[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH v2 06/10] x86: Enable XSTATE save/restore for arch LBR

  • To: Tu Dinh <ngoc-tu.dinh@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Mon, 20 Jan 2025 17:38:56 +0100
  • Autocrypt: addr=jbeulich@xxxxxxxx; keydata= xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A nAuWpQkjM1ASeQwSHEeAWPgskBQL
  • Cc: Anthony PERARD <anthony.perard@xxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Mon, 20 Jan 2025 16:39:06 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 02.01.2025 09:45, Tu Dinh wrote:
> --- a/xen/arch/x86/include/asm/xstate.h
> +++ b/xen/arch/x86/include/asm/xstate.h
> @@ -33,13 +33,13 @@ extern uint32_t mxcsr_mask;
>  #define XSTATE_FP_SSE  (X86_XCR0_X87 | X86_XCR0_SSE)
>  #define XCNTXT_MASK    (X86_XCR0_X87 | X86_XCR0_SSE | X86_XCR0_YMM | \
>                          X86_XCR0_OPMASK | X86_XCR0_ZMM | X86_XCR0_HI_ZMM | \
> -                        XSTATE_NONLAZY)
> +                        XSTATE_NONLAZY | XSTATE_XSAVES_ONLY)

This is odd - in the sole pre-existing place where the #define is used you
then remove X86_XSS_STATES again. Plus please see also
https://lists.xen.org/archives/html/xen-devel/2021-04/msg01336.html.

>  #define XSTATE_ALL     (~(1ULL << 63))
>  #define XSTATE_NONLAZY (X86_XCR0_BNDREGS | X86_XCR0_BNDCSR | X86_XCR0_PKRU | 
> \
>                          X86_XCR0_TILE_CFG | X86_XCR0_TILE_DATA)
>  #define XSTATE_LAZY    (XSTATE_ALL & ~XSTATE_NONLAZY)
> -#define XSTATE_XSAVES_ONLY         0
> +#define XSTATE_XSAVES_ONLY         (X86_XSS_LBR)
>  #define XSTATE_COMPACTION_ENABLED  (1ULL << 63)
>  
>  #define XSTATE_XSS     (1U << 0)
> @@ -91,6 +91,21 @@ struct xstate_bndcsr {
>      uint64_t bndstatus;
>  };
>  
> +struct xstate_lbr_entry {
> +    uint64_t lbr_from_ip;
> +    uint64_t lbr_to_ip;
> +    uint64_t lbr_info;
> +};
> +
> +struct xstate_lbr {
> +     uint64_t lbr_ctl;
> +     uint64_t lbr_depth;
> +     uint64_t ler_from_ip;
> +     uint64_t ler_to_ip;
> +     uint64_t ler_info;
> +     struct xstate_lbr_entry entries[32];
> +};

Doesn't this 32 appear in an earlier patch as well? They need tying together
via a #define then.

Also nit: Hard tabs slipped in.

> @@ -114,6 +129,9 @@ int xstate_alloc_save_area(struct vcpu *v);
>  void xstate_init(struct cpuinfo_x86 *c);
>  unsigned int xstate_uncompressed_size(uint64_t xcr0);
>  unsigned int xstate_compressed_size(uint64_t xstates);
> +void *get_xstate_component_comp(struct xsave_struct *xstate,
> +                                unsigned int size,
> +                                uint64_t component);
>  
>  static inline uint64_t xgetbv(unsigned int index)
>  {
> diff --git a/xen/arch/x86/msr.c b/xen/arch/x86/msr.c
> index 289cf10b78..68a419ac8e 100644
> --- a/xen/arch/x86/msr.c
> +++ b/xen/arch/x86/msr.c
> @@ -522,8 +522,7 @@ int guest_wrmsr(struct vcpu *v, uint32_t msr, uint64_t 
> val)
>          if ( !cp->xstate.xsaves )
>              goto gp_fault;
>  
> -        /* No XSS features currently supported for guests */
> -        if ( val != 0 )
> +        if ( val & ~(uint64_t)XSTATE_XSAVES_ONLY )
>              goto gp_fault;

Imo we'd be better off arranging for casts like this to not be required. It's
too easy to leave one out unintentionally.

> @@ -210,7 +214,7 @@ void expand_xsave_states(const struct vcpu *v, void 
> *dest, unsigned int size)
>       * non-compacted offset.
>       */
>      src = xstate;
> -    valid = xstate_bv & ~XSTATE_FP_SSE;
> +    valid = xstate_bv & ~XSTATE_FP_SSE & ~X86_XSS_STATES;
>      while ( valid )
>      {
>          u64 feature = valid & -valid;
> @@ -276,7 +280,7 @@ void compress_xsave_states(struct vcpu *v, const void 
> *src, unsigned int size)
>       * possibly compacted offset.
>       */
>      dest = xstate;
> -    valid = xstate_bv & ~XSTATE_FP_SSE;
> +    valid = xstate_bv & ~XSTATE_FP_SSE & ~X86_XSS_STATES;
>      while ( valid )
>      {
>          u64 feature = valid & -valid;

I can't figure why these two changes are needed, and the description isn't
of any help here either.

> @@ -1072,6 +1085,30 @@ void xstate_set_init(uint64_t mask)
>          BUG();
>  }
>  
> +void *get_xstate_component_comp(struct xsave_struct *xstate,
> +                                unsigned int size,
> +                                uint64_t component)
> +{
> +    uint16_t comp_offsets[sizeof(xfeature_mask) * 8];
> +    uint16_t offset;
> +    unsigned int i = ilog2(component);
> +
> +    ASSERT(generic_hweightl(component) == 1);
> +
> +    if ( !(xstate->xsave_hdr.xcomp_bv & XSTATE_COMPACTION_ENABLED) ||
> +         i >= xstate_features ||
> +         xstate_sizes[i] == 0 ||
> +         !(xstate->xsave_hdr.xcomp_bv & component) )
> +        return NULL;
> +
> +    setup_xstate_comp(comp_offsets, xstate->xsave_hdr.xcomp_bv);
> +    offset = comp_offsets[i];
> +    if ( xstate_sizes[i] + offset > size )
> +        return NULL;
> +
> +    return (void *)xstate + offset;
> +}

The function is unused at this point. Besides this being a Misra violation
(unreachable code), it also means it's left unclear what the purpose is.
That would, for example, influence whether there should be some "const"
applied. I find it particularly worrying that the function returns a
pointer to non-const, thus permitting the caller to fiddle with the
contents. Similarly it's left unclear what the "size" parameter is for.

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.