Re: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the arm64 ASID one
Hi Will, On 7/22/21 4:38 PM, Will Deacon wrote: > Hi Vladimir, > > On Thu, Jul 22, 2021 at 04:22:26PM +0100, Vladimir Murzin wrote: >> On 7/22/21 10:50 AM, Will Deacon wrote: >>> As an aside: I'm more and more inclined to rip out the CnP stuff given >>> that it doesn't appear to being any benefits, but does have some clear >>> downsides. Perhaps something for next week. >> >> Can you please clarify what do you mean by "it doesn't appear to being any >> benefits"? IIRC, Cortex-A65 implements CnP hint and I've heard that some >> payloads seen improvement... > > Has anybody taped that out? I'd have thought building an SMT design in 2021 > is a reasonably courageous thing to do. As you said three can be niche for that... > > The issue I'm getting at is that modern cores seem to advertise CnP even > if they ignore it internally, maybe because of some big/little worries? Should we employ CPU errata framework for such cores to demote CnP? > That would be fine if it didn't introduce complexity and overhead to the > kernel, but it does and therefore I think we should rip it out (or at > least stick it behind a "default n" config option if there are some niche > users). "default n" still better then no code at all :) Cheers Vladimir > > There are also open questions as to exactly what CnP does because the > architecture is not clear at all (for example TTBRx_EL1.CnP is permitted > to be cached in a TLB). > > CHeers, > > Will > ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the arm64 ASID one
On Thu, Jul 22, 2021 at 10:11AM +0100, Quentin Perret wrote: > On Thursday 22 Jul 2021 at 06:45:14 (+), Shameerali Kolothum Thodi wrote: > > > From: Will Deacon [mailto:w...@kernel.org] > > > > diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > > b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > > > index 4b60c0056c04..a02c4877a055 100644 > > > > --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > > > +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > > > @@ -106,8 +106,7 @@ int kvm_host_prepare_stage2(void *mem_pgt_pool, > > > void *dev_pgt_pool) > > > > mmu->pgd_phys = __hyp_pa(host_kvm.pgt.pgd); > > > > mmu->arch = _kvm.arch; > > > > mmu->pgt = _kvm.pgt; > > > > - mmu->vmid.vmid_gen = 0; > > > > - mmu->vmid.vmid = 0; > > > > + atomic64_set(>vmid.id, 0); > > > > > > I think this is the first atomic64 use in the EL2 object, which may pull > > > in > > > some fatal KCSAN instrumentation. Quentin, have you run into this before? > > > > > > Might be simple just to zero-initialise mmu for now, if it isn't already. > > > > I will check that. > > Yes I think what saves us here is that, AFAICT. arm64 doesn't support > KCSAN yet. But the day it does, this should fail to link (hopefully) > because of out-of-line calls into e.g. __kasan_check_write(). > > So yes, a simple zeroing here is probably preferable. Note: Do not worry about hypothetically breaking with sanitizers here -- whether it's KASAN or KCSAN, they both instrument atomics. In files that enable instrumentation but the atomic instrumentation should not be pulled in, use the arch_ variants, but this doesn't apply here because instrumentation shouldn't even be on. The indicator that when KCSAN is supported on arm64, the Makefile here just needs KCSAN_SANITIZE := n, is that all other instrumentation is also killed entirely: $ grep -E "(PROFILE|SANITIZE|INSTRUMENT)" arch/arm64/kvm/hyp/nvhe/Makefile GCOV_PROFILE := n KASAN_SANITIZE:= n UBSAN_SANITIZE:= n KCOV_INSTRUMENT := n KCSAN isn't supported on arm64 yet, and when it does, I believe Mark's arm64 KCSAN series should take care of things like this. Thanks, -- Marco ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the arm64 ASID one
