Received: by 2002:a05:6a10:eb17:0:0:0:0 with SMTP id hx23csp3736511pxb; Tue, 7 Sep 2021 06:35:32 -0700 (PDT) X-Google-Smtp-Source: ABdhPJynR8oz4FR0zncV7RoGluFZqykzsqWK6Wd1/ppKJTFxXsQ/XphMoxBJyO0KTY16Z+mt9ltN X-Received: by 2002:a17:906:2413:: with SMTP id z19mr17577770eja.57.1631021732328; Tue, 07 Sep 2021 06:35:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1631021732; cv=none; d=google.com; s=arc-20160816; b=xVclAynpPBaxnE4i6MkZh+wN5uIU5DIE69EXxWnTSqQiE91kbthrOa8ubsu9HSG9Nt Gvm9m0c6UKRBeX9rVhGu1RXU8IVi7VF+28pt8B/X6rILB5FtN7Q8dg7rjxzMoLtSo/O1 so5Mn0+zY5FCzv90v/hUtw8jVNauhy5Wuw8Y6CdpE7wqlXrgq9MDtwWZhGuqHqqjAEdx A7qAU54D1E0R/BbrwVkdA2FVKK0Him7pF4VH4jq8x+62v2IxGFjfwacoB2xkPSwKtgZ3 hfdePKlUrw1bEqfK8n/5iD/NnGM7AjC5H9IXrTqmgxXlf1RvaIu5ciSJ7aIYyiZ8Rkr9 atUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject; bh=TNJWUWeHkEfI2dURajK46tg8tMwWW+v1j1l/M7bppfw=; b=CV9pLjVUsNowmGz738yaVOVPWE/EYLk4g3FM4we9ONagrmfWfwGJUQP8NecEzsEF5X Gv3PLlc9Q20VUKzP3vX/W+tMI7XkPTrl0XPW/YnMdL752kXWESQljX1jTeGniLRJFO3B pNYigs/mB86e0qZlelxY82nyqL6z77NGIkMX+ggn1DPnkKHLFBKeqSjxY+ohujYWWfGx Uqr/5xjd57IazyAMrd6cJR3E44R9aJgd8uPuEgqspX7xkMf20j8Ma88aa6hPfUcUjcoy 6XlInoGuLagscgRBlAwrUt5TeOap70pYRekoL8urcVrZt/znRAjjkfrZTbt/kDMfv+b+ WjZA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v1si10938602edc.180.2021.09.07.06.35.08; Tue, 07 Sep 2021 06:35:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344390AbhIGNen (ORCPT + 99 others); Tue, 7 Sep 2021 09:34:43 -0400 Received: from mga04.intel.com ([192.55.52.120]:31512 "EHLO mga04.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232913AbhIGNem (ORCPT ); Tue, 7 Sep 2021 09:34:42 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10099"; a="218337167" X-IronPort-AV: E=Sophos;i="5.85,274,1624345200"; d="scan'208";a="218337167" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Sep 2021 06:33:32 -0700 X-IronPort-AV: E=Sophos;i="5.85,274,1624345200"; d="scan'208";a="537974849" Received: from xiaoyaol-mobl.ccr.corp.intel.com (HELO [10.249.169.12]) ([10.249.169.12]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Sep 2021 06:33:23 -0700 Subject: Re: [PATCH v2] KVM: VMX: Enable Notify VM exit To: Sean Christopherson , Chenyi Qiang Cc: Tao Xu , pbonzini@redhat.com, vkuznets@redhat.com, wanpengli@tencent.com, jmattson@google.com, joro@8bytes.org, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, hpa@zytor.com, x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org References: <20210525051204.1480610-1-tao3.xu@intel.com> <080602dc-f998-ec13-ddf9-42902aa477de@intel.com> <4079f0c9-e34c-c034-853a-b26908a58182@intel.com> From: Xiaoyao Li Message-ID: Date: Tue, 7 Sep 2021 21:33:21 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0 Thunderbird/78.13.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 9/3/2021 12:29 AM, Sean Christopherson wrote: > On Thu, Sep 02, 2021, Chenyi Qiang wrote: >> On 8/3/2021 8:38 AM, Xiaoyao Li wrote: >>> On 8/2/2021 11:46 PM, Sean Christopherson wrote: >>>> IIRC, SGX instructions have a hard upper bound of 25k cycles before they >>>> have to check for pending interrupts, e.g. it's why EINIT is >>>> interruptible. The 25k cycle limit is likely a good starting point for >>>> the combined minimum. That's why I want to know the internal minimum; if >>>> the internal minimum is _guaranteed_ to be >25k, then KVM can be more >>>> aggressive with its default value. >>> >>> OK. I will go internally to see if we can publish the internal threshold. >>> >> >> Hi Sean, >> >> After syncing internally, we know that the internal threshold is not >> architectural but a model-specific value. It will be published in some place >> in future. > > Any chance it will also be discoverable, e.g. via an MSR? I also hope we can expose it via MSR. If not, we can maintain a table per FMS in KVM to get the internal threshold. However, per FMS info is not friendly to be virtualized (when we are going to enable the nested support). I'll try to persuade internal to expose it via MSR, but I guarantee nothing. > That would be ideal > as we could give the module param an "auto" mode where the combined threshold is > set to a minimum KVM-defined value, e.g. > > static int __read_mostly notify_window = -1; > module_param(notify_window, int, 444); > > ... > > rdmsrl_safe(MSR_NOTIFY_WINDOW_BUFFER, &buffer); > if (notify_window == -1) { > if (buffer < KVM_DEFAULT_NOTIFY_WINDOW) > notify_window = 0; > else > notifiy_window = KVM_DEFAULT_NOTIFY_WINDOW - buffer; > } > >> On Sapphire Rapids platform, the threshold is 128k. With this in mind, is it >> appropriate to set 0 as the default value of notify_window? > > Maybe? That's still not a guarantee that _future_ CPUs will have an internal > threshold >25k. but we can always use the formula above to guarantee it. vmcs.notify_window = KVM_DEFAULT_NOTIFY_WINDOW > internal ? KVM_DEFAULT_NOTIFY_WINDOW - internal : 0; > On a related topic, this needs tests. One thought would be to stop unconditionally > intercepting #AC if NOTIFY_WINDOW is enabled, and then have the test set up the > infinite #AC vectoring scenario. > yes, we have already tested with this case with notify_window set to 0. No false positive.