[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-4.17 v2] hvm/apic: repurpose the reporting of the APIC assist options

  • To: Roger Pau Monne <roger.pau@xxxxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Mon, 14 Nov 2022 15:31:39 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=O7notWDT+KDnhlrQycg4nUgTl2NXmKwGHx4KmYADghc=; b=LK3mcmGyrV9UR/6wrZo1Vt3oaMYtdHIV0S4N+YJFlQPKHaScEtbO4n7pmo+diPXVBpgnWSIqx00Rv2UwgAA40WV1kq0narg9Pf0MdEoC2esHaLSVqF0XaAxYx9aoVP1gd6FUweey0tz3kHHaGgNvS9sMymNdhhfGNq4Jd91lWzU6BCDUrWliP/S/JtE5nBDvlJyW1yhi6GS78xYzHAUE9zsRaOmklQR0jVV4ob7CC5RnoAnSuo5X51Jn+f++FnUVfua9mhrnrmxOlSRcdafs3fJsrWj+2BXiPlPlIQ+MH/bS4AYkoAMylOnG16F3DCRSfbkCYLjm8sPxyH/650fBWg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GPlVpyr4E/8Hmgy+ZGNUAsrMtCNoyW1V8hvM3rFaeW3FrTdHORIN+LRFr4PMqmS8VhMYH2+CS6RLmqkiJBX8/7L5dxok2OtTuAagYEdSD2PpUpwkt3QZnLAkFc6/jerQ1fg80fjgQrCvHgrO/EaJFjOgoc0FNiacAhkkcCvaqvCU2FonsZuSTg8JeqdnAp3zmYJHAlTNOXi+JoSARYwqn/0zTqfB+656Nxhmu771bZDkiIHAEgXc90t9FDfpePapnx1lZ45wgoornHfbuVwNbjm+W2TowglZpdt1xAnGkxcAJ1bkL6sKyeN06OKHJEuFAjbWhV1aBAIvJZXRv+LZRQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Jan Beulich <jbeulich@xxxxxxxx>, "Henry.Wang@xxxxxxx" <Henry.Wang@xxxxxxx>, Paul Durrant <paul@xxxxxxx>, Wei Liu <wl@xxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Mon, 14 Nov 2022 15:32:09 +0000
  • Ironport-data: A9a23:o6KtQ6pmANy3ZFfEYAmS2F1rVA5eBmLrZBIvgKrLsJaIsI4StFCzt garIBmFb6nZYDbwLdEjPty+8BlQuZSHz9RjTQBoqC49QiIQpJuZCYyVIHmrMnLJJKUvbq7FA +Y2MYCccZ9uHhcwgj/3b9ANeFEljfngqoLUUbKCYWYpAFc+E0/NsDo788YhmIlknNOlNA2Ev NL2sqX3NUSsnjV5KQr40YrawP9UlKm06W1wUmAWP6gR5gaHziVNVvrzGInqR5fGatgMdgKFb 76rIIGRpgvx4xorA9W5pbf3GmVirmn6ZFXmZtJ+AsBOszAazsAA+v9T2Mk0MC+7vw6hjdFpo OihgLTrIesf0g8gr8xGO/VQO3kW0aSrY9YrK1Dn2SCY5xWun3cBX5yCpaz5VGEV0r8fPI1Ay RAXAD8vQCvagf+c+rGAEsVSlOYABcLCAYxK7xmMzRmBZRonabbqZv2QoPN9h3I3jM0IGuvCb c0EbzYpdA7HfxBEJlYQDtQ5gfusgX78NTZfrTp5p4JuuzSVkFM3jearbIO9lt+iHK25mm6xo G7c8nu/KRYdLNGFkhKO8262h/+JliT+MG4XPO3kraA63gPDroAVIBtKW36a/9KLsEyjAu4BB x1L0woLkZFnoSRHSfG4BXVUukWsvBQRRt5RGO0S8xyWx+zf5APxLkgJSCRQLuMvssAeTCYvk FSOmrvBHTVytJWFRHTb8a2bxRutPQAFIGlEYjULJSMH/t+lpogwhxDOS99LEaipg9mzEjb1q xiJoTY/gfMPjMcN/6S94V3DxTmro/DhXgMzownaQG+hxgd4f5K+IZyl70DB6vRNJ5rfSUOO1 EXogOCb5eEKSJ2IzyqERb1XGKnzv6rcdjrBnVRoAp8tsSy3/GKudpxR5zc4I1p1NsEDenniZ 0q7VR5t2aK/9UCCNcdfC79dwex3pUQ8PbwJjszpU+c=
  • Ironport-hdrordr: A9a23:biJdp6/4DrfTiziJjjBuk+H2dr1zdoMgy1knxilNoENuH/Bwxv rFoB1E73TJYW4qKQodcdDpAtjifZtFnaQFrbX5To3SJjUO31HYY72KjLGSjgEIfheTygcz79 YGT0ETMrzN5B1B/L7HCWqDYpgdKbu8gcaVbI7lph8DIz2CKZsQljuRYTzrcHGeMTM2YabRY6 Dsg/avyQDBRV0nKuCAQlUVVenKoNPG0LrgfB49HhYirCWekD+y77b+Mh6AmjMTSSlGz7sO+X XM11WR3NTij9iLjjvnk0PD5ZVfn9XsjvNFGcy3k8AQbhn8lwqyY4xlerua+BQ4uvum5loGmM TF5z0gI8NwwXXMeXzdm2qt5yDQlBIVr1Pyw16RhnXu5ebjQighNsZHjYVFNjPE9ksJprhHoe B29lPck6ASIQLLnSz76dSNfQptjFCIrX0rlvNWp2BDULEZdKRaoeUkjQZo+dY7bWbHAbIcYa 9T5fLnla9rmJShHijkV1xUsZuRt7IIb0y7qwY5y5aoOnNt7Q1EJgMjtbAidzE7hdEAotB/lp r52u4DrsAwcuYGKa16H+sPWs2xFyjERg/NKnubJRD9GLgAIG+lke++3Fyb3pDZRHUk9upFpH 36aiIQiUciP0b1TcGe1pxC9R7ABG27QDT208lbo5x0oKf1SrbnOTCKDAlGqbrrn9wPRsnAH/ qjMpNfBPHuaWPoBIZSxgX7H51fM2MXXsEZsssyH1iOvsXIIIv3sfGzSoeZGJP9VTI/Hm/vCH oKWzb+YM1G80CwQ3f9xAPcXnv8E3aPiq6Y0JKqi9T75LJ9RbGk6DJl+GhRzvv7WQFqo+gxYF Z0Jq/hn+eyuXS2lFy4mllUBg==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHY8GkXjZEVf2M/t0iebvsck9V8qq44y+aAgACWeYCAAKSxAIAAA1KAgARrNQCAACX3gA==
