Handle sub-page granularity in cpu_memory_rw_debug()

[PATCH 00/17] Handle sub-page granularity in cpu_memory_rw_debug()

Peter Maydell posted 17 patches 3 days, 19 hours ago

Download series mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20260417173105.1648172-1-peter.maydell@linaro.org

Maintainers: Marcel Apfelbaum <marcel.apfelbaum@gmail.com>, "Philippe Mathieu-Daudé" <philmd@linaro.org>, Yanan Wang <wangyanan55@huawei.com>, Zhao Liu <zhao1.liu@intel.com>, Paolo Bonzini <pbonzini@redhat.com>, Richard Henderson <richard.henderson@linaro.org>, "Michael S. Tsirkin" <mst@redhat.com>, Max Filippov <jcmvbkbc@gmail.com>, "Dr. David Alan Gilbert" <dave@treblig.org>, "Alex Bennée" <alex.bennee@linaro.org>, Pierrick Bouvier <pierrick.bouvier@linaro.org>, Alexandre Iooss <erdnaxe@crans.org>, Mahmoud Mandour <ma.mandourr@gmail.com>, Peter Xu <peterx@redhat.com>, Peter Maydell <peter.maydell@linaro.org>, Michael Rolnik <mrolnik@gmail.com>, Helge Deller <deller@gmx.de>, Pedro Barbuda <pbarbuda@microsoft.com>, Mohamed Mediouni <mohamed@unpredictable.fr>, Song Gao <gaosong@loongson.cn>, Laurent Vivier <laurent@vivier.eu>, "Edgar E. Iglesias" <edgar.iglesias@gmail.com>, Aurelien Jarno <aurelien@aurel32.net>, Jiaxun Yang <jiaxun.yang@flygoat.com>, Aleksandar Rikalo <arikalo@gmail.com>, Huacai Chen <chenhuacai@kernel.org>, Stafford Horne <shorne@gmail.com>, Nicholas Piggin <npiggin@gmail.com>, Chinmay Rath <rathc@linux.ibm.com>, Glenn Miles <milesg@linux.ibm.com>, Palmer Dabbelt <palmer@dabbelt.com>, Alistair Francis <alistair.francis@wdc.com>, Weiwei Li <liwei1518@gmail.com>, Daniel Henrique Barboza <daniel.barboza@oss.qualcomm.com>, Liu Zhiwei <zhiwei_liu@linux.alibaba.com>, Chao Liu <chao.liu.zevorn@gmail.com>, Yoshinori Sato <yoshinori.sato@nifty.com>, Ilya Leoshkevich <iii@linux.ibm.com>, David Hildenbrand <david@kernel.org>, Cornelia Huck <cohuck@redhat.com>, Eric Farman <farman@linux.ibm.com>, Matthew Rosato <mjrosato@linux.ibm.com>, Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>, Artyom Tarasenko <atar4qemu@gmail.com>, Bastian Koppelmann <kbastian@rumtueddeln.de>

hw/core/cpu-system.c             | 57 +++++++++++++++++++++++---------
hw/i386/vapic.c                  |  4 +--
hw/xtensa/sim.c                  |  2 +-
hw/xtensa/xtfpga.c               |  2 +-
include/hw/core/cpu.h            | 56 ++++++++++++++++++++++++++-----
include/hw/core/sysemu-cpu-ops.h | 39 ++++++++++++++++++----
monitor/hmp-cmds.c               |  5 ++-
plugins/api.c                    |  4 +--
system/physmem.c                 | 38 +++++++++++++--------
target/alpha/cpu.c               |  2 +-
target/alpha/cpu.h               |  2 +-
target/alpha/helper.c            |  3 +-
target/arm/cpu.c                 |  2 +-
target/arm/cpu.h                 |  3 --
target/arm/internals.h           |  4 +++
target/arm/ptw.c                 | 37 ++++++++++++---------
target/avr/cpu.c                 |  2 +-
target/avr/cpu.h                 |  2 +-
target/avr/helper.c              |  2 +-
target/hppa/cpu.c                |  2 +-
target/hppa/cpu.h                |  2 +-
target/hppa/mem_helper.c         |  2 +-
target/i386/cpu.c                |  2 +-
target/i386/cpu.h                |  2 +-
target/i386/helper.c             |  4 +--
target/i386/whpx/whpx-all.c      |  2 +-
target/loongarch/cpu-mmu.h       |  2 +-
target/loongarch/cpu.c           |  2 +-
target/loongarch/cpu_helper.c    |  2 +-
target/m68k/cpu.c                |  2 +-
target/m68k/cpu.h                |  2 +-
target/m68k/helper.c             |  2 +-
target/microblaze/cpu.c          |  2 +-
target/microblaze/cpu.h          |  2 +-
target/microblaze/helper.c       | 11 +++---
target/mips/cpu.c                |  2 +-
target/mips/internal.h           |  2 +-
target/mips/system/physaddr.c    |  2 +-
target/or1k/cpu.c                |  2 +-
target/or1k/cpu.h                |  2 +-
target/or1k/mmu.c                |  2 +-
target/ppc/cpu.h                 |  2 +-
target/ppc/cpu_init.c            |  2 +-
target/ppc/mmu-hash32.c          |  2 +-
target/ppc/mmu_common.c          |  4 +--
target/riscv/cpu.c               |  2 +-
target/riscv/cpu.h               |  2 +-
target/riscv/cpu_helper.c        |  4 +--
target/rx/cpu.c                  |  2 +-
target/rx/cpu.h                  |  2 +-
target/rx/helper.c               |  2 +-
target/s390x/cpu-system.c        |  2 +-
target/s390x/helper.c            | 20 +++--------
target/s390x/s390x-internal.h    |  1 -
target/sh4/cpu.c                 |  2 +-
target/sh4/cpu.h                 |  2 +-
target/sh4/helper.c              |  2 +-
target/sparc/cpu.c               |  2 +-
target/sparc/cpu.h               |  2 +-
target/sparc/mmu_helper.c        | 10 +++---
target/tricore/cpu.c             |  2 +-
target/tricore/cpu.h             |  2 +-
target/tricore/helper.c          |  2 +-
target/xtensa/cpu.c              |  2 +-
target/xtensa/cpu.h              |  2 +-
target/xtensa/mmu_helper.c       |  2 +-
target/xtensa/xtensa-semi.c      |  2 +-
67 files changed, 250 insertions(+), 152 deletions(-)

