[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] x86/HVM: don't mark evtchn upcall vector as pending when vLAPIC is disabled
- To: Jan Beulich <jbeulich@xxxxxxxx>
- From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
- Date: Fri, 18 Nov 2022 14:55:29 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0vH3u6snomVKL4Rux0jqMDKm9vJjDe0uNRBAXmfFJu4=; b=Dxz+VaX9rLx3x2biuuUfgN2KMIuTEoL/D9tNfTWVjBw3aCLL3ndE5W4pSfbV4AmwuvqParEkGMUZ2XxZdo1L6LgBSBOisrzuVw80Hvg7Gr3kmvq9bKNg7D/fSIwm0XAPboWfWDGu/w1yVbPym2mf18xc3gXcoZq6S1uj7xQK4ovBZ5VhUPlF1Miyd/JLL/ZDjFztRwRFP0zIWq7hbldvJVTdTVwW5mwd+8y/zEmCfKrP4BuCuC73KCknyURsCgwk8MfQXPS9VezY9QSlxtM7mY81kepNlTxLWsyCcaJzByrFgQySz8BeAH0dH01DpysU1wLe3fntDgiU//K3OLvB6Q==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZWDHxrxxFMQdTBKhUSztP0sl+x6MtBu1g0owkKZe1astjB3O+N0OqS+o8nq40m7JseRR7XCfgF8CLdaNOUS3hczONB+O4C4JQYewLLLXsp14YHkx2VohYwWXqwVBPM212oEyQymDZQSfta64lNFiGicE0wBg4cM+9iRA97btwQf6D+99g6eq8HFav33NlmNjfWogvpJHwZqJHInnsSR2ahOAdiEvWjtWvEDColWomHEK5gBPzUSqjn9VkBJKTXSiRZAPpDgUsVOQdKrkHd3eCeR4YHezFlJtgjm4WRLhKR6MX6WzHiHIJWNZBznCSnH7lmc4ASRq4Ro8r5CB9ei4sg==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Paul Durrant <paul@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Fri, 18 Nov 2022 13:56:01 +0000
- Ironport-data: A9a23:Pz3M8KiDkau03NbcyNgVI+rOX161VREKZh0ujC45NGQN5FlHY01je htvCjvTOKqOZWDyeY9+aIizphwE65/Uz4RiTAdq/y0zRnkb9cadCdqndUqhZCn6wu8v7q5Ex 55HNoSfdpBcolv0/ErF3m3J9CEkvU2wbuOgTrWCYmUpH1QMpB4J0XpLg/Q+jpNjne+3CgaMv cKai8DEMRqu1iUc3lg8sspvkzsy+qWs0N8klgZmP6oS5QaOzyN94K83fsldEVOpGuG4IcbiL wrz5OnR1n/U+R4rFuSknt7TGqHdauePVeQmoiM+t5mK2nCulARrukoIHKN0hXNsoyeIh7hMJ OBl7vRcf+uL0prkw4zxWzEAe8130DYvFLXveRBTuuTLp6HKnueFL1yDwyjaMKVBktubD12i+ tQpMgotZUqlnN6U65KZSvNSnNV8PfLkadZ3VnFIlVk1DN4AaLWaGuDmwIEd2z09wMdTAfzZe swVLyJ1awjNaAFOPVFRD48imOCvhT/0dDgwRFC9/PJrpTSMilEuluGyarI5efTTLSlRtlyfq W/cuXzwHzkRNcCFyCrD+XWp7gPKtXOmBdlNTeXlnhJsqG/KwzACE0xIbGemreWHh2OhZ8BBM UNBr0LCqoB3riRHVOLVXRe1vXqFtR40QMdLHqsx7wTl4rXQyxaUAC4DVDEpQMQvqcseVTEsk FiTkLvBFTFp9bGYV3+Z3rOVti+pfzgYK3cYYi0JRhdD5MPsyLzflTrKR9dnVaKw0Nv8HGipx yjQ9XdkwbIOkcQMyqO3u0jdhC6hrYTISQhz4RjLWmWi7UVyY4vNi5GU1GU3JM1odO6xJmRtd lBe8yRCxIji1a2wqRE=
- Ironport-hdrordr: A9a23:KngGR6PB7gAmIMBcT6H255DYdb4zR+YMi2TDiHoddfUFSKalfp 6V98jztSWatN/eYgBEpTmlAtj5fZq6z+8P3WBxB8baYOCCggeVxe5ZjbcKrweQeBEWs9Qtr5 uIEJIOd+EYb2IK6voSiTPQe7hA/DDEytHPuQ639QYQcegAUdAF0+4WMHf4LqUgLzM2eKbRWa DskPZvln6FQzA6f867Dn4KU6zqoMDKrovvZVorFgMq8w6HiBKv8frfHwKD1hkTfjtTyfN6mF K12TDR1+GGibWW2xXc32jc49B/n8bg8MJKAIihm9UYMTLljyevfcBEV6eZtD44jemz4BIBkc XKoT0nI8NvgkmhNV2dkF/I4U3NwTwu43jtxRuxhmbim9XwQHYfB9BajYxUXxPF4w541esMmJ 5j7ia8jd56HBnAlCPy65zhUAxrrFO9pT4HnfQIh3JSfIMCYPt6rJAZ/mlSDJAcdRiKobwPIa 1LNoXx9fxWeVSVYzTwuXRu+sWlWjAJEhKPUiE5y7mo+gkTuEo841oTxcQZkHtF3ok6UYN46+ PNNbktvK1ST+cNBJgNStspcI+SMCjgUBjMOGWdLRDMD6ccIU/ArJbx/fEc+PyqQpoV15E/8a 6xH2+wjVRCO34GNPf+n6Giqnv2MSeAtHXWu41jDqFCy/zBrOGBC1zHdLgs+/HQ0cn3TPerH8 pbA6gmc8MLHVGeZ7qh4DeOKqW6CUNuJPH96exLLG6mk4bsFrDAkND9XbL6GIfNeAxUKV8XRE FzEQTOGA==
