From: Andre Przywara <andre.przywara@arm.com>
To: Suzuki K Poulose <Suzuki.Poulose@arm.com>,
Will Deacon <will.deacon@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>
Cc: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 6/6] arm64: trap userspace "dc cvau" cache operation on errata-affected core
Date: Fri, 17 Jun 2016 18:20:40 +0100 [thread overview]
Message-ID: <c5d47238-6391-8468-b9d7-6a28e82a3edc@arm.com> (raw)
In-Reply-To: <57602DF2.1040501@arm.com>
Hi Suzuki,
thanks for having a look!
On 14/06/16 17:16, Suzuki K Poulose wrote:
> On 09/05/16 17:49, Andre Przywara wrote:
>> The ARM errata 819472, 826319, 827319 and 824069 for affected
>> Cortex-A53 cores demand to promote "dc cvau" instructions to
>> "dc civac". Since we allow userspace to also emit those instructions,
>> we should make sure that "dc cvau" gets promoted there too.
>> So lets grasp the nettle here and actually trap every userland cache
>> maintenance instruction once we detect at least one affected core in
>> the system.
>> We then emulate the instruction by executing it on behalf of userland,
>> promoting "dc cvau" to "dc civac" on the way and injecting access
>> fault back into userspace.
>>
>> Signed-off-by: Andre Przywara <andre.przywara@arm.com>
>
>
>> +
>> +asmlinkage void __exception do_sysinstr(unsigned int esr, struct
>> pt_regs *regs)
>> +{
>> + unsigned long address;
>> + int ret;
>> +
>> + /* if this is a write with: Op0=1, Op2=1, Op1=3, CRn=7 */
>> + if ((esr & 0x01fffc01) == 0x0012dc00) {
>> + int rt = (esr >> 5) & 0x1f;
>> + int crm = (esr >> 1) & 0x0f;
>> +
>> + address = regs->regs[rt];
>> +
>> + switch (crm) {
>> + case 11: /* DC CVAU, gets promoted */
>> + __user_cache_maint("dc civac", address, ret);
>> + break;
>> + case 10: /* DC CVAC, gets promoted */
>> + __user_cache_maint("dc civac", address, ret);
>> + break;
>> + case 14: /* DC CIVAC */
>> + __user_cache_maint("dc civac", address, ret);
>> + break;
>> + case 5: /* IC IVAU */
>> + __user_cache_maint("ic ivau", address, ret);
>> + break;
>> + default:
>> + force_signal_inject(SIGILL, ILL_ILLOPC, regs, 0);
>> + return;
>> + }
>> + } else {
>> + force_signal_inject(SIGILL, ILL_ILLOPC, regs, 0);
>> + return;
>
> Correct me if I am wrong, I think we should handle DC ZVA and emulate
> the same ?
> Thats the only EL0 accessible instruction we don't handle above.
Mmmh, but why should we care?
1) DC ZVA is not trapped by setting SCTLR.UCI - instead it has its own
bit (SCTLR.DZE).
2) The SDEN document does not speak about DC ZVA, so it's not affected
by that mentioned errata.
3) A fault caused by this instruction will not trigger this SIGILL fault
path, AFAICT. We get a synchronous data abort on a NULL pointer
dereference, for instance, so it's a SIGSEGV.
I tested it with issuing valid and invalid DC ZVA instructions and it
worked fine on both an affected and unaffected system.
I saw SIGSEGVs due to PC=0 with *some* unaligned addresses, though, but
that behaviour was reproducible on a non-affected core without the
patches as well, so I don't think it's related (need to investigate).
Yes, a DC ZVA shares the encoding masking above (Op0=1, Op2=1, Op1=3,
CRn=7), but unless the kernel actually sets SCTLR.DZE, we should be
safe. So is it that potential case that you are after or do I miss
something else here?
Cheers,
Andre.
next prev parent reply other threads:[~2016-06-17 17:20 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-09 16:49 [PATCH 0/6] arm64: Extend Cortex-A53 errata workaround Andre Przywara
2016-05-09 16:49 ` [PATCH 1/6] arm64: alternatives: drop enable parameter from _else and _endif macro Andre Przywara
2016-06-23 17:17 ` Catalin Marinas
2016-05-09 16:49 ` [PATCH 2/6] arm64: fix "dc cvau" cache operation on errata-affected core Andre Przywara
2016-05-09 16:49 ` [PATCH 3/6] arm64: include alternative handling in dcache_by_line_op Andre Przywara
2016-06-24 15:32 ` Catalin Marinas
2016-05-09 16:49 ` [PATCH 4/6] arm64: errata: Calling enable functions for CPU errata too Andre Przywara
2016-06-10 15:31 ` Suzuki K Poulose
2016-06-24 15:34 ` Catalin Marinas
2016-05-09 16:49 ` [PATCH 5/6] arm64: consolidate signal injection on emulation errors Andre Przywara
2016-05-09 16:49 ` [PATCH 6/6] arm64: trap userspace "dc cvau" cache operation on errata-affected core Andre Przywara
2016-06-14 16:16 ` Suzuki K Poulose
2016-06-17 17:20 ` Andre Przywara [this message]
2016-06-17 17:25 ` Suzuki K Poulose
2016-06-24 16:25 ` Catalin Marinas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c5d47238-6391-8468-b9d7-6a28e82a3edc@arm.com \
--to=andre.przywara@arm.com \
--cc=Suzuki.Poulose@arm.com \
--cc=catalin.marinas@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).