| Message ID | 20190918135256.7287-1-julien.grall@arm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [for-4.13] xen/arm: livepatch: Prevent CPUs to fetch stale instructions after livepatching | expand |
On 9/18/19 2:52 PM, Julien Grall wrote: > During livepatch, a single CPU will take care of applying the patch and > all the others will wait for the action to complete. They will then once > execute arch_livepatch_post_action() to flush the pipeline. > > Per B2.2.5 "Concurrent modification and execution of instructions" in > DDI 0487E.a, flushing the instruction cache is not enough to ensure new > instructions are seen. All the PEs should also do an isb() to > synchronize the fetched instruction stream. > > Signed-off-by: Julien Grall <julien.grall@arm.com> > --- > xen/arch/arm/livepatch.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/xen/arch/arm/livepatch.c b/xen/arch/arm/livepatch.c > index 279d52cc6c..00c5e2bc45 100644 > --- a/xen/arch/arm/livepatch.c > +++ b/xen/arch/arm/livepatch.c > @@ -88,7 +88,8 @@ void arch_livepatch_revert(const struct livepatch_func *func) > > void arch_livepatch_post_action(void) > { > - /* arch_livepatch_revive has nuked the instruction cache. */ > + /* Discard any stale instructions that may have been fetched. */ > + isb(); > } > > void arch_livepatch_mask(void) > Acked-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Hi Julien, Julien Grall writes: > During livepatch, a single CPU will take care of applying the patch and > all the others will wait for the action to complete. They will then once > execute arch_livepatch_post_action() to flush the pipeline. > > Per B2.2.5 "Concurrent modification and execution of instructions" in > DDI 0487E.a, flushing the instruction cache is not enough to ensure new > instructions are seen. All the PEs should also do an isb() to > synchronize the fetched instruction stream. > > Signed-off-by: Julien Grall <julien.grall@arm.com> Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> > --- > xen/arch/arm/livepatch.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/xen/arch/arm/livepatch.c b/xen/arch/arm/livepatch.c > index 279d52cc6c..00c5e2bc45 100644 > --- a/xen/arch/arm/livepatch.c > +++ b/xen/arch/arm/livepatch.c > @@ -88,7 +88,8 @@ void arch_livepatch_revert(const struct livepatch_func *func) > > void arch_livepatch_post_action(void) > { > - /* arch_livepatch_revive has nuked the instruction cache. */ > + /* Discard any stale instructions that may have been fetched. */ > + isb(); > } > > void arch_livepatch_mask(void)
diff --git a/xen/arch/arm/livepatch.c b/xen/arch/arm/livepatch.c index 279d52cc6c..00c5e2bc45 100644 --- a/xen/arch/arm/livepatch.c +++ b/xen/arch/arm/livepatch.c @@ -88,7 +88,8 @@ void arch_livepatch_revert(const struct livepatch_func *func) void arch_livepatch_post_action(void) { - /* arch_livepatch_revive has nuked the instruction cache. */ + /* Discard any stale instructions that may have been fetched. */ + isb(); } void arch_livepatch_mask(void)
During livepatch, a single CPU will take care of applying the patch and all the others will wait for the action to complete. They will then once execute arch_livepatch_post_action() to flush the pipeline. Per B2.2.5 "Concurrent modification and execution of instructions" in DDI 0487E.a, flushing the instruction cache is not enough to ensure new instructions are seen. All the PEs should also do an isb() to synchronize the fetched instruction stream. Signed-off-by: Julien Grall <julien.grall@arm.com> --- xen/arch/arm/livepatch.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)