Re: [Xen-devel] [RFC 1/6] xen/arm: Re-enable interrupt later in the trap path

On 02/08/2019 09:28, Andrii Anisov wrote:

On 01.08.19 12:37, Julien Grall wrote:

On 01/08/2019 07:45, Andrii Anisov wrote:
On 30.07.19 23:10, Julien Grall wrote:

In this series I think I need interrupts locked until I start time accounting for hypervisor. Time accounting is started by `tacc_head()` function. I prefer to have it called from C, because it is more convenient and obvious for those who are less familiar with the ARM code.

Here is the question to you: what is the best place (and way) to start hypervisor time tracking?

Looking at the patch, hypervisor time accounting is for:
     1) softirqs
     2) hardirqs

For hardirqs, you always enter in C with interrupt disabled. So this can be called directly from there.

For softirqs, they are quite a few places where do_sofirq() is called. So you either want to track the time in the function directly or on each callers.

Softirq? What about the rest of `leave_hypervisor_tail()`?

A fair amount of leave_hypervisor_tail() deal with the guest itself (i.e vGIC, P2M...), so I think they should be accounted to the guest time. The only bits in leave_hypervisor_tail() that should be accounted to hypervisor time is check_for_pcpu_work().

"big piece" is somewhat half-correct.... All the hypercalls will be correctly protected, so the problem is only if you receive an interrupt before SSBD is enabled.

I would move the enablement in assembly code as part of entry.

That's it.
I suppose the function `enter_hypervisor_head()` was introduced and named as a part of entry, while in fact is not the part.
And I guess you were confused with it when introducing that WA.
As well as I was some time ago [1].

The macro entry.S will deal with anything that needs to be done before any other part of the hypervisor is run. All the interrupts (debug, asynchronous, IRQ, FIQ) should be masked.

enter_hypervisor_head() can be executed at any time and it does not matter the order.


