[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-4.17 v2.1 2/3] amd/virt_ssbd: set SSBD at vCPU context switch

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Thu, 3 Nov 2022 11:36:15 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=MOlqFFdlqkSrSuHO7CBiVu6CfT8Hc2+Tr2HU8NrDTG0=; b=MuAUXhJBU1m33lkhypHozFLHNnPpAa4dVj7g/vm+TAxP4nxpyHOpTJS2AnL08C2MVyO5/ZAv4SO2dI9w3H3VLFi1r41MSaawNUMNesJ9xHqpdWZV0Ev4Gv5ivR+mwNlgvKs+G9Pyad3tbDCb+vx2bVfcLyDUS43W6hS1Tytrpay9Kgzk/tnHHec6sXaz2xtmFvsmKDQfcEJHq7WTb6QEYndDMFSN8uMLEhtChzK109BzR+k2fbmoMrle0V6uexBcQDegy3qsbTO4Y67I9KzTrZnV60vd0QLR7UoeMLW085ISC+5Zoyq1g704U7MC65c7BvkrMU2ry7/+aO+B5D9aMg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d17MZRDXkUUIAJnJxtQZM6sj86vLZ/4utr/yK932tKModGEVLkNjsynX0g/ki3uBwOGzCOz6M2Y/4jyBp/QqbHf7/UXItGGjGNflDDSV7o/WZ/kErdsS13KfhoMGpd3vKJYheYpVgfdLptn2seTuP/DUuOxg6HGhY94Qse7biIR03f4PoMMZcj4dZmH9MfI+uYcUszJhSszaF/OgI5hbjsCYcQhHOZxQdt7jJe0Q/8VQwc4U0EbHtwB20gS0yavZi6yZkSs+KtiOWKH7HCzrVlVKu8CeBK8NBoYY65fZyNNsN2ngxtzpq0vlvB8rL3i/qr0DGKW5ZyJU6jboQeXQ+Q==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Henry.Wang@xxxxxxx, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Thu, 03 Nov 2022 10:36:35 +0000
  • Ironport-data: A9a23:90WwYq6RSBC53ty9eCf9lQxRtOPGchMFZxGqfqrLsTDasY5as4F+v mAWCziPOfyIamT1edAibo6xpkoF6J6HzdYwSQI9/C41Hi5G8cbLO4+Ufxz6V8+wwm8vb2o8t plDNYOQRCwQZiWBzvt4GuG59RGQ7YnRGvynTraBYnoqLeNdYH9JoQp5nOIkiZJfj9G8Agec0 fv/uMSaM1K+s9JOGjt8B5mr9VU+4ZwehBtC5gZkPKkT5weH/5UoJMl3yZ+ZfiOQrrZ8RoZWd 86bpJml82XQ+QsaC9/Nut4XpWVTH9Y+lSDX4pZnc/DKbipq/0Te4Y5iXBYoUm9Fii3hojxE4 I4lWapc6+seFvakdOw1C3G0GszlVEFM0OevzXOX6aR/w6BaGpdFLjoH4EweZOUlFuhL7W5m9 sI7IxcrTzO6tu+5h6qyavVtqNkpBZy+VG8fkikIITDxK98DGMiGb4CUoNhS0XE3m9xEGuvYa 4wBcz1zYR/cYhpJfFAKFJY5m+TujX76G9FagAvN+exrvC6OnEooiOCF3Nn9I7RmQe1PmUmVv CTe9nnRCRAGLt2PjzGC9xpAg8efwX6jCNxJTdVU8NZBuVqsmGYPJiYwVECb/N271UDjdPVAf hl8Fi0G6PJaGFaQZtv3UgC8oXWElgUBQNcWGOo/gCmtx6zO8kCmD24LZjdbbZots8pebT430 l6Emfv5CDopt6eaIVqG7audpz62PSkTLEcBaDUCQA9D5MPsyKksijrfQ9AlF7S65vXlFDe1z z2UoSwWg7QIkdVNx6i95UrAgT+nut7OVAFd2+nMdmes7wc8aIv7YYWtsADf9awZdN7fSUSdt n8ZncTY9PoJEZyGiC2KRqMKAa2t4PGGdjbbhDaDAqUcythkwFb7Fag43d20DB4B3hosEdMxX HLuhA==
  • Ironport-hdrordr: A9a23:x+aJZ6sY051RKnQ2g3CaT9Kv7skD7NV00zEX/kB9WHVpm5Sj5q aTdPRy73HJYUUqKQgdcLG7Sda9qBznhPxICOUqUYtKGTOW31dAT7sSk7cKoQeQfhEWn9Q1vc wLHpSWSueAaWSS5vya3ODMKadC/DDxysCVbInloEtFfEVHUY8lwyBSMTajLwlKbCcuP+tIKH PW3Ls+m9PpQwVtUu2rQnQMQuDZp8fInpfvewQHCB4s4BSPizTA0s+GLzGImhgGXyxGxN4ZgB n4eiLCl9meW0bQ8G6n61Pu
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Thu, Nov 03, 2022 at 10:01:49AM +0100, Jan Beulich wrote:
> On 03.11.2022 09:52, Roger Pau Monné wrote:
> > On Thu, Nov 03, 2022 at 09:09:41AM +0100, Jan Beulich wrote:
> >> On 02.11.2022 18:38, Roger Pau Monné wrote:
> >>> On Wed, Nov 02, 2022 at 12:49:17PM +0100, Jan Beulich wrote:
> >>>> On 29.10.2022 15:12, Roger Pau Monne wrote:
> >>>>> --- a/xen/arch/x86/hvm/svm/svm.c
> >>>>> +++ b/xen/arch/x86/hvm/svm/svm.c
