[Xen-devel,for-4.13] xen/arm: livepatch: Prevent CPUs to fetch stale instructions after livepatching

Message ID 20190918135256.7287-1-julien.grall@arm.com
State New
Headers show
Series
  • [Xen-devel,for-4.13] xen/arm: livepatch: Prevent CPUs to fetch stale instructions after livepatching
Related show

Commit Message

Julien Grall Sept. 18, 2019, 1:52 p.m.
During livepatch, a single CPU will take care of applying the patch and
all the others will wait for the action to complete. They will then once
execute arch_livepatch_post_action() to flush the pipeline.

Per B2.2.5 "Concurrent modification and execution of instructions" in
DDI 0487E.a, flushing the instruction cache is not enough to ensure new
instructions are seen. All the PEs should also do an isb() to
synchronize the fetched instruction stream.

Signed-off-by: Julien Grall <julien.grall@arm.com>
---
 xen/arch/arm/livepatch.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

Ross Lagerwall Sept. 18, 2019, 3:06 p.m. | #1
On 9/18/19 2:52 PM, Julien Grall wrote:
> During livepatch, a single CPU will take care of applying the patch and
> all the others will wait for the action to complete. They will then once
> execute arch_livepatch_post_action() to flush the pipeline.
> 
> Per B2.2.5 "Concurrent modification and execution of instructions" in
> DDI 0487E.a, flushing the instruction cache is not enough to ensure new
> instructions are seen. All the PEs should also do an isb() to
> synchronize the fetched instruction stream.
> 
> Signed-off-by: Julien Grall <julien.grall@arm.com>
> ---
>   xen/arch/arm/livepatch.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/xen/arch/arm/livepatch.c b/xen/arch/arm/livepatch.c
> index 279d52cc6c..00c5e2bc45 100644
> --- a/xen/arch/arm/livepatch.c
> +++ b/xen/arch/arm/livepatch.c
> @@ -88,7 +88,8 @@ void arch_livepatch_revert(const struct livepatch_func *func)
>   
>   void arch_livepatch_post_action(void)
>   {
> -    /* arch_livepatch_revive has nuked the instruction cache. */
> +    /* Discard any stale instructions that may have been fetched. */
> +    isb();
>   }
>   
>   void arch_livepatch_mask(void)
> 
Acked-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Volodymyr Babchuk Sept. 18, 2019, 4:21 p.m. | #2
Hi Julien,

Julien Grall writes:

> During livepatch, a single CPU will take care of applying the patch and
> all the others will wait for the action to complete. They will then once
> execute arch_livepatch_post_action() to flush the pipeline.
>
> Per B2.2.5 "Concurrent modification and execution of instructions" in
> DDI 0487E.a, flushing the instruction cache is not enough to ensure new
> instructions are seen. All the PEs should also do an isb() to
> synchronize the fetched instruction stream.
>
> Signed-off-by: Julien Grall <julien.grall@arm.com>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

> ---
>  xen/arch/arm/livepatch.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/xen/arch/arm/livepatch.c b/xen/arch/arm/livepatch.c
> index 279d52cc6c..00c5e2bc45 100644
> --- a/xen/arch/arm/livepatch.c
> +++ b/xen/arch/arm/livepatch.c
> @@ -88,7 +88,8 @@ void arch_livepatch_revert(const struct livepatch_func *func)
>  
>  void arch_livepatch_post_action(void)
>  {
> -    /* arch_livepatch_revive has nuked the instruction cache. */
> +    /* Discard any stale instructions that may have been fetched. */
> +    isb();
>  }
>  
>  void arch_livepatch_mask(void)

Patch

diff --git a/xen/arch/arm/livepatch.c b/xen/arch/arm/livepatch.c
index 279d52cc6c..00c5e2bc45 100644
--- a/xen/arch/arm/livepatch.c
+++ b/xen/arch/arm/livepatch.c
@@ -88,7 +88,8 @@  void arch_livepatch_revert(const struct livepatch_func *func)
 
 void arch_livepatch_post_action(void)
 {
-    /* arch_livepatch_revive has nuked the instruction cache. */
+    /* Discard any stale instructions that may have been fetched. */
+    isb();
 }
 
 void arch_livepatch_mask(void)