lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <c6b674a9-4995-f391-772a-b256516daeab@intel.com>
Date:   Sun, 11 Nov 2018 18:32:38 -0800
From:   Dave Hansen <dave.hansen@...el.com>
To:     Aubrey Li <aubrey.li@...el.com>, tglx@...utronix.de,
        mingo@...hat.com, peterz@...radead.org, hpa@...or.com
Cc:     ak@...ux.intel.com, tim.c.chen@...ux.intel.com,
        arjan@...ux.intel.com, linux-kernel@...r.kernel.org,
        Aubrey Li <aubrey.li@...ux.intel.com>
Subject: Re: [RFC PATCH v2 1/2] x86/fpu: detect AVX task

On 11/7/18 9:16 AM, Aubrey Li wrote:
> XSAVES and its variants use init optimization to reduce the amount of
> data that they save to memory during context switch. Init optimization
> uses the state component bitmap to denote if a component is in its init
> configuration. We use this information to detect if a task contains AVX
> instructions.

I'm a little uncomfortable with changelogs like this.  Someone might
read this and think that this patch precisely detects AVX instructions.
 It would be great is we could make this more precise to say that this
patch detects if there is valid state in the AVX registers, *not* if the
task contains or uses AVX instructions.

>  arch/x86/include/asm/fpu/internal.h | 97 +++++++++++++++++++++++++++----------
>  arch/x86/include/asm/fpu/types.h    | 17 +++++++
>  2 files changed, 88 insertions(+), 26 deletions(-)
> 
> diff --git a/arch/x86/include/asm/fpu/internal.h b/arch/x86/include/asm/fpu/internal.h
> index a38bf5a..b0519f4 100644
> --- a/arch/x86/include/asm/fpu/internal.h
> +++ b/arch/x86/include/asm/fpu/internal.h
> @@ -74,6 +74,12 @@ static __always_inline __pure bool use_fxsr(void)
>  	return static_cpu_has(X86_FEATURE_FXSR);
>  }
>  
> +static __always_inline __pure bool use_xgetbv1(void)
> +{
> +	return static_cpu_has(X86_FEATURE_OSXSAVE) &&
> +		static_cpu_has(X86_FEATURE_XGETBV1);
> +}
> +
>  /*
>   * fpstate handling functions:
>   */
> @@ -103,6 +109,34 @@ static inline void fpstate_init_fxstate(struct fxregs_state *fx)
>  }
>  extern void fpstate_sanitize_xstate(struct fpu *fpu);
>  
> +/*
> + * MXCSR and XCR definitions:
> + */
> +
> +extern unsigned int mxcsr_feature_mask;
> +
> +#define	XCR_XFEATURE_ENABLED_MASK	0x00000000
> +#define	XINUSE_STATE_BITMAP_INDEX	0x00000001
> +
> +static inline u64 xgetbv(u32 index)
> +{
> +	u32 eax, edx;
> +
> +	asm volatile(".byte 0x0f,0x01,0xd0" /* xgetbv */
> +		     : "=a" (eax), "=d" (edx)
> +		     : "c" (index));
> +	return eax + ((u64)edx << 32);
> +}
> +
> +static inline void xsetbv(u32 index, u64 value)
> +{
> +	u32 eax = value;
> +	u32 edx = value >> 32;
> +
> +	asm volatile(".byte 0x0f,0x01,0xd1" /* xsetbv */
> +		     : : "a" (eax), "d" (edx), "c" (index));
> +}
> +
>  #define user_insn(insn, output, input...)				\
>  ({									\
>  	int err;							\
> @@ -275,6 +309,42 @@ static inline void copy_fxregs_to_kernel(struct fpu *fpu)
>  		     : "D" (st), "m" (*st), "a" (lmask), "d" (hmask)	\
>  		     : "memory")
>  
> +#define	AVX_STATE_DECAY_COUNT	3

How was this number chosen?  What does this mean?

It appears that this is saying that after 3 non-AVX-512-using context
switches, the task is not considered to be using AVX512 any more.  That
seems a bit goofy because the context switch rate is highly dependent on
HZ, and on how often the task yields.

Do we want this, or do we want something more time-based?

