Xen project Mailing List

Re: [PATCH] x86/PoD: defer nested P2M flushes

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Tue, 19 Oct 2021 15:36:40 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=shBDUF1Q0fRE3w3kAyOSmzIwuNo/dbJ/o4qvHIkdAdM=; b=YYjA/gykpjRdE7CVshHWJ0BW/NBTjIxJMcAfYSy+pxuTqIw/fD+CgW52vbw9/7sdyYSWfANL3RH8/+DwGUFzbAQ+ywMEVJ3jY2Kyo2TZMXkl00ayUvAqimMxVNngHYfvXbKATIlchtjaRoYII16MA9XZwZGH5CIEpHzgx8UDbfJxbnPtwU1cgAT6A4LIoAHMtUFOeaA9xuC06NFRWYfC90uxUau67+6fTpqNUl60DvdF+NsM9l3q0zqOBMRb7JQz5esWE2rvz05aciEIxoOoZw0qdFTJyWOWjdIQn8w638T+EkY/GKEsIabnKad7jGdn7QZNNgoFvLgcrPG7K9sd7g==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JdsSVBoS5wso/T9dNKVLyFbBynpbHwZPMF1VBtY8wP9g7jTHPBJNEwu4d3UNt8vV4Ru+NCxcdxynUkm5X8/uHsk//RUPu4Doh42Lhm/0ccP4sgk2pa8bcltmaIBsWfXt6klbTd1DOseEu151DPeLIkyb+JbR/ie/DbBoE2S0RVDljGL0f2oc7V+hIbFBEQ4JOupzQQ9ZK4a814y6YFrxtNSKQRXRwtEw3PTrLypJpJl++XhRnaQl/Bc4rVK/2Xe+LVLegv0lc1p+7zWs23SiL35AX5qflgaaijDDlk5u8UVJ4lhuapqahTsm3IS4NKT0OPAUKsqMgYD4VfFsVzGfyw==

Authentication-results: esa5.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>

Delivery-date: Tue, 19 Oct 2021 13:37:11 +0000

Ironport-data: A9a23:1kWuCqjRN6zbSXlIy2r1jmlNX161tBcKZh0ujC45NGQN5FlHY01je htvUW+COPqMZmT8LY9ya97g8RsPu5HdxtRkSlRr/i5gEygb9cadCdqndUqhZCn6wu8v7a5EA 2fyTvGacajYm1eF/k/F3oAMKRCQ7InQLlbGILes1htZGEk0F0/NtTo5w7Rg29Yx0IDia++wk YiaT/P3aQfNNwFcagr424rbwP+4lK2v0N+wlgVWicFj5DcypVFMZH4sDfjZw0/DaptVBoaHq 9Prl9lVyI97EyAFUbtJmp6jGqEDryW70QKm0hK6UID66vROS7BbPg/W+5PwZG8O4whlkeydx /1JsqK5GAULA5Tc29QQXT9VLWZ6LaFZreqvzXiX6aR/zmXDenrohf5vEFs3LcsT/eMf7WNmr KJCbmpXN1ba2rzwkOnTpupE36zPKOHxO4wSoDd4xCzxBvc6W5HTBa7N4Le02R9t25gfTayBP KL1bxJONhDcPB9NP25QDZ0MxOm5v0PAdgRh/Qf9Sa0fvDGIkV0ZPKLWGMrYfJmGSNtYmm6cp 3na5CLpDxcCLtudxDGZtHW2iYfnnyn2RYYTH72Q7eNxjRuYwWl7NfENfQLl+7/j0Bf4Ao8Bb RxPksYzkUQs3EiscNCsXT+FmW7HjhMSfdduVOkq5B7Yn8I4/D2lLmQDSzdAbvkvu8k3WSEm2 ze1oj/5OdB8mObKESzFp994uRv3YHJPdTZTOkfoWCNcu4G7yLzfmC4jWTqK/ESdtdbyBS3ri w6DqCwzlt3/ZuZaiv3lozgrb9+qz6UlrzLZBC2LAQpJDSsjPeZJgrBED3CBvZ6sy67CFjG8U IAswZT20Qz3JcjleNaxaOsMBqq1wP2OLSfRh1Vid7F4qW/xpi75I9gKvmguTKuMDiriUWW5C KM0kVgJjKK/wVPwNfMnC25PI5VCIVfc+STNCamPM4smjmlZfw6b5iB+DXN8LEi2+HXAZZoXY M/BGe71VC5yIf0+kFKeGrdMuZd2l3tW7T6CGvjGI+GPjOP2iIi9EuxebjNjr4kRscu5neki2 4YGZpXbm0sFDoUToED/qOYuELzDFlBibbjeoM1LbO+TZA1gHWAqEfjKxr09PYdimsxoei3gr hlRg2dUlwjyg2PpMwKPZiwxYb/jR88n/3k6ITYtLRCj3H16OdSj66IWdp0We7g79bM8ka4oH qddI8jQUO5STjnn+igGacWvpoJVaxn21xmFODCoYWZjcsc4FRDJ4NLtYiDm6DIKUnisrcI7r rD5jlHbTJMPSh5MFsHTbP7znVq9sWJEwLB5XlfSI8kVc0LpqdA4Jyv0h/4xAscNNRScmWfKi 1fIWU8V/LCfrZU0/d/FgbG/g72oS+YuTFBHG2T77KqtMXWI9GSU3oIdAv2DeirQVT2o9fz6N /lV1fz1LNYOgE1O79hnC79uwK8zu4nvqrtdwlg2FXnHdQ32WLZpI33A1shTrKxdgLRevFLuC E6I/9BbP5SPOd/kTwFNdFZ0MLzb2KFGgCTW4NQ0PF7+tX1+87ewWElPOwWB1X5GJ7xvPYJ5m eostab6MeBkZsbG5jpesh1pyg==

