Xen project Mailing List

Re: [PATCH v2] x86/PoD: defer nested P2M flushes

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Wed, 20 Oct 2021 09:52:29 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Tmuztz6vwa+9JX2I2mZx5cXZbfajbLXBNtVQbjZ2Gw8=; b=YguayAXQHtRIgLwMC5a6tELvO1OgM80hoBZpk+s7/3OLz8tQq03CIUtCGPhKrrCqb87kMYH3AHlL+KmGZaoK5vaJ5CnflADsa1WkjJFoN0TSA6QoSddMlVP0nF6ev+Jr+iLu4Fi9ZT3fnvt12UM2dp/d+/53B/AQ73H6i4UY9kJJ5krat3m+en384+gIUQMPclQMCaLPx8z9jy925ZbUHceMlpvoE2lvJnjtskamDDoN2lNUe0jHpHknWXTlFxRbKkUP9KBzFjw0gXWOQPpI4KGSOs7mxAA5FFRwgO68iqOcJErFKone3IrQ2mpi/xlXOTU5H6rRbF0NC+JJFFdS2w==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=metJU38H6LbblKo8hSycTJ6dpfxeuJAFuLO8AOdpeanQbOaVJmOWlxk7E/UBR+bh5VcJd1IcFrSLWrkgr+Yv4vOif5Mp38aDKZQkDEdd+UDDPVJOuc+tkVeriG+GJN2nsgdNJYjN0O/B0PbOm7Tq1F8FwDHw9F4ywrONmU/ifUcuSMUjaRim8Q/Ef/sKU9zVdvOn5YuNG3am0NXkj1iU3e3AZf76JTxAFLBJq12voBqj8UdRiWX6LJOnCXmzgaGoa5OP5VjRS7/QazQvKTVXLEy6CYQTrH9IHIvFiGnK2dWHHuhHEmcpfqO9CPxpe1yXojLOYoqnLoc/XY+NFccNFg==

Authentication-results: esa5.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "Andrew Cooper" <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>

Delivery-date: Wed, 20 Oct 2021 07:52:55 +0000

Ironport-data: A9a23:SiBdzK3UXm076eGxIvbD5T52kn2cJEfYwER7XKvMYLTBsI5bpzMPy mMcUWjQPa3fMzbxf9xzOYy2p0IFsZDcyt5gHQNvpC1hF35El5HIVI+TRqvS04J+DSFhoGZPt Zh2hgzodZhsJpPkS5PE3oHJ9RGQ74nRLlbHILOCan8ZqTNMEn970Es7wbZh2+aEvPDia++zk YKqyyHgEAfNNw5cagr4PIra9XuDFNyr0N8plgRWicJj5TcypFFMZH4rHomjLmOQf2VhNrXSq 9Avbl2O1jixEx8FUrtJm1tgG6EAaua60QOm0hK6V0U+6/TrS+NbPqsTbZIhhUlrZzqhpex98 tFB9rWMVxoGGJfMldkEaxhjDHQrVUFG0OevzXmXtMWSywvNcmf2wuUoB0YzVWEa0r8pWycUr 6VecW1TKEDY7w616OvTpu1EnMMsIdOtJIoCknph0SvYHbAtRpWrr6DiuIIBgmZu25km8fD2X ekrSBVufCr7Rz51HQsOMtVhmLi3ryyqG9FfgA3M/vdmi4TJ9yRy3absNpzJe9WMbcRTgkuc4 GnB+gzREhwccdCS1zeB2natnfPU2zP2XpoIE7+1/eIsh0ecrkQRAhALUVqwodGil1WzHdlYL iQpFjEG9PZoshbxF5+kAkP+8CXsUgMgt8R4KdE20gWBiYPo/Ru2IFIEQwNYUN0dq5pjLdA17 WOhk9TsDD1plbSaT3OB67uZxQ+P1TgpwXwqPnBcE1NUizX3iMRq1EiXF4c8eEKgpoStQWmY/ tyckMQpa1z/Z+Yw3KKn4UuPvTuoopXYJuLezlSKBjz7hu+ViYjMWmBJ1bQ5xaofRGp6ZgPY1 JThpyR4xLpSZX1qvHfVKNjh5Jnzu5643MT02DaD5aUJ+TW34GKEdotN+jx4L0oBGp9aImO3P h6L418JvcY70J6WgUlfOd7Z5yMClvCIKDgYfqqMMoomjmZZJWdrAx2ClWbPhjuwwSDAYIk0O IuBcNbEMJrpIf8P8dZCfM9EieVD7nlnnQv7HMmnpzz6gev2TCPEEt8tbQrRBt3VGYvZ+W05B f4EbJDUo/ieOcWjChTqHXk7dw5adiZlWMiq8aS6tIere2JbJY3oMNeIqZsJcI15haVF0ODO+ 3C2QEhDz1Tjw3bALG23hrpLM9sDhL5z8iA2OzICJ1Gt1yRxaIqj9v5HJZA2YaMm5KpoyvstF 6sJfMCJA/JuTDXb+mtCMcmh/dI6LBn71xiTOyeFYSQke8IyTQL+5dK5LBDk8zMDD3TruJJm8 aGgzA7SXbEKWx9mUJTNcPuqwl7o5Sodlet+UlHmON5WfEmwooFmJzao1q08It0WKAWFzTyfj l7EDRAdrOjLgok07NiW2vzU89b3S7NzRxMIEXPa4LC6MTjh0lCimYIQAvyVeT39VX/v/Pnwb +ti0PyhYuYMm0xHstQgHu8zn74+/dbmu5RT0h9gQCfQd12uB75tfiuG0M1IuvEfz7NVo1LrC EeG+90cMrSVIsL1VlUWIVN9POiE0PgVnBjU7Og0fxqmtHMmouLfXBUAJQSIhQxcMKBxYdEsz uoWscIL7xCy10gxOdGcgyEIr2mBIxTsiUn8Wk321GMztjcW9w==

