From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
 by mx.groups.io with SMTP id smtpd.web10.7458.1684574410057064107
 for <devel@edk2.groups.io>;
 Sat, 20 May 2023 02:20:10 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=s92p198H;
 spf=pass (domain: kernel.org, ip: 139.178.84.217, mailfrom: ardb@kernel.org)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by dfw.source.kernel.org (Postfix) with ESMTPS id 6856D60F95;
	Sat, 20 May 2023 09:20:09 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 66D0FC433D2;
	Sat, 20 May 2023 09:20:07 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1684574408;
	bh=nIrELrQhSUmSOocpnKs2poiIKQ1rd2fx3Rd3RLfUbkQ=;
	h=From:To:Cc:Subject:Date:From;
	b=s92p198HPIC8pvuwnhMZtAnipTpQ7upgn9G5D8G98VsP/qDGs+jGnq/IsBaxQlerC
	 P/faLbY7cwhFaElCQ4qgwdSU9/B/84XMpQej3g14LsgoBIJOt0gx8UFt471jzuDv0K
	 MbO/aRe+l0AoqoCfo9uQdYWF2e8NfM2D1GnNwIjrCOVH7TrwuucVD2e3rTK7o5+hQU
	 OrQDB2Bm4JwGs3no44sAixm92k1w0qo0vMe5JM697kIbp/OjE3j3anFe2mg8Uzkd3b
	 SI1/iL5ldO+VQUGHFYiN/+Z8lkRqmqS0Rvsbgb+VPSz98OmdIaatQMm+v/q7mNmImY
	 cpPss93MUKHFg==
From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Oliver Steffen <osteffen@redhat.com>
Subject: [PATCH edk2-stable202305] ArmPkg/ArmMmuLib: Add missing ISB after page table update
Date: Sat, 20 May 2023 11:19:58 +0200
Message-Id: <20230520091958.310712-1-ardb@kernel.org>
X-Mailer: git-send-email 2.39.2
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

The helper that updates live page table entries writes a zero entry,=0D
invalidates the covered address range from the TLBs, and finally writes=0D
the actual entry. This ensures that no TLB conflicts can occur.=0D
=0D
Writing the final entry needs to complete before any translations can be=0D
performed, as otherwise, the zero entry, which describes an invalid=0D
translation, may be observed by the page table walker, resulting in a=0D
translation fault. For this reason, the final write is followed by a DSB=0D
barrier instruction.=0D
=0D
However, this barrier will not stall the pipeline, and instruction=0D
fetches may still hit this invalid translation, as has been observed and=0D
reported by Oliver. To ensure that the new translation is fully active=0D
before returning from this helper, we have to insert an ISB barrier as=0D
well.=0D
=0D
Cc: Liming Gao <gaoliming@byosoft.com.cn>=0D
Cc: Leif Lindholm <quic_llindhol@quicinc.com>=0D
Cc: Michael D Kinney <michael.d.kinney@intel.com>=0D
Reported-by: Oliver Steffen <osteffen@redhat.com>=0D
Tested-by: Oliver Steffen <osteffen@redhat.com>=0D
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>=0D
---=0D
 ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S | 1 +=0D
 1 file changed, 1 insertion(+)=0D
=0D
diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S b/Arm=
Pkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S=0D
index 887439bc042f0f16..1f0d8057926933d7 100644=0D
--- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S=0D
+++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibReplaceEntry.S=0D
@@ -65,6 +65,7 @@=0D
   // write updated entry=0D=0D
   str   x1, [x0]=0D=0D
   dsb   nshst=0D=0D
+  isb=0D=0D
 =0D=0D
 .L2_\@:=0D=0D
   .endm=0D=0D
-- =0D
2.39.2=0D
=0D