> >>>>> @@ -973,6 +973,16 @@ static void cf_check svm_ctxt_switch_from(struct 
> >>>>> vcpu *v)
> >>>>>  
> >>>>>      /* Resume use of ISTs now that the host TR is reinstated. */
> >>>>>      enable_each_ist(idt_tables[cpu]);
> >>>>> +
> >>>>> +    /*
> >>>>> +     * Clear previous guest selection of SSBD if set.  Note that 
> >>>>> SPEC_CTRL.SSBD
> >>>>> +     * is already cleared by svm_vmexit_spec_ctrl.
> >>>>> +     */
> >>>>> +    if ( v->arch.msrs->virt_spec_ctrl.raw & SPEC_CTRL_SSBD )
> >>>>> +    {
> >>>>> +        ASSERT(v->domain->arch.cpuid->extd.virt_ssbd);
> >>>>> +        amd_set_ssbd(false);
> >>>>> +    }
> >>>>>  }
> >>>>
> >>>> Aren't you potentially turning off SSBD here just to ...
> >>>>
> >>>>> @@ -1000,6 +1010,13 @@ static void cf_check svm_ctxt_switch_to(struct 
> >>>>> vcpu *v)
> >>>>>  
> >>>>>      if ( cpu_has_msr_tsc_aux )
> >>>>>          wrmsr_tsc_aux(v->arch.msrs->tsc_aux);
> >>>>> +
> >>>>> +    /* Load SSBD if set by the guest. */
> >>>>> +    if ( v->arch.msrs->virt_spec_ctrl.raw & SPEC_CTRL_SSBD )
> >>>>> +    {
> >>>>> +        ASSERT(v->domain->arch.cpuid->extd.virt_ssbd);
> >>>>> +        amd_set_ssbd(true);
> >>>>> +    }
> >>>>>  }
> >>>>
> >>>> ... turn it on here again? IOW wouldn't switching better be isolated to
> >>>> just svm_ctxt_switch_to(), doing nothing if already in the intended mode?
> >>>
> >>> What if we switch from a HVM vCPU into a PV one?  AFAICT then
> >>> svm_ctxt_switch_to() won't get called and we would be running the PV
> >>> guest with the previous HVM domain SSBD selection.
> >>
> >> Would that be a problem? Or in other words: What is the intended behavior
> >> for PV? PV domains can control SSBD via SPEC_CTRL (only), so all we need
> >> to guarantee is that we respect their choice there.
> > 
> > If the hardware only supports non-architectural way (LS_CFG) or
> > VIRT_SPEC_CTRL to set SSBD then PV guests won't be able to change the
> > setting inherited from a previously running HVM guest. IMO it's fine
> > to run Xen code with the guest selection of SSBD, but carrying such
> > selection (ie: SSBD set) across guest context switches will be a too
> > big penalty.
> 
> Hmm, perhaps. Question then is whether to better turn it off from
> paravirt_ctxt_switch_to() (which would take care of the idle domain as
> well, if we want it off there rather than considering the idle domain
> as "Xen context"). Or, yet another option, don't use
> *_ctxt_switch_{from,to}() at all but invoke it directly from
> __context_switch().

I consider it fine to run the idle domain with the guest SSBD
selection, or else switching to/from the idle domain could cause
toggling of SSBD which is an unneeded penalty.

If there's an specific issue that needs dealing with I'm happy to
adjust, otherwise I think the proposed approach is an acceptable
compromise to avoid excessive toggling of SSBD when not using
SPEC_CTRL.

Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.