Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp5493289ybl; Tue, 27 Aug 2019 05:39:32 -0700 (PDT) X-Google-Smtp-Source: APXvYqzzmiCHV5wDLJIElfrLFjYPshfbfvnU/HUoOk3xprofGToOxkLNBq1koJA/7732TfmxMdMU X-Received: by 2002:aa7:809a:: with SMTP id v26mr17434456pff.82.1566909572510; Tue, 27 Aug 2019 05:39:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1566909572; cv=none; d=google.com; s=arc-20160816; b=SvplgQyyrMyOZQ3axq2xH3w3+RyV+wGxDQyug0oSUr/cC5VOvCqQg9MR6FB835Wemy Tz7vQcyZOU2Nn+rkHJ9pqtdyl5ktPoehbhwG9in1S0HxPvwdog5wvlMq7k7QyPmgmiEm 0EILhTklgGONbl/iU+nNaPcwaHDGtQPDpiQlnd+MM15Ag38nky50zlO8Y+4dgjToaSyw BO3+l8/Mrw40eBZn8216up5ZLJ9Dbopja5J+gKA8iwWKFTYomIuR4gKPoYzGvUdCXVdh KNiI1qolHTAJAzjcifbOdd/5vYVmz8k/lFlBCxd3D1OJ0suqN0iKucEg2WaSUPn0WUNh EYhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from; bh=mhQh216D8KPUhpQBQ77haDbZ+wPiEolIAFs33u9E+Zo=; b=gdgQxsVPxq0iQsmi09La5l9KA8D/nq5qkvlwNCFfSxoTKOOZfq7ys5BLDKYpJDh8Qp MpAO2zh6KB2J+iBGPTsVFIKWo/iG/mXzjgNXBHd99JCl49YjepdLxNomAxqmCPTblrc9 xmmDQ/SR2HcuK//J0RKX3ABJ4nx0za8IAhTHfeDPKIg6XZEyyUXnFdKiWbt4PiG1Umm2 cfFJj7FcsJI1vpvecPO0jUq5XmWyjMTlnyEIgoRUIbShONYB3KqvUZXwuZryD4LXezQh XCbb6Y5y92PNZmErO7/gMkXD7Xc5R0vvfy+qhOT7ClO0IXuxLmMKb9XjBus/FWhb7nkQ 0Mkw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t34si12780785plb.29.2019.08.27.05.39.16; Tue, 27 Aug 2019 05:39:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728612AbfH0MiW (ORCPT + 99 others); Tue, 27 Aug 2019 08:38:22 -0400 Received: from mx1.redhat.com ([209.132.183.28]:51114 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726539AbfH0MiW (ORCPT ); Tue, 27 Aug 2019 08:38:22 -0400 Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B5CE2811DC for ; Tue, 27 Aug 2019 12:38:21 +0000 (UTC) Received: by mail-wm1-f71.google.com with SMTP id d65so1017303wmd.3 for ; Tue, 27 Aug 2019 05:38:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:in-reply-to:references:date :message-id:mime-version; bh=mhQh216D8KPUhpQBQ77haDbZ+wPiEolIAFs33u9E+Zo=; b=CjUdb4jBJeuwtBt3PaLYWNr/Nyzs//ITuieyLg8n0ddqYadnocNsfQbea7fV5JD4mS U8ih95P8bHV6AioiYcU2pvcGlW4Sa+Uy4fBYFNwELJ7pUPkbQGGUbwhxKvaesXE2JrW7 btLgCfKTN5wRsMQnZGfci+3Z+4gPynid9gMGyVuky2/S+bxFyz5IpWFcM168KHTFxrMF CBhtoJQsKpn40ge6XCxQo2U9Wx0xv0fLymbhvCQWH9wyYSyIkX4yJ5YPBKrfreDQQVhn 6zYVNO+o+jW6FS7e4Xhs+kN4E9jOdMfrHwdBl16PqIdNAT0or5FtmxWKPIad3jaPojAZ 4/+Q== X-Gm-Message-State: APjAAAVk98sIZZ/hSZUL59K4lAd8x4kjhasN18C4CUMoN+uc7vKmYl2h G+pEUbXpynLxeXeOjzQFVZnrhkmvhR1V1ZOR3PHtV1+aKArD9rfN+k11nLPZiQD8baNm+6Lmj// vWewsple+WPwvOFePTmF50D7r X-Received: by 2002:adf:f481:: with SMTP id l1mr25892221wro.123.1566909500323; Tue, 27 Aug 2019 05:38:20 -0700 (PDT) X-Received: by 2002:adf:f481:: with SMTP id l1mr25892187wro.123.1566909500126; Tue, 27 Aug 2019 05:38:20 -0700 (PDT) Received: from vitty.brq.redhat.com (nat-pool-brq-t.redhat.com. [213.175.37.10]) by smtp.gmail.com with ESMTPSA id x10sm16906584wrn.39.2019.08.27.05.38.