From mboxrd@z Thu Jan 1 00:00:00 1970 From: Boris Ostrovsky Subject: [PATCH v25 06/15] x86/VPMU: Initialize PMU for PV(H) guests Date: Fri, 19 Jun 2015 14:44:37 -0400 Message-ID: <1434739486-1611-7-git-send-email-boris.ostrovsky@oracle.com> References: <1434739486-1611-1-git-send-email-boris.ostrovsky@oracle.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1434739486-1611-1-git-send-email-boris.ostrovsky@oracle.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: JBeulich@suse.com, kevin.tian@intel.com, suravee.suthikulpanit@amd.com, Aravind.Gopalakrishnan@amd.com, dietmar.hahn@ts.fujitsu.com, dgdegra@tycho.nsa.gov, andrew.cooper3@citrix.com Cc: boris.ostrovsky@oracle.com, xen-devel@lists.xen.org List-Id: xen-devel@lists.xenproject.org Code for initializing/tearing down PMU for PV guests Signed-off-by: Boris Ostrovsky Acked-by: Daniel De Graaf Acked-by: Jan Beulich Acked-by: Kevin Tian --- tools/flask/policy/policy/modules/xen/xen.te | 4 + xen/arch/x86/domain.c | 2 + xen/arch/x86/hvm/hvm.c | 1 + xen/arch/x86/hvm/svm/svm.c | 4 +- xen/arch/x86/hvm/svm/vpmu.c | 16 +++- xen/arch/x86/hvm/vmx/vmx.c | 4 +- xen/arch/x86/hvm/vmx/vpmu_core2.c | 30 ++++-- xen/arch/x86/hvm/vpmu.c | 131 ++++++++++++++++++++++++--- xen/common/event_channel.c | 1 + xen/include/asm-x86/hvm/vpmu.h | 2 + xen/include/public/pmu.h | 2 + xen/include/public/xen.h | 1 + xen/include/xsm/dummy.h | 3 + xen/xsm/flask/hooks.c | 4 + xen/xsm/flask/policy/access_vectors | 2 + 15 files changed, 181 insertions(+), 26 deletions(-) diff --git a/tools/flask/policy/policy/modules/xen/xen.te b/tools/flask/policy/policy/modules/xen/xen.te index 45b5cb2..f553eb5 100644 --- a/tools/flask/policy/policy/modules/xen/xen.te +++ b/tools/flask/policy/policy/modules/xen/xen.te @@ -130,6 +130,10 @@ if (guest_writeconsole) { dontaudit domain_type xen_t : xen writeconsole; } +# Allow all domains to use PMU (but not to change its settings --- that's what +# pmu_ctrl is for) +allow domain_type xen_t:xen2 pmu_use; + ############################################################################### # # Domain creation diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c index dc18565..b699f68 100644 --- a/xen/arch/x86/domain.c +++ b/xen/arch/x86/domain.c @@ -438,6 +438,8 @@ int vcpu_initialise(struct vcpu *v) vmce_init_vcpu(v); } + spin_lock_init(&v->arch.vpmu.vpmu_lock); + if ( has_hvm_container_domain(d) ) { rc = hvm_vcpu_initialise(v); diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c index d5e5242..83a81f5 100644 --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -4931,6 +4931,7 @@ static hvm_hypercall_t *const pvh_hypercall64_table[NR_hypercalls] = { HYPERCALL(hvm_op), HYPERCALL(sysctl), HYPERCALL(domctl), + HYPERCALL(xenpmu_op), [ __HYPERVISOR_arch_1 ] = (hvm_hypercall_t *)paging_domctl_continuation }; diff --git a/xen/arch/x86/hvm/svm/svm.c b/xen/arch/x86/hvm/svm/svm.c index a02f983..680eebe 100644 --- a/xen/arch/x86/hvm/svm/svm.c +++ b/xen/arch/x86/hvm/svm/svm.c @@ -1165,7 +1165,9 @@ static int svm_vcpu_initialise(struct vcpu *v) return rc; } - vpmu_initialise(v); + /* PVH's VPMU is initialized via hypercall */ + if ( is_hvm_vcpu(v) ) + vpmu_initialise(v); svm_guest_osvw_init(v); diff --git a/xen/arch/x86/hvm/svm/vpmu.c b/xen/arch/x86/hvm/svm/vpmu.c index b60ca40..a8572a6 100644 --- a/xen/arch/x86/hvm/svm/vpmu.c +++ b/xen/arch/x86/hvm/svm/vpmu.c @@ -364,13 +364,11 @@ static void amd_vpmu_destroy(struct vcpu *v) amd_vpmu_unset_msr_bitmap(v); xfree(vpmu->context); - vpmu_reset(vpmu, VPMU_CONTEXT_ALLOCATED); if ( vpmu_is_set(vpmu, VPMU_RUNNING) ) - { - vpmu_reset(vpmu, VPMU_RUNNING); release_pmu_ownship(PMU_OWNER_HVM); - } + + vpmu_clear(vpmu); } /* VPMU part of the 'q' keyhandler */ @@ -482,6 +480,16 @@ int __init amd_vpmu_init(void) return -EINVAL; } + if ( sizeof(struct xen_pmu_data) + + 2 * sizeof(uint64_t) * num_counters > PAGE_SIZE ) + { + printk(XENLOG_WARNING + "VPMU: Register bank does not fit into VPMU shared page\n"); + counters = ctrls = NULL; + num_counters = 0; + return -ENOSPC; + } + return 0; } diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c index 0837627..50e11dd 100644 --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -140,7 +140,9 @@ static int vmx_vcpu_initialise(struct vcpu *v) } } - vpmu_initialise(v); + /* PVH's VPMU is initialized via hypercall */ + if ( is_hvm_vcpu(v) ) + vpmu_initialise(v); vmx_install_vlapic_mapping(v); diff --git a/xen/arch/x86/hvm/vmx/vpmu_core2.c b/xen/arch/x86/hvm/vmx/vpmu_core2.c index 025c970..e7642e5 100644 --- a/xen/arch/x86/hvm/vmx/vpmu_core2.c +++ b/xen/arch/x86/hvm/vmx/vpmu_core2.c @@ -365,13 +365,16 @@ static int core2_vpmu_alloc_resource(struct vcpu *v) if ( !acquire_pmu_ownership(PMU_OWNER_HVM) ) return 0; - wrmsrl(MSR_CORE_PERF_GLOBAL_CTRL, 0); - if ( vmx_add_host_load_msr(MSR_CORE_PERF_GLOBAL_CTRL) ) - goto out_err; + if ( has_hvm_container_vcpu(v) ) + { + wrmsrl(MSR_CORE_PERF_GLOBAL_CTRL, 0); + if ( vmx_add_host_load_msr(MSR_CORE_PERF_GLOBAL_CTRL) ) + goto out_err; - if ( vmx_add_guest_msr(MSR_CORE_PERF_GLOBAL_CTRL) ) - goto out_err; - vmx_write_guest_msr(MSR_CORE_PERF_GLOBAL_CTRL, 0); + if ( vmx_add_guest_msr(MSR_CORE_PERF_GLOBAL_CTRL) ) + goto out_err; + vmx_write_guest_msr(MSR_CORE_PERF_GLOBAL_CTRL, 0); + } core2_vpmu_cxt = xzalloc_bytes(sizeof(*core2_vpmu_cxt) + sizeof(uint64_t) * fixed_pmc_cnt + @@ -717,7 +720,7 @@ static void core2_vpmu_destroy(struct vcpu *v) if ( has_hvm_container_vcpu(v) && cpu_has_vmx_msr_bitmap ) core2_vpmu_unset_msr_bitmap(v->arch.hvm_vmx.msr_bitmap); release_pmu_ownship(PMU_OWNER_HVM); - vpmu_reset(vpmu, VPMU_CONTEXT_ALLOCATED); + vpmu_clear(vpmu); } struct arch_vpmu_ops core2_vpmu_ops = { @@ -827,6 +830,10 @@ int vmx_vpmu_initialise(struct vcpu *v) ds_warned = 1; func_out: + /* PV domains can allocate resources immediately */ + if ( is_pv_vcpu(v) && !core2_vpmu_alloc_resource(v) ) + return -EIO; + vpmu->arch_vpmu_ops = &core2_vpmu_ops; return 0; @@ -897,6 +904,15 @@ int __init core2_vpmu_init(void) check_pmc_quirk(); + if ( sizeof(struct xen_pmu_data) + sizeof(uint64_t) * fixed_pmc_cnt + + sizeof(struct xen_pmu_cntr_pair) * arch_pmc_cnt > PAGE_SIZE ) + { + printk(XENLOG_WARNING + "VPMU: Register bank does not fit into VPMU share page\n"); + arch_pmc_cnt = fixed_pmc_cnt = 0; + return -ENOSPC; + } + return 0; } diff --git a/xen/arch/x86/hvm/vpmu.c b/xen/arch/x86/hvm/vpmu.c index e7e552e..e3e5a9c 100644 --- a/xen/arch/x86/hvm/vpmu.c +++ b/xen/arch/x86/hvm/vpmu.c @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -257,22 +258,25 @@ void vpmu_initialise(struct vcpu *v) struct vpmu_struct *vpmu = vcpu_vpmu(v); uint8_t vendor = current_cpu_data.x86_vendor; int ret; + bool_t is_priv_vpmu = is_hardware_domain(v->domain); BUILD_BUG_ON(sizeof(struct xen_pmu_intel_ctxt) > XENPMU_CTXT_PAD_SZ); BUILD_BUG_ON(sizeof(struct xen_pmu_amd_ctxt) > XENPMU_CTXT_PAD_SZ); - if ( is_pvh_vcpu(v) ) - return; - ASSERT(!vpmu->flags && !vpmu->context); - /* - * Count active VPMUs so that we won't try to change vpmu_mode while - * they are in use. - */ - spin_lock(&vpmu_lock); - vpmu_count++; - spin_unlock(&vpmu_lock); + if ( !is_priv_vpmu ) + { + /* + * Count active VPMUs so that we won't try to change vpmu_mode while + * they are in use. + * vpmu_mode can be safely updated while dom0's VPMUs are active and + * so we don't need to include it in the count. + */ + spin_lock(&vpmu_lock); + vpmu_count++; + spin_unlock(&vpmu_lock); + } switch ( vendor ) { @@ -299,7 +303,7 @@ void vpmu_initialise(struct vcpu *v) printk(XENLOG_G_WARNING "VPMU: Initialization failed for %pv\n", v); /* Intel needs to initialize VPMU ops even if VPMU is not in use */ - if ( ret || (vpmu_mode == XENPMU_MODE_OFF) ) + if ( !is_priv_vpmu && (ret || (vpmu_mode == XENPMU_MODE_OFF)) ) { spin_lock(&vpmu_lock); vpmu_count--; @@ -332,13 +336,104 @@ void vpmu_destroy(struct vcpu *v) vpmu_clear_last, v, 1); if ( vpmu->arch_vpmu_ops && vpmu->arch_vpmu_ops->arch_vpmu_destroy ) - vpmu->arch_vpmu_ops->arch_vpmu_destroy(v); + { + /* Unload VPMU first. This will stop counters */ + on_selected_cpus(cpumask_of(vcpu_vpmu(v)->last_pcpu), + vpmu_save_force, v, 1); + vpmu->arch_vpmu_ops->arch_vpmu_destroy(v); + } spin_lock(&vpmu_lock); - vpmu_count--; + if ( !is_hardware_domain(v->domain) ) + vpmu_count--; spin_unlock(&vpmu_lock); } +static int pvpmu_init(struct domain *d, xen_pmu_params_t *params) +{ + struct vcpu *v; + struct vpmu_struct *vpmu; + struct page_info *page; + uint64_t gfn = params->val; + + if ( vpmu_mode == XENPMU_MODE_OFF ) + return -EINVAL; + + if ( (params->vcpu >= d->max_vcpus) || (d->vcpu[params->vcpu] == NULL) ) + return -EINVAL; + + page = get_page_from_gfn(d, gfn, NULL, P2M_ALLOC); + if ( !page ) + return -EINVAL; + + if ( !get_page_type(page, PGT_writable_page) ) + { + put_page(page); + return -EINVAL; + } + + v = d->vcpu[params->vcpu]; + vpmu = vcpu_vpmu(v); + + spin_lock(&vpmu->vpmu_lock); + + if ( v->arch.vpmu.xenpmu_data ) + { + spin_unlock(&vpmu->vpmu_lock); + put_page_and_type(page); + return -EEXIST; + } + + v->arch.vpmu.xenpmu_data = __map_domain_page_global(page); + if ( !v->arch.vpmu.xenpmu_data ) + { + spin_unlock(&vpmu->vpmu_lock); + put_page_and_type(page); + return -ENOMEM; + } + + vpmu_initialise(v); + + spin_unlock(&vpmu->vpmu_lock); + + return 0; +} + +static void pvpmu_finish(struct domain *d, xen_pmu_params_t *params) +{ + struct vcpu *v; + struct vpmu_struct *vpmu; + uint64_t mfn; + void *xenpmu_data; + + if ( (params->vcpu >= d->max_vcpus) || (d->vcpu[params->vcpu] == NULL) ) + return; + + v = d->vcpu[params->vcpu]; + if ( v != current ) + vcpu_pause(v); + + vpmu = vcpu_vpmu(v); + spin_lock(&vpmu->vpmu_lock); + + vpmu_destroy(v); + xenpmu_data = vpmu->xenpmu_data; + vpmu->xenpmu_data = NULL; + + spin_unlock(&vpmu->vpmu_lock); + + if ( xenpmu_data ) + { + mfn = domain_page_map_to_mfn(xenpmu_data); + ASSERT(mfn_valid(mfn)); + unmap_domain_page_global(xenpmu_data); + put_page_and_type(mfn_to_page(mfn)); + } + + if ( v != current ) + vcpu_unpause(v); +} + /* Dump some vpmu informations on console. Used in keyhandler dump_domains(). */ void vpmu_dump(struct vcpu *v) { @@ -365,6 +460,8 @@ long do_xenpmu_op(unsigned int op, XEN_GUEST_HANDLE_PARAM(xen_pmu_params_t) arg) { case XENPMU_mode_set: case XENPMU_feature_set: + case XENPMU_init: + case XENPMU_finish: if ( copy_from_guest(&pmu_params, arg, 1) ) return -EFAULT; @@ -444,6 +541,14 @@ long do_xenpmu_op(unsigned int op, XEN_GUEST_HANDLE_PARAM(xen_pmu_params_t) arg) break; + case XENPMU_init: + ret = pvpmu_init(current->domain, &pmu_params); + break; + + case XENPMU_finish: + pvpmu_finish(current->domain, &pmu_params); + break; + default: ret = -EINVAL; } diff --git a/xen/common/event_channel.c b/xen/common/event_channel.c index 2208de0..adf742a 100644 --- a/xen/common/event_channel.c +++ b/xen/common/event_channel.c @@ -106,6 +106,7 @@ static int virq_is_global(uint32_t virq) case VIRQ_TIMER: case VIRQ_DEBUG: case VIRQ_XENOPROF: + case VIRQ_XENPMU: rc = 0; break; case VIRQ_ARCH_0 ... VIRQ_ARCH_7: diff --git a/xen/include/asm-x86/hvm/vpmu.h b/xen/include/asm-x86/hvm/vpmu.h index 96f7666..642a4b7 100644 --- a/xen/include/asm-x86/hvm/vpmu.h +++ b/xen/include/asm-x86/hvm/vpmu.h @@ -64,6 +64,8 @@ struct vpmu_struct { void *context; /* May be shared with PV guest */ void *priv_context; /* hypervisor-only */ struct arch_vpmu_ops *arch_vpmu_ops; + struct xen_pmu_data *xenpmu_data; + spinlock_t vpmu_lock; }; /* VPMU states */ diff --git a/xen/include/public/pmu.h b/xen/include/public/pmu.h index 50cc048..e6307b5 100644 --- a/xen/include/public/pmu.h +++ b/xen/include/public/pmu.h @@ -25,6 +25,8 @@ #define XENPMU_mode_set 1 #define XENPMU_feature_get 2 #define XENPMU_feature_set 3 +#define XENPMU_init 4 +#define XENPMU_finish 5 /* ` } */ /* Parameters structure for HYPERVISOR_xenpmu_op call */ diff --git a/xen/include/public/xen.h b/xen/include/public/xen.h index 59fb544..1b98d8b 100644 --- a/xen/include/public/xen.h +++ b/xen/include/public/xen.h @@ -161,6 +161,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_ulong_t); #define VIRQ_MEM_EVENT 10 /* G. (DOM0) A memory event has occured */ #define VIRQ_XC_RESERVED 11 /* G. Reserved for XenClient */ #define VIRQ_ENOMEM 12 /* G. (DOM0) Low on heap memory */ +#define VIRQ_XENPMU 13 /* V. PMC interrupt */ /* Architecture-specific VIRQ definitions. */ #define VIRQ_ARCH_0 16 diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h index a496116..6456f72 100644 --- a/xen/include/xsm/dummy.h +++ b/xen/include/xsm/dummy.h @@ -704,6 +704,9 @@ static XSM_INLINE int xsm_pmu_op (XSM_DEFAULT_ARG struct domain *d, int op) case XENPMU_feature_set: case XENPMU_feature_get: return xsm_default_action(XSM_PRIV, d, current->domain); + case XENPMU_init: + case XENPMU_finish: + return xsm_default_action(XSM_HOOK, d, current->domain); default: return -EPERM; } diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c index ac98966..aefcbda 100644 --- a/xen/xsm/flask/hooks.c +++ b/xen/xsm/flask/hooks.c @@ -1592,6 +1592,10 @@ static int flask_pmu_op (struct domain *d, unsigned int op) case XENPMU_feature_get: return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_XEN2, XEN2__PMU_CTRL, NULL); + case XENPMU_init: + case XENPMU_finish: + return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_XEN2, + XEN2__PMU_USE, NULL); default: return -EPERM; } diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors index 3a5d798..a6517a3 100644 --- a/xen/xsm/flask/policy/access_vectors +++ b/xen/xsm/flask/policy/access_vectors @@ -89,6 +89,8 @@ class xen2 get_symbol # PMU control pmu_ctrl +# PMU use (domains, including unprivileged ones, will be using this operation) + pmu_use } # Classes domain and domain2 consist of operations that a domain performs on -- 1.8.1.4