  • Thread-topic: [PATCH for-4.17 v2] hvm/apic: repurpose the reporting of the APIC assist options
On 14/11/2022 13:15, Roger Pau Monne wrote:
> On Fri, Nov 11, 2022 at 05:47:02PM +0000, Andrew Cooper wrote:
>> On 11/11/2022 17:35, Andrew Cooper wrote:
>>> On 11/11/2022 07:45, Jan Beulich wrote:
>>>> On 10.11.2022 23:47, Andrew Cooper wrote:
>>>>> On 04/11/2022 16:18, Roger Pau Monne wrote:
>>>>>> --- a/xen/arch/x86/hvm/viridian/viridian.c
>>>>>> +++ b/xen/arch/x86/hvm/viridian/viridian.c
>>>>>> @@ -197,7 +197,7 @@ void cpuid_viridian_leaves(const struct vcpu *v, 
>>>>>> uint32_t leaf,
>>>>>>          res->a = CPUID4A_RELAX_TIMER_INT;
>>>>>>          if ( viridian_feature_mask(d) & HVMPV_hcall_remote_tlb_flush )
>>>>>>              res->a |= CPUID4A_HCALL_REMOTE_TLB_FLUSH;
>>>>>> -        if ( !cpu_has_vmx_apic_reg_virt )
>>>>>> +        if ( !has_assisted_xapic(d) )
>>>>>>              res->a |= CPUID4A_MSR_BASED_APIC;
>>>>> This check is broken before and after.  It needs to be keyed on
>>>>> virtualised interrupt delivery, not register acceleration.
>>>> To me this connection you suggest looks entirely unobvious, so would
>>>> you mind expanding as to why you're thinking so? The hint to the guest
>>>> here is related to how it would best access certain registers (aiui),
>>>> which to me looks orthogonal to how interrupt delivery works.
>>> I refer you again to the diagram.  (For everyone else on xen-devel, I
>>> put this together when fixing XSA-412 because Intel's APIC acceleration
>>> controls are entirely unintuitive.)
>>>
>>> It is "virtual interrupt delivery" which controls EOI/ICR acceleration,
>>> and not "apic register virtualisation".  There's a decade worth of
>>> hardware where this logic is an anti-optimsiation, by telling windows to
>>> use a VMExit-ing mechanism even when microcode would have avoided the
>>> VMExit.
>>>
>>> It is not by accident that "virtual interrupt delivery", introduced in
>>> IvyBridge, is exactly the missing registers (on top of "use TPR Shadow"
>>> which is even older) to make windows performance less bad.
>> Sorry, sent too early.
>>
>> This also firmly highlights why the API/ABI is broken. 
> I'm not seeing how you are making this connection: the context here is
> strictly about a Viridian hint which Xen has been wrongly reporting,
> but has nothing to do with the APIC assist API/ABI stuff.  It was
> wrong before the introduction of APIC assist, and it's also wrong
> after.

And now it has a layer of obfuscation which makes the bug less obvious.

> Also see my other reply - I'm dubious whether this hint is useful for
> any Windows version that supports x2APIC (which seems to be >= Windows
> Server 2008), because we expose x2APIC to guests regardless of whether
> the underlying platform APIC supports such mode.

It's not about whether a version of Windows supports x2APIC.  Its
whether windows turns x2APIC on.

Short of having an emulated IOMMU, or an absence of an IO-APIC (neither
of which we do), guests wont turn x2APIC on.

I know we have the magic hack for IO-APIC with >8 bit destinations, but
that only got enumerated in the Xen leaves (IIRC?), so only Linux can
pick it up.

The hint is still very relevant for any version of windows running in
xAPIC mode which, at a guess, is all of them under Xen.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.