Hi Vladimir, On Thu, Jul 22, 2021 at 04:22:26PM +0100, Vladimir Murzin wrote: > On 7/22/21 10:50 AM, Will Deacon wrote: > > As an aside: I'm more and more inclined to rip out the CnP stuff given > > that it doesn't appear to being any benefits, but does have some clear > > downsides. Perhaps something for next week. > > Can you please clarify what do you mean by "it doesn't appear to being any > benefits"? IIRC, Cortex-A65 implements CnP hint and I've heard that some > payloads seen improvement... Has anybody taped that out? I'd have thought building an SMT design in 2021 is a reasonably courageous thing to do. The issue I'm getting at is that modern cores seem to advertise CnP even if they ignore it internally, maybe because of some big/little worries? That would be fine if it didn't introduce complexity and overhead to the kernel, but it does and therefore I think we should rip it out (or at least stick it behind a "default n" config option if there are some niche users). There are also open questions as to exactly what CnP does because the architecture is not clear at all (for example TTBRx_EL1.CnP is permitted to be cached in a TLB). CHeers, Will ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the arm64 ASID one
On 7/22/21 10:50 AM, Will Deacon wrote: > As an aside: I'm more and more inclined to rip out the CnP stuff given > that it doesn't appear to being any benefits, but does have some clear > downsides. Perhaps something for next week. Can you please clarify what do you mean by "it doesn't appear to being any benefits"? IIRC, Cortex-A65 implements CnP hint and I've heard that some payloads seen improvement... Cheers Vladimir ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the arm64 ASID one
On Thursday 22 Jul 2021 at 06:45:14 (+), Shameerali Kolothum Thodi wrote: > > From: Will Deacon [mailto:w...@kernel.org] > > > diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > > index 4b60c0056c04..a02c4877a055 100644 > > > --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > > +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c > > > @@ -106,8 +106,7 @@ int kvm_host_prepare_stage2(void *mem_pgt_pool, > > void *dev_pgt_pool) > > > mmu->pgd_phys = __hyp_pa(host_kvm.pgt.pgd); > > > mmu->arch = _kvm.arch; > > > mmu->pgt = _kvm.pgt; > > > - mmu->vmid.vmid_gen = 0; > > > - mmu->vmid.vmid = 0; > > > + atomic64_set(>vmid.id, 0); > > > > I think this is the first atomic64 use in the EL2 object, which may pull in > > some fatal KCSAN instrumentation. Quentin, have you run into this before? > > > > Might be simple just to zero-initialise mmu for now, if it isn't already. > > I will check that. Yes I think what saves us here is that, AFAICT. arm64 doesn't support KCSAN yet. But the day it does, this should fail to link (hopefully) because of out-of-line calls into e.g. __kasan_check_write(). So yes, a simple zeroing here is probably preferable. Thanks, Quentin ___ kvmarm mailing list kvmarm@lists.cs.columbia.edu https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
Re: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the arm64 ASID one
On Thu, Jul 22, 2021 at 06:45:14AM +, Shameerali Kolothum Thodi wrote:
> > > diff --git a/arch/arm64/kvm/hyp/nvhe/tlb.c
> > b/arch/arm64/kvm/hyp/nvhe/tlb.c
> > > index 83dc3b271bc5..42df9931ed9a 100644
> > > --- a/arch/arm64/kvm/hyp/nvhe/tlb.c
> > > +++ b/arch/arm64/kvm/hyp/nvhe/tlb.c
> > > @@ -140,10 +140,10 @@ void __kvm_flush_cpu_context(struct
> > kvm_s2_mmu *mmu)
> > > __tlb_switch_to_host();
> > > }
> > >
> > > -void __kvm_flush_vm_context(void)
> > > +void __kvm_tlb_flush_local_all(void)
> > > {
> > > - dsb(ishst);
> > > - __tlbi(alle1is);
> > > + dsb(nshst);
> > > + __tlbi(alle1);
> > >
> > > /*
> > >* VIPT and PIPT caches are not affected by VMID, so no maintenance
> > > @@ -155,7 +155,7 @@ void __kvm_flush_vm_context(void)
> > >*
> > >*/
> > > if (icache_is_vpipt())
> > > - asm volatile("ic ialluis");
> > > + asm volatile("ic iallu" : : );
> > >
> > > - dsb(ish);
> > > + dsb(nsh);
> >
> > Hmm, I'm wondering whether having this local stuff really makes sense for
> > VMIDs. For ASIDs, where rollover can be frequent and TLBI could result in
> > IPI on 32-bit, the local option was important, but here rollover is less
> > frequent, DVM is relied upon to work and the cost of a hypercall is
> > significant with nVHE.
