[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [PATCH v6 09/12] xen: add runtime parameter access support to hypfs
- To: Jan Beulich <jbeulich@xxxxxxxx>
- From: Jürgen Groß <jgross@xxxxxxxx>
- Date: Fri, 6 Mar 2020 07:42:20 +0100
- Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Wei Liu <wl@xxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
- Delivery-date: Fri, 06 Mar 2020 06:42:42 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 05.03.20 09:26, Jan Beulich wrote:
On 05.03.2020 07:01, Jürgen Groß wrote:
On 04.03.20 17:56, Jan Beulich wrote:
On 04.03.2020 17:31, Jürgen Groß wrote:
On 04.03.20 16:19, Jan Beulich wrote:
On 04.03.2020 16:07, Jürgen Groß wrote:
On 04.03.20 12:32, Jan Beulich wrote:
On 26.02.2020 13:47, Juergen Gross wrote:
+static void update_ept_param_append(const char *str, int val)
+{
+ char *pos = opt_ept_setting + strlen(opt_ept_setting);
+
+ snprintf(pos, sizeof(opt_ept_setting) - (pos - opt_ept_setting),
+ ",%s=%d", str, val);
+}
+
+static void update_ept_param(void)
+{
+ snprintf(opt_ept_setting, sizeof(opt_ept_setting), "pml=%d", opt_ept_pml);
+ if ( opt_ept_ad >= 0 )
+ update_ept_param_append("ad", opt_ept_ad);
This won't correctly reflect reality: If you look at
vmx_init_vmcs_config(), even a negative value means "true" here,
unless on a specific Atom model. I think init_ept_param() wants
to have that erratum workaround logic moved there, such that
you can then assme the value to be non-negative here.
But isn't not mentioning it in the -1 case correct? -1 means: do the
correct thing on the current hardware.
Well, I think the output here should represent effective settings,
The minimum requirement is to reflect the effective parameters, like
cmdline is doing for boot-time only parameters. With runtime parameters
we had no way of telling what was set, and this is now possible.
and a sub-item should be suppressed only if a setting has no effect
at all in the current setup, like ...
+ if ( opt_ept_exec_sp >= 0 )
+ update_ept_param_append("exec-sp", opt_ept_exec_sp);
I agree for this one - if the value is still -1, it has neither
been set nor is its value of any interest.
... here.
I think we should not mix up specified parameters and effective
settings. In case an effective setting is of common interest it should
be reported via a specific node (like e.g. specific mitigation settings
where the cmdline is not providing enough details).
But then a boolean option that wasn't specified on the command line
should produce no output at all. And hence we'd need a way to tell
whether an option was set from command line for _all_ of them. I
don't think this would be very helpful.
I disagree here.
This is important only for cases where the hypervisor treats the
parameter as a tristate: true/false/unspecified. In all cases where
the bool value is really true or false it can be reported as such.
The problem I'm having with this is the resulting inconsistency:
When we write the variable with 0 or 1 in case we find it to be
-1 after command line parsing, the externally visible effect will
be different from the case where we leave it to be -1 yet still
treat it as (pseudo-)boolean. This, however, is an implementation
detail, while imo the hypfs presentation should not depend on
such implementation details.
Reporting 0/1 for e.g. "ad" if opt_ept_ad==-1 would add a latent problem
if any other action would be derived from the parameter variable being
-1.
So either opt_ept_ad should be modified to change it to 0/1 instead of
only setting the VCMS flag,
That's what I did suggest.
or the logic should be kept as is in this
patch. IMO changing the setting of opt_ept_ad should be done in another
patch if this is really wanted.
And of course I don't mind at all doing so in a prereq patch.
It's just that the patch here provides a good place _where_ to
actually do such an adjustment.
I was thinking of something like this:
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -313,12 +313,12 @@ static int vmx_init_vmcs_config(void)
{
rdmsrl(MSR_IA32_VMX_EPT_VPID_CAP, _vmx_ept_vpid_cap);
+ if ( /* Work around Erratum AVR41 on Avoton processors. */
+ boot_cpu_data.x86 == 6 && boot_cpu_data.x86_model == 0x4d &&
+ opt_ept_ad < 0 )
+ opt_ept_ad = 0;
if ( !opt_ept_ad )
_vmx_ept_vpid_cap &= ~VMX_EPT_AD_BIT;
- else if ( /* Work around Erratum AVR41 on Avoton processors. */
- boot_cpu_data.x86 == 6 && boot_cpu_data.x86_model ==
0x4d &&
- opt_ept_ad < 0 )
- _vmx_ept_vpid_cap &= ~VMX_EPT_AD_BIT;
/*
* Additional sanity checking before using EPT:
Juergen
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
