QEMU-Devel Archive on lore.kernel.org
 help / color / Atom feed
* [Qemu-devel] [PATCH v2 00/28] s390x/tcg: mem_helper: Fault-safe handling
@ 2019-09-06  7:57 David Hildenbrand
  2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 01/28] s390x/tcg: Reset exception_index to -1 instead of 0 David Hildenbrand
                   ` (28 more replies)
  0 siblings, 29 replies; 68+ messages in thread
From: David Hildenbrand @ 2019-09-06  7:57 UTC (permalink / raw)
  To: qemu-devel
  Cc: Florian Weimer, Thomas Huth, David Hildenbrand, Cornelia Huck,
	Stefano Brivio, qemu-s390x, Richard Henderson

This is the successor of
    "[PATCH v1 0/4] s390x/tcg: MOVE (MVC): Fault-safe handling"

----

This series fixes a bunch of issues related to some mem helpers and makes
sure that they are fault-safe, meaning no system state is modified in case
a fault is triggered.

I can spot tons of other issues with other mem helpers that will have
to be fixed later. Also, fault-safe handling for some instructions
(especially TR) might be harder to implement (you don't know what will
actually be accessed upfront - we might need a buffer and go over
inputs twice). Focusing on the MOVE instructions for now.

----

Newer versions of glibc use memcpy() in memmove() for forward moves. The
implementation makese use of MVC. The TCG implementation of MVC is
currently not able to handle faults reliably when crossing pages. MVC
can cross with 256 bytes at most two pages.

In case we get a fault on the second page, we already moved data. When
continuing after the fault we might try to move already overwritten data,
which is very bad in case we have overlapping data on a forward move.

Triggered for now only by rpmbuild (crashes when checking the spec file)
and rpm (database corruptions). This fixes installing Fedora rawhide (31)
under TCG.

This was horrible to debug as it barely triggers and we fail at completely
different places.

Cc: Stefano Brivio <sbrivio@redhat.com>
Cc: Florian Weimer <fweimer@redhat.com>

v1 -> v2:
- Include many fixes
- Fix more instructions
- Use the new probe_access() function
- Include "tests/tcg: target/s390x: Test MVO"

David Hildenbrand (28):
  s390x/tcg: Reset exception_index to -1 instead of 0
  s390x/tcg: MVCL: Zero out unused bits of address
  s390x/tcg: MVCL: Detect destructive overlaps
  s390x/tcg: MVCL: Process max 2k bytes at a time
  s390x/tcg: MVC: Increment the length once
  s390x/tcg: MVC: Use is_destructive_overlap()
  s390x/tcg: MVPG: Check for specification exceptions
  s390x/tcg: MVPG: Properly wrap the addresses
  s390x/tcg: MVCLU/MVCLE: Process max 4k bytes at a time
  s390x/tcg: MVCS/MVCP: Check for special operation exceptions
  s390x/tcg: MVCS/MVCP: Properly wrap the length
  s390x/tcg: MVST: Check for specification exceptions
  s390x/tcg: MVST: Fix storing back the addresses to registers
  s390x/tcg: Always use MMU_USER_IDX for CONFIG_USER_ONLY
  s390x/tcg: Fault-safe memset
  s390x/tcg: Fault-safe memmove
  s390x/tcg: MVCS/MVCP: Use access_memmove_idx()
  s390x/tcg: MVC: Fault-safe handling on destructive overlaps
  s390x/tcg: MVCLU: Fault-safe handling
  s390x/tcg: OC: Fault-safe handling
  s390x/tcg: XC: Fault-safe handling
  s390x/tcg: NC: Fault-safe handling
  s390x/tcg: MVCIN: Fault-safe handling
  s390x/tcg: MVN: Fault-safe handling
  s390x/tcg: MVZ: Fault-safe handling
  s390x/tcg: MVST: Fault-safe handling
  s390x/tcg: MVO: Fault-safe handling
  tests/tcg: target/s390x: Test MVO

 target/s390x/cpu.h              |   4 +
 target/s390x/helper.h           |   2 +-
 target/s390x/insn-data.def      |   2 +-
 target/s390x/mem_helper.c       | 672 ++++++++++++++++++++++----------
 target/s390x/translate.c        |  12 +-
 tests/tcg/s390x/Makefile.target |   1 +
 tests/tcg/s390x/mvo.c           |  25 ++
 7 files changed, 507 insertions(+), 211 deletions(-)
 create mode 100644 tests/tcg/s390x/mvo.c

-- 
2.21.0



^ permalink raw reply	[flat|nested] 68+ messages in thread

end of thread, back to index

Thread overview: 68+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-06  7:57 [Qemu-devel] [PATCH v2 00/28] s390x/tcg: mem_helper: Fault-safe handling David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 01/28] s390x/tcg: Reset exception_index to -1 instead of 0 David Hildenbrand
2019-09-11 14:38   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 02/28] s390x/tcg: MVCL: Zero out unused bits of address David Hildenbrand
2019-09-11 14:40   ` Richard Henderson
2019-09-11 16:10     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 03/28] s390x/tcg: MVCL: Detect destructive overlaps David Hildenbrand
2019-09-11 14:42   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 04/28] s390x/tcg: MVCL: Process max 2k bytes at a time David Hildenbrand
2019-09-11 14:52   ` Richard Henderson
2019-09-11 15:07     ` Richard Henderson
2019-09-11 16:12       ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 05/28] s390x/tcg: MVC: Increment the length once David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 06/28] s390x/tcg: MVC: Use is_destructive_overlap() David Hildenbrand
2019-09-11 14:54   ` Richard Henderson
2019-09-11 16:13     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 07/28] s390x/tcg: MVPG: Check for specification exceptions David Hildenbrand
2019-09-11 14:57   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 08/28] s390x/tcg: MVPG: Properly wrap the addresses David Hildenbrand
2019-09-11 14:58   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 09/28] s390x/tcg: MVCLU/MVCLE: Process max 4k bytes at a time David Hildenbrand
2019-09-11 15:05   ` Richard Henderson
2019-09-11 16:14     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 10/28] s390x/tcg: MVCS/MVCP: Check for special operation exceptions David Hildenbrand
2019-09-11 15:08   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 11/28] s390x/tcg: MVCS/MVCP: Properly wrap the length David Hildenbrand
2019-09-11 15:11   ` Richard Henderson
2019-09-11 16:15     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 12/28] s390x/tcg: MVST: Check for specification exceptions David Hildenbrand
2019-09-11 15:14   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 13/28] s390x/tcg: MVST: Fix storing back the addresses to registers David Hildenbrand
2019-09-11 15:18   ` Richard Henderson
2019-09-11 16:15     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 14/28] s390x/tcg: Always use MMU_USER_IDX for CONFIG_USER_ONLY David Hildenbrand
2019-09-11 15:19   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 15/28] s390x/tcg: Fault-safe memset David Hildenbrand
2019-09-11 15:29   ` Richard Henderson
2019-09-11 16:18     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 16/28] s390x/tcg: Fault-safe memmove David Hildenbrand
2019-09-11 21:11   ` Richard Henderson
2019-09-11 22:03   ` Richard Henderson
2019-09-13 12:37     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 17/28] s390x/tcg: MVCS/MVCP: Use access_memmove_idx() David Hildenbrand
2019-09-11 21:13   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 18/28] s390x/tcg: MVC: Fault-safe handling on destructive overlaps David Hildenbrand
2019-09-11 21:20   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 19/28] s390x/tcg: MVCLU: Fault-safe handling David Hildenbrand
2019-09-11 21:24   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 20/28] s390x/tcg: OC: " David Hildenbrand
2019-09-11 21:26   ` Richard Henderson
2019-09-16 12:01     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 21/28] s390x/tcg: XC: " David Hildenbrand
2019-09-11 21:29   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 22/28] s390x/tcg: NC: " David Hildenbrand
2019-09-11 21:32   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 23/28] s390x/tcg: MVCIN: " David Hildenbrand
2019-09-11 21:35   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 24/28] s390x/tcg: MVN: " David Hildenbrand
2019-09-11 21:37   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 25/28] s390x/tcg: MVZ: " David Hildenbrand
2019-09-11 21:38   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 26/28] s390x/tcg: MVST: " David Hildenbrand
2019-09-11 21:52   ` Richard Henderson
2019-09-16 10:39     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 27/28] s390x/tcg: MVO: " David Hildenbrand
2019-09-11 22:09   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 28/28] tests/tcg: target/s390x: Test MVO David Hildenbrand
2019-09-11 11:11 ` [Qemu-devel] [qemu-s390x] [PATCH v2 00/28] s390x/tcg: mem_helper: Fault-safe handling David Hildenbrand

QEMU-Devel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/qemu-devel/0 qemu-devel/git/0.git
	git clone --mirror https://lore.kernel.org/qemu-devel/1 qemu-devel/git/1.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 qemu-devel qemu-devel/ https://lore.kernel.org/qemu-devel \
		qemu-devel@nongnu.org
	public-inbox-index qemu-devel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.nongnu.qemu-devel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git