From: Tim Chen <tim.c.chen@linux.intel.com>
To: speck@linutronix.de
Subject: [MODERATED] Encrypted Message
Date: Fri, 25 May 2018 11:22:37 -0700 [thread overview]
Message-ID: <786ae2c4-48ee-4af0-15fa-23659ac63adf@linux.intel.com> (raw)
In-Reply-To: <d2029ba2-bdad-5bb9-596d-f22a9bfa5b9a@linux.intel.com>
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/rfc822-headers; protected-headers="v1", Size: 127 bytes --]
From: Tim Chen <tim.c.chen@linux.intel.com>
To: speck for Tim Chen <speck@linutronix.de>
Subject: Re: L1D-Fault KVM mitigation
[-- Attachment #2: Type: text/plain, Size: 3260 bytes --]
On 05/24/2018 04:18 PM, speck for Tim Chen wrote:
> On 05/24/2018 08:33 AM, speck for Thomas Gleixner wrote:
>> On Thu, 24 May 2018, speck for Thomas Gleixner wrote:
>>> On Thu, 24 May 2018, speck for Peter Zijlstra wrote:
>>>> On Wed, May 23, 2018 at 10:45:45AM +0100, speck for David Woodhouse wrote:
>>>>> The microcode trick just makes it a lot easier because we don't
>>>>> have to *explicitly* pause the sibling vCPUs and manage their state on
>>>>> every vmexit/entry. And avoids potential race conditions with managing
>>>>> that in software.
>>>>
>>>> Yes, it would certainly help and avoid a fair bit of ugly. It would, for
>>>> instance, avoid having to modify irq_enter() / irq_exit(), which would
>>>> otherwise be required (and possibly leak all data touched up until that
>>>> point is reached).
>>>>
>>>> But even with all that, adding L1-flush to every VMENTER will hurt lots.
>>>> Consider for example the PIO emulation used when booting a guest from a
>>>> disk image. That causes VMEXIT/VMENTER at stupendous rates.
>>>
>>> Just did a test on SKL Client where I have ucode. It does not have HT so
>>> its not suffering from any HT side effects when L1D is flushed.
>>>
>>> Boot time from a disk image is ~1s measured from the first vcpu enter.
>>>
>>> With L1D Flush on vmenter the boot time is about 5-10% slower. And that has
>>> lots of PIO operations in the early boot.
>>>
>>> For a kernel build the L1D Flush has an overhead of < 1%.
>>>
>>> Netperf guest to host has a slight drop of the throughput in the 2%
>>> range. Host to guest surprisingly goes up by ~3%. Fun stuff!
>>>
>>> Now I isolated two host CPUs and pinned the two vCPUs on it to be able to
>>> measure the overhead. Running cyclictest with a period of 25us in the guest
>>> on a isolated guest CPU and monitoring the behaviour with perf on the host
>>> for the corresponding host CPU gives
>>>
>>> No Flush Flush
>>>
>>> 1.31 insn per cycle 1.14 insn per cycle
>>>
>>> 2e6 L1-dcache-load-misses/sec 26e6 L1-dcache-load-misses/sec
>>>
>>> In that simple test the L1D misses go up by a factor of 13.
>>>
>>> Now with the whole gang scheduling the numbers I heard through the
>>> grapevine are in the range of factor 130, i.e. 13k% for a simple boot from
>>> disk image. 13 minutes instead of 6 seconds...
>
> The performance is highly dependent on how often we VM exit.
> Working with Peter Z on his prototype, the performance ranges from
> no regression for a network loop back, ~20% regression for kernel compile
> to ~100% regression on File IO. PIO brings out the worse aspect
> of the synchronization overhead as we VM exit on every dword PIO read in, and the
> kernel and initrd image was about 50 MB for the experiment, and led to
> 13 min of load time.
>
> We may need to do the co-scheduling only when VM exit rate is low, and
> turn off the SMT when VM exit rate becomes too high.
>
> (Note: I haven't added in the L1 flush on VM entry for my experiment, that is on
> the todo).
As a post note, I added in the L1 flush and the performance numbers
pretty much stay the same. So the synchronization overhead is
dominant and L1 flush overhead is secondary.
Tim
next prev parent reply other threads:[~2018-05-25 18:22 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-24 9:06 [MODERATED] L1D-Fault KVM mitigation Joerg Roedel
2018-04-24 9:35 ` [MODERATED] " Peter Zijlstra
2018-04-24 9:48 ` David Woodhouse
2018-04-24 11:04 ` Peter Zijlstra
2018-04-24 11:16 ` David Woodhouse
2018-04-24 15:10 ` Jon Masters
2018-05-23 9:45 ` David Woodhouse
2018-05-24 9:45 ` Peter Zijlstra
2018-05-24 14:14 ` Jon Masters
2018-05-24 15:04 ` Thomas Gleixner
2018-05-24 15:33 ` Thomas Gleixner
2018-05-24 15:38 ` [MODERATED] " Jiri Kosina
2018-05-24 17:22 ` Dave Hansen
2018-05-24 17:30 ` Linus Torvalds
2018-05-24 23:18 ` [MODERATED] Encrypted Message Tim Chen
2018-05-24 23:28 ` [MODERATED] Re: L1D-Fault KVM mitigation Linus Torvalds
2018-05-25 8:31 ` Thomas Gleixner
2018-05-28 14:43 ` [MODERATED] " Paolo Bonzini
2018-05-25 18:22 ` Tim Chen [this message]
2018-05-26 19:14 ` Thomas Gleixner
2018-05-26 20:43 ` [MODERATED] " Andi Kleen
2018-05-26 20:48 ` Linus Torvalds
2018-05-27 18:25 ` Andi Kleen
2018-05-27 18:49 ` Linus Torvalds
2018-05-27 18:57 ` Thomas Gleixner
2018-05-27 19:13 ` [MODERATED] " Andrew Cooper
2018-05-27 19:26 ` Linus Torvalds
2018-05-27 19:41 ` Thomas Gleixner
2018-05-27 22:26 ` [MODERATED] " Andrew Cooper
2018-05-28 6:47 ` Thomas Gleixner
2018-05-28 12:26 ` [MODERATED] " Andrew Cooper
2018-05-28 14:40 ` Paolo Bonzini
2018-05-28 15:56 ` Thomas Gleixner
2018-05-28 17:15 ` [MODERATED] " Paolo Bonzini
2018-05-27 15:42 ` Thomas Gleixner
2018-05-27 16:26 ` [MODERATED] " Linus Torvalds
2018-05-27 18:31 ` Andi Kleen
2018-05-29 19:29 ` [MODERATED] Encrypted Message Tim Chen
2018-05-29 21:14 ` L1D-Fault KVM mitigation Thomas Gleixner
2018-05-30 16:38 ` [MODERATED] Encrypted Message Tim Chen
2018-05-24 15:44 ` [MODERATED] Re: L1D-Fault KVM mitigation Andi Kleen
2018-05-24 15:38 ` Linus Torvalds
2018-05-24 15:59 ` David Woodhouse
2018-05-24 16:35 ` Linus Torvalds
2018-05-24 16:51 ` David Woodhouse
2018-05-24 16:57 ` Linus Torvalds
2018-05-25 11:29 ` David Woodhouse
2018-04-24 10:30 ` [MODERATED] Re: ***UNCHECKED*** " Joerg Roedel
2018-04-24 11:09 ` Thomas Gleixner
2018-04-24 16:06 ` [MODERATED] " Andi Kleen
2018-04-24 12:53 ` Paolo Bonzini
2018-05-03 16:20 ` Konrad Rzeszutek Wilk
2018-05-07 17:11 ` Paolo Bonzini
2018-05-16 8:51 ` Jiri Kosina
2018-05-16 8:53 ` Paolo Bonzini
2018-05-21 10:06 ` David Woodhouse
2018-05-21 13:40 ` Thomas Gleixner
