target/riscv: Call probe_write() before atomic operations

Message ID	20220209054825.345376-1-alistair.francis@opensource.wdc.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> IronPort-SDR: YsTIoHrPZKyIkLRPA/K810zgIFzamafkUfln3nAGUE98gIJ37eYhZ1Jmtk9HEdSR28y8JOxYIr Wp/3pWFavPqlIUvaAWRfU4UdTpkSLbvFiBzhgMLLqPPFfrFRoX4iP+MHmjji80nOfTwmkyNBMO 6WvY8pEw+SrcBFGbZ80Ipl/k7YzEdlia4useDECnzYQb/Do6epldSrbYd2BH3JKpeEld1iqSjW 2R10Vcm8HFFy+cry0DNVKCKFCWRaH2CIuD8wtRUxx0Y3QQgGcc/PBeBCkJQDGChgPRRaTvBhDv qMXwStEv0sI/IZZyolpcPG/A IronPort-SDR: rN6Hh+Oj8R/XXJ2pQpomOaLJhqD9jNQx0yi9qOjCkxilXrV4Qn0Yjd/IQFz8PsHi86HDICyfn4 /J69dKNC3A7R7AgNq5ApUO+ixgNWupO/sdvFPlW0HSHaTGK0T2GigT+9O4l/WtNKAmIxG/Rtls SFt/7dSF4q6xT+vXNWRV2Dzl7Dyt5i03vfyYebuA75xiJqCeYH0708hvn+A43HGPN8hrXeHjTI +Fvl7Rqft0HKEJ/mliOKLgMh7upFoH6ami34fNrV1vuvFNXylmnpf5ccgekZkTcQHUyT+JgPti UMU= WDCIronportException: Internal From: Alistair Francis <alistair.francis@opensource.wdc.com> To: qemu-devel@nongnu.org, qemu-riscv@nongnu.org Cc: Palmer Dabbelt <palmer@dabbelt.com>, Bin Meng <bin.meng@windriver.com>, bmeng.cn@gmail.com, alistair23@gmail.com, Alistair Francis <alistair.francis@wdc.com> Subject: [PATCH] target/riscv: Call probe_write() before atomic operations Date: Wed, 9 Feb 2022 15:48:25 +1000 Message-Id: <20220209054825.345376-1-alistair.francis@opensource.wdc.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=216.71.153.144; envelope-from=prvs=0329bc3a9=alistair.francis@opensource.wdc.com; helo=esa5.hgst.iphmx.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
Series	target/riscv: Call probe_write() before atomic operations \| expand target/riscv: Call probe_write() before atomic operations

Message ID

20220209054825.345376-1-alistair.francis@opensource.wdc.com

State

New

Headers

IronPort-SDR: 
 YsTIoHrPZKyIkLRPA/K810zgIFzamafkUfln3nAGUE98gIJ37eYhZ1Jmtk9HEdSR28y8JOxYIr
 Wp/3pWFavPqlIUvaAWRfU4UdTpkSLbvFiBzhgMLLqPPFfrFRoX4iP+MHmjji80nOfTwmkyNBMO
 6WvY8pEw+SrcBFGbZ80Ipl/k7YzEdlia4useDECnzYQb/Do6epldSrbYd2BH3JKpeEld1iqSjW
 2R10Vcm8HFFy+cry0DNVKCKFCWRaH2CIuD8wtRUxx0Y3QQgGcc/PBeBCkJQDGChgPRRaTvBhDv
 qMXwStEv0sI/IZZyolpcPG/A
IronPort-SDR: 
 rN6Hh+Oj8R/XXJ2pQpomOaLJhqD9jNQx0yi9qOjCkxilXrV4Qn0Yjd/IQFz8PsHi86HDICyfn4
 /J69dKNC3A7R7AgNq5ApUO+ixgNWupO/sdvFPlW0HSHaTGK0T2GigT+9O4l/WtNKAmIxG/Rtls
 SFt/7dSF4q6xT+vXNWRV2Dzl7Dyt5i03vfyYebuA75xiJqCeYH0708hvn+A43HGPN8hrXeHjTI
 +Fvl7Rqft0HKEJ/mliOKLgMh7upFoH6ami34fNrV1vuvFNXylmnpf5ccgekZkTcQHUyT+JgPti
 UMU=
WDCIronportException: Internal
From: Alistair Francis <alistair.francis@opensource.wdc.com>
To: qemu-devel@nongnu.org,
	qemu-riscv@nongnu.org
Cc: Palmer Dabbelt <palmer@dabbelt.com>, Bin Meng <bin.meng@windriver.com>,
 bmeng.cn@gmail.com, alistair23@gmail.com,
 Alistair Francis <alistair.francis@wdc.com>
Subject: [PATCH] target/riscv: Call probe_write() before atomic operations
Date: Wed,  9 Feb 2022 15:48:25 +1000
Message-Id: <20220209054825.345376-1-alistair.francis@opensource.wdc.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass client-ip=216.71.153.144;
 envelope-from=prvs=0329bc3a9=alistair.francis@opensource.wdc.com;
 helo=esa5.hgst.iphmx.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=unavailable autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Series

