Re: [EXTERNAL][PATCH v3] KVM: x86/xen: Implement hvm_op/HVMOP_flush_tlbs hypercall

David Woodhouse <dwmw2@xxxxxxxxxxxxx> · Tue, 18 Apr 2023 12:05:59 +0100

On Tue, 2023-04-18 at 11:48 +0100, Paul Durrant wrote:
> On 18/04/2023 11:13, Metin Kaya wrote:
> > Implement in-KVM support for Xen's HVMOP_flush_tlbs hypercall, which
> > allows the guest to flush all vCPU's TLBs. KVM doesn't provide an
> > ioctl() to precisely flush guest TLBs, and punting to userspace would
> > likely negate the performance benefits of avoiding a TLB shootdown in
> > the guest.
> > 
> > Signed-off-by: Metin Kaya <metikaya@xxxxxxxxxxxx>

Reviewed-by: David Woodhouse <dwmw@xxxxxxxxxxxx>

Although as noted on the internal review and by Sean, it would be good
to have a test case that verifies that the TLBs are actually flushed.

> > 
> > ---
> > v3:
> >    - Addressed comments for v2.
> >    - Verified with XTF/invlpg test case.
> > 
> > v2:
> >    - Removed an irrelevant URL from commit message.
> > ---
> >   arch/x86/kvm/xen.c                 | 15 +++++++++++++++
> >   include/xen/interface/hvm/hvm_op.h |  3 +++
> >   2 files changed, 18 insertions(+)
> > 
> > diff --git a/arch/x86/kvm/xen.c b/arch/x86/kvm/xen.c
> > index 40edf4d1974c..a63c48e8d8fa 100644
> > --- a/arch/x86/kvm/xen.c
> > +++ b/arch/x86/kvm/xen.c
> > @@ -21,6 +21,7 @@
> >   #include <xen/interface/vcpu.h>
> >   #include <xen/interface/version.h>
> >   #include <xen/interface/event_channel.h>
> > +#include <xen/interface/hvm/hvm_op.h>
> >   #include <xen/interface/sched.h>
> > 
> >   #include <asm/xen/cpuid.h>
> > @@ -1330,6 +1331,17 @@ static bool kvm_xen_hcall_sched_op(struct kvm_vcpu *vcpu, bool longmode,
> >       return false;
> >   }
> > 
> > +static bool kvm_xen_hcall_hvm_op(struct kvm_vcpu *vcpu, int cmd, u64 arg, u64 *r)
> > +{
> > +     if (cmd == HVMOP_flush_tlbs && !arg) {
> > +             kvm_make_all_cpus_request(vcpu->kvm, KVM_REQ_TLB_FLUSH_GUEST);
> > +             *r = 0;
> > +             return true;
> > +     }
> > +
> > +     return false;
> > +}
> 
> This code structure means that arg != NULL will result in the guest
> seeing ENOSYS rather than EINVAL.

In kvm_xen_hypercall() the default for 'r' is -ENOSYS but because
'handled' never gets set to true, we don't hand that back to the guest.
Instead we get to handle_in_userspace: and do the KVM_EXIT_XEN exit.

So arg != NULL will cause the standard hypercall exit to userspace just
as it does today.
Attachment:
smime.p7s

Description: S/MIME cryptographic signature