[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Xen vs Trenchboot: TXT AP bringup

To: Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
From: Ross Philipson <ross.philipson@xxxxxxxxxx>
Date: Mon, 7 Nov 2022 13:54:19 -0500
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BOQHCEKNItzUcaRwQTeD1VqXzU6bOJPafFZLtlCHtGc=; b=hCHwNTt8WBr9JbRVw2yioDM3jsBtCYyRDFPRlRV5AXVu3p5qcngGHMwstk1xhojQ7dOX5FNzcRfZsKu8STG9l4FWoMzyurH4cNyHYxkEn4qlI+NtAf7CX7OpBpO0xKt/rFzuvUfJPd2tW3imJQ6/Aik1vfGCPnqgVTgSB2ghC/1FBAf+yIvvpYtwgCvqwJUdPQWbNoKQTI5t0O2zXNbdPTULjCgkFxkwZkPNJgACQQjEmmXGUY/5htNQ3+Zt4iVlSdAkc8IApOg24nje+VhAfHIvOMHgpD318uvzkaJ2JJ7PM9MVUkLMbj5UrVz11CEBYTXfDEkrFvajYm8BvU6XhA==
Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ePVDdWHQ9+quPSBXMej/VM4woyxrRhA+sg7nK5D7ttpug7OS4EVMgzzudfqp5IP4Kgnu3J2wxqy41S9qqAgWtfxvWOyRORCesoLFLCJAKD8QwhZAZzumLdsqKc9Qu1u92F7EC5O2UOfAK7H9iiCBLZFxpjWEzpv7B9Wxow67aZAIcZnJWcd9/zM83i98ycDfSpiCV8ncBF3hosKhx3AXj/VY/2R7iLmJlegAmdxN8lBpP7xIWavtC3c/Ai3PCR0qVjeNWehx5qiIq46c6QtSpaEOFK/qbNIliqc3yrbzH2pmtMa4uD67gDgO+OmVOYCzAEQO8+m5wUplPTB0yp1YJw==
Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Krystian Hebel <krystian.hebel@xxxxxxxxx>, Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "trenchboot-devel@xxxxxxxxxxxxxxxx" <trenchboot-devel@xxxxxxxxxxxxxxxx>
Delivery-date: Mon, 07 Nov 2022 18:54:46 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 11/3/22 05:29, 'Jan Beulich' via trenchboot-devel wrote:

On 27.10.2022 21:37, Andrew Cooper wrote:

However, we're also very close to supporting parallel boot.  The
serialising point we currently have is __high_start loading %rsp from
stack_start, because that's a single pointer adjusted by do_boot_cpu().
Everything else, even the processor's idea of Xen's CPU id is derived
from the stack; specifically in the cpu_info block on the top of the
stack, which is prepared by the BSP.

All we need to do full parallel boot is an array mapping APIC_ID -> Xen
CPU index.  The AP boot path doesn't use the trampoline stack at all.
Given some way of transforming APIC_ID into a Xen CPU index, the APs
could pull their stack pointer straight out of the stack_bases[] array.
This would allow us in the general case to boot APs using an
all-but-self INIT-SIPI-SIPI.  (This is how firmware does AP bringup anyway.)


Thoughts?  In particular, is there an obvious option I've missed[1]?


Well, I don't see other options, but I'm not sure we're as close as you
describe. I'm pretty sure we have assumptions elsewhere that multiple
CPUs won't be starting in parallel. Those places will need finding and
adjusting. Plus the generic CPU infrastructure also assumes things are
done one by one, with (for example) cpu_up() taking a CPU number, not a
CPU mask.

Jan

For what it is worth, I can explain what I do for the Linux kernel.After SENTER transfers control to the setup kernel (the MLE), I wake allthe APs up, restore their state, disable interrupts and park them (hlt)in a safe area that was setup.

Later in the SMP boot code I detect that it is a Secure Launch. Thiscode is being called per CPU with the APIC IDs. One at a time I bypassthe normal boot path (INIT-SIPI-SIPI or direct 64b) and call our SMPfunction. This function sends an IPI to the particular APIC in question(NMI in this case) and vectors it to the normal SMP startup code that isin the rmpiggy. From there everything else happens as it normally wouldand the AP jumps through the unchanged startup trampolines. There isactually not very much Secure Launch specific code in the SMP boot code.This is the one patch (well commit where the patch came from):


https://github.com/TrenchBoot/linux/commit/c81d3580bea8f0111e17ad0cdfce15149b46249f

And for anyone not familiar with the rmpiggy, it is a blob of machinecode that is fixed up at runtime by the kernel proper and placed at an alocation < 1M so INIT-SIPI-SIPI can vector to it in real mode.


Ross

References:
- Re: Xen vs Trenchboot: TXT AP bringup
  - From: Jan Beulich

Prev by Date: Re: [PATCH 13/20] tools/xenstore: don't allow creating too many nodes in a transaction
Next by Date: Re: [PATCH v6 02/11] xen/arm: add iounmap after initrd has been loaded in domain_build
Previous by thread: Re: Xen vs Trenchboot: TXT AP bringup
Next by thread: Re: [PATCH v14 16/17] tests/qtest: netdev: test stream and dgram backends
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.