> >
> > So I do think you could simplify patch 2 slightly to drop the
> > flush_pending and just issue inner-shareable invalidation on rollover.
> > With that, it might also make it straightforward to clear active_asids
> > when scheduling out a vCPU, which would solve the other problem I
> > mentioned
> > about unnecessarily reserving a bunch of the VMID space.
>
> Ok. I will try out the above suggestion. Hope it will be acceptable for 8 bit
> VMID systems as well as there is a higher chance for rollover especially
> when we introduce pinned VMIDs(I am not sure such platforms care about
> Pinned VMID or not. If not, we could limit Pinned VMIDs to 16 bit systems).
So I woke up at 3am in a cold sweat after dreaming about this code.
I think my suggestion above still stands for the VMID allocator, but
interestingly, it would _not_ be valid for the ASID allocator because there
the ASID is part of the active context and so, during the window where the
active_asid is out of sync with the TTBR, receiving a broadcast TLBI from a
concurrent rollover wouldn't be enough to knock out the old ASID from the
TLB despite it subsequently being made available for reallocation. So the
local TLB invalidation is not just a performance hint as I said; it's crucial
to the way the thing works (and this is also why the CnP code has to switch
to the reserved TTBR0).
As an aside: I'm more and more inclined to rip out the CnP stuff given
that it doesn't appear to being any benefits, but does have some clear
downsides. Perhaps something for next week.
Will
___
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
RE: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the arm64 ASID one
> -Original Message-
> From: Will Deacon [mailto:w...@kernel.org]
> Sent: 21 July 2021 17:32
> To: Shameerali Kolothum Thodi
> Cc: linux-arm-ker...@lists.infradead.org; kvmarm@lists.cs.columbia.edu;
> linux-ker...@vger.kernel.org; m...@kernel.org; catalin.mari...@arm.com;
> james.mo...@arm.com; julien.thierry.k...@gmail.com;
> suzuki.poul...@arm.com; jean-phili...@linaro.org;
> alexandru.eli...@arm.com; Linuxarm ;
> qper...@google.com
> Subject: Re: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the
> arm64 ASID one
>
> [+Quentin]
>
> On Wed, Jun 16, 2021 at 04:56:06PM +0100, Shameer Kolothum wrote:
> > From: Julien Grall
> >
> > At the moment, the VMID algorithm will send an SGI to all the CPUs to
> > force an exit and then broadcast a full TLB flush and I-Cache
> > invalidation.
> >
> > This patch use the new VMID allocator. The
> > benefits are:
> > - CPUs are not forced to exit at roll-over. Instead the VMID will be
> > marked reserved and the context will be flushed at next exit. This
> > will reduce the IPIs traffic.
> > - Context invalidation is now per-CPU rather than broadcasted.
> > - Catalin has a formal model of the ASID allocator.
> >
> > With the new algo, the code is now adapted:
> > - The function __kvm_flush_vm_context() has been renamed to
> > __kvm_tlb_flush_local_all() and now only flushing the current CPU
> > context.
> > - The call to update_vmid() will be done with preemption disabled
> > as the new algo requires to store information per-CPU.
> > - The TLBs associated to EL1 will be flushed when booting a CPU to
> > deal with stale information. This was previously done on the
> > allocation of the first VMID of a new generation.
> >
> > Signed-off-by: Julien Grall
> > Signed-off-by: Shameer Kolothum
>
> > ---
> > arch/arm64/include/asm/kvm_asm.h | 4 +-
> > arch/arm64/include/asm/kvm_host.h | 6 +-
> > arch/arm64/include/asm/kvm_mmu.h | 3 +-
> > arch/arm64/kvm/Makefile | 2 +-
> > arch/arm64/kvm/arm.c | 115 +++---
> > arch/arm64/kvm/hyp/nvhe/hyp-main.c| 6 +-
> > arch/arm64/kvm/hyp/nvhe/mem_protect.c | 3 +-
> > arch/arm64/kvm/hyp/nvhe/tlb.c | 10 +--
> > arch/arm64/kvm/hyp/vhe/tlb.c | 10 +--
> > arch/arm64/kvm/mmu.c | 1 -
> > 10 files changed, 52 insertions(+), 108 deletions(-)
>
> [...]
