From: Manali Shukla <manali.shukla@amd.com>
To: linux-kernel@vger.kernel.org
Cc: peterz@infradead.org, mingo@redhat.com, acme@kernel.org,
jolsa@kernel.org, namhyung@kernel.org, tglx@linutronix.de,
bp@alien8.de, dave.hansen@linux.intel.com, seanjc@google.com,
pbonzini@redhat.com, jpoimboe@kernel.org,
pawan.kumar.gupta@linux.intel.com, babu.moger@amd.com,
sandipan.das@amd.com, jmattson@google.com,
thomas.lendacky@amd.com, nikunj@amd.com, ravi.bangoria@amd.com,
eranian@google.com, irogers@google.com, kvm@vger.kernel.org,
x86@kernel.org, linux-perf-users@vger.kernel.org
Subject: Re: [RFC PATCH kernel 0/2] PreventHostIBS feature for SEV-ES and SNP guests
Date: Wed, 15 Mar 2023 10:33:26 +0530 [thread overview]
Message-ID: <786f4d69-85c6-a581-1187-2fe8a49cf7e6@amd.com> (raw)
In-Reply-To: <20230206060545.628502-1-manali.shukla@amd.com>
On 2/6/2023 11:35 AM, Manali Shukla wrote:
> Adds support for PreventHostIBS feature for SEV-ES and SNP guests.
> Currently, the hypervisor is able to inspect instruction based samples
> from the guest and gather execution information. With enablement of
> PreventHostIBS feature, SEV-ES and SNP guests may choose to disallow
> use of instruction based sampling by the hypervisor in order to limit
> the information gathered about their execution. (More information in
> Section 15.36.17 APM Volume 2)
>
> While implementing this feature, unknown NMIs were being seen. On
> further investigation, a race was found effecting the IBS FETCH/OP
> MSR.
>
> ENABLE bit and VALID bit for IBS_FETCH_CTL are contained in the same
> MSR and same is the case with IBS_OP_CTL.
>
> Consider the following scenario:
> - The IBS MSR which has ENABLE bit set and VALID bit clear is read.
> - During the process of clearing the ENABLE bit and writing the IBS
> MSR to disable IBS, an IBS event can occur that sets the VALID bit.
> - The write operation on IBS MSR can clear the newly set VALID bit.
> - Since this situation is occurring in the CLGI/STGI window
> (PreventHostIBS window), the actual NMI is not taken.
> - Once VMRUN is issued, it will exit with VMEXIT_NMI and as soon as
> STGI is executed, the pending NMI will trigger.
> - The IBS NMI handler checks for the VALID bit to determine if the NMI
> is generated because of IBS.
> - Since VALID bit is now clear, it doesn't recognize that an IBS event
> is occurred which in turn generates the dazed and confused unknown
> NMI messages.
>
> Per-cpu ibs_flags which indicates whether PreventHostIBS window is
> active/inactive are added to avoid the above mentioned race.
>
> An active PreventHostIBS window is set before calling VMRUN and
> cleared after STGI. PreventHostIBS window check is added to
> perf_ibs_handle_irq(), to avoid unknown NMIs and treat them as handled
> when window is active.
>
> There are 2 patches in this series.
> 1) Add amd_prevent_hostibs_window() function to set per-cpu ibs_flags
> based on an active/inactive PreventHostIBS window.
> 2) Enable PreventHostIBS for SEV-ES and SNP guests.
>
> Testing done:
> - Executed program symbols in guest are not captured in host when
> PreventHostIBS feature is enabled.
> - Generated 1000+ NMIs using cpuid command, no unknown NMIs are seen
> after enablement of PreventHostIBS feature.
>
> Qemu commandline to enable PreventHostIBS on guest.
>
> qemu-system-x86_64 -enable-kvm -cpu EPYC-v4,+nohostibs \ ..
>
> Manali Shukla (2):
> perf/x86/amd: Add amd_prevent_hostibs_window() to set per-cpu
> ibs_flags
> KVM: SEV: PreventHostIBS enablement for SEV-ES and SNP guest
>
> arch/x86/events/amd/ibs.c | 64 ++++++++++++++++++++++++++++++
> arch/x86/include/asm/cpufeatures.h | 1 +
> arch/x86/include/asm/perf_event.h | 20 ++++++++++
> arch/x86/kvm/svm/sev.c | 10 +++++
> arch/x86/kvm/svm/svm.c | 39 +++++++++++++++++-
> arch/x86/kvm/svm/svm.h | 1 +
> 6 files changed, 133 insertions(+), 2 deletions(-)
>
A gentle reminder for the review.
-Manali
next prev parent reply other threads:[~2023-03-15 5:03 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-06 6:05 [RFC PATCH kernel 0/2] PreventHostIBS feature for SEV-ES and SNP guests Manali Shukla
2023-02-06 6:05 ` [RFC PATCH kernel 1/2] perf/x86/amd: Add amd_prevent_hostibs_window() to set per-cpu ibs_flags Manali Shukla
2023-02-13 13:10 ` Peter Zijlstra
2023-02-16 10:39 ` Shukla, Manali
2023-03-13 3:29 ` Ravi Bangoria
2023-02-06 6:05 ` [RFC PATCH kernel 2/2] KVM: SEV: PreventHostIBS enablement for SEV-ES and SNP guest Manali Shukla
2023-03-15 5:05 ` Nikunj A. Dadhania
2023-03-24 19:55 ` Sean Christopherson
2023-03-29 6:11 ` Manali Shukla
2023-03-29 16:47 ` Sean Christopherson
2023-03-15 5:03 ` Manali Shukla [this message]
2023-03-23 6:06 ` [RFC PATCH kernel 0/2] PreventHostIBS feature for SEV-ES and SNP guests Manali Shukla
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=786f4d69-85c6-a581-1187-2fe8a49cf7e6@amd.com \
--to=manali.shukla@amd.com \
--cc=acme@kernel.org \
--cc=babu.moger@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=eranian@google.com \
--cc=irogers@google.com \
--cc=jmattson@google.com \
--cc=jolsa@kernel.org \
--cc=jpoimboe@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=namhyung@kernel.org \
--cc=nikunj@amd.com \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=ravi.bangoria@amd.com \
--cc=sandipan.das@amd.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).