[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v1 2/2] x86/cpuid: Detect null segment behaviour on Zen2 CPUs

  • To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Tue, 7 Sep 2021 16:21:05 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=5P2vnTU15/bPw9O+/l2UDZyNPfbD2qOdV5IDyfmhzB0=; b=RXaLOf249NjrhE4i9FmD1QcV7EpsN/iFl+wgTEA52wFwQu9nrPqHpkwFvstUs5UgDVKI6DDmScHemMEhPyepcM5IGbPnJkQvlAw+q5k8H/XQXr3ja8QZWk557sFGsisgbQsfPG3505MhYVjx04NXOvlXKk3Ybpst+ACDhvpUfWyimEc6/xFW+qcvGYPGf858JNz93MAIGtY+2aRzV8r/i7Gcnn6yxNEl0uYtgTWZuaFKt1O2RLO/P26E8YUDpgOf0EYVfuMCqIFSFwtumguYzgazuixGSf9uRthVYpgz/bpzk+ary/QwX3n7fmrlDyTSY3wMuiwdtKnd0POH8D5RZA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Yv87STg/suGEq/VSd+mw1aoRMgB1MsR7j8xQf/aEsaa4wkVX+Tu6E3+aS+1qzEop+F5OijtmNGu+DyMABjdctWjpzS4hZ7go5JqhQKzIYJbcOScHxf0hsUsrLOpQtVEEw9HDnukPQ9ODyicHxEU7ZKJGjT4lkivFUm1YS9Ixtlr/jMZpGd4U/7cUw+HOjHZ+k16l8BGb2ix40IfRXWRlMAS2V+NzK8oSrJOg9icHKIWoe8+6pxIOdyFlY4Z9L2E5i7RWqmESOzua+naTGX6k1JCEEc/sZNUzm5l2Zy/PGKOrPsU9qElIEXFqSQbp1AOwrSvwa8idA7o2mBuCcJswPg==
  • Authentication-results: citrix.com; dkim=none (message not signed) header.d=none;citrix.com; dmarc=none action=none header.from=suse.com;
  • Cc: Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Pu Wen <puwen@xxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Jane Malalane <jane.malalane@xxxxxxxxxx>
  • Delivery-date: Tue, 07 Sep 2021 14:21:14 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 07.09.2021 15:27, Andrew Cooper wrote:
> On 07/09/2021 07:09, Jan Beulich wrote:
>> On 06.09.2021 20:07, Andrew Cooper wrote:
>>> On 06/09/2021 16:17, Jan Beulich wrote:
>>>> On 06.09.2021 14:00, Jane Malalane wrote:
>>>>> --- a/xen/arch/x86/cpu/amd.c
>>>>> +++ b/xen/arch/x86/cpu/amd.c
>>>>> @@ -681,6 +681,19 @@ void amd_init_lfence(struct cpuinfo_x86 *c)
>>>>>                     c->x86_capability);
>>>>>  }
>>>>> +void detect_zen2_null_seg_behaviour(void)
>>>> This can in principle be marked __init.
>>>>> +{
>>>>> + uint64_t base;
>>>>> +
>>>>> + wrmsrl(MSR_FS_BASE, 1);
>>>>> + asm volatile ( "mov %0, %%fs" :: "rm" (0) );
>>>> While I don't strictly mind the "m" part of the constraint to remain
>>>> there (in the hope for compilers actually to support this), iirc it's
>>>> not useful to have when the value is a constant: Last time I checked,
>>>> the compiler would not instantiate an anonymous (stack) variable to
>>>> fulfill this constraint (as can be seen when dropping the "r" part of
>>>> the constraint).
>>> This is "rm" because it is what we use elsewhere in Xen for selectors,
>>> and because it is the correct constraints based on the legal instruction
>>> encodings.
>> grep-ing for "%%[defgs]s" reveals:
>> efi_arch_post_exit_boot(), svm_ctxt_switch_to(),
> These are writing multiple selectors in one go, and a register
> constraint is the only sane option.
>> and do_set_segment_base() all use just "r".
> I had missed this one.
>>  This grep has not produced
>> any use of "rm". What are you talking about?
> TRY_LOAD_SEG(), pv_emul_read_descriptor() for both lar and lsl,
> do_double_fault() for another lsl, lldt(), ltr().

TRY_LOAD_SEG() and pv_emul_read_descriptor() don't pass constants
as asm() argument values. do_double_fault()'s use of lsl is indeed
an example matching the pattern here. lldt() and ltr() are generic
inline helpers, so validly allow for both because they should not
make assumptions on what the caller passes. Plus "m" there is okay,
because if the caller passes a constant there will be a named
variable (the function parameter), i.e. the compiler does not need
to instantiate any anonymous one.

> So ok - not everything, but most.
>>> If you want to work around what you perceive to be bugs in compilers
>>> then submit a independent change yourself.
>> I don't perceive this as a bug; perhaps a desirable feature. I also
>> did start my response with "While I don't strictly mind the "m"
>> part ..." - was this not careful enough to indicate I'm not going
>> to insist on the change, but I'd prefer it to be made?
> No, because a maintainer saying "I'd prefer this to be changed" is still
> an instruction to the submitter to make the change.

It was a request to _consider_ dropping the m part, yes. But (see
below) now that you've forced me to re-check (I presume you didn't
check yourself, or else I would expect you would have drawn the same
conclusion as I did), I actually feel stronger about this needing

> But the request is inappropriate.  "Last time I checked, the compiler
> would" presumably means you've checked GCC and not Clang, and therefore
> any conclusions about the behaviour are incomplete.

Not really, no. IIRC I did check the version of clang that I have easy
access to. (For gcc I've just now re-checked with 10.x and 11.x.)

> Unless there is a real concrete compiler bug to work around, "rm" is the
> appropriate constraint to use, all other things being equal.  If the
> complier is merely doing something dumb with the flexibility it has been
> permitted, then fix the compiler and the problem will resolve itself the
> proper way.

I disagree. When an asm() constraint permits multiple kinds of values,
dropping one or more of the alternatives should IMO still yield valid
(perhaps sub-optimal) code (IOW every one of the supplied kinds should
be valid). The issue here is that it is not spelled out clearly
whether something like "m" (0) is actually legal. The error messages,
however, suggest this is intended to be illegal: gcc says "memory
input ... is not directly addressable", whereas clang says "invalid
lvalue in asm input for constraint 'm'".

IOW I do think the one case of LSL in do_double_fault() does need




Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.