Received: by 2002:ab2:6816:0:b0:1f9:5764:f03e with SMTP id t22csp3331475lqo; Tue, 21 May 2024 13:47:32 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXjMu9oQY30XcGGFhQgW1umDO/Go0Py/WH4UodiDLD+dJdYR7XojcinCKgP5bsPw71e77VVFJKJLDZcfNDOYfU3+7el3I6Gd9Y7Vr1vRA== X-Google-Smtp-Source: AGHT+IHAw2u3Nshsjp882IBZBmTo6jPDprMEVN+jW0GQkV90kqlPsE/YDNye2p5Fkz5Gu3hYS02P X-Received: by 2002:a5b:bc2:0:b0:de6:1798:3cc9 with SMTP id 3f1490d57ef6-df4e0aad618mr256674276.18.1716324452664; Tue, 21 May 2024 13:47:32 -0700 (PDT) Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id d75a77b69052e-43e053b9c65si34862731cf.570.2024.05.21.13.47.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 May 2024 13:47:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-185432-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@redhat.com header.s=mimecast20190719 header.b=AWGJg9jC; arc=fail (body hash mismatch); spf=pass (google.com: domain of linux-kernel+bounces-185432-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-185432-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 502391C20D5B for ; Tue, 21 May 2024 20:47:32 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B8B0B149C4D; Tue, 21 May 2024 20:47:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="AWGJg9jC" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1E269D51E for ; Tue, 21 May 2024 20:47:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716324438; cv=none; b=Sl6wU1Rq+s9VspjW5F+xtIr+RTbg4oOafog4/Csuh5NVMupVKsnxGW/tDcxs+549NLTmoNWavv2skKMuEWajGyChbPEGnt57xYg75jjGJeH/9Xh4vFNl0I5xYG6ASD/vwKEZgzFo5k4GyRtrZpgZxKwUx9PDhC2t/Mr0/W4Xn58= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716324438; c=relaxed/simple; bh=/RrA+IkihiMWw6BwGKsHsXwxUySSG2WGe39iX7tOFL4=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=n3S9ga87rdilABt5LoJk0SAt2wU5U2ohnbYXVKsxObxwaG7TTdeT91LD99nU+UgQ7wMxnhUwTOekQYUhY+ZhxfLPgiCOqF1lzYUCQE+oGyrE5u+VQgNeR4SJd8/qFZI8BXuSrGMQBozn1NWU233hVxmBMqc/e0WgD3eKNrQVD6g= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=AWGJg9jC; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1716324435; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ASHds6F2Qt89jBYBISFH+hUHw17yTjB7XJcTzPoZFHU=; b=AWGJg9jCm43qJN+O+MwnI/NHrExeB8ga9rbW268BPYH5pqSxQN7rU+eX4fkBVASh4f+J+d qtBGZhamze/OMwKcAk6Cvxb63CgToNY8c9oaOBCiTLSUjSzWvzW89OahpPMSzVz+VdVaoJ 9m0jzPQ29B87hcVjgpdybIYUe3aQRK4= Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com [209.85.221.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-155-wN027z-8Mjqw5tIxAoa0YQ-1; Tue, 21 May 2024 16:47:14 -0400 X-MC-Unique: wN027z-8Mjqw5tIxAoa0YQ-1 Received: by mail-wr1-f69.google.com with SMTP id ffacd0b85a97d-34e08bdc701so9183903f8f.3 for ; Tue, 21 May 2024 13:47:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716324433; x=1716929233; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ASHds6F2Qt89jBYBISFH+hUHw17yTjB7XJcTzPoZFHU=; b=cUyLBdtAaWm5UZrkI3zHwgevOW1YlRfbR8plZ5waqbq5UZoeKPdb2bUZJFm1Zt+zzU gPwfGKGtUxgYHoE/GhBCNp+WLPXmIl+bNnotgCh2kmqGye2n3zKZr41EazdlzIFhooWn EWGK7ANbMAwxG/Rnh290KI4oCK9UbHVhBLo+gIESN1MZ8YqV9GZprsPKdHCLj0jtLpYV 7Cvk2/xpAh3f72Ys7+5jnrSsyWT0TWDj+hUXjI/2lTDF2qoX6BcF7FOmvcH2CMeLWsce UxcoXmUKd3oO514p98Pi+IglgAdy+QcEFf5IIJXAbbiUYQwnNfXDdw1JO5bjxQzUIdJ2 atcA== X-Forwarded-Encrypted: i=1; AJvYcCV/I5jnoUq47q+rtanGmXu7mhiDXoJxOSAyxJpFLRKa7z5vZhrcskiYcLJX3pJFGvtMv7k1adtv31urD66BovAhvQlPILAtFqtPltHI X-Gm-Message-State: AOJu0Yz07SBa61rW3kw8sdN7ThHmnjBHPX4y/MkbiB8aZVdZ2giqj0Eu H+56qaLF4NP0ENx3lvDwHufgBxQ6AOGpVz8HQY7ZWhNfyisLKXYy4hfN41oHJrZSWgCVzJdWvvS ibw98Xg0pmgdzwhgFenBdB/Rsq5VR/WiC7dYHWQTtDNIOei/YUBgo9exqWoG7Bk3R78Y1vHFBt2 Q6IRElRXB3yvmqSWoa3+Xaq5Re6tpGKgdeirEU X-Received: by 2002:adf:db44:0:b0:34b:9cd5:76ae with SMTP id ffacd0b85a97d-354d8cc8fbemr47428f8f.8.1716324433267; Tue, 21 May 2024 13:47:13 -0700 (PDT) X-Received: by 2002:adf:db44:0:b0:34b:9cd5:76ae with SMTP id ffacd0b85a97d-354d8cc8fbemr47417f8f.8.1716324432865; Tue, 21 May 2024 13:47:12 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240416050338.517-1-ravi.bangoria@amd.com> <9252b68e-2b6a-6173-2e13-20154903097d@amd.com> <305b84aa-3897-40f4-873b-dc512a2da61f@amd.com> In-Reply-To: From: Paolo Bonzini Date: Tue, 21 May 2024 22:47:01 +0200 Message-ID: Subject: Re: [PATCH v2] KVM: SEV-ES: Don't intercept MSR_IA32_DEBUGCTLMSR for SEV-ES guests To: Sean Christopherson Cc: Ravi Bangoria , thomas.lendacky@amd.