|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v12 for-xen-4.5 11/20] x86/VPMU: Interface for setting PMU mode and flags
Only a minor note below.
Am Donnerstag 25 September 2014, 15:28:47 schrieb Boris Ostrovsky:
> Add runtime interface for setting PMU mode and flags. Three main modes are
> provided:
> * XENPMU_MODE_OFF: PMU is not virtualized
> * XENPMU_MODE_SELF: Guests can access PMU MSRs and receive PMU interrupts.
> * XENPMU_MODE_HV: Same as XENPMU_MODE_SELF for non-proviledged guests, dom0
> can profile itself and the hypervisor.
>
> Note that PMU modes are different from what can be provided at Xen's boot line
> with 'vpmu' argument. An 'off' (or '0') value is equivalent to
> XENPMU_MODE_OFF.
> Any other value, on the other hand, will cause VPMU mode to be set to
> XENPMU_MODE_SELF during boot.
>
> For feature flags only Intel's BTS is currently supported.
>
> Mode and flags are set via HYPERVISOR_xenpmu_op hypercall.
>
> Signed-off-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
> ---
> tools/flask/policy/policy/modules/xen/xen.te | 3 +
> xen/arch/x86/domain.c | 6 +-
> xen/arch/x86/hvm/svm/vpmu.c | 4 +-
> xen/arch/x86/hvm/vmx/vpmu_core2.c | 10 +-
> xen/arch/x86/hvm/vpmu.c | 206
> +++++++++++++++++++++++++--
> xen/arch/x86/x86_64/compat/entry.S | 4 +
> xen/arch/x86/x86_64/entry.S | 4 +
> xen/include/Makefile | 2 +
> xen/include/asm-x86/hvm/vpmu.h | 27 ++--
> xen/include/public/pmu.h | 44 ++++++
> xen/include/public/xen.h | 1 +
> xen/include/xen/hypercall.h | 4 +
> xen/include/xlat.lst | 4 +
> xen/include/xsm/dummy.h | 15 ++
> xen/include/xsm/xsm.h | 6 +
> xen/xsm/dummy.c | 1 +
> xen/xsm/flask/hooks.c | 18 +++
> xen/xsm/flask/policy/access_vectors | 2 +
> 18 files changed, 334 insertions(+), 27 deletions(-)
>
> diff --git a/tools/flask/policy/policy/modules/xen/xen.te
> b/tools/flask/policy/policy/modules/xen/xen.te
> index 1937883..fb761cd 100644
> --- a/tools/flask/policy/policy/modules/xen/xen.te
> +++ b/tools/flask/policy/policy/modules/xen/xen.te
> @@ -64,6 +64,9 @@ allow dom0_t xen_t:xen {
> getidle debug getcpuinfo heap pm_op mca_op lockprof cpupool_op tmem_op
> tmem_control getscheduler setscheduler
> };
> +allow dom0_t xen_t:xen2 {
> + pmu_ctrl
> +};
> allow dom0_t xen_t:mmu memorymap;
>
> # Allow dom0 to use these domctls on itself. For domctls acting on other
> diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
> index 7b1dfe6..6a07737 100644
> --- a/xen/arch/x86/domain.c
> +++ b/xen/arch/x86/domain.c
> @@ -1503,7 +1503,7 @@ void context_switch(struct vcpu *prev, struct vcpu
> *next)
> if ( is_hvm_vcpu(prev) )
> {
> if (prev != next)
> - vpmu_save(prev);
> + vpmu_switch_from(prev, next);
>
> if ( !list_empty(&prev->arch.hvm_vcpu.tm_list) )
> pt_save_timer(prev);
> @@ -1546,9 +1546,9 @@ void context_switch(struct vcpu *prev, struct vcpu
> *next)
> !is_hardware_domain(next->domain));
> }
>
> - if (is_hvm_vcpu(next) && (prev != next) )
> + if ( is_hvm_vcpu(prev) && (prev != next) )
> /* Must be done with interrupts enabled */
> - vpmu_load(next);
> + vpmu_switch_to(prev, next);
