From: Nadav Amit <namit@vmware.com>
To: Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>
Cc: x86@kernel.org, linux-kernel@vger.kernel.org,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Nadav Amit <namit@vmware.com>
Subject: [RFC PATCH 0/3] x86/mm/tlb: Defer TLB flushes with PTI
Date: Fri, 23 Aug 2019 15:46:32 -0700 [thread overview]
Message-ID: <20190823224635.15387-1-namit@vmware.com> (raw)
INVPCID is considerably slower than INVLPG of a single PTE, but it is
currently used to flush PTEs in the user page-table when PTI is used.
Instead, it is possible to defer TLB flushes until after the user
page-tables are loaded. Preventing speculation over the TLB flushes
should keep the whole thing safe. In some cases, deferring TLB flushes
in such a way can result in more full TLB flushes, but arguably this
behavior is oftentimes beneficial.
These patches are based and evaluated on top of the concurrent
TLB-flushes v4 patch-set.
I will provide more results later, but it might be easier to look at the
time an isolated TLB flush takes. These numbers are from skylake,
showing the number of cycles that running madvise(DONTNEED) which
results in local TLB flushes takes:
n_pages concurrent +deferred-pti change
------- ---------- ------------- ------
1 2119 1986 -6.7%
10 6791 5417 -20%
Please let me know if I missed something that affects security or
performance.
[ Yes, I know there is another pending RFC for async TLB flushes, but I
think it might be easier to merge this one first ]
Nadav Amit (3):
x86/mm/tlb: Defer PTI flushes
x86/mm/tlb: Avoid deferring PTI flushes on shootdown
x86/mm/tlb: Use lockdep irq assertions
arch/x86/entry/calling.h | 52 +++++++++++++++++++--
arch/x86/include/asm/tlbflush.h | 31 ++++++++++--
arch/x86/kernel/asm-offsets.c | 3 ++
arch/x86/mm/tlb.c | 83 +++++++++++++++++++++++++++++++--
4 files changed, 158 insertions(+), 11 deletions(-)
--
2.17.1
next reply other threads:[~2019-08-24 6:07 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-23 22:46 Nadav Amit [this message]
2019-08-23 22:46 ` [RFC PATCH 1/3] x86/mm/tlb: Defer PTI flushes Nadav Amit
2019-08-23 22:46 ` [RFC PATCH 2/3] x86/mm/tlb: Avoid deferring PTI flushes on shootdown Nadav Amit
2019-08-23 22:46 ` [RFC PATCH 3/3] x86/mm/tlb: Use lockdep irq assertions Nadav Amit
2019-08-24 6:09 ` [RFC PATCH 0/3] x86/mm/tlb: Defer TLB flushes with PTI Nadav Amit
2019-08-27 23:18 ` Andy Lutomirski
2019-08-27 23:52 ` Nadav Amit
2019-08-28 0:30 ` Andy Lutomirski
2019-08-29 17:23 ` Nadav Amit
2019-09-03 21:33 ` Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190823224635.15387-1-namit@vmware.com \
--to=namit@vmware.com \
--cc=dave.hansen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).