is a bug, but it's way
>>> harder to debug things when the debugger doesn't function.
>>>
>>> There is of course no way to fundamentally prevent these sort of
>>> no-commitable-instruction situations, but I got into the habbit of
>>> just setting up a trivial trap entry point ASAP -- it probably took
>>> a dozen rounds of trying to debug the debugger only to realize it
>>> was per spec to hang, but that idiom eventually crept into pretty
>>> much everything.
>>>
>>> Not sure if the debug spec is still written this way (or if
>>> debuggers respect it), as I haven't had to use one in a while.
>>>
>>>>
>>>>
>>>>>>
>>>>>> diff --git a/arch/riscv/mm/init.c b/arch/riscv/mm/init.c
>>>>>> index ac48742fa6fc..306fcb2334fa 100644
>>>>>> --- a/arch/riscv/mm/init.c
>>>>>> +++ b/arch/riscv/mm/init.c
>>>>>> @@ -219,13 +219,17 @@ unsigned long pfn_base __ro_after_init;
>>>>>> EXPORT_SYMBOL(pfn_base);
>>>>>> pgd_t swapper_pg_dir[PTRS_PER_PGD] __page_aligned_bss;
>>>>>> +#ifndef CONFIG_64BIT
>>>>>> pgd_t trampoline_pg_dir[PTRS_PER_PGD] __page_aligned_bss;
>>>>>> +#endif /* CONFIG_64BIT */
>>>>
>>>>
>>>> As stated in Documentation/process/coding-style.rst, it is better
>>>> to use
>>>> __maybe_unused rather than #ifdefs.
>>>>
>>>>
>> I'm afraid that __maybe_unused can not save one page memory here.
>
> What do you mean?
>
I mean trampoline_pg_dir cost 4096 bytes here and __maybe_unused only
tell compiler don't raise a warning, but it still cost memory.
prev parent reply other threads:[~2021-09-09 3:23 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-28 2:49 [PATCH v2 -next] riscv: mm: remove redundant trampoline PGD for 64bit Nanyong Sun
2021-07-28 11:55 ` Alex Ghiti
2021-08-02 12:43 ` Alex Ghiti
2021-08-13 22:08 ` Palmer Dabbelt
2021-09-08 6:42 ` Nanyong Sun
2021-09-08 8:56 ` Alex Ghiti
2021-09-09 3:23 ` Nanyong Sun [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=678f7a40-988a-ce60-0b7a-2a70fe28ecd1@huawei.com \
--to=sunnanyong@huawei.com \
--cc=Anup.Patel@wdc.com \
--cc=Atish.Patra@wdc.com \
--cc=alex@ghiti.fr \
--cc=aou@eecs.berkeley.edu \
--cc=jszhang@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=mick@ics.forth.gr \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
--cc=qiuwenbo@phytium.com.cn \
--cc=rppt@kernel.org \
--cc=tiantao6@hisilicon.com \
--cc=wangkefeng.wang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).