This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Armv9 RME Cache access and GPC sequence order

I'm studying the Realm Management Extensions, and a question came to mind. The Arm ARM and other documentation (e.g., den0126) suggest that, conceptually, the GPC is performed before any memory access (including the caches). However, since cache lines are tagged with the associated PA, I imagine that this cache tag is used in coherency protocols as part of the snooped address. If so, imagine a hypothetical scenario where we are using different GPTs in two coherent cores with mutually exclusive regions marked as Normal and the rest of the PA marked as Root, both running in the Normal world. Could one of the cores access the other core's memory by fetching the data via the coherency bus if it were present in the other core cache (thus tagged as Normal) despite being marked as Root in its local GPT? Would the line be fetched but blocked by the GPC? If not, this would contradict my first observation. What behavior should I expect in future implementations? Can you point me to other documentation that would clear this up for me?

Note that I am perfectly aware that CCA was designed for a single shared GPT across all PEs. However, the spec seems to suggest that this is kind of implementation dependent (constrained unpredictable behavior which allows it in one of the variants). Also, I imagine we'll only likely find TLB entries with cached GPT information shared across PEs in SMT implementations.

Parents
  • imagine a hypothetical scenario where we are using different GPTs in two coherent cores

    As you noted, that's not how the architecture is designed to work.  The GPTs control which locations are in which physical address space - that needs to be consistent across all the devices in the system.

    Could one of the cores access the other core's memory by fetching the data via the coherency bus if it were present in the other core cache (thus tagged as Normal) despite being marked as Root in its local GPT?

    No.  From the spec:

    R_GRGXY If GPCCR_EL3.GPC is 1, enabling granule protection checks, then all accesses are subject to granule protection checks, except for fetches of Granule Protection Table (GPT) information and accesses governed by the GPCCR_EL3.GPCP control.

    Meaning that any access (e.g. a load or instruction fetch) would have to be checked against the GPT.  If the PA of the attempted access doesn't match whats in the GPT, then you'll get a GPF.  The requested PA being in a cache doesn't remove the need to perform the Granule Protection Check.

    What you could potentially cause is corruption through incoherent access.  If PE A thinks the location is NS and PE B thinks the location is S, then caches lines with both PAs could exist independently in the system.  Which is going to be a problem when those lines get written back past the Point of Physical Aliasing (PoPA).

    But again... the intention of the spec is that PEs don't have inconsistent GPTs:

    I_BSPQD To avoid CONSTRAINED UNPREDICTABLE behavior, Root firmware must ensure that both:

    • Before GPCCR_EL3.GPC is set to 1, GPCCR_EL3 and GPTBR_EL3 are otherwise configured consistently with other PEs.
    • Before enabling any stage of translation, GPCCR_EL3.GPC is set to 1.
Reply
  • imagine a hypothetical scenario where we are using different GPTs in two coherent cores

    As you noted, that's not how the architecture is designed to work.  The GPTs control which locations are in which physical address space - that needs to be consistent across all the devices in the system.

    Could one of the cores access the other core's memory by fetching the data via the coherency bus if it were present in the other core cache (thus tagged as Normal) despite being marked as Root in its local GPT?

    No.  From the spec:

    R_GRGXY If GPCCR_EL3.GPC is 1, enabling granule protection checks, then all accesses are subject to granule protection checks, except for fetches of Granule Protection Table (GPT) information and accesses governed by the GPCCR_EL3.GPCP control.

    Meaning that any access (e.g. a load or instruction fetch) would have to be checked against the GPT.  If the PA of the attempted access doesn't match whats in the GPT, then you'll get a GPF.  The requested PA being in a cache doesn't remove the need to perform the Granule Protection Check.

    What you could potentially cause is corruption through incoherent access.  If PE A thinks the location is NS and PE B thinks the location is S, then caches lines with both PAs could exist independently in the system.  Which is going to be a problem when those lines get written back past the Point of Physical Aliasing (PoPA).

    But again... the intention of the spec is that PEs don't have inconsistent GPTs:

    I_BSPQD To avoid CONSTRAINED UNPREDICTABLE behavior, Root firmware must ensure that both:

    • Before GPCCR_EL3.GPC is set to 1, GPCCR_EL3 and GPTBR_EL3 are otherwise configured consistently with other PEs.
    • Before enabling any stage of translation, GPCCR_EL3.GPC is set to 1.
Children