Xen project Mailing List

Re: [PATCH v2 3/3] amd/msr: implement VIRT_SPEC_CTRL for HVM guests using legacy SSBD

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Mon, 28 Mar 2022 17:24:51 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pgmROSTXiNTy1esC4yRGxI90R9ddUU0WVVD76Osf2Zc=; b=ZX351bSTBKIDqicGIfMMDsgmsJRNMvERxucs/9005f63+GdNE9BYWHc835I3uIg3E7cdB/cpMIqTyutBrxDxWuhw/GTNqeK11jaRo7wU9JiILTmSd1ngsGESuNhbTTlKrqzPGAimvBT0KfUf6yKPyga2g3hth47Wriv8AZmDAJjUKasN+sG66Pt9H1FVBrJELEGGzNjFaVIqBLhXvjwt+aBzNbAncVLpmE5RA0KxFsFEjOKvcgloyj40J/VDBvd+KZb0Pu4/VPjqZO5EuP7yiGGk0cleN51s+twQYYIa4JzMF9c/Y/q1XRfDDiFmYr+G6Tk3AlAlEPXxPwavA9sOGA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H0WU9eyMFFnAF/rdMle0XzBCosmNDKqufjStXOg6oZVf/RSEbTBHAxrvAvrclIy6uznrUtHCV0tMVCnGTIPCDpi5cwNtkgNQpM07MIyf56dT8nZOZqCPLk6eAZRGQ6oeNJIY4cV7zMPjfYsotNHR7M9G2jCrOQWZYhux5u5okow1u7MkhZMmmnXt4BpBOID6apH8ASKz0hKyEu6zWZ6w2YwU+2uWEXDZqU2xaqKZyPo6wGHzZG8ECO8qTnJ8+p5SkKg9VcINOBP6Oxxq9wRtMOWh4lYHFt3PTBDYiC5Q6D5RkonNK/pcnn/WN/5KCqnqmeP0kQjNT259ZulptE6hHQ==

Authentication-results: esa5.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Mon, 28 Mar 2022 15:25:07 +0000

Ironport-data: A9a23:3IMfNqOfUIshttbvrR2xl8FynXyQoLVcMsEvi/4bfWQNrUp20GECz WBNCD2FbPfbYmbyf4tyYY3jph5T75/WxtU2HAto+SlhQUwRpJueD7x1DKtR0wB+jCHnZBg6h ynLQoCYdKjYdleF+lH1dOKJQUBUjclkfJKlYAL/En03FFcMpBsJ00o5wbZi2N4w2LBVPivW0 T/Mi5yHULOa82Yc3lI8s8pvfzs24ZweEBtB1rAPTagjUG32zhH5P7pGTU2FFFPqQ5E8IwKPb 72rIIdVXI/u10xF5tuNyt4Xe6CRK1LYFVDmZnF+A8BOjvXez8CbP2lS2Pc0MC9qZzu1c99Z8 OpP64KuCiwSNZbKhtYQDwhxTyxbFPgTkFPHCSDXXc27ykTHdz3nwul0DVFwNoodkgp1KTgQr 7pCcmlLN03dwbLtqF64YrAEasALNs7kMZlZonh95TrYEewnUdbIRKCiCdpwgmlv15ofTK62i 8wxNiZkYTnRRBN2ZHwsNo87zeOBuiXHfGgNwL6SjfVuuDWCpOBr65D9PdyQdtGUSMF9mkeDu nmA72n/GgsdNtGU1XyC6H3ErvDLtTP2XsQVDrLQ3vxgjUCXx2cTIAYLTlb9qv684nNSQPoGd RZSoHB36/Fvqgr7FbERQiFUvla8gRxCRcQTONYx0weT+KeI8i/FC00tG2sphMMdiOc6Qjkj1 1msltzvBCByvLD9dU9x5ot4vhvpZ3FLcDZqiTssCFJcvoK9+N1bYgfnFI4LLUKjsjHi9dgcK RiupTN2ubgchNVjO06TrQGe2GLESnQko2cICuTrsoCNs1gRiG2NPdXABb3nARBodtzxor6p5 iRspiRmxLpSZaxhbQTUKAn3IJmn5uyeLBrXikN1Ep8q+lyFoiD/LdwIv2skehw3Yq7onAMFh meJ42u9A7cJYROXgVJfOdrtW6zGM4C+fTgaahwkRoUXOcUgHON21CpveVSRzwjQfLsEyskC1 WOgWZ/0Vx4yUP0/pBLvHrt1+eJ7l0gWmDKILbimnkvP7FZrTCPMIVvzGADVNb5RAWLtiFi9z uuzwOPXkk0GC7evO3O/HEx6BQliEEXXzKve8qR/XuWCPhBnCCcmDfrQyqkmYItrg+JekeKgw 513chQwJIbX7ZEfFTi3Vw==

