Re: [Xen-devel] [PATCH] KVM: arm64: add workaround for Cortex-A57 erratum #852523

[Will Deacon <will.deacon@xxxxxxx>]

Hi Ian,

On Mon, Sep 14, 2015 at 04:36:28PM +0100, Ian Campbell wrote:
> On Mon, 2015-09-14 at 16:06 +0100, Will Deacon wrote:
> > When restoring the system register state for an AArch32 guest at EL2,
> > writes to DACR32_EL2 may not be correctly synchronised by Cortex-A57,
> > which can lead to the guest effectively running with junk in the DACR
> > and running into unexpected domain faults.
> 
> Thanks for the CC, dropping down to just the Xen folks/list and you guys.
> 
> The errata doc I've got doesn't yet cover this, so I've a few questions.

It should be updated in the next few days, but I wanted to get this out
ASAP since it's quite easy to hit under KVM (particularly with the new
domain-based PAN implementation for arch/arm/).

> > This patch works around the issue by re-ordering our restoration of the
> > AArch32 register aliases so that they happen before the AArch64 system
> > registers. Ensuring that the registers are restored in this order
> > guarantees that they will be correctly synchronised by the core.
> 
> Is it required that the AArch32 aliases are all restored strictly before
> the AArch64 sysregs, or just that at least one sysreg is restored after
> DACR32_EL2 (or a specific one?)?

Take your pick from: SCTLR_EL1, TCR_EL1, TTBR0_EL1, TTBR1_EL1, or
CONTEXTIDR_EL1. Writing any of those after DACR32_EL2 will avoid the
erratum.

> The Xen ctxt switch code[0] has DACR_EL2 in the midst of it all, and
> certainly followed by some sysregs, which I've got my fingers crossed
> happens to be sufficient (other than maybe adding a comment).

It looks like you restore CONTEXTIDR_EL1 fairly late, so you should be
ok.

Will

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel