| Message ID | 20230922112508.1774352-1-kristina.martsenko@arm.com |
|---|---|
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:612c:172:b0:3f2:4152:657d with SMTP id h50csp5497344vqi;
Fri, 22 Sep 2023 04:36:34 -0700 (PDT)
X-Google-Smtp-Source:
AGHT+IEsTEmeFW3Tkvqpk7PWijnlztGEUhUok8Wk/y42OaC45Vw050a1/ZeugctzdVX2tw9+PMrQ
X-Received: by 2002:a17:903:18d:b0:1bd:d510:78fb with SMTP id
z13-20020a170903018d00b001bdd51078fbmr3431052plg.3.1695382594218;
Fri, 22 Sep 2023 04:36:34 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1695382594; cv=none;
d=google.com; s=arc-20160816;
b=T4CfSrbGk4jOykmuuCZxNm5+kccUrW6S42yPHwJNVAnkdAZsVg2VW5FpmbE7WQTvaA
AuySR2EoEMHQXkxnMeiIUnjNJ6ypgR9JYFoAAqfx/wdqgVZMTCkC29X3zCo+rsATFIcZ
V2UoOKVNCFie08YLnl/rYWvWKrz8KzQxDYjpembHDivvwBUYodIiumjNGEQ9Q9RuaBzU
dqoUPUrMN8jx4i4xFo5tqdnPswsUtmnaFoyEmo2Csf76xxDd7iWKbRA9l0lifq+T5xuP
t2yRbYq/x1UiinHzW5Cm9Fp/6I401NEveC/cK3b+cJDpXPto+Zj+Qmaf1ebS8UtQO4Sd
R5xw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from;
bh=RSPyH/VJ0euXUD/bDb7p+czvl9FWG16c9RiY8y3Vkc0=;
fh=2vqTlNPINEt8u2O5VUjjdtxE8OgDGwETaTVTh/NI6As=;
b=e359B6AgYFE1aYQq8sj1p8q3e2x0rHlgHZlDRrjemXP5HQDQn+JYwNHLn1yY3fVlYQ
6tr5FSgv8DYbBZPWFLEyk5pMX1wcirLXtPOmapMDdBl48XWclJm53ltp8GBiT/enztqw
8SXKsjOMujJ7ePbLHMnyPHnrm8T06pPYXTtslTtU+kdNZZc+fg7qx5TiKl3zhrKElnbT
3ObRwtPGXzHQMFniURsj41+j4Ka1ILCNm62PmFHxLrQqTvxjACSP9xBAhfPohSZKnPX9
xlTZpuh5pDwZqXU5H+E+PNKQ4VBpnHK7QWbKLboq9LuoWQokt0wx8ky8CMYRVmJy0vc9
Gscg==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:1 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: from morse.vger.email (morse.vger.email. [2620:137:e000::3:1])
by mx.google.com with ESMTPS id
e4-20020a635444000000b00573f7d09445si3564949pgm.330.2023.09.22.04.36.33
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Fri, 22 Sep 2023 04:36:34 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:1 as permitted sender)
client-ip=2620:137:e000::3:1;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:1 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by morse.vger.email (Postfix) with ESMTP id 77132833AB16;
Fri, 22 Sep 2023 04:26:24 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S233685AbjIVL0J (ORCPT <rfc822;chrisfriedt@gmail.com>
+ 30 others); Fri, 22 Sep 2023 07:26:09 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38360 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S233542AbjIVL0J (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Fri, 22 Sep 2023 07:26:09 -0400
Received: from foss.arm.com (foss.arm.com [217.140.110.172])
by lindbergh.monkeyblade.net (Postfix) with ESMTP id C03C5FB
for <linux-kernel@vger.kernel.org>;
Fri, 22 Sep 2023 04:26:02 -0700 (PDT)
Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14])
by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id A15D8DA7;
Fri, 22 Sep 2023 04:26:39 -0700 (PDT)
Received: from e126864.arm.com (usa-sjc-imap-foss1.foss.arm.com
[10.121.207.14])
by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id
A5D903F5A1;
Fri, 22 Sep 2023 04:25:59 -0700 (PDT)
From: Kristina Martsenko <kristina.martsenko@arm.com>
To: kvmarm@lists.linux.dev, linux-arm-kernel@lists.infradead.org
Cc: Marc Zyngier <maz@kernel.org>,
Oliver Upton <oliver.upton@linux.dev>,
James Morse <james.morse@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Zenghui Yu <yuzenghui@huawei.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will@kernel.org>,
Vladimir Murzin <vladimir.murzin@arm.com>,
Colton Lewis <coltonlewis@google.com>,
linux-kernel@vger.kernel.org
Subject: [PATCH v2 0/2] KVM: arm64: Support for Arm v8.8 memcpy instructions
in KVM guests
Date: Fri, 22 Sep 2023 12:25:06 +0100
Message-Id: <20230922112508.1774352-1-kristina.martsenko@arm.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No,
score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS,
MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]);
Fri, 22 Sep 2023 04:26:24 -0700 (PDT)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1777737499138168278
X-GMAIL-MSGID: 1777737499138168278
|
| Series |
KVM: arm64: Support for Arm v8.8 memcpy instructions in KVM guests
|
|
Message
Kristina Martsenko
Sept. 22, 2023, 11:25 a.m. UTC
