From: Brian Gerst <brgerst@gmail.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
kvm list <kvm@vger.kernel.org>,
"the arch/x86 maintainers" <x86@kernel.org>,
Sean Christopherson <sean.j.christopherson@intel.com>,
Dave Hansen <dave.hansen@intel.com>,
Chang Seok Bae <chang.seok.bae@intel.com>,
Peter Zijlstra <peterz@infradead.org>,
Sasha Levin <sashal@kernel.org>,
Tom Lendacky <thomas.lendacky@amd.com>,
Andy Lutomirski <luto@kernel.org>
Subject: Re: [PATCH v2] x86/entry/64: Do not use RDPID in paranoid entry to accomodate KVM
Date: Fri, 21 Aug 2020 10:15:02 -0400 [thread overview]
Message-ID: <CAMzpN2ixJ_nWMdgnLf9zuDpvuJFZOepWtyX3bxg7OgMTW0j4pA@mail.gmail.com> (raw)
In-Reply-To: <20200821105229.18938-1-pbonzini@redhat.com>
On Fri, Aug 21, 2020 at 6:56 AM Paolo Bonzini <pbonzini@redhat.com> wrote:
>
> From: Sean Christopherson <sean.j.christopherson@intel.com>
>
> Don't use RDPID in the paranoid entry flow, as it can consume a KVM
> guest's MSR_TSC_AUX value if an NMI arrives during KVM's run loop.
>
> In general, the kernel does not need TSC_AUX because it can just use
> __this_cpu_read(cpu_number) to read the current processor id. It can
> also just block preemption and thread migration at its will, therefore
> it has no need for the atomic rdtsc+vgetcpu provided by RDTSCP. For this
> reason, as a performance optimization, KVM loads the guest's TSC_AUX when
> a CPU first enters its run loop. On AMD's SVM, it doesn't restore the
> host's value until the CPU exits the run loop; VMX is even more aggressive
> and defers restoring the host's value until the CPU returns to userspace.
>
> This optimization obviously relies on the kernel not consuming TSC_AUX,
> which falls apart if an NMI arrives during the run loop and uses RDPID.
> Removing it would be painful, as both SVM and VMX would need to context
> switch the MSR on every VM-Enter (for a cost of 2x WRMSR), whereas using
> LSL instead RDPID is a minor blip.
>
> Both SAVE_AND_SET_GSBASE and GET_PERCPU_BASE are only used in paranoid entry,
> therefore the patch can just remove the RDPID alternative.
>
> Fixes: eaad981291ee3 ("x86/entry/64: Introduce the FIND_PERCPU_BASE macro")
> Cc: Dave Hansen <dave.hansen@intel.com>
> Cc: Chang Seok Bae <chang.seok.bae@intel.com>
> Cc: Peter Zijlstra <peterz@infradead.org>
> Cc: Sasha Levin <sashal@kernel.org>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: kvm@vger.kernel.org
> Reported-by: Tom Lendacky <thomas.lendacky@amd.com>
> Debugged-by: Tom Lendacky <thomas.lendacky@amd.com>
> Suggested-by: Andy Lutomirski <luto@kernel.org>
> Suggested-by: Peter Zijlstra <peterz@infradead.org>
> Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> arch/x86/entry/calling.h | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h
> index 98e4d8886f11..ae9b0d4615b3 100644
> --- a/arch/x86/entry/calling.h
> +++ b/arch/x86/entry/calling.h
> @@ -374,12 +374,14 @@ For 32-bit we have the following conventions - kernel is built with
> * Fetch the per-CPU GSBASE value for this processor and put it in @reg.
> * We normally use %gs for accessing per-CPU data, but we are setting up
> * %gs here and obviously can not use %gs itself to access per-CPU data.
> + *
> + * Do not use RDPID, because KVM loads guest's TSC_AUX on vm-entry and
> + * may not restore the host's value until the CPU returns to userspace.
> + * Thus the kernel would consume a guest's TSC_AUX if an NMI arrives
> + * while running KVM's run loop.
> */
> .macro GET_PERCPU_BASE reg:req
> - ALTERNATIVE \
> - "LOAD_CPU_AND_NODE_SEG_LIMIT \reg", \
> - "RDPID \reg", \
> - X86_FEATURE_RDPID
> + LOAD_CPU_AND_NODE_SEG_LIMIT \reg
> andq $VDSO_CPUNODE_MASK, \reg
> movq __per_cpu_offset(, \reg, 8), \reg
> .endm
LOAD_CPU_AND_NODE_SEG_LIMIT can be merged into this, as its only
purpose was to work around using CPP macros in an alternative.
--
Brian Gerst
next prev parent reply other threads:[~2020-08-21 14:15 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-21 10:52 [PATCH v2] x86/entry/64: Do not use RDPID in paranoid entry to accomodate KVM Paolo Bonzini
2020-08-21 14:15 ` Brian Gerst [this message]
2020-08-21 14:21 ` [tip: x86/urgent] " tip-bot2 for Sean Christopherson
2020-08-21 14:21 ` [PATCH v2] " Sean Christopherson
2020-08-21 15:35 ` Brian Gerst
2020-08-25 10:44 ` Thomas Gleixner
2020-08-25 12:11 ` Brian Gerst
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMzpN2ixJ_nWMdgnLf9zuDpvuJFZOepWtyX3bxg7OgMTW0j4pA@mail.gmail.com \
--to=brgerst@gmail.com \
--cc=chang.seok.bae@intel.com \
--cc=dave.hansen@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=sashal@kernel.org \
--cc=sean.j.christopherson@intel.com \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).