Xen project Mailing List

Re: [PATCH for-4.17 v2] hvm/apic: repurpose the reporting of the APIC assist options

To: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Fri, 11 Nov 2022 11:24:27 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Vrs8A0dqY/TrkOge+2bnNZFSQX12ELuGSsJShoXRY7U=; b=FfZ3NS2l6bpvF5M/6MX8OywSlYYapsMrxfXMGtNAySBRafml6Hx41wQmoDkLtZqQF7T6edEgQjKYl4vfjJaVyUrejRSlcf7gVvJTx+GkvMg1sjTMTDzfZxbAcqdNFLHOIHNPriZHyE/Nu9PT0gC25b+b9gjJjoVq0/vP9gDSXACUrUgeMCreAt3FRb3uSjMy4foWEIJhmSM+hLjLOi4VSuzN5NV09s6qSLxRKF4Xv7+DrTX9ax4Vb/PVCyAk9fpf5vqN4I1ZS27Go+GkmylgRQlPg4Nay0XnDECHb1aPHmY5oBzzn8eLp06FcXcZcTviy/fBhzGS9oxXU91oOnz66Q==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ULa2pLAMWXsgbpcPLxyhNaenkTDOiren7Ut0v7YUWt94oL383GDYYq+vhkYH0rQ2oPXRzSTNRh7JXe76BOlC3utnFXiylDjmSbiV6+48RlNFymNfzKIc6ARuRI7ROwWYipC7ZwgXArEqaDFiGXYoiZA+CT83bNWSU/q8QnhTXgiQlVHzzLGR8qphA53/d/Cr0vOw+7XISB/pG/KW+6ew6DhCM526l+4/jspmt4TtaeclHtIIlCBcOlOloJC0izFvv7Z8SM26FYt2SIgg1WhBFMfJRWlMB170q+cZSvA6lc4h+x7MvSn16jbDMNO1pClPhiZX3yPtqmxsl4zJ52n3tQ==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "Henry.Wang@xxxxxxx" <Henry.Wang@xxxxxxx>, Paul Durrant <paul@xxxxxxx>, Wei Liu <wl@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>

Delivery-date: Fri, 11 Nov 2022 10:25:09 +0000

Ironport-data: A9a23:jPoQGqpjvmnlVFHoCgmMD6V/nIJeBmLvZBIvgKrLsJaIsI4StFCzt garIBnSM/+JMDH1eth0aN7k8kIOu5/WxtdmGlFppSo8FXlDpZuZCYyVIHmrMnLJJKUvbq7FA +Y2MYCccZ9uHhcwgj/3b9ANeFEljfngqoLUUbKCYWYpAFc+E0/NsDo788YhmIlknNOlNA2Ev NL2sqX3NUSsnjV5KQr40YrawP9UlKm06W1wUmAWP6gR5gaHziBNVfrzGInqR5fGatgMdgKFb 76rIIGRpgvx4xorA9W5pbf3GmVirmn6ZFXmZtJ+AsBOszAazsAA+v9T2Mk0MC+7vw6hjdFpo OihgLTrIesf0g8gr8xGO/VQO3kW0aSrY9YrK1Dn2SCY5xWun3cBX5yCpaz5VGEV0r8fPI1Ay RAXAApcQxqRvuHr+6OmRMBuuOEqMeXIZJxK7xmMzRmBZRonabbqZv2QoPV+hXI3jM0IGuvCb c0EbzYpdA7HfxBEJlYQDtQ5gfusgX78NTZfrTp5p4JuuzSVkFM3jeGrbIW9lt+iHK25mm6Co W3L5SLhCwwyP92D0zuVtHmrg4cjmAurBNhJTOXlq5aGhnXJ/jMuKAQGfGC5rOv+p1CCd8hZB h09r39GQa8asRbDosPGdw21pjuIswARX/JUEvYm80edx6zM+QGbC2MYCDlbZ7QOlMIwXy1s6 VaPkPvgHzkpu7qQIVqF/6qQhSO/P24SN2BqTTAAZRsI5Z/kuo5bphDFQ8tnEaW1psboAjy2y DePxAA8mrNVi8cI3qe6+FnvgjSwq5yPRQkwji3UU3yk6EVlZYejT42u9VXfq/1HKe6kokKpu XEFn42U6rkIBJTVyyiVGr1RQ/eu+uqPNyDajRh3BZ49+j+x+nmlO4dN/DV5I0QvOcEBEdP0X HLuVcpqzMc7FBOXgWVfOtrZ5xgCpUQ4KenYaw==

