[RISC-V] [tech-tee] The proposal of sPMP
|
mick@...
Στις 2021-04-20 03:31, Jonathan Behrens έγραψε:
On Mon, Apr 19, 2021 at 8:21 PM Nick Kossifidis via lists.riscv.org <mick=ics.forth.gr@...> wrote:Ouch ! good point there, that's definitely a scenario that doesn't make sense.Στις 2021-04-19 22:47, Jonathan Behrens έγραψε:It for instance rules out the case where M-mode uses PMP, HS-mode uses sPMP and paging, and VS-mode also uses sPMP and paging. That would be 5 stages of protection for every access! (Which is way worse than it sounds because each level of walking a page table also has to be validated)How about sPMP is only used if satp.MODE=BARE or virtualization isI'd be ok with this, but I don't see what we gain from it, in the end Regards, Nick |
|
|
|
mick@...
Στις 2021-04-20 00:37, Bill Huffman έγραψε:
Perhaps we should rename the sPMP to something that sounds more likeGood point, if we end up treating it differently than PMA/PMP it makes sense to name it differently as well. Regards, Nick |
|
|
|
Dong Du
Yes, it's reasonable as both sPMP and paging provides memory protection that is managed by the S-mode. Following the idea, suggestions by Bill and Jonathan to rename exception codes 12, 13, and 15 to "page fault / sPMP fault" or "S-mode access fault" do make sense. All the best, Dong ------------------ Original ------------------ Date: Tue, Apr 20, 2021 09:06 AM To: "Bill Huffman"<huffman@...>; Cc: "Paolo Bonzini"<pbonzini@...>; "tech-privileged"<tech-privileged@...>; Subject: Re: [RISC-V] [tech-privileged] [RISC-V] [tech-tee] The proposal of sPMP Στις 2021-04-20 00:37, Bill Huffman έγραψε: > Perhaps we should rename the sPMP to something that sounds more like > the simplified page table idea. Maybe Memory Protection Unit. The > fact that it resembles PMP doesn't have to appear in the name. > Good point, if we end up treating it differently than PMA/PMP it makes sense to name it differently as well. Regards, Nick |
|
|
|
Most hypervisor will always have G-stage (Stage2) programmed for each Guest/VM irrespective whether VS-mode MMU is on or off. This means the G-stage level protection is always there for Guest/VM. When a Guest/VM does invalid physical address access, the hypervisor catches it as trap. Most hypervisor will always stop/dump the Guest/VM when it misbehaves and possibly even report the event to some cloud management software. I don’t see how sPMP fits in virtualization scenario considering a G-stage is already available. Things will get even more complicated for nested virtualization if a hypervisor chooses to expose sPMP to the Guest hypervisor.
The only utility of sPMP seems to be letting HS-mode handle invalid access trap directly rather than being routed through M-mode firmware.
I think it is best to just re-purpose page fault exception codes for sPMP whenever sPMP is available.
Regards, Anup
From: tech-privileged@... <tech-privileged@...>
On Behalf Of Dong Du
Sent: 20 April 2021 07:32 To: Nick Kossifidis <mick@...>; Bill Huffman <huffman@...> Cc: Paolo Bonzini <pbonzini@...>; tech-privileged <tech-privileged@...>; tech-tee <tech-tee@...> Subject: Re: [RISC-V] [tech-privileged] [RISC-V] [tech-tee] The proposal of sPMP
Yes, it's reasonable as both sPMP and paging provides memory protection that is managed by the S-mode.
Following the idea, suggestions by Bill and Jonathan to rename exception codes 12, 13, and 15 to "page fault / sPMP fault" or "S-mode access fault" do make sense.
All the best, Dong
------------------ Original ------------------ Date: Tue, Apr 20, 2021 09:06 AM To: "Bill Huffman"<huffman@...>; Cc: "Paolo Bonzini"<pbonzini@...>; "tech-privileged"<tech-privileged@...>; Subject: Re: [RISC-V] [tech-privileged] [RISC-V] [tech-tee] The proposal of sPMP
Στις 2021-04-20 00:37, Bill Huffman έγραψε: |
|
|