On 14 March 2013 16:56, Marc Zyngier <marc.zyngier@xxxxxxx> wrote: > On 14/03/13 16:10, Peter Maydell wrote: >> So this whole code path is really relying on something >> subtle which I think it would be good to describe explicitly >> in the code (ie in a comment): >> >> /* When we get a stage 2 Permission fault, there is a possibility >> * of a race where the fault_ipa is not in fact correct. (This >> * happens because host CPUs do not set the HPFAR on a stage >> * 2 Permission fault, and so we have to do a separate VA-to-IPA >> * lookup; the stage 1 mapping may change in the window between >> * taking the fault to hyp mode and doing the VA-to-IPA lookup.) >> * This means that any handling of a stage 2 Permission fault must: >> * + be idempotent >> * + be safe to do for any IPA >> * + be concluded by restarting the faulting guest instruction, >> * not by emulating and skipping over it >> */ > > If you don't mind, I'll add this comment to the patch series (I've > recently re-spun it and started collecting data points). Please do. thanks -- PMM _______________________________________________ kvmarm mailing list kvmarm@xxxxxxxxxxxxxxxxxxxxx https://lists.cs.columbia.edu/cucslists/listinfo/kvmarm
