[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/6] x86/vpmu: Expose PEBS and DS area in PV mode
- To: Jan Beulich <jbeulich@xxxxxxxx>, Teddy Astie <teddy.astie@xxxxxxxxxx>
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Tue, 24 Mar 2026 10:42:19 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ROOAnVTIjqFZzUxpVEQ6+pSLkhcWTHf4QrPDNmMhjd8=; b=HmnuaR2vmdEto0zQbikMVfmZ0h5RLJBlY/wJDizgpbF64fMdGeG1nKwR0OYdrBRs2TSQKVsSXAMAe9rPVZx01TMKJDwDvrkr0Bj0NLDgreCAeInnLde3Hr7DBRBmYSus33Jn86+cIN1oSiVqx1T890MSIV/5bvmGqxJqw1sDJgJnc5IODnxpL3zYh7X7IxJX1WUtXaFxtIFoee9yKccrQj9RCNbFQYy+2ZSlxO4Ivg02RyIc3iXI4jOzOhDh8kVgTcjGXCdWWZISsJLomKWZ5nhwe0GzxuXnSWDe21In4Zisa5+1RG0AETg5DV8f18NiHq2Gy2nkFMLKZh8iHiAV4Q==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=pxv6L/6/tItxhiC6BNIVzhkXTcHB2MHY84KulbjGvJzEm9t/2rDU2NZV4cqvlmhuCvNWieA60aATHEHcv0tCF2dBie5mf+QzrgCrkELIY+y87WGt52z8jpZf+tlTok/wrW9bfPxNmeoVh1lxmKhAEPlurmPD0yk2KGFzW8PFwlesrqilMH+KlNRCw20T6v68fc5ab07q64tpPMc6W5RB72OBny9M43l05hbMNaTALMkujfgjblwWRXPhHizR7kpn6Ph+hCkWPwq3xCAM7PBEQcX8eK434h+n84VyhsTTG6DV3E7zeXJLu6vCNTv6/E5lA/X/uAv9NegC17nEkrYafQ==
- Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=citrix.com header.i="@citrix.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- Delivery-date: Tue, 24 Mar 2026 10:42:35 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 24/03/2026 9:11 am, Jan Beulich wrote:
> On 10.03.2026 17:44, Teddy Astie wrote:
>> I don't see any reason for them for not be available, especially
>> since core2_vpmu_do_wrmsr has PV specific logic for MSR_IA32_DS_AREA.
> This is really dangerous: You allow PV domains to control whether the area
> is actually mapped. It lacking a mapping can, iirc, on at least some CPUs
> result in a complete hang.
It's ~all, and explicitly documented. SDM Vol3 20.4.9.3:
"The recording of branch records in the BTS buffer (or PEBS records in
the PEBS buffer) may not operate properly if accesses to the linear
addresses in any of the three DS save area sections cause page faults,
VM exits, or the setting of accessed or dirty flags in the paging
structures (ordinary or EPT). For that reason, system software should
establish paging structures (both ordinary and EPT) to prevent such
occurrences."
There are potentially uses for PEBS/DS, but it needs to be via explicit
opt in only; it is absolutely not safe to let guests have in general.
One fun interaction would be a PV domain which gets shadowed (PV-L1TF,
or migrated), which will instantly violate the #PF requirement.
~Andrew
|