>
> context_saved(prev);
>
> diff --git a/xen/arch/x86/hvm/svm/vpmu.c b/xen/arch/x86/hvm/svm/vpmu.c
> index 124b147..37d8228 100644
> --- a/xen/arch/x86/hvm/svm/vpmu.c
> +++ b/xen/arch/x86/hvm/svm/vpmu.c
> @@ -479,14 +479,14 @@ struct arch_vpmu_ops amd_vpmu_ops = {
> .arch_vpmu_dump = amd_vpmu_dump
> };
>
> -int svm_vpmu_initialise(struct vcpu *v, unsigned int vpmu_flags)
> +int svm_vpmu_initialise(struct vcpu *v)
> {
> struct vpmu_struct *vpmu = vcpu_vpmu(v);
> uint8_t family = current_cpu_data.x86;
> int ret = 0;
>
> /* vpmu enabled? */
> - if ( !vpmu_flags )
> + if ( vpmu_mode == XENPMU_MODE_OFF )
> return 0;
>
> switch ( family )
> diff --git a/xen/arch/x86/hvm/vmx/vpmu_core2.c
> b/xen/arch/x86/hvm/vmx/vpmu_core2.c
> index beff5c3..c0a45cd 100644
> --- a/xen/arch/x86/hvm/vmx/vpmu_core2.c
> +++ b/xen/arch/x86/hvm/vmx/vpmu_core2.c
> @@ -703,13 +703,13 @@ static int core2_vpmu_do_interrupt(struct cpu_user_regs
> *regs)
> return 1;
> }
>
> -static int core2_vpmu_initialise(struct vcpu *v, unsigned int vpmu_flags)
> +static int core2_vpmu_initialise(struct vcpu *v)
> {
> struct vpmu_struct *vpmu = vcpu_vpmu(v);
> u64 msr_content;
> static bool_t ds_warned;
>
> - if ( !(vpmu_flags & VPMU_BOOT_BTS) )
> + if ( !(vpmu_features & XENPMU_FEATURE_INTEL_BTS) )
> goto func_out;
> /* Check the 'Debug Store' feature in the CPUID.EAX[1]:EDX[21] */
> while ( boot_cpu_has(X86_FEATURE_DS) )
> @@ -824,7 +824,7 @@ struct arch_vpmu_ops core2_no_vpmu_ops = {
> .do_cpuid = core2_no_vpmu_do_cpuid,
> };
>
> -int vmx_vpmu_initialise(struct vcpu *v, unsigned int vpmu_flags)
> +int vmx_vpmu_initialise(struct vcpu *v)
> {
> struct vpmu_struct *vpmu = vcpu_vpmu(v);
> uint8_t family = current_cpu_data.x86;
> @@ -832,7 +832,7 @@ int vmx_vpmu_initialise(struct vcpu *v, unsigned int
> vpmu_flags)
> int ret = 0;
>
> vpmu->arch_vpmu_ops = &core2_no_vpmu_ops;
> - if ( !vpmu_flags )
> + if ( vpmu_mode == XENPMU_MODE_OFF )
> return 0;
>
> if ( family == 6 )
> @@ -875,7 +875,7 @@ int vmx_vpmu_initialise(struct vcpu *v, unsigned int
> vpmu_flags)
> /* future: */
> case 0x3d:
> case 0x4e:
> - ret = core2_vpmu_initialise(v, vpmu_flags);
> + ret = core2_vpmu_initialise(v);
> if ( !ret )
> vpmu->arch_vpmu_ops = &core2_vpmu_ops;
> return ret;
> diff --git a/xen/arch/x86/hvm/vpmu.c b/xen/arch/x86/hvm/vpmu.c
> index 071b869..5fcee0e 100644
> --- a/xen/arch/x86/hvm/vpmu.c
> +++ b/xen/arch/x86/hvm/vpmu.c
> @@ -21,6 +21,8 @@
> #include <xen/config.h>
> #include <xen/sched.h>
> #include <xen/xenoprof.h>
> +#include <xen/event.h>
> +#include <xen/guest_access.h>
> #include <asm/regs.h>
> #include <asm/types.h>
> #include <asm/msr.h>
> @@ -32,13 +34,22 @@
> #include <asm/hvm/svm/vmcb.h>
> #include <asm/apic.h>
> #include <public/pmu.h>
> +#include <xen/tasklet.h>
> +#include <xsm/xsm.h>
> +
> +#include <compat/pmu.h>
> +CHECK_pmu_params;
> +CHECK_pmu_intel_ctxt;
> +CHECK_pmu_amd_ctxt;
> +CHECK_pmu_cntr_pair;
>
> /*
> * "vpmu" : vpmu generally enabled
> * "vpmu=off" : vpmu generally disabled
> * "vpmu=bts" : vpmu enabled and Intel BTS feature switched on.
