[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH for-4.17 v3 1/2] amd/virt_ssbd: set SSBD at vCPU context switch
- To: Jan Beulich <jbeulich@xxxxxxxx>
- From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
- Date: Fri, 4 Nov 2022 11:37:16 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zL6bfq7sT17nr7T0dMsMrmMaNYnURrVH0GqNGeAZC+w=; b=PO+3gdhIFrV1ezTMELzRMCCMK0BUyau1Ew7sQrn/o45JCT1YFLdnlyL3/edlixpL9fx92r8fHucPc3UUsYXzdiv50O0a6r4rB6MPX1s8D5oEZxOYAPa3pExC/Dwz9gAzPMIQPmtv4QLToC0Zw4H18DZgo0Lmp6UWjuCpl1TxNzimc3a3zZqjp8O5OZgFijM9uk5cuISwGZs/K4lu4SCRPVEekk0cgzF+HtPr79xVJUSb2E22FMoY2Gcrrelg4fsq3X4wSqBVNfJL80eUmkXoctdGMdqvu5kKjCO56cj8UGx4qR5+gSXFbtCruhqpQf1U7Z37PiEWq51ZU0hrlDBmuw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lSw3YaqHp2ySgxfjGXeOCkknR0efhCLPF0dtMe51sNq52LU/2co5WCodCcq3sGteDTsF/Ur/QY8VclXEX2iQG6ffbVy31TGsWGsmoCOEbzF6WjnXdbuHyf8qhsennHUxzJMCDosi347t3lvNfJMs1vf1CuyGhBav33NpJrFAByowjSOXCbApG1SOLUUVHIJyX4EqA4BPJKhjvj12klXkIBlNAI8P4PJp2SEDN1ryMNVwHugy+iISZlMf/Iz6xv1LomO3QGwkz7Rx2Xntq6Qglbz/rABiOO/AJUDQYC38T+UVcLr4/pg/uLhiWr+FxwEsHLHLy12NP2D3bU5K9Uet2g==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Henry.Wang@xxxxxxx, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- Delivery-date: Fri, 04 Nov 2022 10:37:34 +0000
- Ironport-data: A9a23:d/PTvqkzpjAVDI3OU6wMn93o5gxaJ0RdPkR7XQ2eYbSJt1+Wr1Gzt xJOXW3QPfaLNjCnedB+PY/loEwAuJ/cnd82TQM4rCAwEiMWpZLJC+rCIxarNUt+DCFhoGFPt JxCN4aafKjYaleG+39B55C49SEUOZmgH+a6U6icf3grHmeIcQ954Tp7gek1n4V0ttawBgKJq LvartbWfVSowFaYCEpNg064gE4p7aqaVA8w5ARkP6kS5AOGzRH5MbpETU2PByqgKmVrNrbSq 9brlNmR4m7f9hExPdKp+p6TnpoiG+O60aCm0xK6aoD66vRwjnVaPpUTbZLwXXx/mTSR9+2d/ f0W3XCGpaXFCYWX8AgVe0Ew/yiTpsSq8pefSZS0mZT7I0Er7xIAahihZa07FdRwxwp5PY1B3 adFBz0uZBOfveS/+5y1dbZ0uPxyc9a+aevzulk4pd3YJdAPZMmaBonvu5pf1jp2gd1SF/HDY cZfcSBocBnLfxxIPBEQFY46m+CrwHL4dlW0qnrM/fZxvzeVkVM3iee2WDbWUoXiqcF9hEGXq 3iA523kKhobKMae2XyO9XfEaurnzX+iCN9NSuXQGvhCiRqLm3ZDB0wsdWDi8Nyzply9SdZfA hlBksYphe1onKCxdfH/VRClpH+PvjYHRsFdVeY97Wml6qfS+RffOWECQRZIctlgv8gzLRQoy 1uIktXBFTFp9rqPRhq17ayIpDm/PSwUK24qZiIeSwYBpd75r+kbkRbnXttlVqmvgbXdCTz2h jyHsiU6r7ESltIQkbW2+0jdhDChrYSPSRQ6jjg7RUqg5wJ9IYKgOYqh7AGC6e4addnCCF6co HIDhs6SqvgUCo2AnzCMR+NLG6y14/GCM3vXhlsH84QdyglBMkWLJeh4iAyS7m8wWirYUVcFu HPuhD4=
- Ironport-hdrordr: A9a23:nuV3e6Pd89oJ4MBcT1r155DYdb4zR+YMi2TDiHoddfUFSKalfp 6V98jztSWatN/eYgBEpTmlAtj5fZq6z+8P3WBxB8baYOCCggeVxe5ZjbcKrweQeBEWs9Qtr5 uIEJIOd+EYb2IK6voSiTPQe7hA/DDEytHPuQ639QYQcegAUdAF0+4WMHf4LqUgLzM2eKbRWa DskPZvln6FQzA6f867Dn4KU6zqoMDKrovvZVojCwQ84AeDoDu04PqieiLolis2Yndq+/MP4G LFmwv26uGKtOy68AbV0yv2445NkNXs59NfDIini9QTKB/rlgG0Db4REoGqjXQQmqWC+VwqmN 7Dr1MJONly0WrYeiWPrR7ky2DboUMTwk6n7WXdrWrooMT/Sj5/IdFGn5hlfhzQ7FdllM1g0Y pQtljp+6Z/PFflpmDQ9tLIXxZlmg6funw5i9MeiHRZTM83dKJRl4oC50lYea1wUR4S0LpXXt WGMfuspcq/KTihHjDkVyhUsZaRt00Ib1i7qhNogL3X79BU9EoJvXfwivZv3Evoz6hNO6Ws19 60TJiAq4s+P/P+TZgNcNvpEvHHfVDlcFbrDF+4B2jBOeUuB0/twqSHk4ndotvaM6A18A==