target/riscv: Call probe_write() before atomic operations | expand

Commit Message

Alistair Francis Feb. 9, 2022, 5:48 a.m. UTC

From: Alistair Francis <alistair.francis@wdc.com>

If an atomic operation fails on RISC-V we want to generate a store/amo
fault and not a load fault.

Currently if we have no permissions to access the memory location the
atomic operation will sometimes fail with a load fault (depending on the
path taken in tcg/tcg-op.c) as the atomic helpers perform a load then a
store.

By performing a probe_write() on the memory first, we can ensure we have
permissions to perform the atomic operation. As RISC-V doesn't have
write only pages this should be pretty robust (PMP might be the
exception).

Note that this only fixes the fault for memory regions. I/O and
non-existant regions will still trigger a load fault.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
 target/riscv/helper.h                   |  2 +
 target/riscv/op_helper.c                |  6 +++
 target/riscv/insn_trans/trans_rva.c.inc | 59 +++++++++++++++++--------
 3 files changed, 48 insertions(+), 19 deletions(-)

Comments

Richard Henderson Feb. 9, 2022, 7:26 a.m. UTC | #1

On 2/9/22 16:48, Alistair Francis wrote:
> Note that this only fixes the fault for memory regions. I/O and
> non-existant regions will still trigger a load fault.
...
> +void helper_atomic_check(CPURISCVState *env, target_ulong address,
> +                         int width, int mmu_idx)
> +{
> +    probe_write(env, address, width, mmu_idx, GETPC());
> +}

Note that you could use probe_access_flags, whose return value is a mask.  If it includes 
TLB_MMIO, you know that the physical address does not contain ram, but you still do not 
know if it is unmapped or true mmio, since unmapped gets unassigned_io_ops.  It's probably 
not *that* hard to find out one way or another, but it might also be reasonable to set a 
flag to communicate with your do_transaction_failed hook.


>   static bool gen_amo(DisasContext *ctx, arg_atomic *a,
>                       void(*func)(TCGv, TCGv, TCGv, TCGArg, MemOp),
> -                    MemOp mop)
> +                    TCGv_i32 width, MemOp mop)
>   {
>       TCGv dest = dest_gpr(ctx, a->rd);
>       TCGv src1 = get_address(ctx, a->rs1, 0);
>       TCGv src2 = get_gpr(ctx, a->rs2, EXT_NONE);
> +    TCGv_i32 mem_idx = tcg_constant_i32(ctx->mem_idx);
> +
> +    gen_helper_atomic_check(cpu_env, src1, width, mem_idx);
>   
>       func(dest, src1, src2, ctx->mem_idx, mop);
>   
> @@ -105,55 +108,64 @@ static bool trans_sc_w(DisasContext *ctx, arg_sc_w *a)
>   static bool trans_amoswap_w(DisasContext *ctx, arg_amoswap_w *a)
>   {
>       REQUIRE_EXT(ctx, RVA);
> -    return gen_amo(ctx, a, &tcg_gen_atomic_xchg_tl, (MO_ALIGN | MO_TESL));
> +    return gen_amo(ctx, a, &tcg_gen_atomic_xchg_tl, tcg_constant_i32(4),
> +                   (MO_ALIGN | MO_TESL));

The width is already stored in the MemOp argument that you're passing around.
I think you should do

     TCGv_i32 width = tcg_constant_i32(memop_size(mop));

there in gen_amo, and not change the callers at all.


r~

diff --git a/target/riscv/helper.h b/target/riscv/helper.h
index 72cc2582f4..afc8dcc1a0 100644
--- a/target/riscv/helper.h
+++ b/target/riscv/helper.h
@@ -106,6 +106,8 @@  DEF_HELPER_1(wfi, void, env)
 DEF_HELPER_1(tlb_flush, void, env)
 #endif
 