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Fri, Nov 18, 2022 at 01:54:33PM +0100, Jan Beulich wrote:
> On 18.11.2022 13:33, Andrew Cooper wrote:
> > On 18/11/2022 10:31, Jan Beulich wrote:
> >> Linux'es relatively new use of HVMOP_set_evtchn_upcall_vector has
> >> exposed a problem with the marking of the respective vector as
> >> pending: For quite some time Linux has been checking whether any stale
> >> ISR or IRR bits would still be set while preparing the LAPIC for use.
> >> This check is now triggering on the upcall vector, as the registration,
> >> at least for APs, happens before the LAPIC is actually enabled.
> >>
> >> In software-disabled state an LAPIC would not accept any interrupt
> >> requests and hence no IRR bit would newly become set while in this
> >> state. As a result it is also wrong for us to mark the upcall vector as
> >> having a pending request when the vLAPIC is in this state.
> >
> > I agree with this.
> >
> >> To compensate for the "enabled" check added to the assertion logic, add
> >> logic to (conditionally) mark the upcall vector as having a request
> >> pending at the time the LAPIC is being software-enabled by the guest.
> >
> > But this, I don't think is appropriate.
> >
> > The point of raising on enable is allegedly to work around setup race
> > conditions. I'm unconvinced by this reasoning, but it is what it is,
> > and the stated behaviour is to raise there and then.
> >
> > If a guest enables evtchn while the LAPIC is disabled, then the
> > interrupt is lost. Like every other interrupt in an x86 system.
>
> Edge triggered ones you mean, I suppose, but yes.
>
> > I don't think there is any credible way a guest kernel author can expect
> > the weird evtchn edgecase to wait for an arbitrary point in the future,
> > and it's a corner case that I think is worth not keeping.
>
> Well - did you look at 7b5b8ca7dffd ("x86/upcall: inject a spurious event
> after setting upcall vector"), referenced by the Fixes: tag? The issue is
> that with evtchn_upcall_pending once set, there would never again be a
> notification. So if what you say is to be the model we follow, then that
> earlier change was perhaps wrong as well. Instead it should then have
> been a guest change (as also implicit from your reply) to clear
> evtchn_upcall_pending after vCPU info registration (there) or LAPIC
> enabling (here), perhaps by way of "manually" invoking the handling of
> that pending event, or by issuing a self-IPI with that vector.
> Especially the LAPIC enabling case would then be yet another Xen-specific
> on a guest code path which better wouldn't have to be aware of Xen.
Another option might be to clear evtchn_upcall_pending once the vLAPIC
is enabled, so that further setting of evtchn_upcall_pending will
inject the vector. I'm worried however whether that could break
existing users, as this would be an interface behavior change.
Thanks, Roger.
|