Hi, This is v2 of the series to allow using the new Arm memory copy instructions in KVM guests. See v1 for more information [1]. Changes in v2: - Dropped HCRX_EL2 vcpu field - Rebased onto v6.6-rc2 Thanks, Kristina [1] https://lore.kernel.org/kvmarm/20230915124840.474888-1-kristina.martsenko@arm.com/ Kristina Martsenko (2): KVM: arm64: Add handler for MOPS exceptions KVM: arm64: Expose MOPS instructions to guests arch/arm64/include/asm/kvm_arm.h | 4 +- arch/arm64/include/asm/traps.h | 54 ++++++++++++++++++- arch/arm64/kernel/traps.c | 48 +---------------- arch/arm64/kvm/hyp/include/hyp/switch.h | 17 ++++++ .../arm64/kvm/hyp/include/nvhe/fixed_config.h | 3 +- arch/arm64/kvm/hyp/nvhe/switch.c | 2 + arch/arm64/kvm/hyp/vhe/switch.c | 1 + arch/arm64/kvm/sys_regs.c | 1 - 8 files changed, 78 insertions(+), 52 deletions(-) base-commit: ce9ecca0238b140b88f43859b211c9fdfd8e5b70
Comments
Hi Kristina, On Fri, Sep 22, 2023 at 12:25:06PM +0100, Kristina Martsenko wrote: > Hi, > > This is v2 of the series to allow using the new Arm memory copy instructions > in KVM guests. See v1 for more information [1]. Thanks for sending out the series. I've been thinking about what the architecture says for MOPS, and I wonder if what's currently in the Arm ARM is clear enough for EL1 software to be written robustly. While HCRX_EL2.MCE2 allows the hypervisor to intervene on MOPS exceptions from EL1, there's no such control for EL0. So when vCPU migration occurs EL1 could get an unexpected MOPS exception, even for a process that was pinned to a single (virtual) CPU implementation. Additionally, the wording of I_NXHPS seems to suggest that EL2 handling of MOPS exceptions is only expected in certain circumstances where EL1 is incapable of handling an exception. Is the unwritten expectation then that EL1 software should tolerate 'unexpected' MOPS exceptions from EL1 and EL0, even if EL1 did not migrate the PE context? Perhaps I'm being pedantic, but I'd really like for there to be some documentation that suggests MOPS exceptions can happen due to context migration done by a higher EL as that is the only option in the context of virtualization.
On 27/09/2023 07:00, Oliver Upton wrote: > Hi Kristina, Hi Oliver, > > On Fri, Sep 22, 2023 at 12:25:06PM +0100, Kristina Martsenko wrote: >> Hi, >> >> This is v2 of the series to allow using the new Arm memory copy instructions >> in KVM guests. See v1 for more information [1]. > > > Thanks for sending out the series. I've been thinking about what the > architecture says for MOPS, and I wonder if what's currently in the > Arm ARM is clear enough for EL1 software to be written robustly. > > While HCRX_EL2.MCE2 allows the hypervisor to intervene on MOPS > exceptions from EL1, there's no such control for EL0. So when vCPU > migration occurs EL1 could get an unexpected MOPS exception, even for a > process that was pinned to a single (virtual) CPU implementation. > > Additionally, the wording of I_NXHPS seems to suggest that EL2 handling > of MOPS exceptions is only expected in certain circumstances where EL1 is > incapable of handling an exception. Is the unwritten expectation then > that EL1 software should tolerate 'unexpected' MOPS exceptions from EL1 > and EL0, even if EL1 did not migrate the PE context? > > Perhaps I'm being pedantic, but I'd really like for there to be some > documentation that suggests MOPS exceptions can happen due to context > migration done by a higher EL as that is the only option in the context > of virtualization. That's a good point. This shouldn't affect Linux guests as Linux is always able to handle a MOPS exception coming from EL0. But it would affect any non-Linux guest that pins all its EL0 tasks and doesn't implement a handler. It's not clear to me what the expectation for guests is, I'll ask the architects to clarify and get back to you. Thanks for the feedback! Kristina
On Thu, Sep 28, 2023 at 05:55:39PM +0100, Kristina Martsenko wrote: [...] > > Perhaps I'm being pedantic, but I'd really like for there to be some > > documentation that suggests MOPS exceptions can happen due to context > > migration done by a higher EL as that is the only option in the context > > of virtualization. > > That's a good point. This shouldn't affect Linux guests as Linux is > always able to handle a MOPS exception coming from EL0. But it would > affect any non-Linux guest that pins all its EL0 tasks and doesn't > implement a handler. It's not clear to me what the expectation for > guests is, I'll ask the architects to clarify and get back to you. That'd be excellent, thanks! All I'm looking for is something to point folks at if/when they complain about MOPS behavior in KVM guests.