>
> > diff --git a/arch/arm64/include/asm/kvm_host.h
> b/arch/arm64/include/asm/kvm_host.h
> > index 75a7e8071012..d96284da8571 100644
> > --- a/arch/arm64/include/asm/kvm_host.h
> > +++ b/arch/arm64/include/asm/kvm_host.h
> > @@ -70,9 +70,7 @@ int kvm_reset_vcpu(struct kvm_vcpu *vcpu);
> > void kvm_arm_vcpu_destroy(struct kvm_vcpu *vcpu);
> >
> > struct kvm_vmid {
> > - /* The VMID generation used for the virt. memory system */
> > - u64vmid_gen;
> > - u32vmid;
> > + atomic64_t id;
>
> Maybe a typedef would be better if this is the only member of the structure?
Ok.
>
> > diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> > index 4b60c0056c04..a02c4877a055 100644
> > --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> > +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> > @@ -106,8 +106,7 @@ int kvm_host_prepare_stage2(void *mem_pgt_pool,
> void *dev_pgt_pool)
> > mmu->pgd_phys = __hyp_pa(host_kvm.pgt.pgd);
> > mmu->arch = _kvm.arch;
> > mmu->pgt = _kvm.pgt;
> > - mmu->vmid.vmid_gen = 0;
> > - mmu->vmid.vmid = 0;
> > + atomic64_set(>vmid.id, 0);
>
> I think this is the first atomic64 use in the EL2 object, which may pull in
> some fatal KCSAN instrumentation. Quentin, have you run into this before?
>
> Might be simple just to zero-initialise mmu for now, if it isn't already.
I will check that.
>
> > diff --git a/arch/arm64/kvm/hyp/nvhe/tlb.c
> b/arch/arm64/kvm/hyp/nvhe/tlb.c
> > index 83dc3b271bc5..42df9931ed9a 100644
> > --- a/arch/arm64/kvm/hyp/nvhe/tlb.c
> > +++ b/arch/arm64/kvm/hyp/nvhe/tlb.c
> > @@ -140,10 +140,10 @@ void __kvm_flush_cpu_context(struct
> kvm_s2_mmu *mmu)
> > __tlb_switch_to_host();
> > }
> >
> > -void __kvm_flush_vm_context(void)
> > +void __kvm_tlb_flush_local_all(void)
> > {
> > - dsb(ishst);
> > - __tlbi(alle1is);
> > + dsb(nshst);
> > + __tlbi(alle1);
> >
> > /*
> > * VIPT and P
Re: [PATCH v2 3/3] kvm/arm: Align the VMID allocation with the arm64 ASID one
[+Quentin]
On Wed, Jun 16, 2021 at 04:56:06PM +0100, Shameer Kolothum wrote:
> From: Julien Grall
>
> At the moment, the VMID algorithm will send an SGI to all the CPUs to
> force an exit and then broadcast a full TLB flush and I-Cache
> invalidation.
>
> This patch use the new VMID allocator. The
> benefits are:
> - CPUs are not forced to exit at roll-over. Instead the VMID will be
> marked reserved and the context will be flushed at next exit. This
> will reduce the IPIs traffic.
> - Context invalidation is now per-CPU rather than broadcasted.
> - Catalin has a formal model of the ASID allocator.
>
> With the new algo, the code is now adapted:
> - The function __kvm_flush_vm_context() has been renamed to
> __kvm_tlb_flush_local_all() and now only flushing the current CPU
> context.
> - The call to update_vmid() will be done with preemption disabled
> as the new algo requires to store information per-CPU.
> - The TLBs associated to EL1 will be flushed when booting a CPU to
> deal with stale information. This was previously done on the
> allocation of the first VMID of a new generation.
