On Mon, 3 Feb 2020 at 11:36, Peter Maydell <peter.mayd...@linaro.org> wrote: > Since we don't flush TLBs when HCR_EL2.E2H changes, I'm wondering > about this sequence: > > * initially HCR_EL2.E2H == 1 and the E2&0 TLBs are populated > * HCR_EL2.E2H is set to 0 > * TTBR1_EL2 is written with a different ASID from step 1, > but we don't flush the TLBs because HCR_EL2.E2H is 0 > * HCR_EL2.E2H is set to 1 > * guest will pick up wrong-ASID TLB entries from step 1 > > Does the architecture require that the guest did some TLB > maintenance ops somewhere along the line to avoid this? > I haven't tried to look for them, but given the different > ASIDs I'm not sure it does...
...HCR_EL2.E2H documents that it "is permitted to be cached in a TLB", which means that the guest has to do *some* TLB maintenance ops if it changes it; unclear exactly which, though... thanks -- PMM
