Andrea Mondelli <andrea.mondelli@...>
Yeah. Set the sstatus.SUM bit, then use regular load and store instructions to access user memory, then clear sstatus.SUM.
Thanks Andrew, I’d forgotten about SUM bit!
It means the privilege with which S-mode loads and store access virtual memory cannot be used for specific addresses (i.e. check the function parameters of a syscall) avoiding the sstatus update overhead, right?
According to the manual, “Operating systems can execute the majority of code with SUM clear; the few code segments that
should access user memory can temporarily set SUM.” the SUM must be temporary set and unset per syscall, then.
Changes to the sstatus fields SUM take effect immediately, without the need to execute
an SFENCE.VMA instruction, so we cannot really consider this set/unset an overhead, probably.
Any (historical or practical) reason to avoid solutions like ad-hoc privileged instructions for this purpose?