[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 5/8] x86/hvm: Context switch MSR_PKRS

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Mon, 16 Jan 2023 14:57:44 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=U2AGuMg6cUCwe+vBWe3fYmDT+y7h+dacKF228U1LXwo=; b=fmdlQYCxTxz7xkEMk/XnQgAIJ7SPJ3Ry1Xpg1RjwQnQ9f1+JqD4E1K17quBjOX48IxVH9zYlMPTw1yTlw6XoZS9aZ40CJ2K0O0ygiE8noW4oSDWA1dj2O2J1F4/1kvSDWU8bvBTPxNUjyN1DU8If+7n/qhbXuJcvvRRUcuUVnO5uP3p69JsOr0dig+qlrmPUkfHkGGsTan2GRq5ryWjRqC/rZymSp7GvIzbhWKgZ0A41LDWgXKqsrahjxpJQkMquEUSJuVmnKj9NXuy+vVJB9lY0nNt56uERv0uy4N5fAV6NCdEKpBlwf3CuI/fk/diDYhm+dxcD1PGIpZGbbGqgCg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RS4AYEAeRSMVcScJmQjQrcCVLV07LRomBfHteHxaD6c+f4ohjWn4+hTuDpoCDs6UYBzgn7Q0V+KkLNBPB4R/iH9o/0VAJI8AKZqLV/IDm26bpT3+/LJ+wWW2k7lGxZRuiF4NSxfNWFNZzjywYgCBhF30BEu2uqAIvQTnkE/AeZbYhtUsplE3EIOOIkSEixkMtzoqKSxjNEQ/mc4mGtpDa9Qvvt6CDCY1kFO0IDM4AZf1ADFwKpGjEc3NyZ3yNtxQabVoKLkUx4RZNK+bQ1XZSexfTOH1rDxnEcGthV0WVwMxUJsAV5JyzWY7tkh9+glrIZBfW9eZYMY/e95ihyfBNQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Mon, 16 Jan 2023 14:57:58 +0000
  • Ironport-data: A9a23:ioIw0aujroBfOPK+GDcnCf2eJ+fnVG5fMUV32f8akzHdYApBsoF/q tZmKWmDP/7cM2Xwfdt+Od639R5VscLcyYdgT1E6qy40Qn5E+JbJXdiXEBz9bniYRiHhoOCLz O1FM4Wdc5pkJpP4jk3wWlQ0hSAkjclkfpKlVKiffHg0HVU/IMsYoUoLs/YjhYJ1isSODQqIu Nfjy+XSI1bg0DNvWo4uw/vrRChH4bKj51v0gnRkPaoQ5AaHySFPZH4iDfrZw0XQE9E88tGSH 44v/JnhlkvF8hEkDM+Sk7qTWiXmlZaLYGBiIlIPM0STqkAqSh4ai87XB9JFAatjsB2bnsgZ9 Tl4ncfYpTHFnEH7sL91vxFwS0mSNEDdkVPNCSDXXce7lyUqf5ZwqhnH4Y5f0YAwo45K7W9yG fMwMAkwfwyDrd2MmPGEVM9v3JoHJuasM9ZK0p1g5Wmx4fcOZ7nmGvyPyfoGmTA6i4ZJAOrUY NcfZXx3dhPcbhZTO1ARTpUjgOOvgXq5eDpdwL6XjfNvvy6Pk0osj/60b4S9lt+iHK25mm6xo G7c8nu/KRYdLNGFkhKO8262h/+JliT+MG4XPOzlrK820QzDroAVIC9Oenuhr9O9sXbgUIgYJ EU3wAd/vadnoSRHSfG4BXVUukWsvBQRRt5RGO0S8xyWx+zf5APxLncAZi5MbpohrsBebT8ny F6P2c/oDDpHsbuJRHbb/bCRxRuiNC5QIWIcaCssSQoe/8KlsIw1lgjITNtoDOiylNKdJN3r6 zWDrSx7i7BNi8cOjvy/5Qqe3GzqoYXVRAko4AmRRnii8g5yeI+iYcqv9ETf6vFDao2eSzFto UQ5piRX18hWZbnlqcBHaLxl8G2BjxpdDADhvA==
  • Ironport-hdrordr: A9a23:s4Kzz6v4Qxfn95SioviPsiyd7skDq9V00zEX/kB9WHVpmwKj5q eTdZUgpGTJYVMqNE3I9urwWpVoLUmskKKdorNhQotKPzOWwFdATrsD0WK4+UydJ8SWzIc0vs 0MHMYeNDSzNykCsS+Q2njfLz9P+qjizEnlv5a8815dCSVja6Rh6Ak8LwaADyRNNXd77IICZe ehD9R81kCdRUg=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHZJRefeExwWeppzE65VXS63DgRAq6axG6AgAA9twCABgijAIAAFX4AgAALUQA=
  • Thread-topic: [PATCH v2 5/8] x86/hvm: Context switch MSR_PKRS
On 16/01/2023 2:17 pm, Jan Beulich wrote:
> On 16.01.2023 14:00, Andrew Cooper wrote:
>> On 12/01/2023 4:51 pm, Andrew Cooper wrote:
>>> On 12/01/2023 1:10 pm, Jan Beulich wrote:
>>>> On 10.01.2023 18:18, Andrew Cooper wrote:
>>>>> --- a/xen/arch/x86/setup.c
>>>>> +++ b/xen/arch/x86/setup.c
>>>>> @@ -54,6 +54,7 @@
>>>>>  #include <asm/spec_ctrl.h>
>>>>>  #include <asm/guest.h>
