[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] x86/cpuid: correct dependencies of post-SSE ISA extensions

  • To: Jan Beulich <JBeulich@xxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Thu, 31 Jan 2019 13:36:06 +0000
  • Autocrypt: addr=andrew.cooper3@xxxxxxxxxx; prefer-encrypt=mutual; keydata= mQINBFLhNn8BEADVhE+Hb8i0GV6mihnnr/uiQQdPF8kUoFzCOPXkf7jQ5sLYeJa0cQi6Penp VtiFYznTairnVsN5J+ujSTIb+OlMSJUWV4opS7WVNnxHbFTPYZVQ3erv7NKc2iVizCRZ2Kxn srM1oPXWRic8BIAdYOKOloF2300SL/bIpeD+x7h3w9B/qez7nOin5NzkxgFoaUeIal12pXSR Q354FKFoy6Vh96gc4VRqte3jw8mPuJQpfws+Pb+swvSf/i1q1+1I4jsRQQh2m6OTADHIqg2E ofTYAEh7R5HfPx0EXoEDMdRjOeKn8+vvkAwhviWXTHlG3R1QkbE5M/oywnZ83udJmi+lxjJ5 YhQ5IzomvJ16H0Bq+TLyVLO/VRksp1VR9HxCzItLNCS8PdpYYz5TC204ViycobYU65WMpzWe LFAGn8jSS25XIpqv0Y9k87dLbctKKA14Ifw2kq5OIVu2FuX+3i446JOa2vpCI9GcjCzi3oHV e00bzYiHMIl0FICrNJU0Kjho8pdo0m2uxkn6SYEpogAy9pnatUlO+erL4LqFUO7GXSdBRbw5 gNt25XTLdSFuZtMxkY3tq8MFss5QnjhehCVPEpE6y9ZjI4XB8ad1G4oBHVGK5LMsvg22PfMJ ISWFSHoF/B5+lHkCKWkFxZ0gZn33ju5n6/FOdEx4B8cMJt+cWwARAQABtClBbmRyZXcgQ29v cGVyIDxhbmRyZXcuY29vcGVyM0BjaXRyaXguY29tPokCOgQTAQgAJAIbAwULCQgHAwUVCgkI CwUWAgMBAAIeAQIXgAUCWKD95wIZAQAKCRBlw/kGpdefoHbdD/9AIoR3k6fKl+RFiFpyAhvO 59ttDFI7nIAnlYngev2XUR3acFElJATHSDO0ju+hqWqAb8kVijXLops0gOfqt3VPZq9cuHlh IMDquatGLzAadfFx2eQYIYT+FYuMoPZy/aTUazmJIDVxP7L383grjIkn+7tAv+qeDfE+txL4 SAm1UHNvmdfgL2/lcmL3xRh7sub3nJilM93RWX1Pe5LBSDXO45uzCGEdst6uSlzYR/MEr+5Z JQQ32JV64zwvf/aKaagSQSQMYNX9JFgfZ3TKWC1KJQbX5ssoX/5hNLqxMcZV3TN7kU8I3kjK mPec9+1nECOjjJSO/h4P0sBZyIUGfguwzhEeGf4sMCuSEM4xjCnwiBwftR17sr0spYcOpqET ZGcAmyYcNjy6CYadNCnfR40vhhWuCfNCBzWnUW0lFoo12wb0YnzoOLjvfD6OL3JjIUJNOmJy RCsJ5IA/Iz33RhSVRmROu+TztwuThClw63g7+hoyewv7BemKyuU6FTVhjjW+XUWmS/FzknSi dAG+insr0746cTPpSkGl3KAXeWDGJzve7/SBBfyznWCMGaf8E2P1oOdIZRxHgWj0zNr1+ooF /PzgLPiCI4OMUttTlEKChgbUTQ+5o0P080JojqfXwbPAyumbaYcQNiH1/xYbJdOFSiBv9rpt TQTBLzDKXok86LkCDQRS4TZ/ARAAkgqudHsp+hd82UVkvgnlqZjzz2vyrYfz7bkPtXaGb9H4 Rfo7mQsEQavEBdWWjbga6eMnDqtu+FC+qeTGYebToxEyp2lKDSoAsvt8w82tIlP/EbmRbDVn 7bhjBlfRcFjVYw8uVDPptT0TV47vpoCVkTwcyb6OltJrvg/QzV9f07DJswuda1JH3/qvYu0p vjPnYvCq4NsqY2XSdAJ02HrdYPFtNyPEntu1n1KK+gJrstjtw7KsZ4ygXYrsm/oCBiVW/OgU g/XIlGErkrxe4vQvJyVwg6YH653YTX5hLLUEL1NS4TCo47RP+wi6y+TnuAL36UtK/uFyEuPy wwrDVcC4cIFhYSfsO0BumEI65yu7a8aHbGfq2lW251UcoU48Z27ZUUZd2Dr6O/n8poQHbaTd 6bJJSjzGGHZVbRP9UQ3lkmkmc0+XCHmj5WhwNNYjgbbmML7y0fsJT5RgvefAIFfHBg7fTY/i kBEimoUsTEQz+N4hbKwo1hULfVxDJStE4sbPhjbsPCrlXf6W9CxSyQ0qmZ2bXsLQYRj2xqd1 bpA+1o1j2N4/au1R/uSiUFjewJdT/LX1EklKDcQwpk06Af/N7VZtSfEJeRV04unbsKVXWZAk uAJyDDKN99ziC0Wz5kcPyVD1HNf8bgaqGDzrv3TfYjwqayRFcMf7xJaL9xXedMcAEQEAAYkC HwQYAQgACQUCUuE2fwIbDAAKCRBlw/kGpdefoG4XEACD1Qf/er8EA7g23HMxYWd3FXHThrVQ HgiGdk5Yh632vjOm9L4sd/GCEACVQKjsu98e8o3ysitFlznEns5EAAXEbITrgKWXDDUWGYxd pnjj2u+GkVdsOAGk0kxczX6s+VRBhpbBI2PWnOsRJgU2n10PZ3mZD4Xu9kU2IXYmuW+e5KCA vTArRUdCrAtIa1k01sPipPPw6dfxx2e5asy21YOytzxuWFfJTGnVxZZSCyLUO83sh6OZhJkk b9rxL9wPmpN/t2IPaEKoAc0FTQZS36wAMOXkBh24PQ9gaLJvfPKpNzGD8XWR5HHF0NLIJhgg 4ZlEXQ2fVp3XrtocHqhu4UZR4koCijgB8sB7Tb0GCpwK+C4UePdFLfhKyRdSXuvY3AHJd4CP 4JzW0Bzq/WXY3XMOzUTYApGQpnUpdOmuQSfpV9MQO+/jo7r6yPbxT7CwRS5dcQPzUiuHLK9i nvjREdh84qycnx0/6dDroYhp0DFv4udxuAvt1h4wGwTPRQZerSm4xaYegEFusyhbZrI0U9tJ B8WrhBLXDiYlyJT6zOV2yZFuW47VrLsjYnHwn27hmxTC/7tvG3euCklmkn9Sl9IAKFu29RSo d5bD8kMSCYsTqtTfT6W4A3qHGvIDta3ptLYpIAOD2sY3GYq2nf3Bbzx81wZK14JdDDHUX2Rs 6+ahAA==
  • Cc: Juergen Gross <jgross@xxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>
  • Delivery-date: Thu, 31 Jan 2019 13:36:55 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Openpgp: preference=signencrypt