> */
> -static unsigned int __read_mostly opt_vpmu_enabled;
> +uint64_t __read_mostly vpmu_mode = XENPMU_MODE_OFF;
> +uint64_t __read_mostly vpmu_features = 0;
> static void parse_vpmu_param(char *s);
> custom_param("vpmu", parse_vpmu_param);
>
> @@ -52,7 +63,7 @@ static void __init parse_vpmu_param(char *s)
> break;
> default:
> if ( !strcmp(s, "bts") )
> - opt_vpmu_enabled |= VPMU_BOOT_BTS;
> + vpmu_features |= XENPMU_FEATURE_INTEL_BTS;
> else if ( *s )
> {
> printk("VPMU: unknown flag: %s - vpmu disabled!\n", s);
> @@ -60,7 +71,8 @@ static void __init parse_vpmu_param(char *s)
> }
> /* fall through */
> case 1:
> - opt_vpmu_enabled |= VPMU_BOOT_ENABLED;
> + /* Default VPMU mode */
> + vpmu_mode = XENPMU_MODE_SELF;
> break;
> }
> }
> @@ -77,6 +89,9 @@ int vpmu_do_wrmsr(unsigned int msr, uint64_t msr_content,
> uint64_t supported)
> {
> struct vpmu_struct *vpmu = vcpu_vpmu(current);
>
> + if ( !(vpmu_mode & (XENPMU_MODE_SELF | XENPMU_MODE_HV)) )
> + return 0;
> +
> if ( vpmu->arch_vpmu_ops && vpmu->arch_vpmu_ops->do_wrmsr )
> return vpmu->arch_vpmu_ops->do_wrmsr(msr, msr_content, supported);
> return 0;
> @@ -86,6 +101,9 @@ int vpmu_do_rdmsr(unsigned int msr, uint64_t *msr_content)
> {
> struct vpmu_struct *vpmu = vcpu_vpmu(current);
>
> + if ( !(vpmu_mode & (XENPMU_MODE_SELF | XENPMU_MODE_HV)) )
> + return 0;
> +
> if ( vpmu->arch_vpmu_ops && vpmu->arch_vpmu_ops->do_rdmsr )
> return vpmu->arch_vpmu_ops->do_rdmsr(msr, msr_content);
> return 0;
> @@ -242,19 +260,19 @@ void vpmu_initialise(struct vcpu *v)
> switch ( vendor )
> {
> case X86_VENDOR_AMD:
> - if ( svm_vpmu_initialise(v, opt_vpmu_enabled) != 0 )
> - opt_vpmu_enabled = 0;
> + if ( svm_vpmu_initialise(v) != 0 )
> + vpmu_mode = XENPMU_MODE_OFF;
> break;
>
> case X86_VENDOR_INTEL:
> - if ( vmx_vpmu_initialise(v, opt_vpmu_enabled) != 0 )
> - opt_vpmu_enabled = 0;
> + if ( vmx_vpmu_initialise(v) != 0 )
> + vpmu_mode = XENPMU_MODE_OFF;
> break;
>
> default:
> printk("VPMU: Initialization failed. "
> "Unknown CPU vendor %d\n", vendor);
> - opt_vpmu_enabled = 0;
> + vpmu_mode = XENPMU_MODE_OFF;
> break;
> }
> }
> @@ -276,3 +294,175 @@ void vpmu_dump(struct vcpu *v)
> vpmu->arch_vpmu_ops->arch_vpmu_dump(v);
> }
>
> +static atomic_t vpmu_sched_counter;
> +
> +static void vpmu_sched_checkin(unsigned long unused)
> +{
> + atomic_inc(&vpmu_sched_counter);
> +}
> +
> +static int vpmu_force_context_switch(void)
> +{
> + unsigned i, j, allbutself_num, mycpu;
> + static s_time_t start, now;
> + struct tasklet **sync_task;
> + struct vcpu *curr_vcpu = current;
> + int ret = 0;
> +
> + allbutself_num = num_online_cpus() - 1;
> +
> + sync_task = xzalloc_array(struct tasklet *, allbutself_num);
> + if ( !sync_task )
> + {
> + printk(XENLOG_WARNING "vpmu_force_context_switch: out of memory\n");
> + return -ENOMEM;
> + }
> +
> + for ( i = 0; i < allbutself_num; i++ )
> + {
> + sync_task[i] = xmalloc(struct tasklet);
> + if ( sync_task[i] == NULL )
> + {
> + printk(XENLOG_WARNING "vpmu_force_context_switch: out of
> memory\n");
> + ret = -ENOMEM;
> + goto out;
> + }
> + tasklet_init(sync_task[i], vpmu_sched_checkin, 0);
Only a question of understanding.
Is there a special reason not to use a single memory allocation
except for memory fragmentation on systems with a large number of cpus?
struct tasklet *sync_task;
sync_task = xmalloc(sizeof(struct tasklet) * allbutself_num);
> + }
> +
> + atomic_set(&vpmu_sched_counter, 0);
> +
> + j = 0;
> + mycpu = smp_processor_id();
> + for_each_online_cpu( i )
> + {
> + if ( i != mycpu )
> + tasklet_schedule_on_cpu(sync_task[j++], i);
> + }
> +
> + vpmu_save(curr_vcpu);
> +
> + start = NOW();
> +
> + /*
> + * Note that we may fail here if a CPU is hot-plugged while we are
> + * waiting. We will then time out.
> + */
> + while ( atomic_read(&vpmu_sched_counter) != allbutself_num )
> + {
> + cpu_relax();
> +
> + now = NOW();
> +
> + /* Give up after 5 seconds */
> + if ( now > start + SECONDS(5) )
> + {
> + printk(XENLOG_WARNING
> + "vpmu_force_context_switch: failed to sync\n");
> + ret = -EBUSY;
> + break;
> + }
> +
> + /* Or after 2 milliseconds if need to be preempted */
> + if ( (now > start + MILLISECS(2)) && hypercall_preempt_check() )
> + {
> + ret = -EAGAIN;
> + break;
> + }
> + }
> +
> + out:
> + for ( i = 0; i < allbutself_num; i++ )
> + {
> + if ( sync_task[i] )
> + {
> + tasklet_kill(sync_task[i]);
> + xfree(sync_task[i]);
> + }
> + }
> + xfree(sync_task);
> +
> + return ret;
> +}
> +
> +long do_xenpmu_op(int op, XEN_GUEST_HANDLE_PARAM(xen_pmu_params_t) arg)
> +{
> + int ret;
> + xen_pmu_params_t pmu_params;
> +
> + ret = xsm_pmu_op(XSM_OTHER, current->domain, op);
> + if ( ret )
> + return ret;
> +
> + switch ( op )
> + {
> + case XENPMU_mode_set:
> + {
> + static DEFINE_SPINLOCK(xenpmu_mode_lock);
> + uint32_t current_mode;
> +
> + if ( copy_from_guest(&pmu_params, arg, 1) )
> + return -EFAULT;
> +
> + if ( pmu_params.val & ~(XENPMU_MODE_SELF | XENPMU_MODE_HV) )
> + return -EINVAL;
> +
> + /*
> + * Return error is someone else is in the middle of changing mode ---
s/is/if ?
