Xen project Mailing List

Re: [Xen-devel] [PATCH v4 11/26] xen/x86: Improvements to in-hypervisor cpuid sanity checks

To: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Tue, 5 Apr 2016 16:25:39 +0100

Cc: Jan Beulich <JBeulich@xxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>

Delivery-date: Tue, 05 Apr 2016 15:28:54 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 28/03/16 16:29, Konrad Rzeszutek Wilk wrote: > On Wed, Mar 23, 2016 at 04:36:14PM +0000, Andrew Cooper wrote: >> Currently, {pv,hvm}_cpuid() has a large quantity of essentially-static logic >> for modifying the features visible to a guest. A lot of this can be subsumed >> by {pv,hvm}_featuremask, which identify the features available on this >> hardware which could be given to a PV or HVM guest. >> >> This is a step in the direction of full per-domain cpuid policies, but lots >> more development is needed for that. As a result, the static checks are >> simplified, but the dynamic checks need to remain for now. >> >> As a side effect, some of the logic for special features can be improved. >> OSXSAVE and OSPKE will be automatically cleared because of being absent in >> the >> featuremask. This allows the fast-forward logic to be more simple. >> >> In addition, there are some corrections to the existing logic: >> >> * Hiding PSE36 out of PAE mode is architecturally wrong. It turns out that >> it was a bugfix for running HyperV under Xen, which wanted to see PSE36 >> even after choosing to use PAE paging. PSE36 is not supported by shadow >> paging, so is hidden from non-HAP guests, but is still visible for HAP >> guests. >> * Changing the visibility of RDTSCP based on host TSC stability or virtual >> TSC mode is bogus, so dropped. > Why is it bogus? It is an PV ABI type CPUID. The CPUID bit has a well defined meaning, and the vtsc infrastructure went and diverged the ABI provided by Intel and AMD. If it were only PV guests, it would be less bad. However, it breaks HVM guests as well which is absolutely not ok. The meaning of the RDTSCP feature bit is well defined. The presence of the `rdtscp` instruction, and the TSC_AUX MSR. The vtsc options control whether rdtsc(p) is intercepted by Xen, and whether the guest or Xen controls the AUX MSR. These options are unrelated, and have no bearing on the availability of the instruction in the first place. > > Independetly of that you would also need to modify tsc_mode.txt file and all > uses > of 'tsc_mode=3'. A guest kernel cannot use the presence or absence of the rdtscp feature to identify which vtsc mode is in intended, which necessarily means there is an extra out-of-band signal controlling its use. In particular, the current issue fixed by this change is that for the default case, on migrate, the rdtscp feature disappears from the domain as the tsc logic decides that the frequency has changed and vtsc mode should be enabled. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.