Re: stale TLB contents?

[Juergen Gross <juergen.gross@ts.fujitsu.com>]

On 01/24/11 14:13, Tim Deegan wrote:
> At 13:00 +0000 on 24 Jan (1295874058), Juergen Gross wrote:
>> Hi,
>>
>> in our BS2000 guest running as HVM with EPT on x86_64 I have a problem which
>> seems to be related to stale TLB entries. I'm pretty sure I have invalidated
>> the TLB correctly after a change of the page tables, so I've searched for
>> possible problems in the hypervisor.
>>
>> Xen is version 4.0 from SLES 11 SP1.
>>
>> If I have read the sources correctly, neither INVLPG nor reload of CR3 are
>> handled by the hypervisor. And I didn't find an explicit clearing of the TLB
>> when a vcpu is switching physical cpus. So I think the following scenario is
>> possible:
>>
>> - a vcpu is running on physical cpu A creating a TLB entry
>> - the vcpu is scheduled on physical cpu B, while physical cpu A is left idle
>> - on physical cpu B the TLB entry is cleared by INVLPG or load CR3
>> - the vcpu is scheduled on physical cpu A again (no other vcpu was active
>>     there in between), CR3 is same as when vcpu left cpu A
>> - the old TLB entry from the vcpu is still valid there!
>>
>> Do I miss something?
>
> vmx_do_resume() calls hvm_asid_flush_vcpu() if the VCPU is migrating
> onto this CPU, so the VCPU should get a fresh ASID when it comes back to
> CPU A.  Processors with no ASID support flush their TLBs on every
> VMENTER and VMEXIT, so I don't see where we could leak TLB entries.

Ah, this was the missing information I needed!
Thanks, I'll keep on searching...


Juergen

-- 
Juergen Gross                 Principal Developer Operating Systems
TSP ES&S SWE OS6                       Telephone: +49 (0) 89 3222 2967
Fujitsu Technology Solutions              e-mail: juergen.gross@ts.fujitsu.com
Domagkstr. 28                           Internet: ts.fujitsu.com
D-80807 Muenchen                 Company details: ts.fujitsu.com/imprint.html