From nobody Sun Nov 9 16:05:47 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1551158531049462.25613704101715; Mon, 25 Feb 2019 21:22:11 -0800 (PST) Received: from localhost ([127.0.0.1]:49251 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gyVBu-0001Su-N5 for importer@patchew.org; Tue, 26 Feb 2019 00:22:06 -0500 Received: from eggs.gnu.org ([209.51.188.92]:58061) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gyUlF-0005Mw-B6 for qemu-devel@nongnu.org; Mon, 25 Feb 2019 23:54:34 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gyUl9-0002rV-BG for qemu-devel@nongnu.org; Mon, 25 Feb 2019 23:54:30 -0500 Received: from ozlabs.org ([203.11.71.1]:34257) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gyUl8-0002Pn-Nw; Mon, 25 Feb 2019 23:54:27 -0500 Received: by ozlabs.org (Postfix, from userid 1007) id 447mfL6Zssz9sNq; Tue, 26 Feb 2019 15:53:12 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gibson.dropbear.id.au; s=201602; t=1551156794; bh=EvQzSMbbEzAP2gj2llRT+PKiOppGXm+JZSWni86SaUg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=OJF6Z6M89mNzCAWQ5cXR0D3fw6oL5wldNaE4u/K2/VdgF5Dk8nquNA9iw2gvCwuVl 1gGYaY2mJGAYdyH2Cm0mF1CzE4iyMkanmQz00lAmexPSRL9ZSF+f8fwOOqP7sp3jNF /PvvxBopZH5BO8J/WGEMulP9IXdAzVh9t0kvblcw= From: David Gibson To: peter.maydell@linaro.org Date: Tue, 26 Feb 2019 15:52:36 +1100 Message-Id: <20190226045304.25618-23-david@gibson.dropbear.id.au> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190226045304.25618-1-david@gibson.dropbear.id.au> References: <20190226045304.25618-1-david@gibson.dropbear.id.au> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 203.11.71.1 Subject: [Qemu-devel] [PULL 22/50] target/ppc: Fix ordering of hash MMU accesses X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: lvivier@redhat.com, gkurz@kaod.org, qemu-devel@nongnu.org, qemu-ppc@nongnu.org, clg@kaod.org, David Gibson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" From: Benjamin Herrenschmidt With mttcg, we can have MMU lookups happening at the same time as the guest modifying the page tables. Since the HPTEs of the hash table MMU contains two words (or double worlds on 64-bit), we need to make sure we read them in the right order, with the correct memory barrier. Additionally, when using emulated SPAPR mode, the hypercalls writing to the hash table must also perform the udpates in the right order. Note: This part is still not entirely correct Signed-off-by: Benjamin Herrenschmidt Signed-off-by: C=C3=A9dric Le Goater Message-Id: <20190215170029.15641-7-clg@kaod.org> Signed-off-by: David Gibson --- hw/ppc/spapr.c | 21 +++++++++++++++++++-- target/ppc/mmu-hash32.c | 6 ++++++ target/ppc/mmu-hash64.c | 6 ++++++ 3 files changed, 31 insertions(+), 2 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index 84f6e9d9a8..d2520bc662 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1524,8 +1524,25 @@ static void spapr_store_hpte(PPCVirtualHypervisor *v= hyp, hwaddr ptex, if (!spapr->htab) { kvmppc_write_hpte(ptex, pte0, pte1); } else { - stq_p(spapr->htab + offset, pte0); - stq_p(spapr->htab + offset + HASH_PTE_SIZE_64 / 2, pte1); + if (pte0 & HPTE64_V_VALID) { + stq_p(spapr->htab + offset + HASH_PTE_SIZE_64 / 2, pte1); + /* + * When setting valid, we write PTE1 first. This ensures + * proper synchronization with the reading code in + * ppc_hash64_pteg_search() + */ + smp_wmb(); + stq_p(spapr->htab + offset, pte0); + } else { + stq_p(spapr->htab + offset, pte0); + /* + * When clearing it we set PTE0 first. This ensures proper + * synchronization with the reading code in + * ppc_hash64_pteg_search() + */ + smp_wmb(); + stq_p(spapr->htab + offset + HASH_PTE_SIZE_64 / 2, pte1); + } } } =20 diff --git a/target/ppc/mmu-hash32.c b/target/ppc/mmu-hash32.c index 03ae3c1279..e8562a7c87 100644 --- a/target/ppc/mmu-hash32.c +++ b/target/ppc/mmu-hash32.c @@ -319,6 +319,12 @@ static hwaddr ppc_hash32_pteg_search(PowerPCCPU *cpu, = hwaddr pteg_off, =20 for (i =3D 0; i < HPTES_PER_GROUP; i++) { pte0 =3D ppc_hash32_load_hpte0(cpu, pte_offset); + /* + * pte0 contains the valid bit and must be read before pte1, + * otherwise we might see an old pte1 with a new valid bit and + * thus an inconsistent hpte value + */ + smp_rmb(); pte1 =3D ppc_hash32_load_hpte1(cpu, pte_offset); =20 if ((pte0 & HPTE32_V_VALID) diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c index 1175b991d9..fbefe5b5aa 100644 --- a/target/ppc/mmu-hash64.c +++ b/target/ppc/mmu-hash64.c @@ -507,6 +507,12 @@ static hwaddr ppc_hash64_pteg_search(PowerPCCPU *cpu, = hwaddr hash, } for (i =3D 0; i < HPTES_PER_GROUP; i++) { pte0 =3D ppc_hash64_hpte0(cpu, pteg, i); + /* + * pte0 contains the valid bit and must be read before pte1, + * otherwise we might see an old pte1 with a new valid bit and + * thus an inconsistent hpte value + */ + smp_rmb(); pte1 =3D ppc_hash64_hpte1(cpu, pteg, i); =20 /* This compares V, B, H (secondary) and the AVPN */ --=20 2.20.1