lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 23 Apr 2024 20:50:45 -0400
From: Alejandro Jimenez <alejandro.j.jimenez@...cle.com>
To: Sean Christopherson <seanjc@...gle.com>, Chao Gao <chao.gao@...el.com>
Cc: kvm@...r.kernel.org, pbonzini@...hat.com, linux-kernel@...r.kernel.org,
        joao.m.martins@...cle.com, boris.ostrovsky@...cle.com,
        mark.kanda@...cle.com, suravee.suthikulpanit@....com,
        mlevitsk@...hat.com
Subject: Re: [RFC 3/3] x86: KVM: stats: Add a stat counter for GALog events



On 4/16/24 14:35, Sean Christopherson wrote:
> On Fri, Apr 12, 2024, Chao Gao wrote:
>> On Tue, Apr 09, 2024 at 09:31:45PM -0400, Alejandro Jimenez wrote:
>>>
>>> On 4/9/24 02:45, Chao Gao wrote:
>>>>> diff --git a/arch/x86/kvm/svm/avic.c b/arch/x86/kvm/svm/avic.c
>>>>> index 4b74ea91f4e6..853cafe4a9af 100644
>>>>> --- a/arch/x86/kvm/svm/avic.c
>>>>> +++ b/arch/x86/kvm/svm/avic.c
>>>>> @@ -165,8 +165,10 @@ int avic_ga_log_notifier(u32 ga_tag)
>>>>> 	 * bit in the vAPIC backing page. So, we just need to schedule
>>>>> 	 * in the vcpu.
>>>>> 	 */
>>>>> -	if (vcpu)
>>>>> +	if (vcpu) {
>>>>> 		kvm_vcpu_wake_up(vcpu);
>>>>> +		++vcpu->stat.ga_log_event;
>>>>> +	}
>>>>>
>>>>
>>>> I am not sure why this is added for SVM only.
>>>
>>> I am mostly familiar with AVIC, and much less so with VMX's PI, so this is
>>> why I am likely missing potential stats that could be useful to expose from
>>> the VMX  side. I'll be glad to implement any other suggestions you have.
>>>
>>>
>>> it looks to me GALog events are
>>>> similar to Intel IOMMU's wakeup events. Can we have a general name? maybe
>>>> iommu_wakeup_event
>>>
>>> I believe that after:
>>> d588bb9be1da ("KVM: VMX: enable IPI virtualization")
>>>
>>> both the VT-d PI and the virtualized IPIs code paths will use POSTED_INTR_WAKEUP_VECTOR
>>> for interrupts targeting a blocked vCPU. So on Intel hosts enabling IPI virtualization,
>>> a counter incremented in pi_wakeup_handler() would record interrupts from both virtualized
>>> IPIs and VT-d sources.
>>>
>>> I don't think it is correct to generalize this counter since AMD's implementation is
>>> different; when a blocked vCPU is targeted:
>>>
>>> - by device interrupts, it uses the GA Log mechanism
>>> - by an IPI, it generates an AVIC_INCOMPLETE_IPI #VMEXIT
>>>
>>> If the reasoning above is correct, we can add a VMX specific counter (vmx_pi_wakeup_event?)
>>> that is increased in pi_wakeup_handler() as you suggest, and document the difference
>>> in behavior so that is not confused as equivalent with the ga_log_event counter.
>>
>> Correct. If we cannot generalize the counter, I think it is ok to
>> add the counter for SVM only. Thank you for the clarification.
> 
> There's already a generic stat, halt_wakeup, that more or less covers this case.

I don't think we can extrapolate PI-originated wake ups from halt_wakeup, since it
can/will also be triggered with APICv/AVIC disabled.

> And despite what the comment says, avic_ga_log_notifier() does NOT schedule in
> the task, kvm_vcpu_wake_up() only wakes up blocking vCPUs, no more, no less.

True, both the GA log and the PI wake up handler just call kvm_vcpu_wake_up().

> 
> I'm also not at all convinced that KVM needs to differentiate between IPIs and
> device interrupts that arrive when the vCPU isn't in the guest.  E.g. this can
> kinda sorta be used to confirm IRQ affinity, but if the vCPU is happily running
> in the guest, such a heuristic will get false negatives.
> 
> And for confirming that GA logging is working, that's more or less covered by the
> proposed APICv stat.  If AVIC is enabled, the VM has assigned devices, and GA logging
> *isn't* working, then you'll probably find out quite quickly because the VM will
> have a lot of missed interrupts, e.g. vCPUs will get stuck in HLT.

ACK, if the device interrupts are not being handled correctly there will be lots of
complaints during device initialization as we have seen before.
There is one scenario in which you can have APICv/AVIC enabled but only doing the
IPI acceleration, while device interrupts are still using the legacy path.
It requires booting the host kernel with 'amd_iommu_intr=legacy'(AMD) or with
'intremap=nopost'(Intel), so that is a special case since you must explicitly
request the behavior.

In short, I typically use the GA Log tracepoint to confirm IOMMU AVIC is working
as expected, so I wanted to provide the equivalent via the stats.
If we want to have a common stat, we could have a pi_wakeup stat that is incremented
both in ga_log and vmx_pi_wakeup_event, but I do understand that is not strictly
necessary, specially if we want to be conservative with the number of stats.

Thank you,
Alejandro

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