Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/819238/?format=api
{ "id": 819238, "url": "http://patchwork.ozlabs.org/api/patches/819238/?format=api", "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/patch/20170927170027.8539-3-david@redhat.com/", "project": { "id": 14, "url": "http://patchwork.ozlabs.org/api/projects/14/?format=api", "name": "QEMU Development", "link_name": "qemu-devel", "list_id": "qemu-devel.nongnu.org", "list_email": "qemu-devel@nongnu.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20170927170027.8539-3-david@redhat.com>", "list_archive_url": null, "date": "2017-09-27T17:00:26", "name": "[RFC,2/3] s390x/tcg: low-address protection support", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "e4a1510e1403c4477bc0d43f2f51c2d68bc3849e", "submitter": { "id": 70402, "url": "http://patchwork.ozlabs.org/api/people/70402/?format=api", "name": "David Hildenbrand", "email": "david@redhat.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/qemu-devel/patch/20170927170027.8539-3-david@redhat.com/mbox/", "series": [ { "id": 5406, "url": "http://patchwork.ozlabs.org/api/series/5406/?format=api", "web_url": "http://patchwork.ozlabs.org/project/qemu-devel/list/?series=5406", "date": "2017-09-27T17:00:24", "name": "s390x/tcg: LAP support using immediate TLB invalidation", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/5406/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/819238/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/819238/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@bilbo.ozlabs.org", "Authentication-Results": [ "ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=nongnu.org\n\t(client-ip=2001:4830:134:3::11; helo=lists.gnu.org;\n\tenvelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n\treceiver=<UNKNOWN>)", "ext-mx03.extmail.prod.ext.phx2.redhat.com;\n\tdmarc=none (p=none dis=none) header.from=redhat.com", "ext-mx03.extmail.prod.ext.phx2.redhat.com;\n\tspf=fail smtp.mailfrom=david@redhat.com" ], "Received": [ "from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])\n\t(using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3y2PMS1JyDz9tXb\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 28 Sep 2017 03:05:08 +1000 (AEST)", "from localhost ([::1]:55635 helo=lists.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.71) (envelope-from\n\t<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)\n\tid 1dxFli-00017i-CX\n\tfor incoming@patchwork.ozlabs.org; Wed, 27 Sep 2017 13:05:06 -0400", "from eggs.gnu.org ([2001:4830:134:3::10]:60091)\n\tby lists.gnu.org with esmtp (Exim 4.71)\n\t(envelope-from <david@redhat.com>) id 1dxFhX-0006dX-2V\n\tfor qemu-devel@nongnu.org; Wed, 27 Sep 2017 13:00:53 -0400", "from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)\n\t(envelope-from <david@redhat.com>) id 1dxFhS-000663-P2\n\tfor qemu-devel@nongnu.org; Wed, 27 Sep 2017 13:00:47 -0400", "from mx1.redhat.com ([209.132.183.28]:53376)\n\tby eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)\n\t(Exim 4.71) (envelope-from <david@redhat.com>) id 1dxFhS-00065O-GV\n\tfor qemu-devel@nongnu.org; Wed, 27 Sep 2017 13:00:42 -0400", "from smtp.corp.redhat.com\n\t(int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13])\n\t(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby mx1.redhat.com (Postfix) with ESMTPS id 7E14B16349C;\n\tWed, 27 Sep 2017 17:00:41 +0000 (UTC)", "from t460s.redhat.com (ovpn-117-241.ams2.redhat.com\n\t[10.36.117.241])\n\tby smtp.corp.redhat.com (Postfix) with ESMTP id 005A2E8184;\n\tWed, 27 Sep 2017 17:00:38 +0000 (UTC)" ], "DMARC-Filter": "OpenDMARC Filter v1.3.2 mx1.redhat.com 7E14B16349C", "From": "David Hildenbrand <david@redhat.com>", "To": "qemu-devel@nongnu.org", "Date": "Wed, 27 Sep 2017 19:00:26 +0200", "Message-Id": "<20170927170027.8539-3-david@redhat.com>", "In-Reply-To": "<20170927170027.8539-1-david@redhat.com>", "References": "<20170927170027.8539-1-david@redhat.com>", "X-Scanned-By": "MIMEDefang 2.79 on 10.5.11.13", "X-Greylist": "Sender IP whitelisted, not delayed by milter-greylist-4.5.16\n\t(mx1.redhat.com [10.5.110.27]);\n\tWed, 27 Sep 2017 17:00:41 +0000 (UTC)", "X-detected-operating-system": "by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]\n\t[fuzzy]", "X-Received-From": "209.132.183.28", "Subject": "[Qemu-devel] [PATCH RFC 2/3] s390x/tcg: low-address protection\n\tsupport", "X-BeenThere": "qemu-devel@nongnu.org", "X-Mailman-Version": "2.1.21", "Precedence": "list", "List-Id": "<qemu-devel.nongnu.org>", "List-Unsubscribe": "<https://lists.nongnu.org/mailman/options/qemu-devel>,\n\t<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>", "List-Archive": "<http://lists.nongnu.org/archive/html/qemu-devel/>", "List-Post": "<mailto:qemu-devel@nongnu.org>", "List-Help": "<mailto:qemu-devel-request@nongnu.org?subject=help>", "List-Subscribe": "<https://lists.nongnu.org/mailman/listinfo/qemu-devel>,\n\t<mailto:qemu-devel-request@nongnu.org?subject=subscribe>", "Cc": "thuth@redhat.com, David Hildenbrand <david@redhat.com>, cohuck@redhat.com,\n\tRichard Henderson <richard.henderson@linaro.org>,\n\tAlexander Graf <agraf@suse.de>,\n\tChristian Borntraeger <borntraeger@de.ibm.com>", "Errors-To": "qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org", "Sender": "\"Qemu-devel\"\n\t<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>" }, "content": "This is a neat way to implement low address protection, whereby\nonly the first 512 bytes of the first two pages (each 4096 bytes) of\nevery address space are protected.\n\nStore a tec of 0 for the access exception, this is what is defined by\nEnhanced Suppression on Protection in case of a low address protection\n(Bit 61 set to 0, rest undefined).\n\nWe have to make sure to to pass the access address, not the masked page\naddress into mmu_translate*().\n\nDrop the check from testblock. So we can properly test this via\nkvm-unit-tests.\n\nThis will check every access going through one of the MMUs.\n\nSigned-off-by: David Hildenbrand <david@redhat.com>\n---\n target/s390x/excp_helper.c | 3 +-\n target/s390x/mem_helper.c | 8 ----\n target/s390x/mmu_helper.c | 96 +++++++++++++++++++++++++++++-----------------\n 3 files changed, 62 insertions(+), 45 deletions(-)", "diff": "diff --git a/target/s390x/excp_helper.c b/target/s390x/excp_helper.c\nindex 3e4349d00b..aa0cbf67ac 100644\n--- a/target/s390x/excp_helper.c\n+++ b/target/s390x/excp_helper.c\n@@ -95,7 +95,6 @@ int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr orig_vaddr,\n DPRINTF(\"%s: address 0x%\" VADDR_PRIx \" rw %d mmu_idx %d\\n\",\n __func__, orig_vaddr, rw, mmu_idx);\n \n- orig_vaddr &= TARGET_PAGE_MASK;\n vaddr = orig_vaddr;\n \n if (mmu_idx < MMU_REAL_IDX) {\n@@ -127,7 +126,7 @@ int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr orig_vaddr,\n qemu_log_mask(CPU_LOG_MMU, \"%s: set tlb %\" PRIx64 \" -> %\" PRIx64 \" (%x)\\n\",\n __func__, (uint64_t)vaddr, (uint64_t)raddr, prot);\n \n- tlb_set_page(cs, orig_vaddr, raddr, prot,\n+ tlb_set_page(cs, orig_vaddr & TARGET_PAGE_MASK, raddr, prot,\n mmu_idx, TARGET_PAGE_SIZE);\n \n return 0;\ndiff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c\nindex bbbe1c62b3..69a16867d4 100644\n--- a/target/s390x/mem_helper.c\n+++ b/target/s390x/mem_helper.c\n@@ -1687,18 +1687,10 @@ void HELPER(stctl)(CPUS390XState *env, uint32_t r1, uint64_t a2, uint32_t r3)\n uint32_t HELPER(testblock)(CPUS390XState *env, uint64_t real_addr)\n {\n uintptr_t ra = GETPC();\n- CPUState *cs = CPU(s390_env_get_cpu(env));\n int i;\n \n real_addr = wrap_address(env, real_addr) & TARGET_PAGE_MASK;\n \n- /* Check low-address protection */\n- if ((env->cregs[0] & CR0_LOWPROT) && real_addr < 0x2000) {\n- cpu_restore_state(cs, ra);\n- program_interrupt(env, PGM_PROTECTION, 4);\n- return 1;\n- }\n-\n for (i = 0; i < TARGET_PAGE_SIZE; i += 8) {\n cpu_stq_real_ra(env, real_addr + i, 0, ra);\n }\ndiff --git a/target/s390x/mmu_helper.c b/target/s390x/mmu_helper.c\nindex 9daa0fd8e2..44a15449d2 100644\n--- a/target/s390x/mmu_helper.c\n+++ b/target/s390x/mmu_helper.c\n@@ -106,6 +106,37 @@ static void trigger_page_fault(CPUS390XState *env, target_ulong vaddr,\n trigger_access_exception(env, type, ilen, tec);\n }\n \n+/* check whether the address would be proteted by Low-Address Protection */\n+static bool is_low_address(uint64_t addr)\n+{\n+ return addr < 512 || (addr >= 4096 && addr < 4607);\n+}\n+\n+/* check whether Low-Address Protection is enabled for mmu_translate() */\n+static bool lowprot_enabled(const CPUS390XState *env, uint64_t asc)\n+{\n+ if (!