Xen project Mailing List

Re: [PATCH fsgsbase v2 4/4] x86/fsgsbase: Fix Xen PV support

To: Jürgen Groß <jgross@xxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, <x86@xxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Mon, 29 Jun 2020 12:07:55 +0100

Authentication-results: esa1.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none

Cc: Sasha Levin <sashal@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx

Delivery-date: Mon, 29 Jun 2020 11:08:08 +0000

Ironport-sdr: jRfbOdaUpIV5NuTDp9xgStPlFJ7H7FU9MkvbzFpf6SC+gjm1TCq/JlRMLcrC7UJAyIMPw89gJS eVqG7hgGVyCXEhehd/EmuVIEnOji1laX9+U6DlPOHnWFpCDzpSpeyOH0d8zzrcIGvO7xQHwgsP gi2SrcUOyubaHunpUUz+FhFEs966VAB/WiHbNGUCfdnOxx+HefctRE9q9UD7ZO7H7bgwYWaDMm N4lJ50WCn4F60J6BG2F2i+5cvSz64wE5F03LZqxfUBuFeQbFgaruwG+fYamMknztCeLiExj6Jt dMw=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 29/06/2020 06:17, Jürgen Groß wrote: > On 26.06.20 19:24, Andy Lutomirski wrote: >> On Xen PV, SWAPGS doesn't work. Teach __rdfsbase_inactive() and >> __wrgsbase_inactive() to use rdmsrl()/wrmsrl() on Xen PV. The Xen >> pvop code will understand this and issue the correct hypercalls. >> >> Cc: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx> >> Cc: Juergen Gross <jgross@xxxxxxxx> >> Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx> >> Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx >> Signed-off-by: Andy Lutomirski <luto@xxxxxxxxxx> >> --- >> arch/x86/kernel/process_64.c | 20 ++++++++++++++------ >> 1 file changed, 14 insertions(+), 6 deletions(-) >> >> diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c >> index cb8e37d3acaa..457d02aa10d8 100644 >> --- a/arch/x86/kernel/process_64.c >> +++ b/arch/x86/kernel/process_64.c >> @@ -163,9 +163,13 @@ static noinstr unsigned long >> __rdgsbase_inactive(void) >> lockdep_assert_irqs_disabled(); >> - native_swapgs(); >> - gsbase = rdgsbase(); >> - native_swapgs(); >> + if (!static_cpu_has(X86_FEATURE_XENPV)) { >> + native_swapgs(); >> + gsbase = rdgsbase(); >> + native_swapgs(); >> + } else { >> + rdmsrl(MSR_KERNEL_GS_BASE, gsbase); >> + } >> return gsbase; >> } >> @@ -182,9 +186,13 @@ static noinstr void __wrgsbase_inactive(unsigned >> long gsbase) >> { >> lockdep_assert_irqs_disabled(); >> - native_swapgs(); >> - wrgsbase(gsbase); >> - native_swapgs(); >> + if (!static_cpu_has(X86_FEATURE_XENPV)) { >> + native_swapgs(); >> + wrgsbase(gsbase); >> + native_swapgs(); >> + } else { >> + wrmsrl(MSR_KERNEL_GS_BASE, gsbase); >> + } >> } >> /* >> > > Another possibility would be to just do (I'm fine either way): > > diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c > index acc49fa6a097..b78dd373adbf 100644 > --- a/arch/x86/xen/enlighten_pv.c > +++ b/arch/x86/xen/enlighten_pv.c > @@ -318,6 +318,8 @@ static void __init xen_init_capabilities(void) > setup_clear_cpu_cap(X86_FEATURE_XSAVE); > setup_clear_cpu_cap(X86_FEATURE_OSXSAVE); > } > + > + setup_clear_cpu_cap(X86_FEATURE_FSGSBASE); That will stop both userspace and Xen (side effect of the guest kernel's CR4 choice) from using the instructions. Even when the kernel is using the paravirt fastpath, its still Xen actually taking the hit. MSR_{FS,GS}_BASE/SHADOW are thousands of cycles to access, whereas {RD,WR}{FS,GS}BASE are a handful. ~Andrew

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.