Ironport-hdrordr: A9a23:1iVk5apSNcsAjqDKjmDfeb4aV5u6L9V00zEX/kB9WHVpm5Oj+P xGzc526farslsssREb+OxpOMG7MBThHLpOkPMs1NCZLXTbUQqTXfpfBO7ZrQEIdBeOlNK1uZ 0QFpSWTeeAcWSS7vyKkTVQcexQueVvmZrA7Yy1rwYPPHFXguNbnn9E426gYzNLrWJ9dPwE/f Snl656T23KQwVpUi33PAhJY8Hz4/nw0L72ax8PABAqrCGIkDOT8bb/VzyVxA0XXT9jyaortT GtqX232oyT99WAjjPM3W7a6Jpb3PPn19t4HcSJzuwYMC/lhAqEbJloH5eCoDc2iuey70tCqq iBnz4Qe+BIr1/BdGC8phXgnyHmzTYV8nfnjWSVhHPyyPaJDA4SOo5kv8Z0YxHZ400vsJVXy6 RQxV+UsJJREFfpgDn9z8KgbWArqmOE5V4Z1cIDhX1WVoUTLJVLq5YEwU9TGJAcWArn9YEcFv V0Bs203ocWTbqjVQGagoBT+q3oYpxqdS32BnTq+/blnQS+pUoJjHfxn6ck7zA9HJFUcegM2w 2LCNUvqFniJvVmGZ6VP91xM/dfPFa9Ny4kAFjiUmgPK5t3Tk4li6SHq4ndt9vaMqDh8vMJ6e P8uRVjxDcPR34=

Ironport-sdr: iubRhWCFGQinj0SChZ/HK6Dssrt5/Q4i5GUy9qaXjrX955Tg7Tobt+TFTTRzLw/MpT0QgdiYq2 GQ2qTYrIWSN6/A24HUSnRyLsf6IxQGsYPlfXkp6aks0jJrJX35YIXpUwL3PP3Djy1CByXQ9tH8 JA2s8fcqqNH8F25Q3jM4MGqKhNfTABowesNoLNZJjt2L6cR8UfWLh7tqgjdt7hPUx0CvYJQqAs HdHYK7sc6Q2Y/uwq5r+Dl9Ym1OLskn7iL8uKZNvRtSjJrzuvoCEOsgyUB0fUqT3Dv6Rdec6Ro2 2rFqgtYmOdsZm0Te7RCwFlA9

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Tue, Oct 19, 2021 at 03:14:25PM +0200, Jan Beulich wrote: > On 19.10.2021 14:59, Roger Pau Monné wrote: > > On Tue, Oct 19, 2021 at 01:58:38PM +0200, Jan Beulich wrote: > >> On 19.10.2021 12:41, Roger Pau Monné wrote: > >>> On Mon, Oct 11, 2021 at 10:17:08AM +0200, Jan Beulich wrote: > >>>> With NPT or shadow in use, the p2m_set_entry() -> p2m_pt_set_entry() -> > >>>> write_p2m_entry() -> p2m_flush_nestedp2m() call sequence triggers a lock > >>>> order violation when the PoD lock is held around it. Hence such flushing > >>>> needs to be deferred. Steal the approach from p2m_change_type_range(). > >>>> > >>>> Similarly for EPT I think ept_set_entry() -> ept_sync_domain() -> > >>>> ept_sync_domain_prepare() -> p2m_flush_nestedp2m() is affected. > >>> > >>> I'm slightly worried by this path because it doesn't seem to > >>> acknowledge defer_nested_flush. > >> > >> Oh, yes. Iirc I did look at that logic, write down the remark, and > >> then forgot to add the conditional to ept_sync_domain_prepare(). > >> The interactions with the real (host) flush are kind of ugly there, > >> though - we then further depend on the ->defer_flush / ->need_flush > >> logic, which is EPT-only. But I think I've convinced myself that > >> this ought to work out. > >> > >>> Maybe the flag should be checked by > >>> p2m_flush_nestedp2m instead of leaving it to the callers? > >> > >> I'm not sure this would be a good idea, as there are more callers. > > > > We should maybe add an ASSERT to p2m_flush_nestedp2m to make sure it's > > not called with defer_nested_flush being set then, or else it's > > possible for new callers of p2m_flush_nestedp2m to forget checking > > defer_nested_flush. > > I'm afraid we can't do that, or at least not this easily: The flag > assumes the p2m lock to be held when it gets set. Hence callers not > holding the lock (hvm_set_efer(), nvmx_handle_invept()) may trigger > such an assert just because another CPU set the flag. Hm, indeed. Forcing those to take the p2m lock might be too much overhead for the sake of correctness. Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.