Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp340501rwr; Tue, 25 Apr 2023 23:27:29 -0700 (PDT) X-Google-Smtp-Source: AKy350ZfOAvuxNH8zMXiinV/kZ+/4OyL0S9nRav34l8rB2f6V17aeW6SSiD/4y8Z5qqkPVrL44kZ X-Received: by 2002:a05:6a00:1749:b0:634:970e:ca09 with SMTP id j9-20020a056a00174900b00634970eca09mr27327650pfc.30.1682490449306; Tue, 25 Apr 2023 23:27:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682490449; cv=none; d=google.com; s=arc-20160816; b=GpbRfB5h17mA1pS8ZChAQOjtGutL0xKlWOzf8+CzixaQhtAWOmT5a8qfgtNQgecSKl gazs9g1H9egjci0JTtBwZc30Qk+nTIC1QGz2UXsPqWPueR8/SMFIlpuWhvzAyW7t1Kh6 uQeDpaSUP0/XSPuNbHEfq76VBWcr+CDYiEGcdiAZ8Yv0dyGK/cMn2DZUw5XqpiCDRCOR CqXIv4dKlzks9o09RYmdImH5rzOeh7dcIq09xDE4b6drevLHewtyOn3c5oPj9e5nJWzk jRqXkUeQr/iE8vBoqRCHbntd7Na6xGrWFBU50lBLUKWFfprIoKroiI4LoBOs0DLjlDGo lOgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :content-language:references:cc:to:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=ZHn9sTXEzMs5ji4aB0cw2xEtdZV2Wc90msMFQpQNypo=; b=oafMV8a2mX6Vyjz7Snndkk6pKg/U8+tsj/NV3QGia1kZLdWQk3nTQquCTFNuzX3UuT u4ZkfTpOzIQ9FmvVuoDNGVToW0oamoK3WlLjATEVrsiPHfue1rwudMSjJboI53wEkkyK YycPJ/BoU0SOjR15n9vC/GzUi4rMq+stDz2zpJ/5FqIh5Bt4VctgxffPpPMyP2W4UH6R LxXb7YjLKIq/KYPY0Bismae3M6QUYrHA1F6tYfkgq6mH7Ds6TheJXLPYd6gDMY0RdXmn ajaiLsK7rttnVZgMCUNKtHmDIP9eRZQbZV2lfJQPjQhBZm2G8D5Bflt5NUldGRjJGx9l q5wg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=R0M+kyYT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m125-20020a625883000000b006361df3aa86si6673041pfb.88.2023.04.25.23.27.15; Tue, 25 Apr 2023 23:27:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=R0M+kyYT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239533AbjDZG0l (ORCPT + 99 others); Wed, 26 Apr 2023 02:26:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45860 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238586AbjDZG0Z (ORCPT ); Wed, 26 Apr 2023 02:26:25 -0400 Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3387E35A1; Tue, 25 Apr 2023 23:26:03 -0700 (PDT) Received: by mail-pg1-x533.google.com with SMTP id 41be03b00d2f7-51efefe7814so6780176a12.3; Tue, 25 Apr 2023 23:26:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1682490362; x=1685082362; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=ZHn9sTXEzMs5ji4aB0cw2xEtdZV2Wc90msMFQpQNypo=; b=R0M+kyYTCMVB+3lxhcSwBtYOjt0JotGWCJKJXXWAQhLq6Bjtn8CObXI7IkuESeMcTb lx320puUayJvTNeIo1hwCPEPWSE5BWejYyYHaRj0G190VY/V4QvJLgj3XXpqDL0y/TX/ RkgVzxMYOmUdKbjGFKbuXqSxkPvh8GSkFeYdXTN5oG7YttmR14BJrOHxMtJq2riXjzPV FOXf+zWHDGSsrdWVdjdwOZpN2CqwdQTaxE0hF0rvh+GIWSZcSChBNJTZLsKahupcaz9U nNaychYm0w78JpMk4NU1mYaVd47ETtRr4TGbvxb2ldCE9DHRnLmCAj33nDf0BrdK0oGR 6pHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1682490362; x=1685082362; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ZHn9sTXEzMs5ji4aB0cw2xEtdZV2Wc90msMFQpQNypo=; b=kZgLJpzn4QbzB3ysWLU4m5RRs+JW05eyJVov36PKNRetTQRcn/TztxZWrDKf0eG8eK w4xEqt2USrHGFiC9eEExqKsZ01AMAO6gVnCNqwTZ9b41/ZJ5Wg46hcV+AXHUPYnKs50Z 7BVjXPv+eeaKvgAbumoeo9EsGX5z22B51q0/fPrfNfMPkl4jBP3WAfj3gd0qdq3EPaMO K5POAGvcNBoJCEubdD8FuoMssq4ekj4I3YRrOgmGAfqkY4nkU9f8aQc8BJ9U7sqyjYUt SDCjgTaaYUgTHlAynRW+nKjXq8zdEjD1/+es9Ks5tzegHvyulrastNkBZ0wHJWpcYnYH uZtA== X-Gm-Message-State: AAQBX9cVXc7fu2UaZNN4WiWhzDfTPyBwOhG/l8QhqwFXy+geTnqlY92e d8NkXU1okNdiRU7oHlzlEtQ= X-Received: by 2002:a05:6a20:3d93:b0:f3:6746:ba37 with SMTP id s19-20020a056a203d9300b000f36746ba37mr15940657pzi.13.1682490362481; Tue, 25 Apr 2023 23:26:02 -0700 (PDT) Received: from [192.168.255.10] ([103.7.29.32]) by smtp.gmail.com with ESMTPSA id k10-20020a65464a000000b0050336b0b08csm8906630pgr.19.2023.04.25.23.25.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 25 Apr 2023 23:26:01 -0700 (PDT) Message-ID: Date: Wed, 26 Apr 2023 14:25:53 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: Re: [PATCH 5/5] KVM: x86/pmu: Hide guest counter updates from the VMRUN instruction To: Sandipan Das , Sean Christopherson Cc: Paolo Bonzini , Ravi Bangoria , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Santosh Shukla , "Tom Lendacky (AMD)" , Ananth Narayan References: <20230310105346.12302-1-likexu@tencent.com> <20230310105346.12302-6-likexu@tencent.com> <509b697f-4e60-94e5-f785-95f7f0a14006@gmail.com> <34b5dd08-edac-e32f-1884-c8f2b85f7971@gmail.com> <59ef9af0-9528-e220-625a-ff16e6971f23@amd.com> Content-Language: en-US From: Like Xu In-Reply-To: <59ef9af0-9528-e220-625a-ff16e6971f23@amd.