Ironport-hdrordr: A9a23:xyubVK5GaQVMoC/MFwPXwDLXdLJyesId70hD6qkQc3FomwKj9/ xG/c5rsSMc7Qx6ZJhOo7+90cW7L080lqQFhLX5X43SPzUO0VHARO1fBOPZqAEIcBeOlNK1u5 0AT0B/YueAcGSTj6zBkXWF+wBL+qj5zEiq792usUuEVWtRGsZdB58SMHfhLqVxLjM2Y6YRJd 6nyedsgSGvQngTZtTTPAh+YwCSz+e77a4PeHQ9dmYa1DU=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon, Mar 28, 2022 at 04:21:02PM +0200, Jan Beulich wrote: > On 15.03.2022 15:18, Roger Pau Monne wrote: > > +void amd_init_ssbd(const struct cpuinfo_x86 *c) > > +{ > > + if (cpu_has_ssb_no) > > + return; > > + > > + if (cpu_has_amd_ssbd) { > > + /* Handled by common MSR_SPEC_CTRL logic */ > > + return; > > + } > > + > > + if (cpu_has_virt_ssbd) { > > + wrmsrl(MSR_VIRT_SPEC_CTRL, opt_ssbd ? SPEC_CTRL_SSBD : 0); > > + return; > > + } > > + > > + if (!set_legacy_ssbd(c, opt_ssbd)) > > + { > > Nit: In this file the brace belongs on the earlier line and ... > > > printk_once(XENLOG_ERR "No SSBD controls available\n"); > > + if (amd_legacy_ssbd) > > + panic("CPU feature mismatch: no legacy SSBD\n"); > > + } > > + else if ( c == &boot_cpu_data ) > > ... you want to omit the blanks immediately inside the parentheses here. Ouch, yes. > > + amd_legacy_ssbd = true; > > +} > > + > > +static struct ssbd_core { > > + spinlock_t lock; > > + unsigned int count; > > +} *ssbd_core; > > +static unsigned int __ro_after_init ssbd_max_cores; > > + > > +bool __init amd_setup_legacy_ssbd(void) > > +{ > > + unsigned int i; > > + > > + if (boot_cpu_data.x86 != 0x17 || boot_cpu_data.x86_num_siblings <= 1) > > + return true; > > + > > + /* > > + * One could be forgiven for thinking that c->x86_max_cores is the > > + * correct value to use here. > > + * > > + * However, that value is derived from the current configuration, and > > + * c->cpu_core_id is sparse on all but the top end CPUs. Derive > > + * max_cpus from ApicIdCoreIdSize which will cover any sparseness. > > + */ > > + if (boot_cpu_data.extended_cpuid_level >= 0x80000008) { > > + ssbd_max_cores = 1u << MASK_EXTR(cpuid_ecx(0x80000008), 0xf000); > > + ssbd_max_cores /= boot_cpu_data.x86_num_siblings; > > + } > > + if (!ssbd_max_cores) > > + return false; > > + > > + /* Max is two sockets for Fam17h hardware. */ > > + ssbd_core = xzalloc_array(struct ssbd_core, ssbd_max_cores * 2); > > If I'm not mistaken this literal 2, ... > > > + if (!ssbd_core) > > + return false; > > + > > + for (i = 0; i < ssbd_max_cores * 2; i++) { > > ... this one, and ... > > > + spin_lock_init(&ssbd_core[i].lock); > > + /* Record initial state, also applies to any hotplug CPU. */ > > + if (opt_ssbd) > > + ssbd_core[i].count = boot_cpu_data.x86_num_siblings; > > + } > > + > > + return true; > > +} > > + > > +void amd_set_legacy_ssbd(bool enable) > > +{ > > + const struct cpuinfo_x86 *c = &current_cpu_data; > > + struct ssbd_core *core; > > + unsigned long flags; > > + > > + if (c->x86 != 0x17 || c->x86_num_siblings <= 1) { > > + BUG_ON(!set_legacy_ssbd(c, enable)); > > + return; > > + } > > + > > + BUG_ON(c->phys_proc_id >= 2); > > .. this one are all referring to the same thing. Please use a #define to > make the connection obvious. Indeed. That's the maximum number of sockets possible with that CPU family (2). > > @@ -677,14 +680,17 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, > > uint64_t val) > > if ( !cp->extd.virt_ssbd ) > > goto gp_fault; > > > > - /* > > - * Only supports SSBD bit, the rest are ignored. Only modify the > > SSBD > > - * bit in case other bits are set. > > - */ > > - if ( val & SPEC_CTRL_SSBD ) > > - msrs->spec_ctrl.raw |= SPEC_CTRL_SSBD; > > + /* Only supports SSBD bit, the rest are ignored. */ > > + if ( cpu_has_amd_ssbd ) > > + { > > + /* Only modify the SSBD bit in case other bits are set. */ > > While more a comment on the earlier patch introducing this wording, it > occurred to me only here that this is ambiguous: It can also be read as > "Only modify the SSBD bit as long as other bits are set." Hm, no, that's not what I meant. I meant to note that here we are careful to only modify the SSBD bit of spec_ctrl, because other bits might be used for other purposes. We can't do: msrs->spec_ctrl.raw = SPEC_CTRL_SSBD; But maybe this doesn't require a comment, as it seems to raise more questions than answer? > > + if ( val & SPEC_CTRL_SSBD ) > > + msrs->spec_ctrl.raw |= SPEC_CTRL_SSBD; > > + else > > + msrs->spec_ctrl.raw &= ~SPEC_CTRL_SSBD; > > + } > > else > > - msrs->spec_ctrl.raw &= ~SPEC_CTRL_SSBD; > > + msrs->virt_spec_ctrl.raw = val & SPEC_CTRL_SSBD; > > I also think the comment applies equally to the "else" logic, so perhaps > the comment would best remain as is (and merely be re-worded in the > earlier patch)? Sure, let's see if we can get consensus on a proper wording. Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.