|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v16 21/23] x86/VPMU: Add privileged PMU mode
Add support for privileged PMU mode (XENPMU_MODE_ALL) which allows privileged
domain (dom0) profile both itself (and the hypervisor) and the guests. While
this mode is on profiling in guests is disabled.
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
Acked-by: Jan Beulich <jbeulich@xxxxxxxx>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
Reviewed-by: Dietmar Hahn <dietmar.hahn@xxxxxxxxxxxxxx>
Tested-by: Dietmar Hahn <dietmar.hahn@xxxxxxxxxxxxxx>
---
xen/arch/x86/hvm/vpmu.c | 43 +++++++++++++++++++++++++++++++------------
xen/arch/x86/traps.c | 12 ++++++++++++
xen/include/public/pmu.h | 3 +++
3 files changed, 46 insertions(+), 12 deletions(-)
diff --git a/xen/arch/x86/hvm/vpmu.c b/xen/arch/x86/hvm/vpmu.c
index df03892..dd3f5e0 100644
--- a/xen/arch/x86/hvm/vpmu.c
+++ b/xen/arch/x86/hvm/vpmu.c
@@ -94,15 +94,16 @@ void vpmu_lvtpc_update(uint32_t val)
int vpmu_do_msr(unsigned int msr, uint64_t *msr_content,
uint64_t supported, bool_t is_write)
{
- struct vcpu *curr;
+ struct vcpu *curr = current;
struct vpmu_struct *vpmu;
struct arch_vpmu_ops *ops;
int ret = 0;
- if ( !(vpmu_mode & (XENPMU_MODE_SELF | XENPMU_MODE_HV)) )
+ if ( (vpmu_mode == XENPMU_MODE_OFF) ||
+ ((vpmu_mode & XENPMU_MODE_ALL) &&
+ !is_hardware_domain(current->domain)) )
return 0;
- curr = current;
vpmu = vcpu_vpmu(curr);
ops = vpmu->arch_vpmu_ops;
if ( !ops )
@@ -144,8 +145,12 @@ void vpmu_do_interrupt(struct cpu_user_regs *regs)
struct vcpu *sampled = current, *sampling;
struct vpmu_struct *vpmu;
- /* dom0 will handle interrupt for special domains (e.g. idle domain) */
- if ( sampled->domain->domain_id >= DOMID_FIRST_RESERVED )
+ /*
+ * dom0 will handle interrupt for special domains (e.g. idle domain) or,
+ * in XENPMU_MODE_ALL, for everyone.
+ */
+ if ( (vpmu_mode & XENPMU_MODE_ALL) ||
+ (sampled->domain->domain_id >= DOMID_FIRST_RESERVED) )
{
sampling = choose_hwdom_vcpu();
if ( !sampling )
@@ -155,12 +160,12 @@ void vpmu_do_interrupt(struct cpu_user_regs *regs)
sampling = sampled;
vpmu = vcpu_vpmu(sampling);
- if ( !is_hvm_vcpu(sampling) )
+ if ( !is_hvm_vcpu(sampling) || (vpmu_mode & XENPMU_MODE_ALL) )
{
/* PV(H) guest */
const struct cpu_user_regs *cur_regs;
uint64_t *flags = &vpmu->xenpmu_data->pmu.pmu_flags;
- uint32_t domid = DOMID_SELF;
+ uint32_t domid;
if ( !vpmu->xenpmu_data )
return;
@@ -169,6 +174,7 @@ void vpmu_do_interrupt(struct cpu_user_regs *regs)
return;
if ( is_pvh_vcpu(sampling) &&
+ !(vpmu_mode & XENPMU_MODE_ALL) &&
!vpmu->arch_vpmu_ops->do_interrupt(regs) )
return;
@@ -182,6 +188,11 @@ void vpmu_do_interrupt(struct cpu_user_regs *regs)
else
*flags = PMU_SAMPLE_PV;
+ if ( sampled == sampling )
+ domid = DOMID_SELF;
+ else
+ domid = sampled->domain->domain_id;
+
/* Store appropriate registers in xenpmu_data */
/* FIXME: 32-bit PVH should go here as well */
if ( is_pv_32bit_vcpu(sampling) )
@@ -210,7 +221,8 @@ void vpmu_do_interrupt(struct cpu_user_regs *regs)
if ( (vpmu_mode & XENPMU_MODE_SELF) )
cur_regs = guest_cpu_user_regs();
- else if ( !guest_mode(regs) &&
is_hardware_domain(sampling->domain) )
+ else if ( !guest_mode(regs) &&