Expand all Fold all

[PATCH 00/17] Handle sub-page granularity in cpu_memory_rw_debug()

Posted by Peter Maydell 3 days, 19 hours ago

A while back we added support for targets having memory protection at
a sub-page granularity in TCG: the target returns a CPUTLBEntryFull
with a lg_page_size field that tells TCG how big a block of memory the
translation covers. At the moment we only use this in Arm, for the
M-profile and R-profile MPU which can set protections on small regions
of memory.

However, we forgot about cpu_memory_rw_debug(), which still assumes
that translations cover target-page sized regions. It rounds the input
virtual address down to a page boundary, translates that, and then
puts the offset within the page back in again. This causes problems
for the Arm MPU case, because if the MPU is set up so that the memory
at the rounded-down address isn't within a valid region then we
incorrectly conclude that we can't read the memory at the address we
were actually asked about.
https://gitlab.com/qemu-project/qemu/-/work_items/3292 is a report of
this for the semihosting case, but it applies also to general debug
accesses.

This series fixes this by providing and using a new
cpu_translate_for_debug() function which takes a non-page-aligned
virtual address and returns all of:
 - the exact physical address for that virtual address
 - the memory attributes
 - the lg_page_size the translation is valid for

To get there, the series starts off by fixing an inconsistency in our
current get_phys_page_debug and get_phys_page_attrs_debug
implementations: most of them can handle non-page-aligned addresses
and return the corresponding non-page-aligned physical address, but
some cannot. As a result most callers need to work around this by
putting the page-offset bits back into the result. The first seven
patches fix the targets which weren't accepting and returning
non-page-aligned addresses (riscv, alpha, microblaze, sparc, x86,
s390x, ppc).

At that point, the "page" in the function names is misleading, so we
rename them to get_phys_addr_debug and get_phys_addr_attrs_debug.
Then we can remove the workarounds in callsits in the monitor and
plugins.

Once all that is complete, we can implement our new
cpu_translate_for_debug(), either with a new translate_for_debug
method provided by the CPU, or falling back to using
get_phys_addr_attrs_debug or get_phys_addr_debug for CPUs where
protections are still page sized. Finally we can rewrite
cpu_memory_rw_debug() to use it.

There is potentially some followup cleanup we could do:
 - the only caller of cpu_get_phys_addr_attrs_debug() now is
   cpu_get_phys_addr_debug() so we could make the latter
   directly call cpu_translate_for_debug()
 - more ambitiously, we could make the 10 callers of
   cpu_get_phys_addr_debug() use cpu_translate_for_debug(),
   so we only have one function for phys-to-virt translations
   instead of three
 - even more ambitious would be to convert the 15 targets
   using get_phys_addr_debug and the two using
   get_phys_addr_attrs_debug to translate_for_debug, so
   we only have one CPU method for phys-to-virt translations
   instead of three

But I thought this was a good place to stop and get feedback on
whether I have the right API for things first, and it does fix the
reported bug.

