[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Intended behavior/usage of SSBD setting
- To: Jan Beulich <jbeulich@xxxxxxxx>
- From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
- Date: Thu, 20 Oct 2022 14:37:45 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UVFDYb/qQDQOUHvmwog2L/8QbdFFGV3QOgAsYVTKyLY=; b=BaV0b3Iy/n5JOtOHrskGa7P25KVhxkOvdu1wEjnOqJFK1cDL0vxpngZ+zfyA32mfCt4SFrXsbivwYTbGtDzunPkoaJecbp3XtPtNN9V4teYR2c2zVqEpqwm24GN+0H3zCIOvxHHBuInsKqaKZEhHaDpwea9ZGRJtV6WFsub1ScF+xwQ95s2WPGzKSekCNjxbZkSR4KRzBR86sQrgfpU2tk802/zTLCJTDzTUiH9ndpsx30YY+oimwQW+NogrtTUhPV9gtQXy5CEPR7QL5im4wr85dXVKtAOahMupZwfsvLIMJUX8npH3BAew3F2UY3OFvrwj9sy8JngySgeePR3iDg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lawLpx0dpbin4ZI2bGqJ0lLCRVakDHjiZdhApLT/EOaUFsoaJeYVC+vBQhS8vkdH1rXVYl3y/eiYCtMVPDNuCmUbcH3Q5ZXVuvjvqtzy2GVX5hjpsH//y0Wz0ImQAE2cozvAlLq1xLEt/jbKkhmB6+d11Wgbo0Pyb6DmvtXsJgMtoZYXhQeVzITTgx+H8R//2XQa0MBwn45mBXrix/51PWmlePvYhgr4n4yfo0MfTnlCL72MfpzW62B4Kdb2r+XDc1Nj3bOQ/0MH3qNITgjdADpNL7WPRBZxhIPJsptgHN+sydrLw7hWV62mMqTKjp2eGk1HLyGuH4wmuWXn3m88fQ==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- Delivery-date: Thu, 20 Oct 2022 12:37:59 +0000
- Ironport-data: A9a23:K+uGNqIodHx0xq1fFE//H55y2zyVRhNe4xP0qkklJ80ptzqEa7yP1Ac8D68u64Nik5vdqf7RNLSqVVbxnmaZA79hCNQ9ovWCc3KLehd7hyqqmtozZah+vgnCfLxk1pnDENKXd20SyO5sKQ3qsLa9Nyz67Hv7YeG6ZJViJv8KTomB/ZYxKw2Vu+FyBBZdDTpI8DkyRp4x2GP44gGYJIIFcZgm3U9PDhdF6LayaeIYoH3ipfOVwwCxaJ3BbWd92jGvqBw+jkxo6xJwVXbgTtA7Y1UYdqJ6lTIu8o5AYbP+boPxBuyb0AjskvM5n9swpyUTQkKv7qDIzLVbJOm1KnwOlaZBf7Ks7MQFQunxcscXWqaWtwSb4HgCVPSevQkZ5UbG0TAFgFf2YApUhnmZdGdI7NMt9G2fVRqiVZzY391CiqmR6hTTp1/SBBplAXfbJNjIvFWehvh99wSne7G3xkU7Urdn1dApkprTNKHnyb6qMzujEtrFL4QLLYQu6cg3lIPUve7zbX09jwL5nc7hntJmM7/feLlTQ4Ud1l6BYNz0okU5GMBbOL6F+QcLg5xnAByCZrlYYf14hiNQ1UTBu0WL0rMcnUUUmIxOWDIw+hCIC2CsG3ofdU5S1dsj/7AMdSZUSV0Dnh5r/jGW/sU46dFh6QCsVe+TypYuNe0xpdHNesr4oqmZNm1feZvVmQu/7Upq74wi3cE23VIyPjEsKU0vVESFot1K662fwvCKFv7CCU51os+gQV1P6JtEHFfEa7e/wjuFu9cemGhlHSGuFq3CPDS5rwgG8/i4Z5mqGCI6uNqs2pDgdnsIJIjC68YO6QgpiaNHDMj1g6ecJhiAWAhv0EHI50YGqyLKguysrnZY47SU6Tzotn0p0N/Qz0uy/fwgbxcYurv7JhT8lYcguJ6v5fNviiSXE2n96ro0bf0m40GDtQ6nw1CDu82YKtjRAd1O67Hh5gr/Ec1Iy1hcyBRmT9kfRcTs5YTNphJJ+YmdpjrqX6GgMjIhUj9A0YetcoBeBC45KaMCxz9e+6POjPzY1OGEQ7bbUeo/gqtSbsCaIDeLk17Lg1wpVt5w5pGIZ57epgsNndqkB+F3fRzQ06xDmssX57O3a/XvwnUK4NkSaIHMEXaDuAgSvTWkylPDCy46SeXqRoYrxtCyfBtNlsZPp3uNXL9QFPnWCfiGOvidN6cMgVezwNdiwgrR23F9q8YgmZCHYzQ6JO7UOmpnnFtb9NxuS1QR+lG8Bg7SV9eDizqCqiO5qzfm2Y5dARM7l2UIzQVKfjUfLkEbC18Zm8piMZT33OzO3IoNqiD/BtMmR9XZGL8TKLqQm527fJUMFcEWXVywegAGpfwfdxz+h8DBn119iXVyjIdWaB+5JSjO9gYNNhA8EpyXehv72+2Vt9fREqeQPbS3n/U6im2Gi8A00tno8Yne2JCdTI9oVvtBcWg+YlhRTf9l2v/u3vmCZuTQD2Vq2Fbo49ooUlyBkB9NNDwQd9DFK97isiIMpmGdH1NoDHlLiwbJIW7GvwCIuyiMfKIb6IdZYXRGAZ5XNcc2O2+FQyBipON2iduYa/MvJkWjy6lGIX4+KaQucDWebCXGxgEBhMT9U+B1kdG7ittbl8aA3qbg5BwaigYSnDldYy/9A1sBQrGXhKuQXuB+SITIiySg484dBPrTcAMBRC2mHmgbiM3dT9oB98vgaX9