+ is_hardware_domain(sampling->domain) )
{
cur_regs = regs;
domid = DOMID_XEN;
@@ -440,7 +452,8 @@ static int pvpmu_init(struct domain *d, xen_pmu_params_t
*params)
struct page_info *page;
uint64_t gfn = params->val;
- if ( vpmu_mode == XENPMU_MODE_OFF )
+ if ( (vpmu_mode == XENPMU_MODE_OFF) ||
+ ((vpmu_mode & XENPMU_MODE_ALL) && !is_hardware_domain(d)) )
return -EINVAL;
if ( (params->vcpu >= d->max_vcpus) || (d->vcpu == NULL) ||
@@ -520,6 +533,10 @@ void vpmu_dump(struct vcpu *v)
void vpmu_unload(struct vpmu_struct *vpmu)
{
+ if ( (vpmu_mode & XENPMU_MODE_ALL) &&
+ is_hardware_domain(vpmu_vcpu(vpmu)->domain) )
+ return;
+
if ( !vpmu_is_set(vpmu, VPMU_CONTEXT_LOADED | VPMU_RUNNING) )
return;
@@ -611,11 +628,13 @@ long do_xenpmu_op(int op,
XEN_GUEST_HANDLE_PARAM(xen_pmu_params_t) arg)
if ( copy_from_guest(&pmu_params, arg, 1) )
return -EFAULT;
- if ( pmu_params.val & ~(XENPMU_MODE_SELF | XENPMU_MODE_HV) )
+ if ( pmu_params.val & ~(XENPMU_MODE_SELF | XENPMU_MODE_HV |
+ XENPMU_MODE_ALL) )
return -EINVAL;
/* 32-bit dom0 can only sample itself. */
- if ( is_pv_32bit_vcpu(current) && (pmu_params.val & XENPMU_MODE_HV) )
+ if ( is_pv_32bit_vcpu(current) &&
+ (pmu_params.val & (XENPMU_MODE_HV | XENPMU_MODE_ALL)) )
return -EINVAL;
/*
@@ -634,7 +653,7 @@ long do_xenpmu_op(int op,
XEN_GUEST_HANDLE_PARAM(xen_pmu_params_t) arg)
old_mode = vpmu_mode;
vpmu_mode = pmu_params.val;
- if ( vpmu_mode == XENPMU_MODE_OFF )
+ if ( (vpmu_mode == XENPMU_MODE_OFF) || (vpmu_mode == XENPMU_MODE_ALL) )
{
/* Make sure all (non-dom0) VCPUs have unloaded their VPMUs. */
ret = vpmu_unload_all(old_mode);
diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 70477b2..663b44f 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -2579,6 +2579,10 @@ static int emulate_privileged_op(struct cpu_user_regs
*regs)
case MSR_AMD_FAM15H_EVNTSEL0...MSR_AMD_FAM15H_PERFCTR5:
if ( vpmu_msr || (boot_cpu_data.x86_vendor == X86_VENDOR_AMD) )
{
+ if ( (vpmu_mode & XENPMU_MODE_ALL) &&
+ !is_hardware_domain(v->domain) )
+ break;
+
if ( vpmu_do_wrmsr(regs->ecx, msr_content, 0) )
goto fail;
}
@@ -2702,6 +2706,14 @@ static int emulate_privileged_op(struct cpu_user_regs
*regs)
case MSR_AMD_FAM15H_EVNTSEL0...MSR_AMD_FAM15H_PERFCTR5:
if ( vpmu_msr || (boot_cpu_data.x86_vendor == X86_VENDOR_AMD) )
{
+ if ( (vpmu_mode & XENPMU_MODE_ALL) &&
+ !is_hardware_domain(v->domain) )
+ {
+ /* Don't leak PMU MSRs to unprivileged domains */
+ regs->eax = regs->edx = 0;
+ break;
+ }
+
if ( vpmu_do_rdmsr(regs->ecx, &msr_content) )
goto fail;
diff --git a/xen/include/public/pmu.h b/xen/include/public/pmu.h
index db5321a..a83ae71 100644
--- a/xen/include/public/pmu.h
+++ b/xen/include/public/pmu.h
@@ -52,10 +52,13 @@ DEFINE_XEN_GUEST_HANDLE(xen_pmu_params_t);
* - XENPMU_MODE_SELF: Guests can profile themselves
* - XENPMU_MODE_HV: Guests can profile themselves, dom0 profiles
* itself and Xen
+ * - XENPMU_MODE_ALL: Only dom0 has access to VPMU and it profiles
+ * everyone: itself, the hypervisor and the guests.
*/
#define XENPMU_MODE_OFF 0
#define XENPMU_MODE_SELF (1<<0)
#define XENPMU_MODE_HV (1<<1)
+#define XENPMU_MODE_ALL (1<<2)
/*
* PMU features:
--
1.8.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |