[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [XEN PATCH v2 07/15] x86: guard cpu_has_{svm/vmx} macros with CONFIG_{SVM/VMX}

To: Jan Beulich <jbeulich@xxxxxxxx>
From: Sergiy Kibrik <sergiy_kibrik@xxxxxxxx>
Date: Thu, 23 May 2024 16:07:26 +0300
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=otKw66nEx7G9CUalIzd5MALBbDsQBfCNiIO9pmHTUm4=; b=EzwK3KUsYLBrDshqlnUcGqRIkQu8muHRBVtTrQ0AmjcZg8f8kWuvETqldlhe86NvRiEH2Oc8COYM5qdkqVrXr4ivIaygvNDGr71L5DPNJRovXgf33S/tTXEVu1sJiv+IPH6HE06z7DxMRaGexYp70V4i446/08/p4b2sSDw1fNtf5fHmJSGn1ggfRweiRIFZ7kRXoZdiAMb6bg773IVhJIO3ORWqdzDdduDWoLKN4X5Ez7DsLRjp3aQ+vyWD7NfrMWuba+j53/diLny/0e1qUollEOx//sSSVViu5H7Jem+LmsSPrbHHQdoIsbE2oszVcQULSCHbMMyX/91akGAk9g==
Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RAwhCB8I8mXmKSQgzrvkW03a9MhgJRlRLNA2gng4nD1AkI8+zqehMnvVsxQ+YfVqFGIDgjpUeXrQxECtMXnha0za6/1yaH9XmfAAL25hDMvApVHenHCc6ACP4aGCh6pizb1PqEKLa0O2/i9marDXBJjN0aouwcy2utK6nJkKIGqEkik8vQTJxIwGmZboaSl1XR6gYZEBwWd4nLNoOMExOXpN1jJ0X6+Lrq7nj0b40hjrK5B5Kfr9BlSVgFRR5NBCs9Jp0gZbc21tPx/Sjm3UHqxsqtqZxhnbD7vKBW42YR65uEm97L+tDREeeNOiPkt2wft1pTm8DBGFkYjNigPl+w==
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Xenia Ragiadakou <xenia.ragiadakou@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 23 May 2024 13:07:58 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

16.05.24 14:12, Jan Beulich:

On 15.05.2024 11:12, Sergiy Kibrik wrote:

--- a/xen/arch/x86/include/asm/cpufeature.h
+++ b/xen/arch/x86/include/asm/cpufeature.h
@@ -81,7 +81,8 @@ static inline bool boot_cpu_has(unsigned int feat)
  #define cpu_has_sse3            boot_cpu_has(X86_FEATURE_SSE3)
  #define cpu_has_pclmulqdq       boot_cpu_has(X86_FEATURE_PCLMULQDQ)
  #define cpu_has_monitor         boot_cpu_has(X86_FEATURE_MONITOR)
-#define cpu_has_vmx             boot_cpu_has(X86_FEATURE_VMX)
+#define cpu_has_vmx             ( IS_ENABLED(CONFIG_VMX) && \
+                                  boot_cpu_has(X86_FEATURE_VMX))
  #define cpu_has_eist            boot_cpu_has(X86_FEATURE_EIST)
  #define cpu_has_ssse3           boot_cpu_has(X86_FEATURE_SSSE3)
  #define cpu_has_fma             boot_cpu_has(X86_FEATURE_FMA)
@@ -109,7 +110,8 @@ static inline bool boot_cpu_has(unsigned int feat)

/* CPUID level 0x80000001.ecx */

  #define cpu_has_cmp_legacy      boot_cpu_has(X86_FEATURE_CMP_LEGACY)
-#define cpu_has_svm             boot_cpu_has(X86_FEATURE_SVM)
+#define cpu_has_svm             ( IS_ENABLED(CONFIG_SVM) && \
+                                  boot_cpu_has(X86_FEATURE_SVM))
  #define cpu_has_sse4a           boot_cpu_has(X86_FEATURE_SSE4A)
  #define cpu_has_xop             boot_cpu_has(X86_FEATURE_XOP)
  #define cpu_has_skinit          boot_cpu_has(X86_FEATURE_SKINIT)


Hmm, leaving aside the style issue (stray blanks after opening parentheses,
and as a result one-off indentation on the wrapped lines) I'm not really
certain we can do this. The description goes into detail why we would want
this, but it doesn't cover at all why it is safe for all present (and
ideally also future) uses. I wouldn't be surprised if we had VMX/SVM checks
just to derive further knowledge from that, without them being directly
related to the use of VMX/SVM. Take a look at calculate_hvm_max_policy(),
for example. While it looks to be okay there, it may give you an idea of
what I mean.

Things might become better separated if instead for such checks we used
host and raw CPU policies instead of cpuinfo_x86.x86_capability[]. But
that's still pretty far out, I'm afraid.


I've followed a suggestion you made for patch in previous series:

https://lore.kernel.org/xen-devel/8fbd604e-5e5d-410c-880f-2ad257bbe08a@xxxxxxxx/

yet if this approach can potentially be unsafe (I'm not completely sureit's safe), should we instead fallback to the way it was done in v1series? I.e. guard calls to vmx/svm-specific calls where needed, like inthese 3 patches:

1)https://lore.kernel.org/xen-devel/20240416063328.3469386-1-Sergiy_Kibrik@xxxxxxxx/

2)https://lore.kernel.org/xen-devel/20240416063740.3469592-1-Sergiy_Kibrik@xxxxxxxx/

3)https://lore.kernel.org/xen-devel/20240416063947.3469718-1-Sergiy_Kibrik@xxxxxxxx/



  -Sergiy

Follow-Ups:
- Re: [XEN PATCH v2 07/15] x86: guard cpu_has_{svm/vmx} macros with CONFIG_{SVM/VMX}
  - From: Jan Beulich

References:
- [XEN PATCH v2 00/15] x86: make cpu virtualization support configurable
  - From: Sergiy Kibrik
- [XEN PATCH v2 07/15] x86: guard cpu_has_{svm/vmx} macros with CONFIG_{SVM/VMX}
  - From: Sergiy Kibrik
- Re: [XEN PATCH v2 07/15] x86: guard cpu_has_{svm/vmx} macros with CONFIG_{SVM/VMX}
  - From: Jan Beulich

Prev by Date: Re: [PATCH v10 02/14] xen: introduce generic non-atomic test_*bit()
Next by Date: Re: [PATCH v10 03/14] xen/bitops: implement fls{l}() in common logic
Previous by thread: Re: [XEN PATCH v2 07/15] x86: guard cpu_has_{svm/vmx} macros with CONFIG_{SVM/VMX}
Next by thread: Re: [XEN PATCH v2 07/15] x86: guard cpu_has_{svm/vmx} macros with CONFIG_{SVM/VMX}
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.