target/ppc: Flush TLB on write to PIDR

qemu with hax to log dma reads & writes jcs.org/2018/11/12/vfio

The PIDR (process id register) is used to store the id of the currently
running process, which is used to select the process table entry used to
perform address translation. This means that when we write to this register
all the translations in the TLB become outdated as they are for a
previously running process. Thus when this register is written to we need
to invalidate the TLB entries to ensure stale entries aren't used to
to perform translation for the new process, which would result in at best
segfaults or alternatively just random memory being accessed.

Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
[dwg: Fixed compile error for 32-bit targets]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>

authored by

Suraj Jitindar Singh and committed by

David Gibson 9 years ago 31b2b0f8 8f37e54e

+17 -2

3 changed files

expand all

target

ppc

helper.h

misc_helper.c

translate_init.c

target/ppc/helper.h

··· 709 709 DEF_HELPER_FLAGS_1(load_purr, TCG_CALL_NO_RWG, tl, env) 710 710 #endif 711 711 DEF_HELPER_2(store_sdr1, void, env, tl) 712 + DEF_HELPER_2(store_pidr, void, env, tl) 712 713 DEF_HELPER_FLAGS_2(store_tbl, TCG_CALL_NO_RWG, void, env, tl) 713 714 DEF_HELPER_FLAGS_2(store_tbu, TCG_CALL_NO_RWG, void, env, tl) 714 715 DEF_HELPER_FLAGS_2(store_atbl, TCG_CALL_NO_RWG, void, env, tl)

target/ppc/misc_helper.c

··· 88 88 } 89 89 } 90 90 91 + void helper_store_pidr(CPUPPCState *env, target_ulong val) 92 + { 93 + PowerPCCPU *cpu = ppc_env_get_cpu(env); 94 + 95 + env->spr[SPR_BOOKS_PID] = val; 96 + tlb_flush(CPU(cpu)); 97 + } 98 + 91 99 void helper_store_hid0_601(CPUPPCState *env, target_ulong val) 92 100 { 93 101 target_ulong hid0;

+8 -2

target/ppc/translate_init.c

··· 394 394 gen_helper_store_sdr1(cpu_env, cpu_gpr[gprn]); 395 395 } 396 396 397 - /* 64 bits PowerPC specific SPRs */ 398 397 #if defined(TARGET_PPC64) 398 + /* 64 bits PowerPC specific SPRs */ 399 + /* PIDR */ 400 + static void spr_write_pidr(DisasContext *ctx, int sprn, int gprn) 401 + { 402 + gen_helper_store_pidr(cpu_env, cpu_gpr[gprn]); 403 + } 404 + 399 405 static void spr_read_hior (DisasContext *ctx, int gprn, int sprn) 400 406 { 401 407 tcg_gen_ld_tl(cpu_gpr[gprn], cpu_env, offsetof(CPUPPCState, excp_prefix)); ··· 8200 8206 KVM_REG_PPC_ACOP, 0); 8201 8207 spr_register_kvm(env, SPR_BOOKS_PID, "PID", 8202 8208 SPR_NOACCESS, SPR_NOACCESS, 8203 - &spr_read_generic, &spr_write_generic, 8209 + &spr_read_generic, &spr_write_pidr, 8204 8210 KVM_REG_PPC_PID, 0); 8205 8211 spr_register_kvm(env, SPR_WORT, "WORT", 8206 8212 SPR_NOACCESS, SPR_NOACCESS,