NUIvmoRr5xmnqt1IFWuK/sVT8VWE17cQ3EM5D6H1mXc3R8SpK3GNBWYdfapPj7kHYapNvtyKVI/ePe7aVV2NglwctixSW4Ey07d1Gcc81ljmuY+VQ55BI0RqSwWCHhox4vN57VX/O/m0VslVxXUpAFji9Szos9j5xgbLLNl0eHR/68nPH60R5v2uCZlQ/vziSjuxHUx7eqV8K7NEMYFaAGDNW5BPZ6IH43R2znXsywLNXO+UMsgq+/+ryq3s2BfS3vbkdvtmd2KlNpYl8I7vfU6s3Kl5ozN4dU3miJRBCH1YAj8lBDejKt64qZTv3a5bh8qhzbLt1RdnOo6Hj2T7KtcM57NoBZBcHAuiem7bAV0ENu5iASwY5xtl0/nc58y7VriO8MaKOfNB4y2p49havxGtdeUtEmX7uNoocJduMSORyL8k8XOIoVs76b+TjRyWEoficyKMdN4JmMz1ip/f/h34UhLc9Wx28ilIvsCwX2yz+P5OqSe+SEDtsumXPxzzjomPvIp/m+ZzIBAyZxvRW4S4gMcA7edTqOz6AJ+XBKUsSSMprRoSFAMuVV5G9kCg/Vm3cV0H7IUdM2GQu4Bp96tfahqx7F8tPDPLu5xeGPEueEx/xl9nK6js=
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Thu, Oct 20, 2022 at 01:22:20PM +0200, Jan Beulich wrote:
> On 20.10.2022 13:01, Roger Pau Monné wrote:
> > Hello,
> >
> > As part of some follow up improvements to my VIRT_SPEC_CTRL series we
> > have been discussing what the usage of SSBD should be for the
> > hypervisor itself. There's currently a `spec-ctrl=ssbd` option [0],
> > that has an out of date description, as now SSBD is always offered to
> > guests on AMD hardware, either using SPEC_CTRL or VIRT_SPEC_CTRL.
> >
> > It has been pointed out by Andrew that toggling SSBD on AMD using
> > VIRT_SPEC_CTRL or the non-architectural way (MSR_AMD64_LS_CFG) can
> > have a high impact on performance, and hence switching it on every
> > guest <-> hypervisor context switch is likely a very high
> > performance penalty.
> >
> > It's been suggested that it could be more appropriate to run Xen with
> > the guest SSBD selection on those systems, however that clashes with
> > the current intent of the `spec-ctrl=ssbd` option.
> >
> > I hope I have captured the expressed opinions correctly in the text
> > above.
> >
> > I see two ways to solve this:
> >
> > * Keep the current logic for switching SSBD on guest <-> hypervisor
> > context switch, but only use it if `spec-ctrl=ssbd` is set on the
> > command line.
> >
> > * Remove the logic for switching SSBD on guest <-> hypervisor context
> > switch, ignore setting of `spec-ctrl=ssbd` on those systems and run
> > hypervisor code with the guest selection of SSBD.
>
> * Give the guest the illusion of controlling the behavior, but run with
> SSBD always enabled when "spec-ctrl=ssbd" is in effect.
Right, I've also thought about this option but forgot to add it to the
list. That would limit to only allowing enabling ssbd for the
hypervisor code, but not explicitly disabling it, ie:
`spec-ctrl=no-ssbd` won't be a valid option.
> * Give the guest the illusion of controlling the behavior when
> "spec-ctrl=ssbd" is in effect, running with the OR of guest and host
> settings (switched, if necessary, as vCPU-s are context-switched).
Right, this could somehow reduce the number of toggling, but would
still require having code to handle guest <-> hypervisor context
switches.
Thanks, Roger.
|