>
> Signed-off-by: Julien Grall
> Signed-off-by: Shameer Kolothum
> ---
> arch/arm64/include/asm/kvm_asm.h | 4 +-
> arch/arm64/include/asm/kvm_host.h | 6 +-
> arch/arm64/include/asm/kvm_mmu.h | 3 +-
> arch/arm64/kvm/Makefile | 2 +-
> arch/arm64/kvm/arm.c | 115 +++---
> arch/arm64/kvm/hyp/nvhe/hyp-main.c| 6 +-
> arch/arm64/kvm/hyp/nvhe/mem_protect.c | 3 +-
> arch/arm64/kvm/hyp/nvhe/tlb.c | 10 +--
> arch/arm64/kvm/hyp/vhe/tlb.c | 10 +--
> arch/arm64/kvm/mmu.c | 1 -
> 10 files changed, 52 insertions(+), 108 deletions(-)
[...]
> diff --git a/arch/arm64/include/asm/kvm_host.h
> b/arch/arm64/include/asm/kvm_host.h
> index 75a7e8071012..d96284da8571 100644
> --- a/arch/arm64/include/asm/kvm_host.h
> +++ b/arch/arm64/include/asm/kvm_host.h
> @@ -70,9 +70,7 @@ int kvm_reset_vcpu(struct kvm_vcpu *vcpu);
> void kvm_arm_vcpu_destroy(struct kvm_vcpu *vcpu);
>
> struct kvm_vmid {
> - /* The VMID generation used for the virt. memory system */
> - u64vmid_gen;
> - u32vmid;
> + atomic64_t id;
Maybe a typedef would be better if this is the only member of the structure?
> diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> index 4b60c0056c04..a02c4877a055 100644
> --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c
> @@ -106,8 +106,7 @@ int kvm_host_prepare_stage2(void *mem_pgt_pool, void
> *dev_pgt_pool)
> mmu->pgd_phys = __hyp_pa(host_kvm.pgt.pgd);
> mmu->arch = _kvm.arch;
> mmu->pgt = _kvm.pgt;
> - mmu->vmid.vmid_gen = 0;
> - mmu->vmid.vmid = 0;
> + atomic64_set(>vmid.id, 0);
I think this is the first atomic64 use in the EL2 object, which may pull in
some fatal KCSAN instrumentation. Quentin, have you run into this before?
Might be simple just to zero-initialise mmu for now, if it isn't already.
> diff --git a/arch/arm64/kvm/hyp/nvhe/tlb.c b/arch/arm64/kvm/hyp/nvhe/tlb.c
> index 83dc3b271bc5..42df9931ed9a 100644
> --- a/arch/arm64/kvm/hyp/nvhe/tlb.c
> +++ b/arch/arm64/kvm/hyp/nvhe/tlb.c
> @@ -140,10 +140,10 @@ void __kvm_flush_cpu_context(struct kvm_s2_mmu *mmu)
> __tlb_switch_to_host();
> }
>
> -void __kvm_flush_vm_context(void)
> +void __kvm_tlb_flush_local_all(void)
> {
> - dsb(ishst);
> - __tlbi(alle1is);
> + dsb(nshst);
> + __tlbi(alle1);
>
> /*
>* VIPT and PIPT caches are not affected by VMID, so no maintenance
> @@ -155,7 +155,7 @@ void __kvm_flush_vm_context(void)
>*
>*/
> if (icache_is_vpipt())
> - asm volatile("ic ialluis");
> + asm volatile("ic iallu" : : );
>
> - dsb(ish);
> + dsb(nsh);
Hmm, I'm wondering whether having this local stuff really makes sense for
VMIDs. For ASIDs, where rollover can be frequent and TLBI could result in
IPI on 32-bit, the local option was important, but here rollover is less
frequent, DVM is relied upon to work and the cost of a hypercall is
significant with nVHE.
So I do think you could simplify patch 2 slightly to drop the
flush_pending and just issue inner-shareable invalidation on rollover.
With that, it might also make it straightforward to clear active_asids
when scheduling out a vCPU, which would solve the other problem I mentioned
about unnecessarily reserving a bunch of the VMID space.
Will
___
kvmarm mailing list
kvmarm@lists.cs.columbia.edu
https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