> +/*
> + * This function is called during context switch to update AVX component state
> + */
> +static inline void update_avx_state(struct avx_state *avx)
> +{
> +	/*
> +	 * Check if XGETBV with ECX = 1 supported. XGETBV with ECX = 1
> +	 * returns the logical-AND of XCR0 and XINUSE. XINUSE is a bitmap
> +	 * by which the processor tracks the status of various components.
> +	 */
> +	if (!use_xgetbv1()) {
> +		avx->state = 0;
> +		return;
> +	}

This is a place where we have conflated the implementation in the CPU
and the logical operation that we are performing.

In this case, it appears that we want to know whether AVX state
detection is available, but we're doing that with a function that's
apparently asking if the kernel is using XGETBV1.

I'd really like if this looked like this:

	if (!have_avx_state_detect()) {
		avx->state = 0;
		return;
	}

Then, in have_avx_state_detect(), explain what XGETBV1 does.  BTW, I
don't think we *totally* need to duplicate the SDM definitions in kernel
code for each instruction.  It's fine to just say that it set 1 for
features not in the init state.

> +	/*
> +	 * XINUSE is dynamic to track component state because VZEROUPPER
> +	 * happens on every function end and reset the bitmap to the
> +	 * initial configuration.

This is confusing to me because VZEROUPPER is not apparently involved
here.  What is this trying to say?

> +	 * State decay is introduced to solve the race condition between
> +	 * context switch and a function end. State is aggressively set
> +	 * once it's detected but need to be cleared by decay 3 context
> +	 * switches
> +	 */

I'd probably say:

	AVX512-using processes frequently set AVX512 back to the init 	
	state themselves.  Thus, this detection mechanism can miss.
	The decay ensures that false-negatives do not immediately make
	a task be considered as not using AVX512.

> +	if (xgetbv(XINUSE_STATE_BITMAP_INDEX) & XFEATURE_MASK_Hi16_ZMM) {

This is *just* an AVX512 state, right?  That isn't reflected in any
comments or naming.  Also, why just this state, and not any of the other
AVX512-related states?

This is also precisely the kind of thing that would be nice to wrap up
in a tiny helper.

	if (avx512_in_use())

is much more self-documenting, for instance.

> +		avx->state = 1;

I'm not a huge fan of this naming.  Could this be:

		avx->had_avx_512_state = true;

> +		avx->decay_count = AVX_STATE_DECAY_COUNT;
> +	} else {
> +		if (avx->decay_count)
> +			avx->decay_count--;
> +		else
> +			avx->state = 0;
> +	}
> +}

This all needs a bunch more commenting.  The state transitions are not
horribly clear.

>  /*
>   * This function is called only during boot time when x86 caps are not set
>   * up and alternative can not be used yet.
> @@ -411,6 +481,7 @@ static inline int copy_fpregs_to_fpstate(struct fpu *fpu)
>  {
>  	if (likely(use_xsave())) {
>  		copy_xregs_to_kernel(&	);
> +		update_avx_state(&fpu->avx);
>  		return 1;
>  	}

I'm not sure why update_avx_state() goes to the trouble of calling
XGETBV1.  I believe the exact same state is captured in the 'xfeatures'
field in the XSAVE buffer after copy_xregs_to_kernel().  Why bother
calling the instruction when you can get the data from memory?

>  /*
> + * This is per task AVX state data structure that indicates
> + * whether the task uses AVX instructions.
> + */

Here's another spot that doesn't precisely capture how his detection
mechanism works.

> +struct avx_state {
> +	unsigned int			state;

Isn't state a 0/1 thing?

> +	unsigned int			decay_count;
> +};

Doesn't this max out at 3?

Seems like we're storing about three bits of data in 64 bits of space.
Not a huge deal, but I think we can do better?

Also, do we really even need 'state'?

When would its value be different than

	fpu->state.xsave.xfeatures & XFEATURE_MASK_Hi16_ZMM

> +/*
>   * Highest level per task FPU state data structure that
>   * contains the FPU register state plus various FPU
>   * state fields:
> @@ -303,6 +312,14 @@ struct fpu {
>  	unsigned char			initialized;
>  
>  	/*
> +	 * @avx_state:
> +	 *
> +	 * This data structure indicates whether this context
> +	 * contains AVX states
> +	 */

Yeah, that's precisely what fpu->state.xsave.xfeatures does. :)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