Dietmar.
> + * this is most likely indication of two system administrators
> + * working against each other
> + */
> + if ( !spin_trylock(&xenpmu_mode_lock) )
> + return -EAGAIN;
> +
> + current_mode = vpmu_mode;
> + vpmu_mode = pmu_params.val;
> +
> + if ( vpmu_mode == XENPMU_MODE_OFF )
> + {
> + /*
> + * Make sure all (non-dom0) VCPUs have unloaded their VPMUs. This
> + * can be achieved by having all physical processors go through
> + * context_switch().
> + */
> + ret = vpmu_force_context_switch();
> + if ( ret )
> + vpmu_mode = current_mode;
> + }
> +
> + spin_unlock(&xenpmu_mode_lock);
> + break;
> + }
> +
> + case XENPMU_mode_get:
> + memset(&pmu_params, 0, sizeof(pmu_params));
> + pmu_params.val = vpmu_mode;
> + pmu_params.version.maj = XENPMU_VER_MAJ;
> + pmu_params.version.min = XENPMU_VER_MIN;
> + if ( copy_to_guest(arg, &pmu_params, 1) )
> + return -EFAULT;
> + break;
> +
> + case XENPMU_feature_set:
> + if ( copy_from_guest(&pmu_params, arg, 1) )
> + return -EFAULT;
> +
> + if ( pmu_params.val & ~XENPMU_FEATURE_INTEL_BTS )
> + return -EINVAL;
> +
> + vpmu_features = pmu_params.val;
> + break;
> +
> + case XENPMU_feature_get:
> + memset(&pmu_params, 0, sizeof(pmu_params));
> + pmu_params.val = vpmu_features;
> + if ( copy_to_guest(arg, &pmu_params, 1) )
> + return -EFAULT;
> + break;
> +
> + default:
> + ret = -EINVAL;
> + }
> +
> + return ret;
> +}
> diff --git a/xen/arch/x86/x86_64/compat/entry.S
> b/xen/arch/x86/x86_64/compat/entry.S
> index ac594c9..8587c46 100644
> --- a/xen/arch/x86/x86_64/compat/entry.S
> +++ b/xen/arch/x86/x86_64/compat/entry.S
> @@ -417,6 +417,8 @@ ENTRY(compat_hypercall_table)
> .quad do_domctl
> .quad compat_kexec_op
> .quad do_tmem_op
> + .quad do_ni_hypercall /* reserved for XenClient */
> + .quad do_xenpmu_op /* 40 */
> .rept __HYPERVISOR_arch_0-((.-compat_hypercall_table)/8)
> .quad compat_ni_hypercall
> .endr
> @@ -465,6 +467,8 @@ ENTRY(compat_hypercall_args_table)
> .byte 1 /* do_domctl */
> .byte 2 /* compat_kexec_op */
> .byte 1 /* do_tmem_op */
> + .byte 0 /* reserved for XenClient */
> + .byte 2 /* do_xenpmu_op */ /* 40 */
> .rept __HYPERVISOR_arch_0-(.-compat_hypercall_args_table)
> .byte 0 /* compat_ni_hypercall */
> .endr
> diff --git a/xen/arch/x86/x86_64/entry.S b/xen/arch/x86/x86_64/entry.S
> index ade555b..7f5dedf 100644
> --- a/xen/arch/x86/x86_64/entry.S
> +++ b/xen/arch/x86/x86_64/entry.S
> @@ -772,6 +772,8 @@ ENTRY(hypercall_table)
> .quad do_domctl
> .quad do_kexec_op
> .quad do_tmem_op
> + .quad do_ni_hypercall /* reserved for XenClient */
> + .quad do_xenpmu_op /* 40 */
> .rept __HYPERVISOR_arch_0-((.-hypercall_table)/8)
> .quad do_ni_hypercall
> .endr
> @@ -820,6 +822,8 @@ ENTRY(hypercall_args_table)
> .byte 1 /* do_domctl */
> .byte 2 /* do_kexec */
> .byte 1 /* do_tmem_op */
> + .byte 0 /* reserved for XenClient */
> + .byte 2 /* do_xenpmu_op */ /* 40 */
> .rept __HYPERVISOR_arch_0-(.-hypercall_args_table)
