Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp19907rwb; Mon, 26 Sep 2022 08:46:48 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4sGMgOGKX5Kw6NEhtsaze2CPJrIjAy4XSwhBZzb9eu/RFXcKWpwPBagGCfZqw9bgSCx0Vy X-Received: by 2002:a17:902:a707:b0:178:bd1e:e8be with SMTP id w7-20020a170902a70700b00178bd1ee8bemr22797239plq.167.1664207208216; Mon, 26 Sep 2022 08:46:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1664207208; cv=none; d=google.com; s=arc-20160816; b=EAw3YkB7UG36LQxEnrCddEUjwngTqHpJ8nYz3MDxFVhsJ2b7qZI7QoQWgN9zcHFjM4 vKbGb1K1hcJzesDpSYMPqMkUyq0XhEi7b0JdmC/8JWsi8WIITslriUf26qxtewEEP3zQ oLQNYWolwAqIuV4FiR/YS8x+m8WvhXunvJ+nNTpCd2oiSGHbF1DegGIHtARoiwT8rcX+ kpRQKQHDlteC81QOP7F8GNdwycicZ2BIN0DIAj+/G0DZLFxIoNzoAfXEhB85vnoiZyfA qc+Q379iiKyjXXsJfiWAo1CDle7ADHZ4qJk9HDjlKSLSiNSy68Vp5mZUpwXRhZYlk6h+ 9fIQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=acJkGEJzQvXK3ntpRB7CEDesvJKyVtqSHHdOsYKLzIg=; b=j66jubws/OAjJGTWYSe43h9XP4YgXY3/Pm260Hu5FFUBHJDl0g3e5Z/hCXfjCjQTg1 gTIm0qiM6NCCq1OUmQaQjbHxeUNXsFVpp9QQHmGxjQMldCjCi2Zmt7eG9lTdgbQxh52S rkzaoaE686UmiECilppfuqwH5TuOH7z524HB3iilELJ622Bz7/Q88wAtg8EQnkn1hz1D EFcJai5KFm+jfwZhwGw7w4aI4qp0+P1munfMsqEnX8ohYXe5rUO8G3OLCdptDJbKjyUj 1eem6PIW/gTh1SmxnORmDq6NgtK07jowaj+ifELCdjdv7grz0IXtegADj9ghDepPlXQQ IOnQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=i1dwUiOy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l14-20020a17090a49ce00b00202c7eb5e03si11247027pjm.30.2022.09.26.08.45.59; Mon, 26 Sep 2022 08:46:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=i1dwUiOy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236760AbiIZPdd (ORCPT + 99 others); Mon, 26 Sep 2022 11:33:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58728 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236379AbiIZPcz (ORCPT ); Mon, 26 Sep 2022 11:32:55 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [IPv6:2001:67c:2178:6::1c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D4AF050538; Mon, 26 Sep 2022 07:19:11 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 8CD4D21ED4; Mon, 26 Sep 2022 14:19:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1664201950; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=acJkGEJzQvXK3ntpRB7CEDesvJKyVtqSHHdOsYKLzIg=; b=i1dwUiOyCBw7IR7aEH1PBRg4a9gQzwDV01bgDjlihYYT+NCz760Ilh718xzjV+CMcd+1gU Ysl9/VyM6OsgmljS7s7h0UDr+PBJX3FQhki4eIpF0+Av66TnrmdN/ZlEiCcnlBWkWVVSNE WoPIKXRUUFnLgAouJlYWO//iNsY5ADU= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 3D18F139BD; Mon, 26 Sep 2022 14:19:10 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id BwGjDd60MWOiBgAAMHmgww (envelope-from ); Mon, 26 Sep 2022 14:19:10 +0000 From: Juergen Gross To: xen-devel@lists.xenproject.org, x86@kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Juergen Gross , Jonathan Corbet , Boris Ostrovsky , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" Subject: [PATCH 3/3] xen/pv: support selecting safe/unsafe msr accesses Date: Mon, 26 Sep 2022 16:18:49 +0200 Message-Id: <20220926141849.21805-4-jgross@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20220926141849.21805-1-jgross@suse.com> References: <20220926141849.21805-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Instead of always doing the safe variants for reading and writing MSRs in Xen PV guests, make the behavior controllable via Kconfig option and a boot parameter. The default will be the current behavior, which is to always use the safe variant. Signed-off-by: Juergen Gross --- .../admin-guide/kernel-parameters.txt | 6 +++++ arch/x86/xen/Kconfig | 9 +++++++ arch/x86/xen/enlighten_pv.c | 24 +++++++++++-------- 3 files changed, 29 insertions(+), 10 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 426fa892d311..1bda9cf18fae 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -6836,6 +6836,12 @@ Crash from Xen panic notifier, without executing late panic() code such as dumping handler. + xen_msr_safe= [X86,XEN] + Format: + Select whether to always use non-faulting (safe) MSR + access functions when running as Xen PV guest. The + default value is controlled by CONFIG_XEN_PV_MSR_SAFE. + xen_nopvspin [X86,XEN] Disables the qspinlock slowpath using Xen PV optimizations. This parameter is obsoleted by "nopvspin" parameter, which diff --git a/arch/x86/xen/Kconfig b/arch/x86/xen/Kconfig index 85246dd9faa1..9b1ec5d8c99c 100644 --- a/arch/x86/xen/Kconfig +++ b/arch/x86/xen/Kconfig @@ -92,3 +92,12 @@ config XEN_DOM0 select X86_X2APIC if XEN_PVH && X86_64 help Support running as a Xen Dom0 guest. + +config XEN_PV_MSR_SAFE + bool "Always use safe MSR accesses in PV guests" + default y + depends on XEN_PV + help + Use safe (not faulting) MSR access functions even if the MSR access + should not fault anyway. + The default can be changed by using the "xen_msr_safe" boot parameter. diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c index 4e68e047df94..6b0e5d4c485a 100644 --- a/arch/x86/xen/enlighten_pv.c +++ b/arch/x86/xen/enlighten_pv.c @@ -108,6 +108,16 @@ struct tls_descs { */ static DEFINE_PER_CPU(struct tls_descs, shadow_tls_desc); +static __read_mostly bool xen_msr_safe = IS_ENABLED(CONFIG_XEN_PV_MSR_SAFE); + +static int __init parse_xen_msr_safe(char *str) +{ + if (str) + return strtobool(str, &xen_msr_safe); + return -EINVAL; +} +early_param("xen_msr_safe", parse_xen_msr_safe); + static void __init xen_pv_init_platform(void) { /* PV guests can't operate virtio devices without grants. */ @@ -1010,22 +1020,16 @@ static int xen_write_msr_safe(unsigned int msr, unsigned int low, static u64 xen_read_msr(unsigned int msr) { - /* - * This will silently swallow a #GP from RDMSR. It may be worth - * changing that. - */ int err; - return xen_read_msr_safe(msr, &err); + return xen_do_read_msr(msr, xen_msr_safe ? &err : NULL); } static void xen_write_msr(unsigned int msr, unsigned low, unsigned high) { - /* - * This will silently swallow a #GP from WRMSR. It may be worth - * changing that. - */ - xen_write_msr_safe(msr, low, high); + int err; + + xen_do_write_msr(msr, low, high, xen_msr_safe ? &err : NULL); } /* This is called once we have the cpu_possible_mask */ -- 2.35.3