[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-4.17 v3 1/2] amd/virt_ssbd: set SSBD at vCPU context switch

  • To: Roger Pau Monne <roger.pau@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Fri, 4 Nov 2022 09:10:21 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2IEdaHYMGuJODnXkwERiUpE0qdQq3pZlyBELl1ZOlCw=; b=BSvFnJ7Q0bsVIo2uzaf+s60nFhh5iyneIUS18CBBHxMRgqiZkZV6APfQmzOaXXUhmOBlwPq8O1H3j7LrkBfAOJzpRomxw2VAALq9yRjHQtdjQJdUWzhiN3OC5eV0HNuf+MP6gLbNNYLR6cP5ViIOjN7LFOzQ2Vr+ecPpdIzucCOinx97UUAJZmdItmv/YLF6tvHrOk0d4DXnOncEcQ3z5fvjAGxEGpI0EZh0s6ZHrhxAhT8L3pCZtfbZaT5FWDZrd6o03h6ZC9XneR60M3YIWuD+GJrFms5Q52PDQ/Qe3S21xPUGGxpjOnNU7pmpXewdE0Ihn82Hz01db/4u7qIsIw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=T7kJofI5h4Xc8ljf1gfOsuwFTuu0oB4KHYRwRVA7huJQj7Z3uut1cOCalTLbJxuhxvZXny3CspNY/2n7x6XCDZd/zM5cVhp/KyWJ0WbDKaROKNqA1swY8/UbZ1EGNEFNVWVT78GTq+gx9ZFBrVf0kcboy5cs4j2jvxOqiZnheSDx3g+CPsCFad61SyMmzycmn8Rjgv7+ADo1Wv7gCRa4KaBvr0lQmStrMEjuH26+JDXoIBHRgl/gFRzsAL5dyQJRYpHCXSjAxsKYxA/jD87ErD9OPtRJD1N/hdbCZRRJq6XHHZ6hGpVcBv44zWSpXrjkrNWzoLbaBTJUEdJ0pKFizQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Henry.Wang@xxxxxxx, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Fri, 04 Nov 2022 08:10:42 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 03.11.2022 18:02, Roger Pau Monne wrote:
> The current logic for AMD SSBD context switches it on every
> vm{entry,exit} if the Xen and guest selections don't match.  This is
> expensive when not using SPEC_CTRL, and hence should be avoided as
> much as possible.
> 
> When SSBD is not being set from SPEC_CTRL on AMD don't context switch
> at vm{entry,exit} and instead only context switch SSBD when switching
> vCPUs.  This has the side effect of running Xen code with the guest
> selection of SSBD, the documentation is updated to note this behavior.
> Also note that then when `ssbd` is selected on the command line guest
> SSBD selection will not have an effect, and the hypervisor will run
> with SSBD unconditionally enabled when not using SPEC_CTRL itself.
> 
> This fixes an issue with running C code in a GIF=0 region, that's
> problematic when using UBSAN or other instrumentation techniques.
> 
> As a result of no longer running the code to set SSBD in a GIF=0
> region the locking of amd_set_legacy_ssbd() can be done using normal
> spinlocks, and some more checks can be added to assure it works as
> intended.
> 
> Finally it's also worth noticing that since the guest SSBD selection
> is no longer set on vmentry the VIRT_SPEC_MSR handling needs to
> propagate the value to the hardware as part of handling the wrmsr.
> 
> Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
with one further remark:

> --- a/xen/arch/x86/hvm/svm/svm.c
> +++ b/xen/arch/x86/hvm/svm/svm.c
> @@ -973,6 +973,16 @@ static void cf_check svm_ctxt_switch_from(struct vcpu *v)
>  
>      /* Resume use of ISTs now that the host TR is reinstated. */
>      enable_each_ist(idt_tables[cpu]);
> +
> +    /*
> +     * Clear previous guest selection of SSBD if set.  Note that 
> SPEC_CTRL.SSBD
> +     * is already cleared by svm_vmexit_spec_ctrl.
> +     */
> +    if ( v->arch.msrs->virt_spec_ctrl.raw & SPEC_CTRL_SSBD )
> +    {
> +        ASSERT(v->domain->arch.cpuid->extd.virt_ssbd);
> +        amd_set_ssbd(false);
> +    }
>  }

Is "cleared" in the comment correct when "spec-ctrl=ssbd"? I think "suitably
set" or "cleared/set" or some such would be wanted. This could certainly be
adjusted while committing (if you agree), but I will want to give Andrew some
time anyway before putting it in, to avoid there again being objections after
a change in this area has gone in.

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.