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Aug 2019 05:38:19 -0700 (PDT) From: Vitaly Kuznetsov To: Tianyu Lan Cc: Tianyu Lan , kvm , linux-doc@vger.kernel.org, linux-hyperv@vger.kernel.org, "linux-kernel\@vger kernel org" , Paolo Bonzini , Radim Krcmar , corbet@lwn.net, KY Srinivasan , Haiyang Zhang , Stephen Hemminger , Sasha Levin , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , the arch/x86 maintainers , michael.h.kelley@microsoft.com Subject: Re: [PATCH V3 0/3] KVM/Hyper-V: Add Hyper-V direct tlb flush support In-Reply-To: References: <20190819131737.26942-1-Tianyu.Lan@microsoft.com> <87ftlnm7o8.fsf@vitty.brq.redhat.com> Date: Tue, 27 Aug 2019 14:38:18 +0200 Message-ID: <87v9uilr5x.fsf@vitty.brq.redhat.com> MIME-Version: 1.0 Content-Type: text/plain Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Tianyu Lan writes: > On Tue, Aug 27, 2019 at 2:41 PM Vitaly Kuznetsov wrote: >> >> lantianyu1986@gmail.com writes: >> >> > From: Tianyu Lan >> > >> > This patchset is to add Hyper-V direct tlb support in KVM. Hyper-V >> > in L0 can delegate L1 hypervisor to handle tlb flush request from >> > L2 guest when direct tlb flush is enabled in L1. >> > >> > Patch 2 introduces new cap KVM_CAP_HYPERV_DIRECT_TLBFLUSH to enable >> > feature from user space. User space should enable this feature only >> > when Hyper-V hypervisor capability is exposed to guest and KVM profile >> > is hided. There is a parameter conflict between KVM and Hyper-V hypercall. >> > We hope L2 guest doesn't use KVM hypercall when the feature is >> > enabled. Detail please see comment of new API >> > "KVM_CAP_HYPERV_DIRECT_TLBFLUSH" >> >> I was thinking about this for awhile and I think I have a better >> proposal. Instead of adding this new capability let's enable direct TLB >> flush when KVM guest enables Hyper-V Hypercall page (writes to >> HV_X64_MSR_HYPERCALL) - this guarantees that the guest doesn't need KVM >> hypercalls as we can't handle both KVM-style and Hyper-V-style >> hypercalls simultaneously and kvm_emulate_hypercall() does: >> >> if (kvm_hv_hypercall_enabled(vcpu->kvm)) >> return kvm_hv_hypercall(vcpu); >> >> What do you think? >> >> (and instead of adding the capability we can add kvm.ko module parameter >> to enable direct tlb flush unconditionally, like >> 'hv_direct_tlbflush=-1/0/1' with '-1' being the default (autoselect >> based on Hyper-V hypercall enablement, '0' - permanently disabled, '1' - >> permanenetly enabled)). >> > > Hi Vitaly:: > Actually, I had such idea before. But user space should check > whether hv tlb flush > is exposed to VM before enabling direct tlb flush. If no, user space > should not direct > tlb flush for guest since Hyper-V will do more check for each > hypercall from nested > VM with enabling the feauter.. If TLB Flush enlightenment is not exposed to the VM at all there's no difference if we enable direct TLB flush in eVMCS or not: the guest won't be using 'TLB Flush' hypercall and will do TLB flushing with IPIs. And, in case the guest enables Hyper-V hypercall page, it is definitelly not going to use KVM hypercalls so we can't break these. -- Vitaly