[go: up one dir, main page]

RISC-V: Support page protections in memory

Ole Krügerrequested to merge
ole/rv-487-1 into master

Part of RV-487

What

Adds page protection support to the memory when running in supervisor mode.

Why

The Supervising PVM allows the user kernel to change memory protections on a page-by-page basis.

How

We maintain three arrays for each type of access that requires verification. Each element in the array represents a memory page, enabling us to swiftly convert an address into an index of the per-page array.

The layout currently employs a naive proof representation, resulting in substantial proof size. See RV-528: Page protections cause big proofs​ for details.

Manually Testing

make riscv-supervised-dummy.elf
cargo run -F supervisor -- run --pvm -i riscv-supervised-dummy.elf

Benchmarking

master This MR Improvement
M3 MBP 5.792 TPS 5.852 TPS +1.04%
Benchmark Machine 3.841 TPS 3.798 TPS -1.12%

There is a performance impact reproducibly measurable on the reference machine.

Investigation

I concluded that the impact stemmed from the Rust compiler not inlining the code in the same way due to the code changes.

In the image below you can see a comparison of the main function from before (29,574 samples) versus after (29,643 samples). The red line marks the body of the main function. Before, the commands::run::run function was inlined. This is no longer the case.

Please note, that this is only an example to demonstrate how the Rust compiler produces differently structured code. The impact of the below change is negligible as the self portion of those functions is very small.

image.png

If you want to explore the profile yourself: Firefox Profiler

Tasks for the Author

  • Link all Linear issues related to this MR using magic words (e.g. part of, relates to, closes).
  • Eliminate dead code and other spurious artefacts introduced in your changes.
  • Document new public functions, methods and types.
  • Make sure the documentation for updated functions, methods, and types is correct.
  • Add tests for bugs that have been fixed.
  • Put in reasonable effort to ensure that CI will pass.
    • make -C src/riscv
    • dune build src/lib_riscv
    • dune build src/rust_deps
  • Benchmark performance and populate the table above if needed.
  • Explain changes to regression test captures when applicable.
  • Write commit messages to reflect the changes they're about.
  • Self-review your changes to ensure they are high-quality.
  • Complete all of the above before assigning this MR to reviewers.
Edited by Ole Krüger

Merge request reports