> .byte 0 /* do_ni_hypercall */
> .endr
> diff --git a/xen/include/Makefile b/xen/include/Makefile
> index f7ccbc9..f97733a 100644
> --- a/xen/include/Makefile
> +++ b/xen/include/Makefile
> @@ -26,7 +26,9 @@ headers-y := \
> headers-$(CONFIG_X86) += compat/arch-x86/xen-mca.h
> headers-$(CONFIG_X86) += compat/arch-x86/xen.h
> headers-$(CONFIG_X86) += compat/arch-x86/xen-$(compat-arch-y).h
> +headers-$(CONFIG_X86) += compat/arch-x86/pmu.h
> headers-y += compat/arch-$(compat-arch-y).h compat/xlat.h
> +headers-y += compat/pmu.h
> headers-$(FLASK_ENABLE) += compat/xsm/flask_op.h
>
> cppflags-y := -include public/xen-compat.h
> diff --git a/xen/include/asm-x86/hvm/vpmu.h b/xen/include/asm-x86/hvm/vpmu.h
> index 6fa0def..c612e1a 100644
> --- a/xen/include/asm-x86/hvm/vpmu.h
> +++ b/xen/include/asm-x86/hvm/vpmu.h
> @@ -24,13 +24,6 @@
>
> #include <public/pmu.h>
>
> -/*
> - * Flag bits given as a string on the hypervisor boot parameter 'vpmu'.
> - * See arch/x86/hvm/vpmu.c.
> - */
> -#define VPMU_BOOT_ENABLED 0x1 /* vpmu generally enabled. */
> -#define VPMU_BOOT_BTS 0x2 /* Intel BTS feature wanted. */
> -
> #define vcpu_vpmu(vcpu) (&(vcpu)->arch.vpmu)
> #define vpmu_vcpu(vpmu) container_of((vpmu), struct vcpu, arch.vpmu)
>
> @@ -59,8 +52,8 @@ struct arch_vpmu_ops {
> void (*arch_vpmu_dump)(const struct vcpu *);
> };
>
> -int vmx_vpmu_initialise(struct vcpu *, unsigned int flags);
> -int svm_vpmu_initialise(struct vcpu *, unsigned int flags);
> +int vmx_vpmu_initialise(struct vcpu *);
> +int svm_vpmu_initialise(struct vcpu *);
>
> struct vpmu_struct {
> u32 flags;
> @@ -116,5 +109,21 @@ void vpmu_dump(struct vcpu *v);
> extern int acquire_pmu_ownership(int pmu_ownership);
> extern void release_pmu_ownership(int pmu_ownership);
>
> +extern uint64_t vpmu_mode;
> +extern uint64_t vpmu_features;
> +
> +/* Context switch */
> +inline void vpmu_switch_from(struct vcpu *prev, struct vcpu *next)
> +{
> + if ( vpmu_mode & (XENPMU_MODE_SELF | XENPMU_MODE_HV) )
> + vpmu_save(prev);
> +}
> +
> +inline void vpmu_switch_to(struct vcpu *prev, struct vcpu *next)
> +{
> + if ( vpmu_mode & (XENPMU_MODE_SELF | XENPMU_MODE_HV) )
> + vpmu_load(next);
> +}
> +
> #endif /* __ASM_X86_HVM_VPMU_H_*/
>
> diff --git a/xen/include/public/pmu.h b/xen/include/public/pmu.h
> index e6f45ee..c2293be 100644
> --- a/xen/include/public/pmu.h
> +++ b/xen/include/public/pmu.h
> @@ -13,6 +13,50 @@
> #define XENPMU_VER_MAJ 0
> #define XENPMU_VER_MIN 1
>
> +/*
> + * ` enum neg_errnoval
> + * ` HYPERVISOR_xenpmu_op(enum xenpmu_op cmd, struct xenpmu_params *args);
> + *
> + * @cmd == XENPMU_* (PMU operation)
> + * @args == struct xenpmu_params
> + */
> +/* ` enum xenpmu_op { */
> +#define XENPMU_mode_get 0 /* Also used for getting PMU version */
> +#define XENPMU_mode_set 1
> +#define XENPMU_feature_get 2
> +#define XENPMU_feature_set 3
> +/* ` } */
> +
> +/* Parameters structure for HYPERVISOR_xenpmu_op call */
> +struct xen_pmu_params {
