Re: [RISC-V] [tech-tee] The proposal of sPMP

Anup Patel

Most hypervisor will always have G-stage (Stage2) programmed for each Guest/VM irrespective whether VS-mode MMU is on or off. This means the G-stage level protection is always there for Guest/VM. When a Guest/VM does invalid physical address access, the hypervisor catches it as trap. Most hypervisor will always stop/dump the Guest/VM when it misbehaves and possibly even report the event to some cloud management software. I don’t see how sPMP fits in virtualization scenario considering a G-stage is already available. Things will get even more complicated for nested virtualization if a hypervisor chooses to expose sPMP to the Guest hypervisor.


The only utility of sPMP seems to be letting HS-mode handle invalid access trap directly rather than being routed through M-mode firmware.


I think it is best to just re-purpose page fault exception codes for sPMP whenever sPMP is available.





From: tech-privileged@... <tech-privileged@...> On Behalf Of Dong Du
Sent: 20 April 2021 07:32
To: Nick Kossifidis <mick@...>; Bill Huffman <huffman@...>
Cc: Paolo Bonzini <pbonzini@...>; tech-privileged <tech-privileged@...>; tech-tee <tech-tee@...>
Subject: Re: [RISC-V] [tech-privileged] [RISC-V] [tech-tee] The proposal of sPMP


Yes, it's reasonable as both sPMP and paging provides memory protection that is managed by the S-mode.


Following the idea,  suggestions by Bill and Jonathan to rename exception codes 12, 13, and 15 to "page fault / sPMP fault" or "S-mode access fault" do make sense.



All the best,




------------------ Original ------------------

Date:  Tue, Apr 20, 2021 09:06 AM

To:  "Bill Huffman"<huffman@...>;

Cc:  "Paolo Bonzini"<pbonzini@...>; "tech-privileged"<tech-privileged@...>;

Subject:  Re: [RISC-V] [tech-privileged] [RISC-V] [tech-tee] The proposal of sPMP


Στις 2021-04-20 00:37, Bill Huffman έγραψε:
> Perhaps we should rename the sPMP to something that sounds more like
> the simplified page table idea.  Maybe Memory Protection Unit.  The
> fact that it resembles PMP doesn't have to appear in the name.

Good point, if we end up treating it differently than PMA/PMP it makes
sense to name it differently as well.


Join to automatically receive all group messages.