Re: stale TLB contents?

[Juergen Gross <juergen.gross@ts.fujitsu.com>]

On 01/24/11 14:11, George Dunlap wrote:
> If you're talking about just TLB  stuff (not changes to the EPT
> tables), that should happen as a result of the context switch code
> (nothing to do with EPT).  The code in question is here:
>
> xen/arch/x86/domain.c:context_switch()
>      if ( unlikely(!cpu_isset(cpu, dirty_mask)&&  !cpus_empty(dirty_mask)) )
>      {
>          /* Other cpus call __sync_local_execstate from flush ipi handler. */
>          flush_tlb_mask(&dirty_mask);
>      }
>
> "Dirty  mask" means "where this vcpu has run"; since the vcpu in
> question will have run on another pcpu, this should happen before the
> vcpu is allowed to run on cpu 0 again.

Really?
I think you refer to this code in __context_switch():
     /*
      * Mark this CPU in next domain's dirty cpumasks before calling
      * ctxt_switch_to(). This avoids a race on things like EPT flushing,
      * which is synchronised on that function.
      */
     if ( p->domain != n->domain )
         cpu_set(cpu, n->domain->domain_dirty_cpumask);
     cpu_set(cpu, n->vcpu_dirty_cpumask);

This should set the dirty bit for the physical cpu on which the vcpu is just
about to be started.

But the dirty bit of the previous vcpu is cleared a little bit later:
     if ( p->domain != n->domain )
         cpu_clear(cpu, p->domain->domain_dirty_cpumask);
     cpu_clear(cpu, p->vcpu_dirty_cpumask);

Couldn't this leave the dirty mask to be empty again?


Juergen

-- 
Juergen Gross                 Principal Developer Operating Systems
TSP ES&S SWE OS6                       Telephone: +49 (0) 89 3222 2967
Fujitsu Technology Solutions              e-mail: juergen.gross@ts.fujitsu.com
Domagkstr. 28                           Internet: ts.fujitsu.com
D-80807 Muenchen                 Company details: ts.fujitsu.com/imprint.html