Received: by 2002:a05:7208:3003:b0:81:def:69cd with SMTP id f3csp4245658rba; Tue, 2 Apr 2024 11:11:59 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUxxa8Ys1sym6nQ4uZR8cUpfmCDnUPXRsyZUUiBK4Il9T10agYdLzQcGw6j4GRDIN6y6AldMx6JEOgroK9vIRGmG2mYSH8CNlHcLMuvfw== X-Google-Smtp-Source: AGHT+IE3wOJ2n/FqklGIHmf9M4FErSfb2zeeA12mBLSIIG6x2sh2AyftWQ3nzawtM4fmT2iDsjlz X-Received: by 2002:a05:6402:40c7:b0:56c:d21:d919 with SMTP id z7-20020a05640240c700b0056c0d21d919mr2093711edb.34.1712081519125; Tue, 02 Apr 2024 11:11:59 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712081519; cv=pass; d=google.com; s=arc-20160816; b=Wf8ZWA/rtqtloGnqOiNFFbPdsXtg/OiweHHc35dAaq9CCheeYFGKn7A9wJuUTwEKtc AHEAug1RvuVH1ql8HoMWFE08Et9bAzzIMQhoAkNil1MX+0bvPqh/GU1vQiT2HES7hEip KTytRYJL+e5qNSPBjm/chInIUNapaJVz32L6F+2OlVAV9wKBYuWi8EyjFz/mnYTwzLn9 eKrvsgPbi2uYZhizdGB6n1P/inXr/l6khypi4dgiye8D9FnDbr5izSBosWh7koW69E+U SNnRHzl9rU4HhSDUbwTlorrECuItZCaxhW1LxMglSPY6d8Wkfic1Wn2VxUpweCjDNm/0 BOmQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date; bh=nzPG7NkkvJfbBAsWCHJ/gBkpE9/hpkPnPyaftkrNAlw=; fh=YmWscFy0cqgCZi89FkotrhiUUcTY5gksoR+LWAixXhU=; b=jYwgCXYXpVL/fnI/ll3Rue5++zzBq0WncI7j/TpP0yfeMEhffGB4cS2qO7vURs+hSu kctSC8WGeDHIT+AM/2qmo9hFn4/LsgsiniJPPG1rI6rGQFzsBx4undF1nZTBJOTPDhwC Dy/xTllpvwSPcjnPKT9BB5ICARVni49SCZB3ql3xArPDH4v1Z8bgD9HCHHwcLTLv/5VB ve+kwspKlckcFE5DZ65oAvwEr0QCd7sY8/gv/OHkTn898xF4KvOJzrd6JEdeMZtHuDbb tOLZlWcd1k3AMuVOvXpBAyUNsYikYGQbdEFPNoI7s+VCRZNBUBSVB3B6aixDWy+4PBPV +m6g==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=arm.com dmarc=pass fromdomain=arm.com); spf=pass (google.com: domain of linux-kernel+bounces-128489-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-128489-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id z18-20020a05640240d200b0056c1ccd2dfdsi5908764edb.25.2024.04.02.11.11.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Apr 2024 11:11:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-128489-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=arm.com dmarc=pass fromdomain=arm.com); spf=pass (google.com: domain of linux-kernel+bounces-128489-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-128489-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 9AABC1F22215 for ; Tue, 2 Apr 2024 18:11:58 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0C3A015AD80; Tue, 2 Apr 2024 18:11:52 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3021015AAD7 for ; Tue, 2 Apr 2024 18:11:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=217.140.110.172 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712081511; cv=none; b=UTtxr5iK+/akvjZjqkF8lXUd2IV4K8+brgLxqHqZQaM8OT321h3/Y9LW470q/QyAB+v4X057P8BEywnEbQRDAZVwqxF/iMOgkz4jV4FnOIR2JZGH1XAqVmL7gZFO8ph3GioJN39r+4k6jWB8JJ9RVgwJIK2k0BD2PVMwy7AEq5Q= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712081511; c=relaxed/simple; bh=4JmSWPxQ7WjqtjBMCMN4q6rtpi1w4hviH2iHcZhRAYg=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=HpJkcD6tDUIqOmsVGBlZv+rzdOiBusqlewH9IGbTq16MyOM4aQBLvkgT8mplYhZYfNl0OZc2sE1ou/WXIyl2DqVwttXh4O0gzfyQFTxd1FnOORTQQG2miJONTaxtVGN2jW+zENSUq1eNPUzVpSgwEzWz3JLOLWkVV1n6uhAp5go= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com; spf=pass smtp.mailfrom=arm.com; arc=none smtp.client-ip=217.140.110.