On Thu, 28 Sep 2023 17:55:39 +0100, Kristina Martsenko <kristina.martsenko@arm.com> wrote: > > On 27/09/2023 07:00, Oliver Upton wrote: > > Hi Kristina, > > Hi Oliver, > > > > > On Fri, Sep 22, 2023 at 12:25:06PM +0100, Kristina Martsenko wrote: > >> Hi, > >> > >> This is v2 of the series to allow using the new Arm memory copy instructions > >> in KVM guests. See v1 for more information [1]. > > > > > > Thanks for sending out the series. I've been thinking about what the > > architecture says for MOPS, and I wonder if what's currently in the > > Arm ARM is clear enough for EL1 software to be written robustly. > > > > While HCRX_EL2.MCE2 allows the hypervisor to intervene on MOPS > > exceptions from EL1, there's no such control for EL0. So when vCPU > > migration occurs EL1 could get an unexpected MOPS exception, even for a > > process that was pinned to a single (virtual) CPU implementation. > > > > Additionally, the wording of I_NXHPS seems to suggest that EL2 handling > > of MOPS exceptions is only expected in certain circumstances where EL1 is > > incapable of handling an exception. Is the unwritten expectation then > > that EL1 software should tolerate 'unexpected' MOPS exceptions from EL1 > > and EL0, even if EL1 did not migrate the PE context? > > > > Perhaps I'm being pedantic, but I'd really like for there to be some > > documentation that suggests MOPS exceptions can happen due to context > > migration done by a higher EL as that is the only option in the context > > of virtualization. > > That's a good point. This shouldn't affect Linux guests as Linux is > always able to handle a MOPS exception coming from EL0. But it would > affect any non-Linux guest that pins all its EL0 tasks and doesn't > implement a handler. It's not clear to me what the expectation for > guests is, I'll ask the architects to clarify and get back to you. My understanding is that MCE2 should always be set if the hypervisor can migrate vcpus across implementations behind EL1's back, and that in this context, EL1 never sees such an exception. I guess the only case where we could let EL1 handle such exception is by only setting MCE2 on the first entry into the guest after a vcpu migration (and clear it after that). Is it worth the effort? Absolutely not. M.
On 29/09/2023 10:29, Marc Zyngier wrote: > On Thu, 28 Sep 2023 17:55:39 +0100, > Kristina Martsenko <kristina.martsenko@arm.com> wrote: >> >> On 27/09/2023 07:00, Oliver Upton wrote: >>> >>> On Fri, Sep 22, 2023 at 12:25:06PM +0100, Kristina Martsenko wrote: >>>> Hi, >>>> >>>> This is v2 of the series to allow using the new Arm memory copy instructions >>>> in KVM guests. See v1 for more information [1]. >>> >>> >>> Thanks for sending out the series. I've been thinking about what the >>> architecture says for MOPS, and I wonder if what's currently in the >>> Arm ARM is clear enough for EL1 software to be written robustly. >>> >>> While HCRX_EL2.MCE2 allows the hypervisor to intervene on MOPS >>> exceptions from EL1, there's no such control for EL0. So when vCPU >>> migration occurs EL1 could get an unexpected MOPS exception, even for a >>> process that was pinned to a single (virtual) CPU implementation. >>> >>> Additionally, the wording of I_NXHPS seems to suggest that EL2 handling >>> of MOPS exceptions is only expected in certain circumstances where EL1 is >>> incapable of handling an exception. Is the unwritten expectation then >>> that EL1 software should tolerate 'unexpected' MOPS exceptions from EL1 >>> and EL0, even if EL1 did not migrate the PE context? >>> >>> Perhaps I'm being pedantic, but I'd really like for there to be some >>> documentation that suggests MOPS exceptions can happen due to context >>> migration done by a higher EL as that is the only option in the context >>> of virtualization. >> >> That's a good point. This shouldn't affect Linux guests as Linux is >> always able to handle a MOPS exception coming from EL0. But it would >> affect any non-Linux guest that pins all its EL0 tasks and doesn't >> implement a handler. It's not clear to me what the expectation for >> guests is, I'll ask the architects to clarify and get back to you. > > My understanding is that MCE2 should always be set if the hypervisor > can migrate vcpus across implementations behind EL1's back, and that > in this context, EL1 never sees such an exception. Notice that MCE2 only traps exceptions from EL1, not from EL0. Exceptions from EL0 always go to EL1. Even if MCE2 is always set, EL1 will see the exception when the hypervisor migrates the vcpu while the vcpu is executing a MOPS instruction in EL0. Thanks, Kristina