-- strict thread matches above, loose matches on Subject: below --
2018-05-02 21:51 [patch V11 00/16] SSB 0 Thomas Gleixner
2018-05-03 4:27 ` [MODERATED] Encrypted Message Tim Chen
2018-05-17 20:53 SSB status - V18 pushed out Thomas Gleixner
2018-05-18 13:54 ` [MODERATED] Is: Sleep states ?Was:Re: " Konrad Rzeszutek Wilk
2018-05-18 14:29 ` Thomas Gleixner
2018-05-18 19:50 ` [MODERATED] Encrypted Message Tim Chen
2018-05-29 19:42 [MODERATED] [PATCH 0/2] L1TF KVM 0 Paolo Bonzini
[not found] ` <20180529194240.7F1336110A@crypto-ml.lab.linutronix.de>
2018-05-29 22:49 ` [PATCH 1/2] L1TF KVM 1 Thomas Gleixner
2018-05-29 23:54 ` [MODERATED] " Andrew Cooper
2018-05-30 9:01 ` Paolo Bonzini
2018-06-04 8:24 ` [MODERATED] " Martin Pohlack
2018-06-04 13:11 ` [MODERATED] Is: Tim, Q to you. Was:Re: " Konrad Rzeszutek Wilk
2018-06-04 17:59 ` [MODERATED] Encrypted Message Tim Chen
2018-06-05 23:34 ` Tim Chen
2018-06-05 23:37 ` Tim Chen
2018-06-07 19:11 ` Tim Chen
2018-06-12 17:29 [MODERATED] FYI - Reading uncached memory Jon Masters
2018-06-14 16:59 ` [MODERATED] Encrypted Message Tim Chen
2019-01-12 1:29 [MODERATED] [PATCH v4 00/28] MDSv4 2 Andi Kleen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 05/28] MDSv4 10 Andi Kleen
2019-01-14 19:20 ` [MODERATED] " Dave Hansen
2019-01-18 7:33 ` [MODERATED] Encrypted Message Jon Masters
2019-01-14 23:39 ` Tim Chen
2019-01-12 1:29 ` [MODERATED] [PATCH v4 10/28] MDSv4 24 Andi Kleen
2019-01-15 1:05 ` [MODERATED] Encrypted Message Tim Chen
2019-02-07 23:41 [MODERATED] [PATCH v3 0/6] PERFv3 Andi Kleen
2019-02-07 23:41 ` [MODERATED] [PATCH v3 2/6] PERFv3 Andi Kleen
2019-02-08 0:51 ` [MODERATED] Re: [SUSPECTED SPAM][PATCH " Andrew Cooper
2019-02-08 9:01 ` Peter Zijlstra
2019-02-08 9:39 ` Peter Zijlstra
2019-02-08 10:53 ` [MODERATED] [RFC][PATCH] performance walnuts Peter Zijlstra
2019-02-15 23:45 ` [MODERATED] Encrypted Message Jon Masters
2019-02-19 12:44 [patch 0/8] MDS basics 0 Thomas Gleixner
2019-02-21 16:14 ` [MODERATED] Encrypted Message Jon Masters
2019-02-20 15:07 [patch V2 00/10] MDS basics+ 0 Thomas Gleixner
2019-02-20 15:07 ` [patch V2 04/10] MDS basics+ 4 Thomas Gleixner
2019-02-20 17:10 ` [MODERATED] " mark gross
2019-02-21 19:26 ` [MODERATED] Encrypted Message Tim Chen
2019-02-21 23:44 [patch V3 0/9] MDS basics 0 Thomas Gleixner
2019-02-21 23:44 ` [patch V3 4/9] MDS basics 4 Thomas Gleixner
2019-02-22 7:45 ` [MODERATED] Encrypted Message Jon Masters
2019-02-22 22:24 [patch V4 00/11] MDS basics Thomas Gleixner
2019-02-22 22:24 ` [patch V4 04/11] x86/speculation/mds: Add mds_clear_cpu_buffer() Thomas Gleixner
