[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] x86/hvm: set 'ipat' in EPT for special pages

  • To: Paul Durrant <paul@xxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Fri, 31 Jul 2020 12:21:16 +0100
  • Authentication-results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none
  • Cc: Paul Durrant <pdurrant@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Fri, 31 Jul 2020 11:21:27 +0000
  • Ironport-sdr: uphDXr02WgtTe1GvOXKeVMjNOgwYLd2gH0NC1Vc5TBbEzCsHctGsV4rui27Z52AJGMyC+pNrsq MDorvIzNOkt6vWz/pU11LWx+qXRG2M/2ypVSHxCckwRAXWgU96MGgZwZw3i5p4EN8Xcvdl5Odg 1cD+89pcZcjv18Gr9n1Srx279TCT6mM8mddPFbghyrsRrLtKGrj6dE6euuhSyWCszb7h+Rjtxm ttha+qKUtaJc8UeffoVnTxbqruQ1INNAKCK+QBs3OpgYOBHCKPEJ5zN65CgWgoCAOO0lxl5xym a4g=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 31/07/2020 11:46, Paul Durrant wrote:
> From: Paul Durrant <pdurrant@xxxxxxxxxx>
> All non-MMIO ranges (i.e those not mapping real device MMIO regions) that
> map valid MFNs are normally marked MTRR_TYPE_WRBACK and 'ipat' is set. Hence
> when PV drivers running in a guest populate the BAR space of the Xen Platform
> PCI Device with pages such as the Shared Info page or Grant Table pages,
> accesses to these pages will be cachable.
> However, should IOMMU mappings be enabled be enabled for the guest then these
> accesses become uncachable. This has a substantial negative effect on I/O
> throughput of PV devices. Arguably PV drivers should bot be using BAR space to
> host the Shared Info and Grant Table pages but it is currently commonplace for
> them to do this and so this problem needs mitigation. Hence this patch makes
> sure the 'ipat' bit is set for any special page regardless of where in GFN
> space it is mapped.
> NOTE: Clearly this mitigation only applies to Intel EPT. It is not obvious
>       that there is any similar mitigation possible for AMD NPT. Downstreams
>       such as Citrix XenServer have been carrying a patch similar to this for
>       several releases though.


(Yay for internal ticket references escaping into the wild.)

However, it is very important to be aware that this is just papering
over the problem, and it will cease to function as soon as we get MKTME
support.  When we hit that point, iPAT cannot be used, as it will cause
data corruption in guests.

The only correct way to fix this is to not (mis)use BAR space for RAM




Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.