Xen project Mailing List

Re: [PATCH v5 07/12] xen: enable Dom0 to use SVE feature

To: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>

From: Luca Fancellu <Luca.Fancellu@xxxxxxx>

Date: Thu, 20 Apr 2023 08:46:22 +0000

Accept-language: en-GB, en-US

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7Rz4yL6V/xGbuBke0zDKVD1bLFGce80LP6JNTzJD9jk=; b=RjUFaVZHRJfaTcIND6dVXDNhGCWHbVk9Wk3QdXqW7sSFAoKaKl+H1ymhLXJ/ABzIQ3ZZjh00b1xsgSBTEPPJUrqF4qUlmHXKQChiNimpPqo/tetW9mrWxXqVAYIRLAAlWQyRe4csFxFuZ3kLxAZX9FFd3km7hmhRIuFDFfCsyeoKZ8hV9U3iWXkE+kFwcq9mgNhRiVGdesrc6NoUD/56MK8jJf+xyrfoJPJtxjbmNVQD3DCyMUcAPkfo+dNzvqnjy6J5XVcRlU1EbXp1Ax58wEEsq40z4Gp5UrdSpN3b5CBbk0EttgViPgR+s5JRrEiU6WPCphCiK3EtkLk/tjfuuQ==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TMeHuXRM7+R3ZV6ioZCriLwp4ximu3BCwbD59QlYth37L5Psf1tXo+Loimy0wOokSzmzpTnaYutn+Xp/BwyuJbMKp0l7pbthDN68s3w8NOE2HhLl+0ISK5C38mveeLOcy8+ry5F6wwGBD8ao8NXfndUS0JrQsn2v//A+XeVzmlcCFp8YUGvUiqHffqIQuTtcsMCRyZBjZ2upUMQgLNQZ0taOK2wVUAtAwF34RLRTIni+dXu91y+NXcOkA9Oyw5HLekCBQUULAfE34jGyNqG0xyt338Zjoq5nKt3i1UTtINSz8d7D0iLgt0LUYMwhavWbboWeSep9dqbgnhCVMnRJnw==

Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;

Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Wei Chen <Wei.Chen@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>

Delivery-date: Thu, 20 Apr 2023 08:47:10 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Nodisclaimer: true

Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;

