Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp6658918yba; Tue, 14 May 2019 11:11:42 -0700 (PDT) X-Google-Smtp-Source: APXvYqxtlGFEZaIO3owj9PkkkamqidT5J+91HxVwHrHlBlC3MPloQDZverCGTqGKX/AGSTg41Plp X-Received: by 2002:a63:e451:: with SMTP id i17mr39668355pgk.312.1557857502710; Tue, 14 May 2019 11:11:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557857502; cv=none; d=google.com; s=arc-20160816; b=YXFFsxNAG701Ia/8bxlBZK5GINRGcFSfkkniReLM9p7xooM4/iPPvX6kVKhrACbeXL dY7egL3QLDUIo7FIhgucPIeeiwARpaBr5kkMK8KA43zigOrdVsGV5/qZXSD52ovgMtf4 lGKPzsu7wgii85SoCcR+/PDpTgeKp5guCEQ++DS2DgpzXOG1mA4ldcgUvi2qfEOSiMBk wK4B3dMLQij8Qos6MIUXMZTHcIgRoaQbmkcDmKZFBAVj9u3nF63R8mkd9iEyTpjo76I6 aPoP6DuHTN8vNUd6yL31rbzx1fM0Zurnsr3Z8GprmH5fTAPvHu8A0n2yeyXo7JCeo0AK 8uOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=3UQS2XHTdSVGwXYnTPVMo1tYEHcx2ClEg4W90yUXbmw=; b=Gq//b/MHsAOKi6fqS4JxnJowhAnbmmoDMkwmgjte09uYEQ2Zi4S74ATBWC0Yfjksoh KvqD+NOK6U6En6guoIssgSNtl6TEyqPfwNRay0HgnXTIvnrmQYuFdznplCNoFl6LO0u6 dPwm9/4LprfNQm/vEMen9IY8aHYOxWe7NlHru5adiZ1z8Uf3eCBadqFE0txLN0Nb0hbC DKxQyA1b6dIbU7C+SeBqe9tQScZO4Tb9oVsIAhVJN6/4qk/R7I20SNuyGESKrTNuEIzU ZLfNLCuNdcwq5YYJzzHWjLy/Jqt2spuFg+czJvNKpZbuy3ayjAcT6slBh2vkJDammg7T OjYQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 17si5556123pfw.148.2019.05.14.11.11.27; Tue, 14 May 2019 11:11:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727554AbfENSJv (ORCPT + 99 others); Tue, 14 May 2019 14:09:51 -0400 Received: from mga12.intel.com ([192.55.52.136]:17908 "EHLO mga12.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726201AbfENSJv (ORCPT ); Tue, 14 May 2019 14:09:51 -0400 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 May 2019 11:09:49 -0700 X-ExtLoop1: 1 Received: from sjchrist-coffee.jf.intel.com (HELO linux.intel.com) ([10.54.74.36]) by orsmga007.jf.intel.com with ESMTP; 14 May 2019 11:09:50 -0700 Date: Tue, 14 May 2019 11:09:36 -0700 From: Sean Christopherson To: Peter Zijlstra Cc: Alexandre Chartre , Andy Lutomirski , Paolo Bonzini , Radim Krcmar , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Dave Hansen , kvm list , X86 ML , Linux-MM , LKML , Konrad Rzeszutek Wilk , jan.setjeeilers@oracle.com, Liran Alon , Jonathan Adams Subject: Re: [RFC KVM 18/27] kvm/isolation: function to copy page table entries for percpu buffer Message-ID: <20190514180936.GA1977@linux.intel.com> References: <1557758315-12667-1-git-send-email-alexandre.chartre@oracle.com> <1557758315-12667-19-git-send-email-alexandre.chartre@oracle.com> <20190514070941.GE2589@hirez.programming.kicks-ass.net> <4e7d52d7-d4d2-3008-b967-c40676ed15d2@oracle.com> <20190514170522.GW2623@hirez.programming.kicks-ass.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190514170522.GW2623@hirez.programming.kicks-ass.net> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 14, 2019 at 07:05:22PM +0200, Peter Zijlstra wrote: > On Tue, May 14, 2019 at 06:24:48PM +0200, Alexandre Chartre wrote: > > On 5/14/19 5:23 PM, Andy Lutomirski wrote: > > > > How important is the ability to enable IRQs while running with the KVM > > > page tables? > > > > > > > I can't say, I would need to check but we probably need IRQs at least for > > some timers. Sounds like you would really prefer IRQs to be disabled. > > > > I think what amluto is getting at, is: > > again: > local_irq_disable(); > switch_to_kvm_mm(); > /* do very little -- (A) */ > VMEnter() > > /* runs as guest */ > > /* IRQ happens */ > WMExit() > /* inspect exit raisin */ > if (/* IRQ pending */) { > switch_from_kvm_mm(); > local_irq_restore(); > goto again; > } > > > but I don't know anything about VMX/SVM at all, so the above might not > be feasible, specifically I read something about how VMX allows NMIs > where SVM did not somewhere around (A) -- or something like that, > earlier in this thread. For IRQs it's somewhat feasible, but not for NMIs since NMIs are unblocked on VMX immediately after VM-Exit, i.e. there's no way to prevent an NMI from occuring while KVM's page tables are loaded. Back to Andy's question about enabling IRQs, the answer is "it depends". Exits due to INTR, NMI and #MC are considered high priority and are serviced before re-enabling IRQs and preemption[1]. All other exits are handled after IRQs and preemption are re-enabled. A decent number of exit handlers are quite short, e.g. CPUID, most RDMSR and WRMSR, any event-related exit, etc... But many exit handlers require significantly longer flows, e.g. EPT violations (page faults) and anything that requires extensive emulation, e.g. nested VMX. In short, leaving IRQs disabled across all exits is not practical. Before going down the path of figuring out how to handle the corner cases regarding kvm_mm, I think it makes sense to pinpoint exactly what exits are a) in the hot path for the use case (configuration) and b) can be handled fast enough that they can run with IRQs disabled. Generating that list might allow us to tightly bound the contents of kvm_mm and sidestep many of the corner cases, i.e. select VM-Exits are handle with IRQs disabled using KVM's mm, while "slow" VM-Exits go through the full context switch. [1] Technically, IRQs are actually enabled when SVM services INTR. SVM hardware doesn't acknowledge the INTR/NMI on VM-Exit, but rather keeps it pending until the event is unblocked, e.g. servicing a VM-Exit due to an INTR is simply a matter of enabling IRQs.