|
| From: | Leandro Lupori |
| Subject: | Re: [PATCH] target/ppc: Fix tlbie |
| Date: | Tue, 3 May 2022 15:09:21 -0300 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.8.1 |
On 5/3/22 13:54, Cédric Le Goater wrote:
On 5/3/22 18:39, Leandro Lupori wrote:Commit 74c4912f097bab98 changed check_tlb_flush() to use tlb_flush_all_cpus_synced() instead of calling tlb_flush() on each CPU. However, as side effect of this, a CPU executing a ptesync after a tlbie will have its TLB flushed only after exiting its current Translation Block (TB). This causes memory accesses to invalid pages to succeed, if they happen to be on the same TB as the ptesync.How did you track the issue ? Do you have a test case ?
I've initially found it with a hacked Linux kernel module that I was using to test tlbie behavior, before trying to improve its implementation to only invalidate the needed entries.
Now I've added a new test to those MMU tests from pnv-test, to be able to reproduce and test it more easily. I've not included it because it depends on other code from MMU tests and semihosting or attn. But you can check it here:
https://github.com/PPC64/qemu/commit/ccb60e4b950d1376b7f5d72843f6ce082a1a9edb (mmu_test_18)
Thanks, Leandro
Thanks, C.
| [Prev in Thread] | Current Thread | [Next in Thread] |