[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [PATCH] x86/hvm: set 'ipat' in EPT for special pages

> -----Original Message-----
> From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> Sent: 31 July 2020 12:21
> To: Paul Durrant <paul@xxxxxxx>; xen-devel@xxxxxxxxxxxxxxxxxxxx
> Cc: Paul Durrant <pdurrant@xxxxxxxxxx>; Jan Beulich <jbeulich@xxxxxxxx>; Wei 
> Liu <wl@xxxxxxx>; Roger
> Pau Monné <roger.pau@xxxxxxxxxx>
> Subject: Re: [PATCH] x86/hvm: set 'ipat' in EPT for special pages
> On 31/07/2020 11:46, Paul Durrant wrote:
> > From: Paul Durrant <pdurrant@xxxxxxxxxx>
> >
> > All non-MMIO ranges (i.e those not mapping real device MMIO regions) that
> > map valid MFNs are normally marked MTRR_TYPE_WRBACK and 'ipat' is set. Hence
> > when PV drivers running in a guest populate the BAR space of the Xen 
> > Platform
> > PCI Device with pages such as the Shared Info page or Grant Table pages,
> > accesses to these pages will be cachable.
> >
> > However, should IOMMU mappings be enabled be enabled for the guest then 
> > these
> > accesses become uncachable. This has a substantial negative effect on I/O
> > throughput of PV devices. Arguably PV drivers should bot be using BAR space 
> > to
> > host the Shared Info and Grant Table pages but it is currently commonplace 
> > for
> > them to do this and so this problem needs mitigation. Hence this patch makes
> > sure the 'ipat' bit is set for any special page regardless of where in GFN
> > space it is mapped.
> >
> > NOTE: Clearly this mitigation only applies to Intel EPT. It is not obvious
> >       that there is any similar mitigation possible for AMD NPT. Downstreams
> >       such as Citrix XenServer have been carrying a patch similar to this 
> > for
> >       several releases though.
> https://github.com/xenserver/xen.pg/blob/XS-8.2.x/master/xen-override-caching-cp-26562.patch
> (Yay for internal ticket references escaping into the wild.)


> However, it is very important to be aware that this is just papering
> over the problem, and it will cease to function as soon as we get MKTME
> support.  When we hit that point, iPAT cannot be used, as it will cause
> data corruption in guests.
> The only correct way to fix this is to not (mis)use BAR space for RAM
> mappings.

Oh yes, t
his is only a mitigation. I believe Roger is working on a mechanism for guests 
to query for non-populated RAM space, which would be suitable for use by PV 


> ~Andrew



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.