> + /* IN/OUT parameters */
> + struct {
> + uint32_t maj;
> + uint32_t min;
> + } version;
> + uint64_t val;
> +
> + /* IN parameters */
> + uint64_t vcpu;
> +};
> +typedef struct xen_pmu_params xen_pmu_params_t;
> +DEFINE_XEN_GUEST_HANDLE(xen_pmu_params_t);
> +
> +/* PMU modes:
> + * - XENPMU_MODE_OFF: No PMU virtualization
> + * - XENPMU_MODE_SELF: Guests can profile themselves
> + * - XENPMU_MODE_HV: Guests can profile themselves, dom0 profiles
> + * itself and Xen
> + */
> +#define XENPMU_MODE_OFF 0
> +#define XENPMU_MODE_SELF (1<<0)
> +#define XENPMU_MODE_HV (1<<1)
> +
> +/*
> + * PMU features:
> + * - XENPMU_FEATURE_INTEL_BTS: Intel BTS support (ignored on AMD)
> + */
> +#define XENPMU_FEATURE_INTEL_BTS 1
>
> /* Shared between hypervisor and PV domain */
> struct xen_pmu_data {
> diff --git a/xen/include/public/xen.h b/xen/include/public/xen.h
> index a6a2092..0766790 100644
> --- a/xen/include/public/xen.h
> +++ b/xen/include/public/xen.h
> @@ -101,6 +101,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_ulong_t);
> #define __HYPERVISOR_kexec_op 37
> #define __HYPERVISOR_tmem_op 38
> #define __HYPERVISOR_xc_reserved_op 39 /* reserved for XenClient */
> +#define __HYPERVISOR_xenpmu_op 40
>
> /* Architecture-specific hypercall definitions. */
> #define __HYPERVISOR_arch_0 48
> diff --git a/xen/include/xen/hypercall.h b/xen/include/xen/hypercall.h
> index a9e5229..cf34547 100644
> --- a/xen/include/xen/hypercall.h
> +++ b/xen/include/xen/hypercall.h
> @@ -14,6 +14,7 @@
> #include <public/event_channel.h>
> #include <public/tmem.h>
> #include <public/version.h>
> +#include <public/pmu.h>
> #include <asm/hypercall.h>
> #include <xsm/xsm.h>
>
> @@ -139,6 +140,9 @@ do_tmem_op(
> extern long
> do_xenoprof_op(int op, XEN_GUEST_HANDLE_PARAM(void) arg);
>
> +extern long
> +do_xenpmu_op(int op, XEN_GUEST_HANDLE_PARAM(xen_pmu_params_t) arg);
> +
> #ifdef CONFIG_COMPAT
>
> extern int
> diff --git a/xen/include/xlat.lst b/xen/include/xlat.lst
> index c8fafef..5809c60 100644
> --- a/xen/include/xlat.lst
> +++ b/xen/include/xlat.lst
> @@ -101,6 +101,10 @@
> ! vcpu_set_singleshot_timer vcpu.h
> ? xenoprof_init xenoprof.h
> ? xenoprof_passive xenoprof.h
> +? pmu_params pmu.h
> +? pmu_intel_ctxt arch-x86/pmu.h
> +? pmu_amd_ctxt arch-x86/pmu.h
> +? pmu_cntr_pair arch-x86/pmu.h
> ? flask_access xsm/flask_op.h
> ! flask_boolean xsm/flask_op.h
> ? flask_cache_stats xsm/flask_op.h
> diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
> index df55e70..d423c1c 100644
> --- a/xen/include/xsm/dummy.h
> +++ b/xen/include/xsm/dummy.h
> @@ -653,4 +653,19 @@ static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG
> struct domain *d, uint3
> return xsm_default_action(action, current->domain, d);
> }
>
> +static XSM_INLINE int xsm_pmu_op (XSM_DEFAULT_ARG struct domain *d, int op)
> +{
> + XSM_ASSERT_ACTION(XSM_OTHER);
> + switch ( op )
> + {
> + case XENPMU_mode_set:
> + case XENPMU_mode_get:
> + case XENPMU_feature_set:
