Xen project Mailing List

Re: [PATCH v1 2/2] x86/cpuid: Detect null segment behaviour on Zen2 CPUs

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Tue, 7 Sep 2021 16:21:05 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=5P2vnTU15/bPw9O+/l2UDZyNPfbD2qOdV5IDyfmhzB0=; b=RXaLOf249NjrhE4i9FmD1QcV7EpsN/iFl+wgTEA52wFwQu9nrPqHpkwFvstUs5UgDVKI6DDmScHemMEhPyepcM5IGbPnJkQvlAw+q5k8H/XQXr3ja8QZWk557sFGsisgbQsfPG3505MhYVjx04NXOvlXKk3Ybpst+ACDhvpUfWyimEc6/xFW+qcvGYPGf858JNz93MAIGtY+2aRzV8r/i7Gcnn6yxNEl0uYtgTWZuaFKt1O2RLO/P26E8YUDpgOf0EYVfuMCqIFSFwtumguYzgazuixGSf9uRthVYpgz/bpzk+ary/QwX3n7fmrlDyTSY3wMuiwdtKnd0POH8D5RZA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Yv87STg/suGEq/VSd+mw1aoRMgB1MsR7j8xQf/aEsaa4wkVX+Tu6E3+aS+1qzEop+F5OijtmNGu+DyMABjdctWjpzS4hZ7go5JqhQKzIYJbcOScHxf0hsUsrLOpQtVEEw9HDnukPQ9ODyicHxEU7ZKJGjT4lkivFUm1YS9Ixtlr/jMZpGd4U/7cUw+HOjHZ+k16l8BGb2ix40IfRXWRlMAS2V+NzK8oSrJOg9icHKIWoe8+6pxIOdyFlY4Z9L2E5i7RWqmESOzua+naTGX6k1JCEEc/sZNUzm5l2Zy/PGKOrPsU9qElIEXFqSQbp1AOwrSvwa8idA7o2mBuCcJswPg==

Authentication-results: citrix.com; dkim=none (message not signed) header.d=none;citrix.com; dmarc=none action=none header.from=suse.com;

Cc: Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Pu Wen <puwen@xxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Jane Malalane <jane.malalane@xxxxxxxxxx>

Delivery-date: Tue, 07 Sep 2021 14:21:14 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 07.09.2021 15:27, Andrew Cooper wrote: > On 07/09/2021 07:09, Jan Beulich wrote: >> On 06.09.2021 20:07, Andrew Cooper wrote: >>> On 06/09/2021 16:17, Jan Beulich wrote: >>>> On 06.09.2021 14:00, Jane Malalane wrote: >>>>> --- a/xen/arch/x86/cpu/amd.c >>>>> +++ b/xen/arch/x86/cpu/amd.c >>>>> @@ -681,6 +681,19 @@ void amd_init_lfence(struct cpuinfo_x86 *c) >>>>> c->x86_capability); >>>>> } >>>>> >>>>> +void detect_zen2_null_seg_behaviour(void) >>>> This can in principle be marked __init. >>>> >>>>> +{ >>>>> + uint64_t base; >>>>> + >>>>> + wrmsrl(MSR_FS_BASE, 1); >>>>> + asm volatile ( "mov %0, %%fs" :: "rm" (0) ); >>>> While I don't strictly mind the "m" part of the constraint to remain >>>> there (in the hope for compilers actually to support this), iirc it's >>>> not useful to have when the value is a constant: Last time I checked, >>>> the compiler would not instantiate an anonymous (stack) variable to >>>> fulfill this constraint (as can be seen when dropping the "r" part of >>>> the constraint). >>> This is "rm" because it is what we use elsewhere in Xen for selectors, >>> and because it is the correct constraints based on the legal instruction >>> encodings. >> grep-ing for "%%[defgs]s" reveals: >> >> efi_arch_post_exit_boot(), svm_ctxt_switch_to(), > > These are writing multiple selectors in one go, and a register > constraint is the only sane option. > >> and do_set_segment_base() all use just "r". > > I had missed this one. > >> This grep has not produced >> any use of "rm". What are you talking about? > > TRY_LOAD_SEG(), pv_emul_read_descriptor() for both lar and lsl, > do_double_fault() for another lsl, lldt(), ltr(). TRY_LOAD_SEG() and pv_emul_read_descriptor() don't pass constants as asm() argument values. do_double_fault()'s use of lsl is indeed an example matching the pattern here. lldt() and ltr() are generic inline helpers, so validly allow for both because they should not make assumptions on what the caller passes. Plus "m" there is okay, because if the caller passes a constant there will be a named variable (the function parameter), i.e. the compiler does not need to instantiate any anonymous one. > So ok - not everything, but most. > >> >>> If you want to work around what you perceive to be bugs in compilers >>> then submit a independent change yourself. >> I don't perceive this as a bug; perhaps a desirable feature. I also >> did start my response with "While I don't strictly mind the "m" >> part ..." - was this not careful enough to indicate I'm not going >> to insist on the change, but I'd prefer it to be made? > > No, because a maintainer saying "I'd prefer this to be changed" is still > an instruction to the submitter to make the change. It was a request to _consider_ dropping the m part, yes. But (see below) now that you've forced me to re-check (I presume you didn't check yourself, or else I would expect you would have drawn the same conclusion as I did), I actually feel stronger about this needing adjustment. > But the request is inappropriate. "Last time I checked, the compiler > would" presumably means you've checked GCC and not Clang, and therefore > any conclusions about the behaviour are incomplete. Not really, no. IIRC I did check the version of clang that I have easy access to. (For gcc I've just now re-checked with 10.x and 11.x.) > Unless there is a real concrete compiler bug to work around, "rm" is the > appropriate constraint to use, all other things being equal. If the > complier is merely doing something dumb with the flexibility it has been > permitted, then fix the compiler and the problem will resolve itself the > proper way. I disagree. When an asm() constraint permits multiple kinds of values, dropping one or more of the alternatives should IMO still yield valid (perhaps sub-optimal) code (IOW every one of the supplied kinds should be valid). The issue here is that it is not spelled out clearly whether something like "m" (0) is actually legal. The error messages, however, suggest this is intended to be illegal: gcc says "memory input ... is not directly addressable", whereas clang says "invalid lvalue in asm input for constraint 'm'". IOW I do think the one case of LSL in do_double_fault() does need adjusting. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.