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3.5 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 26/4/2023 1:25 pm, Sandipan Das wrote: > Hi Sean, Like, > > On 4/19/2023 7:11 PM, Like Xu wrote: >> On 7/4/2023 10:56 pm, Sean Christopherson wrote: >>> On Fri, Apr 07, 2023, Like Xu wrote: >>>> On 7/4/2023 10:18 am, Sean Christopherson wrote: >>>>> Wait, really?  VMRUN is counted if and only if it enters to a CPL0 guest?  Can >>>>> someone from AMD confirm this?  I was going to say we should just treat this as >>>>> "normal" behavior, but counting CPL0 but not CPL>0 is definitely quirky. >>>> >>>> VMRUN is only counted on a CPL0-target (branch) instruction counter. >>> >>> Yes or no question: if KVM does VMRUN and a PMC is programmed to count _all_ taken >>> branches, will the PMC count VMRUN as a branch if guest CPL>0 according to the VMCB? >> >> YES, my quick tests (based on run_in_user() from KUT on Zen4) show: >> >> EVENTSEL_GUESTONLY + EVENTSEL_ALL + VMRUN_to_USR -> AMD_ZEN_BR_RETIRED + 1 >> EVENTSEL_GUESTONLY + EVENTSEL_ALL + VMRUN_to_OS -> AMD_ZEN_BR_RETIRED + 1 >> >> EVENTSEL_GUESTONLY + EVENTSEL_USR + VMRUN_to_USR -> AMD_ZEN_BR_RETIRED + 1 >> EVENTSEL_GUESTONLY + EVENTSEL_OS + VMRUN_to_OS -> AMD_ZEN_BR_RETIRED + 1 >> >> VENTSEL_GUESTONLY + EVENTSEL_OS + VMRUN_to_USR -> No change >> VENTSEL_GUESTONLY + EVENTSEL_USR + VMRUN_to_OS -> No change >> >> I'm actually not surprised and related test would be posted later. >> >>> >>>> This issue makes a guest CPL0-target instruction counter inexplicably >>>> increase, as if it would have been under-counted before the virtualization >>>> instructions were counted. >>> >>> Heh, it's very much explicable, it's just not desirable, and you and I would argue >>> that it's also incorrect. >> >> This is completely inaccurate from the end guest pmu user's perspective. >> >> I have a toy that looks like virtio-pmu, through which guest users can get hypervisor performance data. >> But the side effect of letting the guest see the VMRUN instruction by default is unacceptable, isn't it ? >> >>> >>> AMD folks, are there plans to document this as an erratum?  I agree with Like that >>> counting VMRUN as a taken branch in guest context is a CPU bug, even if the behavior >>> is known/expected. >> > > This behaviour is architectural and an erratum will not be issued. However, for clarity, a future > release of the APM will include additional details like the following: > > 1) From the perspective of performance monitoring counters, VMRUNs are considered as far control > transfers and VMEXITs as exceptions. > > 2) When the performance monitoring counters are set up to count events only in certain modes > through the "OsUserMode" and "HostGuestOnly" bits, instructions and events that change the > mode are counted in the target mode. For example, a SYSCALL from CPL 3 to CPL 0 with a > counter set to count retired instructions with USR=1 and OS=0 will not cause an increment of > the counter. However, the SYSRET back from CPL 0 to CPL 3 will cause an increment of the > counter and the total count will end up correct. Similarly, when counting PMCx0C6 (retired > far control transfers, including exceptions and interrupts) with Guest=1 and Host=0, a VMRUN > instruction will cause an increment of the counter. However, the subsequent VMEXIT that occurs, > since the target is in the host, will not cause an increment of the counter and so the total > count will end up correct. > Thanks for the clarification, that fits my understanding. "Calculated in target mode" and "correct total count" are architectural choices, which is not a problem if the consumers of PMU data are on the same side. But for a VM user, seeing SYSRET in the user mode is completely and functionally different from seeing VMRUN in the guest context. Since the host user and the guest user are two separate pmu data consumers, and they do not aggregate or share the so-called "total" PMU data. This situation is even worse for nested SVM guests and SEV-SNP guests. I'm not urging that AMD hardware should change, but it is entirely necessary for our software layer to take this step, as it is part of the hypervisor's responsibility to hide itself by default.