>>>>>  #include <asm/microcode.h>
>>>>> +#include <asm/prot-key.h>
>>>>>  #include <asm/pv/domain.h>
>>>>>  
>>>>>  /* opt_nosmp: If true, secondary processors are ignored. */
>>>>> @@ -1804,6 +1805,9 @@ void __init noreturn __start_xen(unsigned long 
>>>>> mbi_p)
>>>>>      if ( opt_invpcid && cpu_has_invpcid )
>>>>>          use_invpcid = true;
>>>>>  
>>>>> +    if ( cpu_has_pks )
>>>>> +        wrpkrs_and_cache(0); /* Must be before setting CR4.PKS */
>>>> Same question here as for PKRU wrt the BSP during S3 resume.
>>> I had reasoned not, but it turns out that I'm wrong.
>>>
>>> It's important to reset the cache back to 0 here.  (Handling PKRU is
>>> different - I'll follow up on the other email..)
>> diff --git a/xen/arch/x86/acpi/power.c b/xen/arch/x86/acpi/power.c
>> index d23335391c67..de9317e8c573 100644
>> --- a/xen/arch/x86/acpi/power.c
>> +++ b/xen/arch/x86/acpi/power.c
>> @@ -299,6 +299,13 @@ static int enter_state(u32 state)
>>  
>>      update_mcu_opt_ctrl();
>>  
>> +    /*
>> +     * Should be before restoring CR4, but that is earlier in asm.  We
>> rely on
>> +     * MSR_PKRS actually being 0 out of S3 resume.
>> +     */
>> +    if ( cpu_has_pks )
>> +        wrpkrs_and_cache(0);
>> +
>>      /* (re)initialise SYSCALL/SYSENTER state, amongst other things. */
>>      percpu_traps_init();
>>  
>>
>> I've folded this hunk, to sort out the S3 resume path.
> The comment is a little misleading imo - it looks to justify that nothing
> needs doing. Could you add "..., but our cache needs clearing" to clarify
> why, despite our relying on zero being in the register (which I find
> problematic, considering that the doc doesn't even spell out reset state),
> the write is needed?

Xen doesn't actually set CR4.PKS at all (yet).

I'm just trying to do a reasonable job of leaving Xen in a position
where it doesn't explode the instant we want to start using PKS ourselves.

S3 resume is out of a full core poweroff.  Registers (which aren't
modified by firmware) will have their architectural reset values, and
for MSR_PKRS, that's 0.

I will add a comment about resetting the cache, because that is the
point of doing this operation.

If we do find firmware which really does mess around with MSR_PKRS (and
isn't restoring the pre-S3 value), then this clause needs moving down
into asm before we restore %cr4 fully, but TBH, I hope I've had time to
try and unify the boot and S3 resume paths a bit before then.

>> As its the final hunk before the entire series can be committed, I
>> shan't bother sending a v3 just for this.
> If you're seeing reasons not to be concerned of the unspecified reset
> state, then feel free to add my A-b (but not R-b) here.

There are several reasons not to be concerned.  I guess I'll take your
ack then.  Thanks.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.