target/ppc: Fixes for TCG TLB modeling of some MMU SPRs

[PATCH 0/3] target/ppc: Fixes for TCG TLB modeling of some MMU SPRs

Nicholas Piggin posted 3 patches 1 day, 10 hours ago

Download series mbox

target/ppc/helper.h      |  3 ++
target/ppc/spr_common.h  |  1 +
target/ppc/cpu.c         | 12 +++++-
target/ppc/cpu_init.c    |  6 +--
target/ppc/misc_helper.c | 85 +++++++++++++++++++++++++++++++++++++++-
target/ppc/translate.c   | 62 ++++++-----------------------
6 files changed, 114 insertions(+), 55 deletions(-)

Expand all Fold all

[PATCH 0/3] target/ppc: Fixes for TCG TLB modeling of some MMU SPRs

Posted by Nicholas Piggin 1 day, 10 hours ago

Any register or memory value that is used by the .tlb_fill
function (e.g., in ppc_xlate()) can affect what gets put in TCG's
TLB, so changing it requires either: that the ISA permits cached
address translations that become incoherent vs the changed value;
that TCG TLB is "tagged" with the changing value (e.g., with mmuidx);
or that the TCG TLB is flushed.

ppc is missing a few such flushes. Other than the AMR flush, Linux/KVM
probably covers such SPR changes with other flushes (e.g., context
switching between guests or guest/host will update LPCR and LPIDR and
LPIDR update already causes a TLB flush), which explains why they
haven't caused obvious bugs.

Thanks,
Nick

Nicholas Piggin (3):
  target/ppc: flush TLB on HRMOR and LPCR SPR updates
  target/ppc: Avoid work if MMU SPRs are written with same value
  target/ppc: add missing TLB flushes for memory protection key SPR
    updates

 target/ppc/helper.h      |  3 ++
 target/ppc/spr_common.h  |  1 +
 target/ppc/cpu.c         | 12 +++++-
 target/ppc/cpu_init.c    |  6 +--
 target/ppc/misc_helper.c | 85 +++++++++++++++++++++++++++++++++++++++-
 target/ppc/translate.c   | 62 ++++++-----------------------
 6 files changed, 114 insertions(+), 55 deletions(-)

-- 
2.47.1