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, michael.roth@amd.com, nikunj.dadhania@amd.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, santosh.shukla@amd.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, May 21, 2024 at 10:31=E2=80=AFPM Sean Christopherson wrote: > > On Mon, May 20, 2024, Ravi Bangoria wrote: > > On 17-May-24 8:01 PM, Sean Christopherson wrote: > > > On Fri, May 17, 2024, Ravi Bangoria wrote: > > >> On 08-May-24 12:37 AM, Sean Christopherson wrote: > > >>> So unless I'm missing something, the only reason to ever disable LB= RV would be > > >>> for performance reasons. Indeed the original commits more or less = says as much: > > >>> > > >>> commit 24e09cbf480a72f9c952af4ca77b159503dca44b > > >>> Author: Joerg Roedel > > >>> AuthorDate: Wed Feb 13 18:58:47 2008 +0100 > > >>> > > >>> KVM: SVM: enable LBR virtualization > > >>> > > >>> This patch implements the Last Branch Record Virtualization (LB= RV) feature of > > >>> the AMD Barcelona and Phenom processors into the kvm-amd module= It will only > > >>> be enabled if the guest enables last branch recording in the DE= BUG_CTL MSR. So > > >>> there is no increased world switch overhead when the guest does= n't use these > > >>> MSRs. > > >>> > > >>> but what it _doesn't_ say is what the world switch overhead is when= LBRV is > > >>> enabled. If the overhead is small, e.g. 20 cycles?, then I see no = reason to > > >>> keep the dynamically toggling. > > >>> > > >>> And if we ditch the dynamic toggling, then this patch is unnecessar= y to fix the > > >>> LBRV issue. It _is_ necessary to actually let the guest use the LB= Rs, but that's > > >>> a wildly different changelog and justification. > > >> > > >> The overhead might be less for legacy LBR. But upcoming hw also supp= orts > > >> LBR Stack Virtualization[1]. LBR Stack has total 34 MSRs (two contro= l and > > >> 16*2 stack). Also, Legacy and Stack LBR virtualization both are cont= rolled > > >> through the same VMCB bit. So I think I still need to keep the dynam= ic > > >> toggling for LBR Stack virtualization. > > > > > > Please get performance number so that we can make an informed decisio= n. I don't > > > want to carry complexity because we _think_ the overhead would be too= high. > > > > LBR Virtualization overhead for guest entry + exit roundtrip is ~450 cy= cles* on > > Ouch. Just to clearify, that's for LBR Stack Virtualization, correct? And they are all in the VMSA, triggered by LBR_CTL_ENABLE_MASK, for non SEV-ES guests? > Anyways, I agree that we need to keep the dynamic toggling. > But I still think we should delete the "lbrv" module param. LBR Stack su= pport has > a CPUID feature flag, i.e. userspace can disable LBR support via CPUID in= order > to avoid the overhead on CPUs with LBR Stack. The "lbrv" module parameter is only there to test the logic for processors (including nested virt) that don't have LBR virtualization. But the only effect it has is to drop writes to MSR_IA32_DEBUGCTL_MSR... > if (kvm_cpu_cap_has(X86_FEATURE_LBR_STACK) && > !guest_cpuid_has(vcpu, X86_FEATURE_LBR_STACK)) { > kvm_pr_unimpl_wrmsr(vcpu, ecx, data); > break; > } .. and if you have this, adding an "!lbrv ||" is not a big deal, and allows testing the code on machines without LBR stack. Paolo > svm_get_lbr_vmcb(svm)->save.dbgctl =3D data; > svm_update_lbrv(vcpu); > break; >