Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752204AbdFUSYO (ORCPT ); Wed, 21 Jun 2017 14:24:14 -0400 Received: from mx1.redhat.com ([209.132.183.28]:50064 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751108AbdFUSYM (ORCPT ); Wed, 21 Jun 2017 14:24:12 -0400 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 41BCF80464 Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=rkrcmar@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 41BCF80464 Date: Wed, 21 Jun 2017 20:24:01 +0200 From: Radim =?utf-8?B?S3LEjW3DocWZ?= To: Arnaldo Carvalho de Melo Cc: David Hildenbrand , kvm@vger.kernel.org, Paolo Bonzini , dvyukov@google.com, Alexander Shishkin , linux-kernel@vger.kernel.org Subject: Re: [PATCH RFC] KVM: VMX: drop vmm_exclusive module parameter Message-ID: <20170621182401.GC27032@potion> References: <20170310114713.7571-1-david@redhat.com> <20170621174822.GR13640@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20170621174822.GR13640@kernel.org> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Wed, 21 Jun 2017 18:24:07 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2331 Lines: 52 2017-06-21 14:48-0300, Arnaldo Carvalho de Melo: > Em Fri, Mar 10, 2017 at 12:47:13PM +0100, David Hildenbrand escreveu: > > vmm_exclusive=0 leads to KVM setting X86_CR4_VMXE always and calling > > VMXON only when the vcpu is loaded. X86_CR4_VMXE is used as an > > indication in cpu_emergency_vmxoff() (called on kdump) if VMXOFF has to be > > called. This is obviously not the case if both are used independtly. > > Calling VMXOFF without a previous VMXON will result in an exception. > > > > In addition, X86_CR4_VMXE is used as a mean to test if VMX is already in > > use by another VMM in hardware_enable(). So there can't really be > > co-existance. If the other VMM is prepared for co-existance and does a > > similar check, only one VMM can exist. If the other VMM is not prepared > > and blindly sets/clears X86_CR4_VMXE, we will get inconsistencies with > > X86_CR4_VMXE. > > > > As we also had bug reports related to clearing of vmcs with vmm_exclusive=0 > > this seems to be pretty much untested. So let's better drop it. > > > > While at it, directly move setting/clearing X86_CR4_VMXE into > > kvm_cpu_vmxon/off. > > Oh well, I was using, as suggested by Alexander, this parameter to be > able to use Intel PT on the host on a Broadwell machine, i.e.: > > perf record -e intel_pt// usleep 1 > perf script We thought that blacklisting the KVM module was a good solution ... Were you using KVM virtual machines with vmm_exclusive=0? > would show decoded Intel PT records, no more :-\ But I'm clueless about > KVM internals, so just reporting the change in behaviour for this very > specific use case. > > Now I don't know if this is something that would make Intel PT be usable > on Broadwell machines but wouldn't be required with newer chips, will > test with a Kaby Lake i5 7500 when back at my home office... Most likely, SDM 35.2.8.2 says: Initial implementations of Intel Processor Trace do not support tracing in VMX operation. Such processors indicate this by returning 0 for IA32_VMX_MISC[bit 14]. so something akin to vmm_exclusive is about the only option there. Please try if Kaby Lake is already an advanced implementation, because we might need to disable PT when entering VMX non-root mode (so the tracing packets are not be written into guest's memory, just like with PEBS). Thanks.