On 31/01/2019 10:06, Jan Beulich wrote:
>>>> On 30.01.19 at 21:21, <andrew.cooper3@xxxxxxxxxx> wrote:
>> On 14/01/2019 12:48, Jan Beulich wrote:
>>>>>> On 14.01.19 at 13:00, <andrew.cooper3@xxxxxxxxxx> wrote:
>>>> On 14/01/2019 11:39, Jan Beulich wrote:
>>>>> First of all a PCLMULQDQ dependency was missing entirely. Add it as well
>>>>> as AESNI and SHA to SSE2, as all of them act on vectors of integers,
>>>>> whereas plain SSE supports vectors of single precision floats only. This
>>>>> is in line with how e.g. binutils and gcc treat them.
>>>>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
>>>>> ---
>>>>> TBD: On the same basis, SSE3, SSSE3 and SSE4A should probably also
>>>>> depend on SSE2 rather than SSE. In fact making this a chain SSE -> SSE2
>>>>> -> SSE3 -> { SSSE3, SSE4A } would probably be best, and get us in line
>>>>> with both binutils and gcc. But I think I did suggest so when the
>>>>> dependencies were introduced, and this wasn't liked for a reason I
>>>>> forgot.
>>>> While all of this is true, there is a comment in context which explains
>>>> why the dependences are they way they are.
>>>> Providing a guest with SSE, no SSE2, and PCLMULDQ/AESNI/SHA will allow
>>>> these latter instruction groups to function correctly.
>>> You mean "Several futher instruction sets are built on core %XMM
>>> support, without specific inter-dependencies"? This explains it at
>>> best partly, the more that there then are exceptions to this rule
>>> ({,S}SSE3 -> SSE4.1 and SSE4.1 -> SSE4.2). Do we really have to
>>> take a different view here than binutils and gcc (and perhaps many
>>> others) do?
>>> Some of Linux'es x86-specific crypto drivers make even more
>>> interesting implications, several of which I mean to fix. But they
>>> (imo) validly imply e.g. SSE2 when there is SSSE3, which would
>>> mean such a driver would only work because we can't hide the
>>> SSE2 insns when a guest config file masks off SSE2 but not
>>> SSSE3 - until such an insn hits the emulator, where the
>>> vcpu_has_sse2() check would make it raise #UD, just because
>>> of our non-standard feature dependencies.
>> The dependences described here are primarily to prevent malfunctions in
>> Xen, rather than to provide a historically-accurate view of which
>> features appeared when.  Software which doesn't follow the rules cannot
>> be helped - its already buggy.
> For this last statement - where is the "SSE2: [LM]" dependency formally
> spelled out? The fact that it's used for the UNIX floating point ABI of
> x86-64 is not relevant: There could sensibly be a 64-bit processor
> without any floating point support, I think.

