[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Re: [PATCH] EPT: Only sync pcpus on which a domain's vcpus might be running

To: George Dunlap <dunlapg@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>, Xin Li <xin.b.li@xxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, Xiaohui Xin <Xiaohui.xin@xxxxxxxxx>
From: Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
Date: Fri, 18 Sep 2009 08:43:46 +0100
Cc:
Delivery-date: Fri, 18 Sep 2009 00:44:11 -0700
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
Thread-index: Aco3v5TestdyRvegS0C8Omk5WXNv4QAdCvE3
Thread-topic: [PATCH] EPT: Only sync pcpus on which a domain's vcpus might be running

This is definitely not safe. See ARM Vol 3B Section 24.3.3. EPTP-tagged
cached mappings (that is, partial mappings from guest-phys to host-phys
addresses, tagged by the EPT base pointer value) only need be flushed when a
suitable INVEPT instruction is executed. So a HVM VCPU can leave EPTP-tagged
droppings lying around in other TLBs as it migrates from CPU to CPU -- the
domain_dirty_cpumask does not track this!

The way to fix this is to' if ( hap_enabled ) __invept(1,
d->arch.hvm_domain.vmx.ept_control.eptp, 0)' in vmx_ctxt_switch_from(). That
then makes your patch correct.

Care to test this and spin another patch?

 -- Keir

On 17/09/2009 18:51, "George Dunlap" <dunlapg@xxxxxxxxx> wrote:

> ept_sync_domain() is called whenever the p2m changes.  The current
> code calls sync on all cpus; this is extremely wasteful, especially
> for a single-vcpu VM on a 16-way (2x4x2) box.
> 
> This patch will only call sync on cpus where there may be dirty cpu
> state.  I've done a basic test, but I'd appreciate someone from Intel
> verifying that there shouldn't be any problems.
> 
> Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxxxxx>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

Follow-Ups:
- Re: [Xen-devel] Re: [PATCH] EPT: Only sync pcpus on which a domain's vcpus might be running
  - From: George Dunlap

References:
- [Xen-devel] [PATCH] EPT: Only sync pcpus on which a domain's vcpus might be running
  - From: George Dunlap

Prev by Date: RE: [Xen-devel] [PATCH 1/2] graphics passthrough with VT-d
Next by Date: [Xen-devel] Re: [PATCH] x86 hvm: fix missing ticks bug of c/s 20218
Previous by thread: [Xen-devel] [PATCH] EPT: Only sync pcpus on which a domain's vcpus might be running
Next by thread: Re: [Xen-devel] Re: [PATCH] EPT: Only sync pcpus on which a domain's vcpus might be running
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.