Thread-index: AQHZbSQ+XccnxtxNG0WbEgpX88e2za8xDZ2AgAE1hQCAAAGYAIAABb6AgAGkXIA=

Thread-topic: [PATCH v5 07/12] xen: enable Dom0 to use SVE feature

>>>>> +int __init sve_sanitize_vl_param(int val, unsigned int *out) >>>>> +{ >>>>> + /* >>>>> + * Negative SVE parameter value means to use the maximum supported >>>>> + * vector length, otherwise if a positive value is provided, check >>>>> if the >>>>> + * vector length is a multiple of 128 and not bigger than the >>>>> maximum value >>>>> + * 2048 >>>>> + */ >>>>> + if ( val < 0 ) >>>>> + *out = get_sys_vl_len(); >>>>> + else if ( ((val % SVE_VL_MULTIPLE_VAL) == 0) && (val <= >>>>> SVE_VL_MAX_BITS) ) >>>>> + *out = val; >>>> >>>> Shouldn't you also check if it is not greater than the maximum vector >>>> length ? >>> >>> I don’t understand, I am checking that the value is below or equal to >>> SVE_VL_MAX_BITS, >>> If you mean if it should be checked also against the maximum supported >>> length by the platform, >>> I think this is not the right place, the check is already in >>> arch_sanitise_domain_config(), introduced >>> in patch #2 >> >> If this is not the right place to check it then why checking the rest here ? >> >> From a user or a developer point of view I would expect the validity of the >> input to be checked only >> in one place. >> If here is not the place for that it is ok but then i would check everything >> in arch_sanitise_domain_config >> (multiple, min and supported) instead of doing it partly in 2 places. > > Ok, given the way we encoded the value in xen_domctl_createdomain structure, > we have that the value takes > very little space, but a small issue is that when we encode it, we are > dividing it by 128, which is fine for user params > that are multiple of 128, but it’s less fine if the user passes “129”. > > To overcome this issue we are checking the value when it is not already > encoded. Now, thinking about it, the check > "&& (val <= SVE_VL_MAX_BITS)” is not really needed, because even if the value > is above, then in arch_sanitise_domain_config > we will hit the top limit of the platform maximum VL. > > int arch_sanitise_domain_config(struct xen_domctl_createdomain *config) > { > unsigned int max_vcpus; > unsigned int flags_required = (XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap); > unsigned int flags_optional = (XEN_DOMCTL_CDF_iommu | XEN_DOMCTL_CDF_vpmu); > unsigned int sve_vl_bits = sve_decode_vl(config->arch.sve_vl); > > if ( (config->flags & ~flags_optional) != flags_required ) > { > dprintk(XENLOG_INFO, "Unsupported configuration %#x\n", > config->flags); > return -EINVAL; > } > > /* Check feature flags */ > if ( sve_vl_bits > 0 ) > { > unsigned int zcr_max_bits = get_sys_vl_len(); > > if ( !zcr_max_bits ) > { > dprintk(XENLOG_INFO, "SVE is unsupported on this machine.\n"); > return -EINVAL; > } > > if ( sve_vl_bits > zcr_max_bits ) > { > dprintk(XENLOG_INFO, > "Requested SVE vector length (%u) > supported length > (%u)\n", > sve_vl_bits, zcr_max_bits); > return -EINVAL; > } > } > [...] > > Now, I understand your point, we could check everything in > sve_sanitize_vl_param(), but it would leave a problem > for domains created by hypercalls if I am not wrong. > > What do you think? I thought about that and another possibility is to store “sve_vl” as uint16_t inside struct xen_arch_domainconfig, and check it inside arch_sanitise_domain_config() for it to be mod 128 and less than the max supported VL, this will allow to have all the checks in one place, taking a bit more space, anyway we would take the space from the implicit padding as this is the current status: struct arch_domain { enum domain_type type; /* 0 4 */ uint8_t sve_vl; /* 4 1 */ /* XXX 3 bytes hole, try to pack */ struct p2m_domain p2m; /* 8 328 */ /* --- cacheline 5 boundary (320 bytes) was 16 bytes ago --- */ struct hvm_domain hvm; /* 336 312 */ /* --- cacheline 10 boundary (640 bytes) was 8 bytes ago --- */ struct paging_domain paging; /* 648 32 */ struct vmmio vmmio; /* 680 32 */ /* --- cacheline 11 boundary (704 bytes) was 8 bytes ago --- */ unsigned int rel_priv; /* 712 4 */ /* XXX 4 bytes hole, try to pack */ struct { uint64_t offset; /* 720 8 */ s_time_t nanoseconds; /* 728 8 */ } virt_timer_base; /* 720 16 */ struct vgic_dist vgic; /* 736 200 */ /* XXX last struct has 2 bytes of padding */ /* --- cacheline 14 boundary (896 bytes) was 40 bytes ago --- */ struct vuart vuart; /* 936 32 */ /* --- cacheline 15 boundary (960 bytes) was 8 bytes ago --- */ unsigned int evtchn_irq; /* 968 4 */ struct { uint8_t privileged_call_enabled:1; /* 972: 0 1 */ } monitor; /* 972 1 */ /* XXX 3 bytes hole, try to pack */ struct vpl011 vpl011; /* 976 72 */ /* size: 1152, cachelines: 18, members: 13 */ /* sum members: 1038, holes: 3, sum holes: 10 */ /* padding: 104 */ /* paddings: 1, sum paddings: 2 */ } __attribute__((__aligned__(128)));

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.