2019-02-26 14:19 ` [MODERATED] " Josh Poimboeuf
2019-03-01 20:58 ` [MODERATED] Encrypted Message Jon Masters
2019-03-01 22:14 ` Jon Masters
2019-02-24 15:07 [MODERATED] [PATCH v6 00/43] MDSv6 Andi Kleen
2019-02-24 15:07 ` [MODERATED] [PATCH v6 10/43] MDSv6 Andi Kleen
2019-02-25 16:30 ` [MODERATED] " Greg KH
2019-02-25 16:41 ` [MODERATED] Encrypted Message Jon Masters
2019-02-24 15:07 ` [MODERATED] [PATCH v6 31/43] MDSv6 Andi Kleen
2019-02-25 15:19 ` [MODERATED] " Greg KH
2019-02-25 15:34 ` Andi Kleen
2019-02-25 15:49 ` Greg KH
2019-02-25 15:52 ` [MODERATED] Encrypted Message Jon Masters
2019-02-25 16:00 ` [MODERATED] " Greg KH
2019-02-25 16:19 ` [MODERATED] " Jon Masters
2019-03-01 21:47 [patch V6 00/14] MDS basics 0 Thomas Gleixner
2019-03-01 21:47 ` [patch V6 06/14] MDS basics 6 Thomas Gleixner
2019-03-04 6:28 ` [MODERATED] Encrypted Message Jon Masters
2019-03-01 21:47 ` [patch V6 08/14] MDS basics 8 Thomas Gleixner
2019-03-04 6:57 ` [MODERATED] Encrypted Message Jon Masters
2019-03-04 7:06 ` Jon Masters
2019-03-04 8:12 ` Jon Masters
2019-03-05 15:34 ` Thomas Gleixner
2019-03-06 16:21 ` [MODERATED] " Jon Masters
2019-03-01 21:47 ` [patch V6 10/14] MDS basics 10 Thomas Gleixner
2019-03-04 6:45 ` [MODERATED] Encrypted Message Jon Masters
2019-03-01 21:47 ` [patch V6 12/14] MDS basics 12 Thomas Gleixner
2019-03-04 5:47 ` [MODERATED] Encrypted Message Jon Masters
2019-03-04 5:30 ` Jon Masters
2019-03-04 1:21 [MODERATED] [PATCH RFC 0/4] Proposed cmdline improvements Josh Poimboeuf
2019-03-04 1:23 ` [MODERATED] [PATCH RFC 1/4] 1 Josh Poimboeuf
2019-03-04 3:55 ` [MODERATED] Encrypted Message Jon Masters
2019-03-04 7:30 ` [MODERATED] Re: [PATCH RFC 1/4] 1 Greg KH
2019-03-04 7:45 ` [MODERATED] Encrypted Message Jon Masters
2019-03-04 1:24 ` [MODERATED] [PATCH RFC 3/4] 3 Josh Poimboeuf
2019-03-04 3:58 ` [MODERATED] Encrypted Message Jon Masters
2019-03-04 17:17 ` [MODERATED] " Josh Poimboeuf
2019-03-06 16:22 ` [MODERATED] " Jon Masters
2019-03-04 1:25 ` [MODERATED] [PATCH RFC 4/4] 4 Josh Poimboeuf
2019-03-04 4:07 ` [MODERATED] Encrypted Message Jon Masters
2019-03-05 16:43 [MODERATED] Starting to go public? Linus Torvalds
2019-03-05 17:02 ` [MODERATED] " Andrew Cooper
2019-03-05 20:36 ` Jiri Kosina
2019-03-05 22:31 ` Andrew Cooper
2019-03-06 16:18 ` [MODERATED] Encrypted Message Jon Masters
2019-03-05 17:10 ` Jon Masters
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=786ae2c4-48ee-4af0-15fa-23659ac63adf@linux.intel.com \
--to=tim.c.chen@linux.intel.com \
--cc=speck@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.