Ironport-hdrordr: A9a23:znox0632bcw8ESG7dXVL8AqjBThyeYIsimQD101hICG9Lfb3qy n+ppsmPEHP5Ar5OEtBpTiBUJPwJ0800aQFnLX5Wo3SIDUO2VHYVr2KiLGC/9SOIVyaygcw79 YFT0E6MqyOMbEYt7eL3ODbKadZ/DDvysnB7o2yvhQdL3AYV0gj1XYDNu/yKDwGeOAsP+tBKH Pz3Lshm9L2Ek5nEPhTS0N1ENQq4Lbw5eXbSC9DIyRixBiFjDuu5rK/Ox+E3i0GWzcK5bs562 DKnyHw+63m6piAu17h/l6Wy64TtMrqy9NFCsDJos8JKg/0ggLtQIh6QbWNsB08venqwlc3l9 vnpQsmIq1Imj3sV1DwhSGo9xjr0T4o5XOn4ViEgUH7qci8fz4+A9opv/MSTjLpr24b+P1s2q NC2GyU87BNCwnboSj779/UEzl3i0uduxMZ4Kwupk0adbFbRK5arIQZ8k8QOowHBjjG5IcuF/ QrJN3A5cxRbUiRYxnizypSKeSXLzAO9yq9Mw8/UpT/6UkRoJk59TpZ+CUnpAZEyHpnIKM0vt gtMcxT5fpzp4EtHPpA7Epoe7rANoX3e2O4DIulGyWuKEg2AQO+l3fJ2sRA2AiLQu1E8HJgou WMbLtn3VRCMn4GT/f+h6F2zg==

Ironport-sdr: 70aFUX49wuSpgjubCYB8O4odPLu1pPmzwO/83ESWJg/KE0RMyKRmShbuhrdlz1XQW0Dptp78RQ b2nWUIwrheCRQ3cYlPLy240ikhlkwnFz+TRMSNsfuzu1p81fCUzxg/XMuTyqWT8xYuIDWLUhWw crLMz7kYAS5R367uno2inlB7X3g8UqoCXs868Ut1OfH7JXDaqCV5SMsSwRcks/72IVZsvrszCi XMLpBSC0mTYhzbbaZ9UruL6SX6xkxAd7PthziVS8L6hmwlKvglZ/HNiqTAcLRCtaliO+IUzgIA u1HK30OBRlzhL2BPbGwO443I

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Tue, Oct 19, 2021 at 05:06:27PM +0200, Jan Beulich wrote: > On 19.10.2021 15:53, Roger Pau Monné wrote: > > On Tue, Oct 19, 2021 at 02:52:27PM +0200, Jan Beulich wrote: > >> With NPT or shadow in use, the p2m_set_entry() -> p2m_pt_set_entry() -> > >> write_p2m_entry() -> p2m_flush_nestedp2m() call sequence triggers a lock > >> order violation when the PoD lock is held around it. Hence such flushing > >> needs to be deferred. Steal the approach from p2m_change_type_range(). > >> (Note that strictly speaking the change at the out_of_memory label is > >> not needed, as the domain gets crashed there anyway. The change is being > >> made nevertheless to avoid setting up a trap from someone meaning to > >> deal with that case better than by domain_crash().) > >> > >> Similarly for EPT I think ept_set_entry() -> ept_sync_domain() -> > >> ept_sync_domain_prepare() -> p2m_flush_nestedp2m() is affected. Make its > >> p2m_flush_nestedp2m() invocation conditional. Note that this then also > >> alters behavior of p2m_change_type_range() on EPT, deferring the nested > >> flushes there as well. I think this should have been that way from the > >> introduction of the flag. > >> > >> Reported-by: Elliott Mitchell <ehem+xen@xxxxxxx> > >> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> > > > > Acked-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> > > Thanks. > > >> --- a/xen/arch/x86/mm/p2m-ept.c > >> +++ b/xen/arch/x86/mm/p2m-ept.c > >> @@ -1253,7 +1253,7 @@ static void ept_sync_domain_prepare(stru > >> { > >> if ( p2m_is_nestedp2m(p2m) ) > >> ept = &p2m_get_hostp2m(d)->ept; > >> - else > >> + else if ( !p2m->defer_nested_flush ) > >> p2m_flush_nestedp2m(d); > > > > I find this model slightly concerning, as we don't actually notify the > > caller that a nested flush as been deferred, so we must make sure that > > whoever sets defer_nested_flush also performs a flush unconditionally > > when clearing the flag. > > Well, this _is_ the model used for now. Until this change there was > just a single party setting the flag. And like here, any new party > setting the flag will also need to invoke a flush upon clearing it. > It's not clear to me what alternative model you may have in mind. I was mostly thinking of something similar to the defer_flush/need_flush pair, where the need for a flush is signaled in need_flush, so setting defer_flush doesn't automatically imply a flush when clearing it. Anyway, this is simple enough that it doesn't warrant the use of the more complicated logic. Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.