Xen project Mailing List

Re: [PATCH 4/8] x86/spec-ctrl: Extend all SPEC_CTRL_{ENTER,EXIT}_* comments

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Thu, 14 Sep 2023 09:58:25 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rzGlRzfDDIiJ9Wk1up/xdP3rqGawsHI8yBrKmgJSLIo=; b=bMatiaHrH7SsCd+Kkp7r6Iyc30TZ3/8ae6e3rigto7LRgetrrWJaZycw7uKlfz9mUzSrcH20WwT0KvbYpf4xebkR38NjearRc7mqY7k/HoLB1CFx65+/2VKN18cRl2XWZoLAuh/P11ruJiAKHw+hxfHVT0fizaGwWGxHMxHgpYD9x0EtcdtgKZcbBBWzFcpq7KfuAmZdOrIi+uXv/7qyZCAy3rYh7mREjqvBCxPCthi7U3BsiC0tb54H0FSEzsWTKg3evQIQcl9Y6u1MvMRHSD/tBmr+lO3fbjDK+X1v0zAqpahLiXpJjXXztKic0GmAQjfbZ8KL8bkeWnnPP20lXg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MPtMu+lnC0PsWYhchkwbxMiyzBrMUUZHUGGHRmYCvags76jAEfKV2/5VhT2LQtkkqN4zJJrmcoo3DIyearEmNrJUTi06w807fWzm+wLWQnzMdllny0TMdLYdvZS0zgzHgFgFtJJoyHItg9WpDQlEq66agaVquqw1gR8XaCSCksvdPIhj5b+9q/3M9yBSpPiGSA5QA+zJ6VWGHAJEBbUyD5c7acMH8xHMlOmOFw76IfvBYYNPQmzS/+rYMSUT1j0rSslxpSNHSoTjdcTjfLx6noBU95u2vlqjERSTOcGfXIDXjiizt2AbM/PAEmMloMvZCA54VYUi5/cXgKxhfFXXmQ==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Thu, 14 Sep 2023 07:58:40 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 13.09.2023 22:27, Andrew Cooper wrote: > --- a/xen/arch/x86/include/asm/spec_ctrl_asm.h > +++ b/xen/arch/x86/include/asm/spec_ctrl_asm.h > @@ -218,7 +218,10 @@ > wrmsr > .endm > > -/* Use after an entry from PV context (syscall/sysenter/int80/int82/etc). */ > +/* > + * Used after a synchronous entry from PV context. SYSCALL, SYSENTER, INT, > + * etc. Will always interrupt a guest speculation context. > + */ > .macro SPEC_CTRL_ENTRY_FROM_PV > /* > * Requires %rsp=regs/cpuinfo, %rdx=0 For the entry point comments - not being a native speaker -, the use of "{will,may} interrupt" reads odd. You're describing the macros here, not the the events that led to their invocation. Therefore it would seem to me that "{will,may} have interrupted" would be more appropriate. > @@ -233,7 +236,11 @@ > X86_FEATURE_SC_MSR_PV > .endm > > -/* Use in interrupt/exception context. May interrupt Xen or PV context. */ > +/* > + * Used after a synchronous interrupt or exception. May interrupt Xen or PV > + * context, but will not interrupt Xen with a guest speculation context, > + * outside of fatal error cases. > + */ > .macro SPEC_CTRL_ENTRY_FROM_INTR > /* > * Requires %rsp=regs, %r14=stack_end, %rdx=0 I find "synchronous" here odd, when this includes interrupts. Below you at least qualify things further, by saying "fully asynchronous with finding sane state"; I think further qualification is warranted here as well, to avoid any ambiguity. > @@ -319,7 +334,14 @@ UNLIKELY_DISPATCH_LABEL(\@_serialise): > UNLIKELY_END(\@_serialise) > .endm > > -/* Use when exiting to Xen in IST context. */ > +/* > + * Use when exiting from any entry context, back to Xen context. This > + * includes returning to other SPEC_CTRL_{ENTRY,EXIT}_* regions with > + * unsanitised state. > + * > + * Because we might have interrupted Xen beyond SPEC_CTRL_EXIT_TO_$GUEST, we > + * must treat this as if it were an EXIT_TO_$GUEST case too. > + */ > .macro SPEC_CTRL_EXIT_TO_XEN > /* > * Requires %rbx=stack_end Is it really "must"? At least in theory there are ways to recognize that exit is back to Xen context outside of interrupted entry/exit regions (simply by evaluating how far below stack top %rsp is). > @@ -344,6 +366,9 @@ UNLIKELY_DISPATCH_LABEL(\@_serialise): > wrmsr > > .L\@_skip_sc_msr: > + > + /* TODO VERW */ > + > .endm I don't think this comment is strictly necessary to add here, when the omission is addressed in a later patch. But I also don't mind its addition. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.