Any register or memory value that is used by the .tlb_fill
function (e.g., in ppc_xlate()) can affect what gets put in TCG's
TLB, so changing it requires either: that the ISA permits cached
address translations that become incoherent vs the changed value;
that TCG TLB is "tagged" with the changing value (e.g., with mmuidx);
or that the TCG TLB is flushed.
ppc is missing a few such flushes. Other than the AMR flush, Linux/KVM
probably covers such SPR changes with other flushes (e.g., context
switching between guests or guest/host will update LPCR and LPIDR and
LPIDR update already causes a TLB flush), which explains why they
haven't caused obvious bugs.
Thanks,
Nick
Nicholas Piggin (3):
target/ppc: flush TLB on HRMOR and LPCR SPR updates
target/ppc: Avoid work if MMU SPRs are written with same value
target/ppc: add missing TLB flushes for memory protection key SPR
updates
target/ppc/helper.h | 3 ++
target/ppc/spr_common.h | 1 +
target/ppc/cpu.c | 12 +++++-
target/ppc/cpu_init.c | 6 +--
target/ppc/misc_helper.c | 85 +++++++++++++++++++++++++++++++++++++++-
target/ppc/translate.c | 62 ++++++-----------------------
6 files changed, 114 insertions(+), 55 deletions(-)
--
2.47.1
