On Wed, Jul 20, 2016 at 12:19:20PM +0200, Jan Kiszka wrote: > Again my question: What are the requirements regarding cache maintenance > when allowing a guest to run with caches off?
a) There must be no cacheable alias for the relevant addresses present in TLBs or page tables for any CPU, for the executing exception level or higher. Note that this includes hyp on the CPU the guest is executing on, even during the execution of the guest. b) All caches to the PoC must not contain entries for any address the guest will access. i.e. first you must invalidate, or clean+invalidate the address range to the PoC. This must be done by VA, and broadcast so as to affect all relevant caches. If those are not strictly followed, the usual issues resulting from mismatched attributes, or from unexepcted data cache hit apply. I believe that KVM is on dodgy ground due to the kernel linear mapping violating (a), and hence (b) also. > Jean-Philippe tried to address that in [1], but it's not complete or > not fully correct or even both. It looks like that's using Set/Way ops, so that's not correct in all cases. That does not guarantee the state of shared levels of cache, nor of system caches. It doesn't affect other agents and is also incomplete. Thanks, Mark. > [1] > https://github.com/siemens/jailhouse/commit/add44a7a8431058ec9acb3db328166f8a8c34dcb -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