The base AMD64 spec, which mandates SSE2 in compliant implementations. 
It is the reason why you don't need a feature check to use the fence

>> The question which matters here is whether the Intel/AMD SDM's allow for
>> any such implications.
>> Vol1 12.13.4 states that software wishing to use AES-NI or PCMULDQ must
>> first check for SSE2, and then for the individual feature bit.  I
>> suppose this is better evidence of a logical connection than we've used
>> in other bits of the dependency tree, but I see absolutely nothing
>> discussing the SHA instruction set.
> So if I left SHA alone but moved AESNI, you'd be fine with the change?
> I could at least see this as an intermediate step. I should say though
> that SHA has always been giving the impression of a "bad child" to me,
> so I wouldn't be surprised of this was just a doc omission (seeing that
> there isn't even a section about that entire extension in chapter 12).

I did find that omission curious while looking.

> Furthermore, you didn't even comment on the SSE3 etc aspect.
> Section 12.4.2, just like 12.13.4, refers to 11.6.2, i.e. (according to
> your interpretation above) implies SSE2. While 12.12.2 implies SSE3
> and SSSE3, 12.12.3 implies SSSE3 and SSE4.1 but not SSE3, and
> 12.7.2 does not suggest to check for SSE3. I have to admit that
> I'd rather consider this as doc shortcomings.

You do realise that you argued the contrary when I originally
implemented this, most notably in v4
https://patchwork.kernel.org/patch/8651441/ , and made me change the
logic to how it currently is?

It looks to me as if you now prefer v3 of my original patch.

> An SSE4.2 check alone is (imo correctly) suggested for CRC32 and
> POPCNT, which would seem to mean we should drop its SSE4.1
> dependency.
> Otoh these documented needs to check for multiple bits could as
> well be interpreted as meaning there's no connection at all, in
> which case the SSE4.1 and SSE4.2 dependencies we currently
> have should all be reduced to dependencies upon SSE (as
> expressing the presence of XMM registers).
> Getting this into consistent shape might save some discussions
> on the AVX512 series (where, depending on the outcome here,
> I may need to make further adjustments). One additional question
> there would then be whether to take AVX512BW as indication of
> full 64-bit mask registers (AVX512F only needs 16-bit wide ones),
> as is implied e.g. by gcc.

I don't have a problem in principle with changing dependences.

One risk however is the forwards compatibility of VMs migrating to newer
versions of Xen - we must take care to not make features accidentally
disappear in newer builds of Xen running on the same hardware. 
(Accepting that we may deliberately need to make features disappear if
mistakes in the dependency logic are discovered.)

I would however like to first get a clear understand and agreement on
our expectations, to try and avoid problems like this in the future.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.