Ironport-hdrordr: A9a23:8Lq7Ma10V0YiJ71e6jGRlAqjBSByeYIsimQD101hICG9Lfb0qy n+pp4mPEHP4wr5OEtOpTlPAtjkfZr5z+8M3WB3B8bYYOCGghrQEGgG1+ffKlLbexEWmtQttp uINpIOcuEYbmIK8voSgjPIdOrIqePvmM7IuQ6d9QYKcegDUdAd0+4TMHf+LqQZfnglOXJvf6 Dsm/av6gDQMEj+Ka+Adwo4dtmGg+eOuIPtYBYACRJiwA6SjQmw4Lq/NxSDxB8RXx5G3L9nqA H+4kfEz5Tml8v+5g7X1mfV4ZgTsNz9yuFbDMjJrsQOMD3jhiuheYwkcbyfuzIepv2p9T8R4Z HxiiZlG/42x2Laf2mzrxeo8w780Aw243un8lOciWuLm72MeBsKT+56wa5JeBrQ7EQt+Ptm1r hQ4m6fv51LSTvdgSXU/bHzJl5Xv3vxhUBnvf8YjnRZX4dbQqRWt5Yj8ERcF4pFND7m6bogDP JlAKjnlbprmGuhHjHkV1RUsZyRtixZJGbEfqFCgL3Z79FupgE286NCr/Zv3Evp9/oGOux5Dq r/Q+FVfYp1P78rhJJGdZk8qPSMex3wqDL3QRWvyAfcZdc6EkOIjaLLy5MIw8zvUKA07fIJ6e b8uRVjxCQPR34=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Thu, Nov 10, 2022 at 10:47:07PM +0000, Andrew Cooper wrote: > On 04/11/2022 16:18, Roger Pau Monne wrote: > > The current reporting of the hardware assisted APIC options is done by > > checking "virtualize APIC accesses" which is not very helpful, as that > > feature doesn't avoid a vmexit, instead it does provide some help in > > order to detect APIC MMIO accesses in vmexit processing. > > > > Repurpose the current reporting of xAPIC assistance to instead report > > such feature as present when there's support for "TPR shadow" and > > "APIC register virtualization" because in that case some xAPIC MMIO > > register accesses are handled directly by the hardware, without > > requiring a vmexit. > > > > For symetry also change assisted x2APIC reporting to require > > "virtualize x2APIC mode" and "APIC register virtualization", dropping > > the option to also be reported when "virtual interrupt delivery" is > > available. Presence of the "virtual interrupt delivery" feature will > > be reported using a different option. > > > > Fixes: 2ce11ce249 ('x86/HVM: allow per-domain usage of hardware virtualized > > APIC') > > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> > > --- > > I find the logic in vmx_vlapic_msr_changed() hard to follow, but I > > don't want to rewrite the function logic at this point. > > --- > > Changes since v1: > > - Fix Viridian MSR tip conditions. > > --- > > xen/arch/x86/hvm/viridian/viridian.c | 2 +- > > xen/arch/x86/hvm/vmx/vmcs.c | 8 ++++---- > > xen/arch/x86/hvm/vmx/vmx.c | 25 ++++++++++++++++++------- > > xen/arch/x86/traps.c | 4 +--- > > 4 files changed, 24 insertions(+), 15 deletions(-) > > > > diff --git a/xen/arch/x86/hvm/viridian/viridian.c > > b/xen/arch/x86/hvm/viridian/viridian.c > > index 25dca93e8b..44eb3d0519 100644 > > --- a/xen/arch/x86/hvm/viridian/viridian.c > > +++ b/xen/arch/x86/hvm/viridian/viridian.c > > @@ -197,7 +197,7 @@ void cpuid_viridian_leaves(const struct vcpu *v, > > uint32_t leaf, > > res->a = CPUID4A_RELAX_TIMER_INT; > > if ( viridian_feature_mask(d) & HVMPV_hcall_remote_tlb_flush ) > > res->a |= CPUID4A_HCALL_REMOTE_TLB_FLUSH; > > - if ( !cpu_has_vmx_apic_reg_virt ) > > + if ( !has_assisted_xapic(d) ) > > res->a |= CPUID4A_MSR_BASED_APIC; > > This check is broken before and after. It needs to be keyed on > virtualised interrupt delivery, not register acceleration. > > But doing this correctly needs a per-domain vintr setting, which we > don't have yet. > > It is marginally less broken with this change, than without, but that's > not saying much. > > > if ( viridian_feature_mask(d) & HVMPV_hcall_ipi ) > > res->a |= CPUID4A_SYNTHETIC_CLUSTER_IPI; > > diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c > > index a1aca1ec04..7bb96e1a8e 100644 > > --- a/xen/arch/x86/hvm/vmx/vmcs.c > > +++ b/xen/arch/x86/hvm/vmx/vmcs.c > > @@ -1136,7 +1136,7 @@ static int construct_vmcs(struct vcpu *v) > > > > if ( !has_assisted_xapic(d) ) > > v->arch.hvm.vmx.secondary_exec_control &= > > - ~SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; > > + ~SECONDARY_EXEC_APIC_REGISTER_VIRT; > > > > if ( cpu_has_vmx_secondary_exec_control ) > > __vmwrite(SECONDARY_VM_EXEC_CONTROL, > > @@ -2156,10 +2156,10 @@ int __init vmx_vmcs_init(void) > > if ( !ret ) > > { > > /* Check whether hardware supports accelerated xapic and x2apic. */ > > - assisted_xapic_available = cpu_has_vmx_virtualize_apic_accesses; > > + assisted_xapic_available = cpu_has_vmx_tpr_shadow && > > + cpu_has_vmx_apic_reg_virt; > > assisted_x2apic_available = cpu_has_vmx_virtualize_x2apic_mode && > > - (cpu_has_vmx_apic_reg_virt || > > - cpu_has_vmx_virtual_intr_delivery); > > + cpu_has_vmx_apic_reg_virt; > > apic reg virt already depends on tpr shadow, so that part of the > condition is redundant. > > virtualise x2apic mode and apic reg virt aren't dependent, but they do > only ever appear together in hardware. > > Keeping the conditionals might be ok to combat a bad outer hypervisor, > but ... > > > register_keyhandler('v', vmcs_dump, "dump VT-x VMCSs", 1); > > } > > > > diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c > > index e624b415c9..bf0fe3355c 100644 > > --- a/xen/arch/x86/hvm/vmx/vmx.c > > +++ b/xen/arch/x86/hvm/vmx/vmx.c > > @@ -3405,25 +3405,29 @@ static void vmx_install_vlapic_mapping(struct vcpu > > *v) > > > > void vmx_vlapic_msr_changed(struct vcpu *v) > > { > > + bool virtualize_x2apic_mode = has_assisted_x2apic(v->domain) || > > + (cpu_has_vmx_virtualize_x2apic_mode && > > + cpu_has_vmx_virtual_intr_delivery); > > ... this is still wrong, and ... > > > struct vlapic *vlapic = vcpu_vlapic(v); > > unsigned int msr; > > > > - if ( !has_assisted_xapic(v->domain) && > > - !has_assisted_x2apic(v->domain) ) > > + if ( !cpu_has_vmx_virtualize_apic_accesses && > > + !virtualize_x2apic_mode ) > > return; > > ... this surely cannot be right. > > While attempting to figure ^ out, I've found yet another regression vs > 4.16. Because virt intr delivery is set in the execution controls > system-wide and not controlled per domain, we'll take a vmentry failure > on SKX/CLX/ICX when trying to build an HVM domain without xAPIC > acceleration. > > > This, combined with the ABI errors (/misfeatures) that we really don't > want to escape into the world but I haven't finished fixing yet, means > that the only appropriate course of action is to revert. > > I'd really hoped to avoid a full revert, but we've run out of time. Can we wait for the revert until Monday, it's a public holiday here today and won't be able to reply to the comments. Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.