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Fri, Nov 04, 2022 at 09:10:21AM +0100, Jan Beulich wrote:
> On 03.11.2022 18:02, Roger Pau Monne wrote:
> > The current logic for AMD SSBD context switches it on every
> > vm{entry,exit} if the Xen and guest selections don't match. This is
> > expensive when not using SPEC_CTRL, and hence should be avoided as
> > much as possible.
> >
> > When SSBD is not being set from SPEC_CTRL on AMD don't context switch
> > at vm{entry,exit} and instead only context switch SSBD when switching
> > vCPUs. This has the side effect of running Xen code with the guest
> > selection of SSBD, the documentation is updated to note this behavior.
> > Also note that then when `ssbd` is selected on the command line guest
> > SSBD selection will not have an effect, and the hypervisor will run
> > with SSBD unconditionally enabled when not using SPEC_CTRL itself.
> >
> > This fixes an issue with running C code in a GIF=0 region, that's
> > problematic when using UBSAN or other instrumentation techniques.
> >
> > As a result of no longer running the code to set SSBD in a GIF=0
> > region the locking of amd_set_legacy_ssbd() can be done using normal
> > spinlocks, and some more checks can be added to assure it works as
> > intended.
> >
> > Finally it's also worth noticing that since the guest SSBD selection
> > is no longer set on vmentry the VIRT_SPEC_MSR handling needs to
> > propagate the value to the hardware as part of handling the wrmsr.
> >
> > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
>
> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
> with one further remark:
>
> > --- a/xen/arch/x86/hvm/svm/svm.c
> > +++ b/xen/arch/x86/hvm/svm/svm.c
> > @@ -973,6 +973,16 @@ static void cf_check svm_ctxt_switch_from(struct vcpu
> > *v)
> >
> > /* Resume use of ISTs now that the host TR is reinstated. */
> > enable_each_ist(idt_tables[cpu]);
> > +
> > + /*
> > + * Clear previous guest selection of SSBD if set. Note that
> > SPEC_CTRL.SSBD
> > + * is already cleared by svm_vmexit_spec_ctrl.
> > + */
> > + if ( v->arch.msrs->virt_spec_ctrl.raw & SPEC_CTRL_SSBD )
> > + {
> > + ASSERT(v->domain->arch.cpuid->extd.virt_ssbd);
> > + amd_set_ssbd(false);
> > + }
> > }
>
> Is "cleared" in the comment correct when "spec-ctrl=ssbd"? I think "suitably
> set" or "cleared/set" or some such would be wanted. This could certainly be
> adjusted while committing (if you agree), but I will want to give Andrew some
> time anyway before putting it in, to avoid there again being objections after
> a change in this area has gone in.
Hm, indeed, maybe "already handled" to avoid getting into the
set/clear nomenclature.
Thanks, Roger.
|