(env->cregs[0] & CR0_LOWPROT)) {\n+ return false;\n+ }\n+ if (!(env->psw.mask & PSW_MASK_DAT)) {\n+ return true;\n+ }\n+\n+ /* Check the private-space control bit */\n+ switch (asc) {\n+ case PSW_ASC_PRIMARY:\n+ return !(env->cregs[1] & _ASCE_PRIVATE_SPACE);\n+ case PSW_ASC_SECONDARY:\n+ return !(env->cregs[7] & _ASCE_PRIVATE_SPACE);\n+ case PSW_ASC_HOME:\n+ return !(env->cregs[13] & _ASCE_PRIVATE_SPACE);\n+ default:\n+ /* We don't support access register mode */\n+ error_report(\"unsupported addressing mode\");\n+ exit(1);\n+ }\n+}\n+\n /**\n * Translate real address to absolute (= physical)\n * address by taking care of the prefix mapping.\n@@ -323,6 +354,24 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,\n }\n \n *flags = PAGE_READ | PAGE_WRITE | PAGE_EXEC;\n+ if (is_low_address(vaddr & TARGET_PAGE_MASK) && lowprot_enabled(env, asc)) {\n+ /*\n+ * If any part of this page is currently protected, make sure the\n+ * TLB entry will not be reused.\n+ *\n+ * As the protected range is always the first 512 bytes of the\n+ * two first pages, we are able to catch all writes to these areas\n+ * just by looking at the start address (triggering the tlb miss).\n+ */\n+ *flags |= PAGE_WRITE_INV;\n+ if (is_low_address(vaddr) && rw == MMU_DATA_STORE) {\n+ if (exc) {\n+ trigger_access_exception(env, PGM_PROTECTION, ILEN_AUTO, 0);\n+ }\n+ return -EACCES;\n+ }\n+ }\n+\n vaddr &= TARGET_PAGE_MASK;\n \n if (!(env->psw.mask & PSW_MASK_DAT)) {\n@@ -392,50 +441,17 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,\n }\n \n /**\n- * lowprot_enabled: Check whether low-address protection is enabled\n- */\n-static bool lowprot_enabled(const CPUS390XState *env)\n-{\n- if (!(env->cregs[0] & CR0_LOWPROT)) {\n- return false;\n- }\n- if (!(env->psw.mask & PSW_MASK_DAT)) {\n- return true;\n- }\n-\n- /* Check the private-space control bit */\n- switch (env->psw.mask & PSW_MASK_ASC) {\n- case PSW_ASC_PRIMARY:\n- return !(env->cregs[1] & _ASCE_PRIVATE_SPACE);\n- case PSW_ASC_SECONDARY:\n- return !(env->cregs[7] & _ASCE_PRIVATE_SPACE);\n- case PSW_ASC_HOME:\n- return !(env->cregs[13] & _ASCE_PRIVATE_SPACE);\n- default:\n- /* We don't support access register mode */\n- error_report(\"unsupported addressing mode\");\n- exit(1);\n- }\n-}\n-\n-/**\n * translate_pages: Translate a set of consecutive logical page addresses\n * to absolute addresses\n */\n static int translate_pages(S390CPU *cpu, vaddr addr, int nr_pages,\n target_ulong *pages, bool is_write)\n {\n- bool lowprot = is_write && lowprot_enabled(&cpu->env);\n uint64_t asc = cpu->env.psw.mask & PSW_MASK_ASC;\n CPUS390XState *env = &cpu->env;\n int ret, i, pflags;\n \n for (i = 0; i < nr_pages; i++) {\n- /* Low-address protection? */\n- if (lowprot && (addr < 512 || (addr >= 4096 && addr < 4096 + 512))) {\n- trigger_access_exception(env, PGM_PROTECTION, ILEN_AUTO, 0);\n- return -EACCES;\n- }\n ret = mmu_translate(env, addr, is_write, asc, &pages[i], &pflags, true);\n if (ret) {\n return ret;\n@@ -509,9 +525,19 @@ int s390_cpu_virt_mem_rw(S390CPU *cpu, vaddr laddr, uint8_t ar, void *hostbuf,\n int mmu_translate_real(CPUS390XState *env, target_ulong raddr, int rw,\n target_ulong *addr, int *flags)\n {\n- /* TODO: low address protection once we flush the tlb on cr changes */\n+ const bool lowprot_enabled = env->cregs[0] & CR0_LOWPROT;\n+\n *flags = PAGE_READ | PAGE_WRITE;\n- *addr = mmu_real2abs(env, raddr);\n+ if (is_low_address(raddr & TARGET_PAGE_MASK) && lowprot_enabled) {\n+ /* see comment in mmu_translate() how this works */\n+ *flags |= PAGE_WRITE_INV;\n+ if (is_low_address(raddr) && rw == MMU_DATA_STORE) {\n+ trigger_access_exception(env, PGM_PROTECTION, ILEN_AUTO, 0);\n+ return -EACCES;\n+ }\n+ }\n+\n+ *addr = mmu_real2abs(env, raddr & TARGET_PAGE_MASK);\n \n /* TODO: storage key handling */\n return 0;\n", "prefixes": [ "RFC", "2/3" ] }