[PATCH] arm64: clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1

Wed Oct 27 04:09:47 PDT 2021

On Tue, Oct 26, 2021 at 11:44:51PM -0700, Reiji Watanabe wrote:
> On Tue, Oct 26, 2021 at 5:23 AM Mark Rutland <mark.rutland at arm.com> wrote:
> > On Tue, Oct 26, 2021 at 12:22:20PM +0100, Robin Murphy wrote:
> > > On 2021-10-26 04:48, Reiji Watanabe wrote:
> > > > Currently, clear_page() uses DC ZVA instruction unconditionally.  But it
> > > > should make sure that DCZID_EL0.DZP, which indicates whether or not use
> > > > of DC ZVA instruction is prohibited, is zero when using the instruction.
> > > > Use stp as memset does instead when DCZID_EL0.DZP == 1.
> > > >
> > > > Signed-off-by: Reiji Watanabe <reijiw at google.com>
> > > > ---
> > > >   arch/arm64/lib/clear_page.S | 11 +++++++++++
> > > >   1 file changed, 11 insertions(+)
> > > >
> > > > diff --git a/arch/arm64/lib/clear_page.S b/arch/arm64/lib/clear_page.S
> > > > index b84b179edba3..7ce1bfa4081c 100644
> > > > --- a/arch/arm64/lib/clear_page.S
> > > > +++ b/arch/arm64/lib/clear_page.S
> > > > @@ -16,6 +16,7 @@
> > > >    */
> > > >   SYM_FUNC_START_PI(clear_page)
> > > >     mrs     x1, dczid_el0
> > > > +   tbnz    x1, #4, 2f      /* Branch if DC GVA is prohibited */
> >
> > DCZID_EL0.DZP (AKA DCZID_EL0[4]) says whether all of DC {ZVA,GVA,GZVA}
> > are prohibited. This loop uses DZ ZVA, not GC GVA, so it'd be nice to
> > s/GVA/ZVA/ here.
> 
> Thank you for catching it ! I will fix that.
> 
> > Howver, `DC GVA` and `DC GZVA` are both used in mte_set_mem_tag_range(),
> > which'll need a similar update...
> 
> Yes, I'm aware of that and mte_zero_clear_page_tags() needs to get
> updated as well.  But, Since I'm not familiar with MTE (and I don't
> have any plans to use MTE yet), I didn't work on them (I'm not sure
> how I can test them).
> I might try to fix them separately later as well when I have time
> (not so soon most likely though).

My view is that we should either:

* Document that we require DCZID_EL0.DZP==0, as is implicitly the case
  today.

* Fix *all* usage of DC {ZVA,GVZ,GZVA} to work with DCZID_EL0.DZP==1.

... otherwise we're just hiding the problem rather than fixing it.

QEMU TCG mode has MTE support, so it should be possible to test using
that in a configuration such as:

 -machine virt,virtualization=on,mte=on -cpu max

... then you can hack the EL2 stub code in head.S to initialize
HCR_EL2.TDZ=1 before dropping to EL1 (and reporting that the kernel
started at EL1).

Thanks,
Mark.