[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <3CCBB0AB-169D-4677-9A44-53E4148908D5@jrtc27.com>
Date: Fri, 25 Oct 2024 17:32:24 +0100
From: Jessica Clarke <jrtc27@...c27.com>
To: Conor Dooley <conor@...nel.org>
Cc: Yunhui Cui <cuiyunhui@...edance.com>,
punit.agrawal@...edance.com,
paul.walmsley@...ive.com,
palmer@...belt.com,
aou@...s.berkeley.edu,
cleger@...osinc.com,
charlie@...osinc.com,
evan@...osinc.com,
samuel.holland@...ive.com,
andybnac@...il.com,
linux-riscv@...ts.infradead.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] RISC-V: Enable Zicbom in usermode
On 25 Oct 2024, at 11:16, Conor Dooley <conor@...nel.org> wrote:
> On Fri, Oct 25, 2024 at 05:15:27PM +0800, Yunhui Cui wrote:
>> Like Zicboz, by enabling the corresponding bits of senvcfg,
>> the instructions cbo.clean, cbo.flush, and cbo.inval can be
>> executed normally in user mode.
>>
>> Signed-off-by: Yunhui Cui <cuiyunhui@...edance.com>
>> ---
>> arch/riscv/kernel/cpufeature.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/arch/riscv/kernel/cpufeature.c b/arch/riscv/kernel/cpufeature.c
>> index 1992ea64786e..bc850518ab41 100644
>> --- a/arch/riscv/kernel/cpufeature.c
>> +++ b/arch/riscv/kernel/cpufeature.c
>> @@ -924,7 +924,7 @@ unsigned long riscv_get_elf_hwcap(void)
>> void __init riscv_user_isa_enable(void)
>> {
>> if (riscv_has_extension_unlikely(RISCV_ISA_EXT_ZICBOZ))
>> - current->thread.envcfg |= ENVCFG_CBZE;
>> + current->thread.envcfg |= ENVCFG_CBIE | ENVCFG_CBCFE | ENVCFG_CBZE;
>
> I believe we previously decided that userspace should not be allowed to
> use zicbom, but that not withstanding - this is wrong. It should be
> checking for Zicbom, not Zicboz.
Allowing clean/flush is safe but has the same problems as fence.i with
regards to migrating between harts. Allowing invalidate, unless mapped
to flush, is not safe in general unless the kernel does a lot of
flushing to avoid userspace accessing data it shouldn’t be able to see.
Also, ENVCFG_CBIE is a mask for a multi-bit field, which happens to
have the same value as ENVCFG_CBIE_INV (i.e. really is making cbo.inval
be an invalidate). I note that the KVM code, which this likely copied
from(?), makes the same mistake, but there that is the intended
behaviour, if misleading about what the field really is.
So, with suitable caveats, allowing clean/flush could be a reasonable
thing to do (maybe useful for userspace drivers so long as they pin
themselves to a specific hart?), but invalidate should only ever be
allowed if mapped to flush.
Jess
Powered by blists - more mailing lists