+DEF_HELPER_4(atomic_check, void, env, tl, int, int)
+
 /* Hypervisor functions */
 #ifndef CONFIG_USER_ONLY
 DEF_HELPER_1(hyp_tlb_flush, void, env)
diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c
index 1a75ba11e6..d883609f4f 100644
--- a/target/riscv/op_helper.c
+++ b/target/riscv/op_helper.c
@@ -114,6 +114,12 @@  target_ulong helper_csrrw_i128(CPURISCVState *env, int csr,
     return int128_getlo(rv);
 }
 
+void helper_atomic_check(CPURISCVState *env, target_ulong address,
+                         int width, int mmu_idx)
+{
+    probe_write(env, address, width, mmu_idx, GETPC());
+}
+
 #ifndef CONFIG_USER_ONLY
 
 target_ulong helper_sret(CPURISCVState *env)
diff --git a/target/riscv/insn_trans/trans_rva.c.inc b/target/riscv/insn_trans/trans_rva.c.inc
index 45db82c9be..003a7d0b84 100644
--- a/target/riscv/insn_trans/trans_rva.c.inc
+++ b/target/riscv/insn_trans/trans_rva.c.inc
@@ -78,11 +78,14 @@  static bool gen_sc(DisasContext *ctx, arg_atomic *a, MemOp mop)
 
 static bool gen_amo(DisasContext *ctx, arg_atomic *a,
                     void(*func)(TCGv, TCGv, TCGv, TCGArg, MemOp),
-                    MemOp mop)
+                    TCGv_i32 width, MemOp mop)
 {
     TCGv dest = dest_gpr(ctx, a->rd);
     TCGv src1 = get_address(ctx, a->rs1, 0);
     TCGv src2 = get_gpr(ctx, a->rs2, EXT_NONE);
+    TCGv_i32 mem_idx = tcg_constant_i32(ctx->mem_idx);
+
+    gen_helper_atomic_check(cpu_env, src1, width, mem_idx);
 
     func(dest, src1, src2, ctx->mem_idx, mop);
 
@@ -105,55 +108,64 @@  static bool trans_sc_w(DisasContext *ctx, arg_sc_w *a)
 static bool trans_amoswap_w(DisasContext *ctx, arg_amoswap_w *a)
 {
     REQUIRE_EXT(ctx, RVA);
-    return gen_amo(ctx, a, &tcg_gen_atomic_xchg_tl, (MO_ALIGN | MO_TESL));
+    return gen_amo(ctx, a, &tcg_gen_atomic_xchg_tl, tcg_constant_i32(4),
+                   (MO_ALIGN | MO_TESL));
 }
 
 static bool trans_amoadd_w(DisasContext *ctx, arg_amoadd_w *a)
 {
     REQUIRE_EXT(ctx, RVA);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_add_tl, (MO_ALIGN | MO_TESL));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_add_tl, tcg_constant_i32(4),
+                   (MO_ALIGN | MO_TESL));
 }
 
 static bool trans_amoxor_w(DisasContext *ctx, arg_amoxor_w *a)
 {
     REQUIRE_EXT(ctx, RVA);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_xor_tl, (MO_ALIGN | MO_TESL));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_xor_tl, tcg_constant_i32(4),
+                   (MO_ALIGN | MO_TESL));
 }
 
 static bool trans_amoand_w(DisasContext *ctx, arg_amoand_w *a)
 {
     REQUIRE_EXT(ctx, RVA);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_and_tl, (MO_ALIGN | MO_TESL));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_and_tl, tcg_constant_i32(4),
+                   (MO_ALIGN | MO_TESL));
 }
 
 static bool trans_amoor_w(DisasContext *ctx, arg_amoor_w *a)
 {
     REQUIRE_EXT(ctx, RVA);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_or_tl, (MO_ALIGN | MO_TESL));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_or_tl, tcg_constant_i32(4),
+                   (MO_ALIGN | MO_TESL));
 }
 
 static bool trans_amomin_w(DisasContext *ctx, arg_amomin_w *a)
 {
     REQUIRE_EXT(ctx, RVA);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_smin_tl, (MO_ALIGN | MO_TESL));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_smin_tl, tcg_constant_i32(4),
+                   (MO_ALIGN | MO_TESL));
 }
 
 static bool trans_amomax_w(DisasContext *ctx, arg_amomax_w *a)
 {
     REQUIRE_EXT(ctx, RVA);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_smax_tl, (MO_ALIGN | MO_TESL));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_smax_tl, tcg_constant_i32(4),
+                   (MO_ALIGN | MO_TESL));
 }
 
 static bool trans_amominu_w(DisasContext *ctx, arg_amominu_w *a)
 {
     REQUIRE_EXT(ctx, RVA);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_umin_tl, (MO_ALIGN | MO_TESL));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_umin_tl, tcg_constant_i32(4),
+                   (MO_ALIGN | MO_TESL));
 }
 
 static bool trans_amomaxu_w(DisasContext *ctx, arg_amomaxu_w *a)
 {
     REQUIRE_EXT(ctx, RVA);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_umax_tl, (MO_ALIGN | MO_TESL));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_umax_tl, tcg_constant_i32(4),
+                   (MO_ALIGN | MO_TESL));
 }
 
 static bool trans_lr_d(DisasContext *ctx, arg_lr_d *a)
@@ -171,53 +183,62 @@  static bool trans_sc_d(DisasContext *ctx, arg_sc_d *a)
 static bool trans_amoswap_d(DisasContext *ctx, arg_amoswap_d *a)
 {
     REQUIRE_64BIT(ctx);
-    return gen_amo(ctx, a, &tcg_gen_atomic_xchg_tl, (MO_ALIGN | MO_TEUQ));
+    return gen_amo(ctx, a, &tcg_gen_atomic_xchg_tl, tcg_constant_i32(8),
+                   (MO_ALIGN | MO_TEUQ));
 }
 
 static bool trans_amoadd_d(DisasContext *ctx, arg_amoadd_d *a)
 {
     REQUIRE_64BIT(ctx);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_add_tl, (MO_ALIGN | MO_TEUQ));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_add_tl, tcg_constant_i32(8),
+                   (MO_ALIGN | MO_TEUQ));
 }
 
 static bool trans_amoxor_d(DisasContext *ctx, arg_amoxor_d *a)
 {
     REQUIRE_64BIT(ctx);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_xor_tl, (MO_ALIGN | MO_TEUQ));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_xor_tl, tcg_constant_i32(8),
+                   (MO_ALIGN | MO_TEUQ));
 }
 
 static bool trans_amoand_d(DisasContext *ctx, arg_amoand_d *a)
 {
     REQUIRE_64BIT(ctx);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_and_tl, (MO_ALIGN | MO_TEUQ));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_and_tl, tcg_constant_i32(8),
+                   (MO_ALIGN | MO_TEUQ));
 }
 
 static bool trans_amoor_d(DisasContext *ctx, arg_amoor_d *a)
 {
     REQUIRE_64BIT(ctx);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_or_tl, (MO_ALIGN | MO_TEUQ));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_or_tl, tcg_constant_i32(8),
+                   (MO_ALIGN | MO_TEUQ));
 }
 
 static bool trans_amomin_d(DisasContext *ctx, arg_amomin_d *a)
 {
     REQUIRE_64BIT(ctx);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_smin_tl, (MO_ALIGN | MO_TEUQ));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_smin_tl, tcg_constant_i32(8),
+                   (MO_ALIGN | MO_TEUQ));
 }
 
 static bool trans_amomax_d(DisasContext *ctx, arg_amomax_d *a)
 {
     REQUIRE_64BIT(ctx);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_smax_tl, (MO_ALIGN | MO_TEUQ));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_smax_tl, tcg_constant_i32(8),
+                   (MO_ALIGN | MO_TEUQ));
 }
 
 static bool trans_amominu_d(DisasContext *ctx, arg_amominu_d *a)
 {
     REQUIRE_64BIT(ctx);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_umin_tl, (MO_ALIGN | MO_TEUQ));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_umin_tl, tcg_constant_i32(8),
+                   (MO_ALIGN | MO_TEUQ));
 }
 
 static bool trans_amomaxu_d(DisasContext *ctx, arg_amomaxu_d *a)
 {
     REQUIRE_64BIT(ctx);
-    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_umax_tl, (MO_ALIGN | MO_TEUQ));
+    return gen_amo(ctx, a, &tcg_gen_atomic_fetch_umax_tl, tcg_constant_i32(8),
+                   (MO_ALIGN | MO_TEUQ));
 }

target/riscv: Call probe_write() before atomic operations

Commit Message

Comments

Patch