On Mon, Dec 28, 2020 at 1:09 PM Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx> wrote: > > ----- On Dec 27, 2020, at 4:36 PM, Andy Lutomirski luto@xxxxxxxxxx wrote: > > [...] > > >> You seem to have noticed odd cases on arm64 where this guarantee does not > >> match reality. Where exactly can we find this in the code, and which part > >> of the architecture manual can you point us to which supports your concern ? > >> > >> Based on the notes I have, use of `eret` on aarch64 guarantees a context > >> synchronizing > >> instruction when returning to user-space. > > > > Based on my reading of the manual, ERET on ARM doesn't synchronize > > anything at all. I can't find any evidence that it synchronizes data > > or instructions, and I've seen reports that the CPU will happily > > speculate right past it. > > Reading [1] there appears to be 3 kind of context synchronization events: > > - Taking an exception, > - Returning from an exception, > - ISB. My reading of [1] is that all three of these are "context synchronization event[s]", but that only ISB flushes the pipeline, etc. The little description of context synchronization seems to suggest that it only implies that certain register changes become effective. > > This other source [2] adds (search for Context synchronization operation): > > - Exit from Debug state > - Executing a DCPS instruction > - Executing a DRPS instruction > > "ERET" falls into the second kind of events, and AFAIU should be context > synchronizing. That was confirmed to me by Will Deacon when membarrier > sync-core was implemented for aarch64. If the architecture reference manuals > are wrong, is there an errata ? > > As for the algorithm to use on ARMv8 to update instructions, see [2] > B2.3.4 Implication of caches for the application programmer > "Synchronization and coherency issues between data and instruction accesses" This specifically discusses ISB. Let's wait for an actual ARM64 expert to chime in, though.
