Re: [PATCH v4 16/21] i386: track explicit 'hv-*' features enablement/disablement

[Vitaly Kuznetsov <vkuznets@redhat.com>]

Igor Mammedov <imammedo@redhat.com> writes:

>> 
>> We need to distinguish because that would be sane.
>> 
>> Enlightened VMCS is an extension to VMX, it can't be used without
>> it. Genuine Hyper-V doesn't have a knob for enabling and disabling it,
> ...
>> That bein said, if
>> guest CPU lacks VMX it is counter-productive to expose EVMCS. However,
>> there is a problem with explicit enablement: what should
>> 
>> 'hv-passthrough,hv-evmcs' option do? Just silently drop EVMCS? Doesn't
>> sound sane to me.
> based on above I'd error out is user asks for unsupported option
> i.e. no VMX -> no hv-evmcs - if explicitly asked -> error out

That's what I keep telling you but you don't seem to listen. 'Scratch
CPU' can't possibly help with this use-case because when you parse 

'hv-passthrough,hv-evmcs,vmx=off' you

1) "hv-passthrough" -> set EVMCS bit to '1' as it is supported by the
host.

2) 'hv-evmcs' -> keep EVMCS bit '1'

3) 'vmx=off' -> you have no idea where EVMCS bit came from.

We have to remember which options were aquired from the host and which
were set explicitly by the user. Ok, you can replace
'hyperv_features_on' with 'evmcs_was_explicitly_requested' but how is it
better?
 
>
> if later on we find usecase for VMX=off + hv-evmcs=on,
> we will be able to drop error without affecting existing users,
> but not other way around.
>
>> >> Moreover, instead of just adding two 'u64's we're now doing an ioctl
>> >> which can fail, be subject to limits,... Creating and destroying a CPU
>> >> is also slow. Sorry, I hardly see how this is better, maybe just from
>> >> 'code purity' point of view.  
>> > readable and easy to maintain code is not a thing to neglect.  
>> 
>> Of couse, but 'scratch CPU' idea is not a good design decision, it is an
>> ugly hack we should get rid of in ARM land, not try bringing it to other
>> architectures. Generally, KVM should allow to query all its capabilities
>> without the need to create a vCPU or, if not possible, we should create
>> 'real' QEMU VCPUs and use one/all of the to query capabilities, avoiding
>> 'scratch' because:
>> - Creating and destroying a vCPU makes VM startup slower, much
>> slower. E.g. for a single-CPU VM you're doubling the time required to
>> create vCPUs!
>> - vCPUs in KVM are quite memory consuming. Just 'struct kvm_vcpu_arch'
>> was something like 12kb last time I looked at it. 
>> 
>> I have no clue why scratch vCPUs were implemented on ARM, however, I'd
>> very much want us to avoid doing the same on x86. We do have use-cases
>> where startup time and consumed memory is important. There is a point in
>> limiting ioctls for security reasons (e.g. if I'm creating a single vCPU
>> VM I may want to limit userspace process to one and only one
>> KVM_CREATE_VCPU call).
> it should be possible to reuse scratch VCPU (kvm file descriptor) as
> the first CPU of VM, if there is a will/need, without creating unnecessary overhead.
> I don't like scratch CPU either but from my pov it's a lesser evil to
> spawning custom parser every time someone fills like it.

I respectfully disagree.

>
>
>> Now to the code you complain about. The 'hard to read and maintain' code
>> is literaly this:
>> 
>> +static void x86_hv_feature_set(Object *obj, bool value, int feature)
>> +{
>> +    X86CPU *cpu = X86_CPU(obj);
>> +
>> +    if (value) {
>> +        cpu->hyperv_features |= BIT(feature);
>> +        cpu->hyperv_features_on |= BIT(feature);
>> +        cpu->hyperv_features_off &= ~BIT(feature);
>> +    } else {
>> +        cpu->hyperv_features &= ~BIT(feature);
>> +        cpu->hyperv_features_on &= ~BIT(feature);
>> +        cpu->hyperv_features_off |= BIT(feature);
>> +    }
>> +}
> It's not just that code but the rest that uses above variables to
> get final hyperv_features feature set. There is a lot of invariants
> that are hidden in hv specific code that you put in hyperv kvm
> specific part.

Could you give an example please?

>
> btw why can't we get supported hyperv_features in passthrough mode
> during time we initialize KVM (without a vCPU)?

I think I already explained that: KVM_GET_SUPPORTED_HV_CPUID works on
KVM fd from 5.11, it requires a vCPU prior to that.

>
>> I can add as many comments here as needed, however, I don't see what
>> requires additional explanaition. We just want to know two things:
>> - What's the 'effective' setting of the control
>> - Was it explicitly enabled or disabled on the command line.
>> 
>> Custom parsers are not new in QEMU and they're not going anywhere I
>> believe. There are options with simple enablent and there are some with
>> additional considerations. Trying to make CPU objects somewhat 'special'
>> by forcing all options to be of type-1 (and thus crippling user
>> experience) is not the way to go IMHO. I'd very much like us to go in
>> another direction, make our option parser better so my very simple
>> use-case is covered 'out-of-the-box'.
> there is a lot of effort spent on getting rid of custom parsers that
> QEMU accumulated over years. Probably there were good reasons to add
> them back then, and now someone else has to spend time to clean them up.
>
> hyperv case is not any special in that regard (at least I'm not convinced
> at this point). Try alternative(s) first, if that doesn't work out, then
> custom parser might be necessary.

Please explain to me how 

'hv-passthrough,hv-evmcs,-vmx' is going to throw an error
and
'hv-passthrough,-vmx' is not.

-- 
Vitaly