On Fri, 29 Sep 2023 15:51:32 +0100, Kristina Martsenko <kristina.martsenko@arm.com> wrote: > > On 29/09/2023 10:29, Marc Zyngier wrote: > > On Thu, 28 Sep 2023 17:55:39 +0100, > > Kristina Martsenko <kristina.martsenko@arm.com> wrote: > >> > >> On 27/09/2023 07:00, Oliver Upton wrote: > >>> > >>> On Fri, Sep 22, 2023 at 12:25:06PM +0100, Kristina Martsenko wrote: > >>>> Hi, > >>>> > >>>> This is v2 of the series to allow using the new Arm memory copy instructions > >>>> in KVM guests. See v1 for more information [1]. > >>> > >>> > >>> Thanks for sending out the series. I've been thinking about what the > >>> architecture says for MOPS, and I wonder if what's currently in the > >>> Arm ARM is clear enough for EL1 software to be written robustly. > >>> > >>> While HCRX_EL2.MCE2 allows the hypervisor to intervene on MOPS > >>> exceptions from EL1, there's no such control for EL0. So when vCPU > >>> migration occurs EL1 could get an unexpected MOPS exception, even for a > >>> process that was pinned to a single (virtual) CPU implementation. > >>> > >>> Additionally, the wording of I_NXHPS seems to suggest that EL2 handling > >>> of MOPS exceptions is only expected in certain circumstances where EL1 is > >>> incapable of handling an exception. Is the unwritten expectation then > >>> that EL1 software should tolerate 'unexpected' MOPS exceptions from EL1 > >>> and EL0, even if EL1 did not migrate the PE context? > >>> > >>> Perhaps I'm being pedantic, but I'd really like for there to be some > >>> documentation that suggests MOPS exceptions can happen due to context > >>> migration done by a higher EL as that is the only option in the context > >>> of virtualization. > >> > >> That's a good point. This shouldn't affect Linux guests as Linux is > >> always able to handle a MOPS exception coming from EL0. But it would > >> affect any non-Linux guest that pins all its EL0 tasks and doesn't > >> implement a handler. It's not clear to me what the expectation for > >> guests is, I'll ask the architects to clarify and get back to you. > > > > My understanding is that MCE2 should always be set if the hypervisor > > can migrate vcpus across implementations behind EL1's back, and that > > in this context, EL1 never sees such an exception. > > Notice that MCE2 only traps exceptions from EL1, not from EL0. > Exceptions from EL0 always go to EL1. Even if MCE2 is always set, EL1 > will see the exception when the hypervisor migrates the vcpu while the > vcpu is executing a MOPS instruction in EL0. Ah, good point. I stand corrected. M.
On Fri, 22 Sep 2023 12:25:06 +0100, Kristina Martsenko <kristina.martsenko@arm.com> wrote: > > Hi, > > This is v2 of the series to allow using the new Arm memory copy instructions > in KVM guests. See v1 for more information [1]. > > Changes in v2: > - Dropped HCRX_EL2 vcpu field > - Rebased onto v6.6-rc2 FWIW, and despite my misgivings about the architecture: Reviewed-by: Marc Zyngier <maz@kernel.org> M.
On Fri, 22 Sep 2023 12:25:06 +0100, Kristina Martsenko wrote: > This is v2 of the series to allow using the new Arm memory copy instructions > in KVM guests. See v1 for more information [1]. > > Changes in v2: > - Dropped HCRX_EL2 vcpu field > - Rebased onto v6.6-rc2 > > [...] Applied to kvmarm/next, thanks! [1/2] KVM: arm64: Add handler for MOPS exceptions https://git.kernel.org/kvmarm/kvmarm/c/17b8ac23488b [2/2] KVM: arm64: Expose MOPS instructions to guests https://git.kernel.org/kvmarm/kvmarm/c/a24015b6cc66 -- Best, Oliver