Re: [RFC 11/14] x86: add support for Dynamic Kernel Stacks

[H. Peter Anvin]

On March 11, 2024 5:53:33 PM PDT, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
>On 3/11/24 16:56, Nadav Amit wrote:
>> So you can look on the dirty-bit, which is not being set
>> speculatively and save yourself one problem.
>Define "set speculatively". :)
>
>> If software on one logical processor writes to a page while software
>> on another logical processor concurrently clears the R/W flag in the
>> paging-structure entry that maps the page, execution on some
>> processors may result in the entry’s dirty flag being set (due to the
>> write on the first logical processor) and the entry’s R/W flag being
>> clear (due to the update to the entry on the second logical
>> processor).
>
>In other words, you'll see both a fault *AND* the dirty bit.  The write
>never retired and the dirty bit is set.
>
>Does that count as being set speculatively?
>
>That's just the behavior that the SDM explicitly admits to.

Indeed; both the A and D bits are by design permissive; that is, the hardware can set them at any time.

The only guarantees are:

1. The hardware will not set the A bit on a not present late, nor the D bit on a read only page.

2. *Provided that the user has invalidated the page entry in the TLB*, hardware guarantees the respective bits will be set before a dependent memory access is made visible. Thus the bits are guaranteed to reflect a strict superset of operations performed architecturally.