> + case XENPMU_feature_get:
> + return xsm_default_action(XSM_PRIV, d, current->domain);
> + default:
> + return -EPERM;
> + }
> +}
> +
> #endif /* CONFIG_X86 */
> diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
> index 6c1c079..635f7df 100644
> --- a/xen/include/xsm/xsm.h
> +++ b/xen/include/xsm/xsm.h
> @@ -170,6 +170,7 @@ struct xsm_operations {
> int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq
> *bind);
> int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e,
> uint8_t allow);
> int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t
> allow);
> + int (*pmu_op) (struct domain *d, int op);
> #endif
> };
>
> @@ -660,6 +661,11 @@ static inline int xsm_ioport_mapping (xsm_default_t def,
> struct domain *d, uint3
> return xsm_ops->ioport_mapping(d, s, e, allow);
> }
>
> +static inline int xsm_pmu_op (xsm_default_t def, struct domain *d, int op)
> +{
> + return xsm_ops->pmu_op(d, op);
> +}
> +
> #endif /* CONFIG_X86 */
>
> #endif /* XSM_NO_WRAPPERS */
> diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
> index 0826a8b..3638bd9 100644
> --- a/xen/xsm/dummy.c
> +++ b/xen/xsm/dummy.c
> @@ -141,5 +141,6 @@ void xsm_fixup_ops (struct xsm_operations *ops)
> set_to_dummy_if_null(ops, unbind_pt_irq);
> set_to_dummy_if_null(ops, ioport_permission);
> set_to_dummy_if_null(ops, ioport_mapping);
> + set_to_dummy_if_null(ops, pmu_op);
> #endif
> }
> diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
> index 5afc1d7..b437a24 100644
> --- a/xen/xsm/flask/hooks.c
> +++ b/xen/xsm/flask/hooks.c
> @@ -1485,6 +1485,23 @@ static int flask_unbind_pt_irq (struct domain *d,
> struct xen_domctl_bind_pt_irq
> {
> return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE);
> }
> +
> +static int flask_pmu_op (struct domain *d, int op)
> +{
> + u32 dsid = domain_sid(d);
> +
> + switch ( op )
> + {
> + case XENPMU_mode_set:
> + case XENPMU_mode_get:
> + case XENPMU_feature_set:
> + case XENPMU_feature_get:
> + return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_XEN2,
> + XEN2__PMU_CTRL, NULL);
> + default:
> + return -EPERM;
> + }
> +}
> #endif /* CONFIG_X86 */
>
> long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op);
> @@ -1604,6 +1621,7 @@ static struct xsm_operations flask_ops = {
> .unbind_pt_irq = flask_unbind_pt_irq,
> .ioport_permission = flask_ioport_permission,
> .ioport_mapping = flask_ioport_mapping,
> + .pmu_op = flask_pmu_op,
> #endif
> };
>
> diff --git a/xen/xsm/flask/policy/access_vectors
> b/xen/xsm/flask/policy/access_vectors
> index 2ddbeba..64c7378 100644
> --- a/xen/xsm/flask/policy/access_vectors
> +++ b/xen/xsm/flask/policy/access_vectors
> @@ -81,6 +81,8 @@ class xen2
> {
> # XENPF_get_symbol
> get_symbol
> +# PMU control
> + pmu_ctrl
> }
>
> # Classes domain and domain2 consist of operations that a domain performs on
>
--
Company details: http://ts.fujitsu.com/imprint.html
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |