diff mbox series

arm64/kvm: remove VMID rollover I-cache maintenance

Message ID 20190806155737.39307-1-mark.rutland@arm.com (mailing list archive)
State Mainlined
Commit 363de99b770500b2102e9375249726254fdeae8a
Headers show
Series arm64/kvm: remove VMID rollover I-cache maintenance | expand

Commit Message

Mark Rutland Aug. 6, 2019, 3:57 p.m. UTC
For VPIPT I-caches, we need I-cache maintenance on VMID rollover to
avoid an ABA problem. Consider a single vCPU VM, with a pinned stage-2,
running with an idmap VA->IPA and idmap IPA->PA. If we don't do
maintenance on rollover:

        // VMID A
        Writes insn X to PA 0xF
        Invalidates PA 0xF (for VMID A)

        I$ contains [{A,F}->X]

        [VMID ROLLOVER]

        // VMID B
        Writes insn Y to PA 0xF
        Invalidates PA 0xF (for VMID B)

        I$ contains [{A,F}->X, {B,F}->Y]

        [VMID ROLLOVER]

        // VMID A
        I$ contains [{A,F}->X, {B,F}->Y]

        Unexpectedly hits stale I$ line {A,F}->X.

However, for PIPT and VIPT I-caches, the VMID doesn't affect lookup or
constrain maintenance. Given the VMID doesn't affect PIPT and VIPT
I-caches, and given VMID rollover is independent of changes to stage-2
mappings, I-cache maintenance cannot be necessary on VMID rollover for
PIPT or VIPT I-caches.

This patch removes the maintenance on rollover for VIPT and PIPT
I-caches. At the same time, the unnecessary colons are removed from the
asm statement to make it more legible.

Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Christoffer Dall <christoffer.dall@arm.com>
Cc: James Morse <james.morse@arm.com>
Cc: Julien Thierry <julien.thierry.kdev@gmail.com>
Cc: Marc Zyngier <marc.zyngier@arm.com>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: kvmarm@lists.cs.columbia.edu
---
 arch/arm64/kvm/hyp/tlb.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

Comments

James Morse Aug. 16, 2019, 1:39 p.m. UTC | #1
Hi Mark,

On 06/08/2019 16:57, Mark Rutland wrote:
> For VPIPT I-caches, we need I-cache maintenance on VMID rollover to
> avoid an ABA problem. Consider a single vCPU VM, with a pinned stage-2,
> running with an idmap VA->IPA and idmap IPA->PA. If we don't do
> maintenance on rollover:
> 
>         // VMID A
>         Writes insn X to PA 0xF
>         Invalidates PA 0xF (for VMID A)
> 
>         I$ contains [{A,F}->X]
> 
>         [VMID ROLLOVER]
> 
>         // VMID B
>         Writes insn Y to PA 0xF
>         Invalidates PA 0xF (for VMID B)
> 
>         I$ contains [{A,F}->X, {B,F}->Y]
> 
>         [VMID ROLLOVER]
> 
>         // VMID A
>         I$ contains [{A,F}->X, {B,F}->Y]
> 
>         Unexpectedly hits stale I$ line {A,F}->X.
> 
> However, for PIPT and VIPT I-caches, the VMID doesn't affect lookup or
> constrain maintenance. Given the VMID doesn't affect PIPT and VIPT
> I-caches, and given VMID rollover is independent of changes to stage-2
> mappings, I-cache maintenance cannot be necessary on VMID rollover for
> PIPT or VIPT I-caches.
> 
> This patch removes the maintenance on rollover for VIPT and PIPT
> I-caches. At the same time, the unnecessary colons are removed from the
> asm statement to make it more legible.

Makes sense!

Reviewed-by: James Morse <james.morse@arm.com>


Thanks,

James
Marc Zyngier Aug. 18, 2019, 5:42 p.m. UTC | #2
On Fri, 16 Aug 2019 14:39:31 +0100
James Morse <james.morse@arm.com> wrote:

> Hi Mark,
> 
> On 06/08/2019 16:57, Mark Rutland wrote:
> > For VPIPT I-caches, we need I-cache maintenance on VMID rollover to
> > avoid an ABA problem. Consider a single vCPU VM, with a pinned stage-2,
> > running with an idmap VA->IPA and idmap IPA->PA. If we don't do
> > maintenance on rollover:
> > 
> >         // VMID A
> >         Writes insn X to PA 0xF
> >         Invalidates PA 0xF (for VMID A)
> > 
> >         I$ contains [{A,F}->X]
> > 
> >         [VMID ROLLOVER]
> > 
> >         // VMID B
> >         Writes insn Y to PA 0xF
> >         Invalidates PA 0xF (for VMID B)
> > 
> >         I$ contains [{A,F}->X, {B,F}->Y]
> > 
> >         [VMID ROLLOVER]
> > 
> >         // VMID A
> >         I$ contains [{A,F}->X, {B,F}->Y]
> > 
> >         Unexpectedly hits stale I$ line {A,F}->X.
> > 
> > However, for PIPT and VIPT I-caches, the VMID doesn't affect lookup or
> > constrain maintenance. Given the VMID doesn't affect PIPT and VIPT
> > I-caches, and given VMID rollover is independent of changes to stage-2
> > mappings, I-cache maintenance cannot be necessary on VMID rollover for
> > PIPT or VIPT I-caches.
> > 
> > This patch removes the maintenance on rollover for VIPT and PIPT
> > I-caches. At the same time, the unnecessary colons are removed from the
> > asm statement to make it more legible.  
> 
> Makes sense!
> 
> Reviewed-by: James Morse <james.morse@arm.com>

Queued for 5.4. Thanks both.

	M.
diff mbox series

Patch

diff --git a/arch/arm64/kvm/hyp/tlb.c b/arch/arm64/kvm/hyp/tlb.c
index d49a14497715..c466060b76d6 100644
--- a/arch/arm64/kvm/hyp/tlb.c
+++ b/arch/arm64/kvm/hyp/tlb.c
@@ -193,6 +193,18 @@  void __hyp_text __kvm_flush_vm_context(void)
 {
 	dsb(ishst);
 	__tlbi(alle1is);
-	asm volatile("ic ialluis" : : );
+
+	/*
+	 * VIPT and PIPT caches are not affected by VMID, so no maintenance
+	 * is necessary across a VMID rollover.
+	 *
+	 * VPIPT caches constrain lookup and maintenance to the active VMID,
+	 * so we need to invalidate lines with a stale VMID to avoid an ABA
+	 * race after multiple rollovers.
+	 *
+	 */
+	if (icache_is_vpipt())
+		asm volatile("ic ialluis");
+
 	dsb(ish);
 }