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=arm.com Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 9E5FD1007; Tue, 2 Apr 2024 11:12:19 -0700 (PDT) Received: from FVFF77S0Q05N (unknown [10.57.16.234]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id D30633F766; Tue, 2 Apr 2024 11:11:46 -0700 (PDT) Date: Tue, 2 Apr 2024 19:11:43 +0100 From: Mark Rutland To: Vineet Gupta Cc: Will Deacon , Andrew Waterman , Palmer Dabbelt , lkml , Mark Brown , Dave Martin Subject: Re: ARM SVE ABI: kernel dropping SVE/SME state on syscalls Message-ID: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Wed, Mar 27, 2024 at 05:30:00PM -0700, Vineet Gupta wrote: > Hi Will, Marc, > > In the RISC-V land we are hitting an issue and need some help > understanding the SVE ABI about dropping the state on syscalls (and its > implications etc - in hindsight) > > If I'm reading the arm64 code correctly, SVE state is unconditionally > (for any syscall whatsoever) dropped in following code path: > > el0_svc > fp_user_discard > > The RISC-V Vector ABI mandates something similar and kernel implements > something similar. > > 2023-06-29 9657e9b7d253 riscv: Discard vector state on syscalls > > However in recent testing with RISC-V vector builds we are running into > an issue when this just doesn't work. > > Just for some background, RISC-V vector instructions relies on > additional state in a VTYPE register which is setup using an apriori > VSETVLI insn. > So consider the following piece of code: > > 3ff80: cc787057 vsetivli zero,16,e8,mf2,ta,ma > <-- sets up VTYPE > 3ff84: 44d8 lw a4,12(s1) > 3ff86: 449c lw a5,8(s1) > 3ff88: 06f75563 bge a4,a5,3fff2 > 3ff8c: 02010087 vle8.v v1,(sp) > 3ff90: 020980a7 vse8.v v1,(s3) <-- Vector store > instruction > Here's the sequence of events that's causing the issue > > 1. The vector store instruction (in say bash) takes a page fault, enters > kernel. > 2. In PF return path, a SIGCHLD signal is pending (a bash sub-shell > which exited, likely on different cpu). At this point, surely you need to save the VTYPE into a sigframe before delivering the signal? > 3. kernel resumes in userspace signal handler which ends up making an > rt_sigreturn syscall - and which as specified discards the V state (and > makes VTYPE reg invalid). The state is discarded at syscall entry, but rt_sigreturn() runs *after* the discard. If you saved the original VTYPE prior to delivering the signal, it should be able to restore it regardless of whether it'd be clobbered at syscall entry. Surely you *must* save/restore VTYPE in the signal frame? Otherwise the signal handler can't make any syscall whatsoever, or it's responsible for saving and restoring VTYPE in userspace, which doesn't seem right. > 4. When sigreturn finally returns to original Vector store instruction, > invalid VTYPE triggers an Illegal instruction which causes a SIGILL (as > state was discarded above). > > So there is no way dropping syscall state would work here. As above, I don't think that's quite true. It sounds to me like that the actual bug is that you don't save+restore VTYPE in the signal frame? > How do you guys handle this for SVE/SME ? One way would be to not do the > discard in rt_sigreturn codepath, but I don't see that - granted I'm not > too familiar with arch/arm64/*/** IIUC this works on arm64 because we'll save all the original state when we deliver the signal, then restore that state *after* entry to the rt_sigreturn() syscall. I can go dig into that tomorrow, but I don't see how this can work unless we save *all* state prior to delivering the signal, and restoring *all* that state from the sigframe. > Other thing I wanted to ask is, have there been any perf implications of > this ABI decision: as in if this was other way around, userspace (and/or > compilers) could potentially leverage the fact that SVE/SME state would > still be valid past a syscall - and won't have to reload/resetup etc. I believe Mark Brown has made some changes recently to try to avoid some of that impact. He might be able to comment on that. Mark.