thanks
-- PMM

Peter Maydell (17):
  target/riscv: Make get_phys_page_debug handle non-page-aligned addrs
  target/alpha: Make get_phys_page_debug handle non-page-aligned addrs
  target/microblaze: Make get_phys_page_attrs_debug handle
    non-page-aligned addrs
  target/sparc: Make get_phys_page_debug handle non-page-aligned addrs
  target/x86: Make get_phys_page_attrs_debug handle non-page-aligned
    addrs
  target/s390x: Make get_phys_page_debug handle non-page-aligned addrs
  target/ppc: Make get_phys_page_debug handle non-page-aligned addrs
  target: Rename get_phys_page_debug to get_phys_addr_debug
  target: Rename cpu_get_phys_page_{,attrs_}debug
  hw/core: Update docs for get_phys_addr_{attrs_,}debug
  target/arm: Rename arm_cpu_get_phys_page()
  monitor: hmp_gva2gpa: Don't page-align cpu_get_phys_addr_debug() arg
    and return
  plugins/api.c: Trust cpu_get_phys_addr_debug() return address
  hw/core: Implement new cpu_translate_for_debug()
  hw/core: Implement cpu_get_phys_addr_attrs_debug() with
    cpu_translate_for_debug()
  target/arm: Implement translate_for_debug
  system/physmem: Use translate_for_debug() in cpu_memory_rw_debug()

 hw/core/cpu-system.c             | 57 +++++++++++++++++++++++---------
 hw/i386/vapic.c                  |  4 +--
 hw/xtensa/sim.c                  |  2 +-
 hw/xtensa/xtfpga.c               |  2 +-
 include/hw/core/cpu.h            | 56 ++++++++++++++++++++++++++-----
 include/hw/core/sysemu-cpu-ops.h | 39 ++++++++++++++++++----
 monitor/hmp-cmds.c               |  5 ++-
 plugins/api.c                    |  4 +--
 system/physmem.c                 | 38 +++++++++++++--------
 target/alpha/cpu.c               |  2 +-
 target/alpha/cpu.h               |  2 +-
 target/alpha/helper.c            |  3 +-
 target/arm/cpu.c                 |  2 +-
 target/arm/cpu.h                 |  3 --
 target/arm/internals.h           |  4 +++
 target/arm/ptw.c                 | 37 ++++++++++++---------
 target/avr/cpu.c                 |  2 +-
 target/avr/cpu.h                 |  2 +-
 target/avr/helper.c              |  2 +-
 target/hppa/cpu.c                |  2 +-
 target/hppa/cpu.h                |  2 +-
 target/hppa/mem_helper.c         |  2 +-
 target/i386/cpu.c                |  2 +-
 target/i386/cpu.h                |  2 +-
 target/i386/helper.c             |  4 +--
 target/i386/whpx/whpx-all.c      |  2 +-
 target/loongarch/cpu-mmu.h       |  2 +-
 target/loongarch/cpu.c           |  2 +-
 target/loongarch/cpu_helper.c    |  2 +-
 target/m68k/cpu.c                |  2 +-
 target/m68k/cpu.h                |  2 +-
 target/m68k/helper.c             |  2 +-
 target/microblaze/cpu.c          |  2 +-
 target/microblaze/cpu.h          |  2 +-
 target/microblaze/helper.c       | 11 +++---
 target/mips/cpu.c                |  2 +-
 target/mips/internal.h           |  2 +-
 target/mips/system/physaddr.c    |  2 +-
 target/or1k/cpu.c                |  2 +-
 target/or1k/cpu.h                |  2 +-
 target/or1k/mmu.c                |  2 +-
 target/ppc/cpu.h                 |  2 +-
 target/ppc/cpu_init.c            |  2 +-
 target/ppc/mmu-hash32.c          |  2 +-
 target/ppc/mmu_common.c          |  4 +--
 target/riscv/cpu.c               |  2 +-
 target/riscv/cpu.h               |  2 +-
 target/riscv/cpu_helper.c        |  4 +--
 target/rx/cpu.c                  |  2 +-
 target/rx/cpu.h                  |  2 +-
 target/rx/helper.c               |  2 +-
 target/s390x/cpu-system.c        |  2 +-
 target/s390x/helper.c            | 20 +++--------
 target/s390x/s390x-internal.h    |  1 -
 target/sh4/cpu.c                 |  2 +-
 target/sh4/cpu.h                 |  2 +-
 target/sh4/helper.c              |  2 +-
 target/sparc/cpu.c               |  2 +-
 target/sparc/cpu.h               |  2 +-
 target/sparc/mmu_helper.c        | 10 +++---
 target/tricore/cpu.c             |  2 +-
 target/tricore/cpu.h             |  2 +-
 target/tricore/helper.c          |  2 +-
 target/xtensa/cpu.c              |  2 +-
 target/xtensa/cpu.h              |  2 +-
 target/xtensa/mmu_helper.c       |  2 +-
 target/xtensa/xtensa-semi.c      |  2 +-
 67 files changed, 250 insertions(+), 152 deletions(-)

-- 
2.43.0