From: Marc Zyngier <maz@kernel.org>
To: Anshuman Khandual <anshuman.khandual@arm.com>
Cc: linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, will@kernel.org,
catalin.marinas@arm.com, mark.rutland@arm.com,
Mark Brown <broonie@kernel.org>,
James Clark <james.clark@arm.com>, Rob Herring <robh@kernel.org>,
Suzuki Poulose <suzuki.poulose@arm.com>,
Peter Zijlstra <peterz@infradead.org>,
Ingo Molnar <mingo@redhat.com>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
linux-perf-users@vger.kernel.org,
Oliver Upton <oliver.upton@linux.dev>,
James Morse <james.morse@arm.com>,
kvmarm@lists.linux.dev
Subject: Re: [PATCH V15 5/8] KVM: arm64: nvhe: Disable branch generation in nVHE guests
Date: Mon, 04 Dec 2023 08:42:47 +0000 [thread overview]
Message-ID: <86ttoybbp4.wl-maz@kernel.org> (raw)
In-Reply-To: <20231201053906.1261704-6-anshuman.khandual@arm.com>
On Fri, 01 Dec 2023 05:39:03 +0000,
Anshuman Khandual <anshuman.khandual@arm.com> wrote:
>
> Disable the BRBE before we enter the guest, saving the status and enable it
> back once we get out of the guest. This is just to avoid capturing records
> in the guest kernel/userspace, which would be confusing the samples.
Why does it have to be limited to non-VHE? What protects host EL0
records from guest's EL0 execution when the host is VHE?
>
> Cc: Marc Zyngier <maz@kernel.org>
> Cc: Oliver Upton <oliver.upton@linux.dev>
> Cc: James Morse <james.morse@arm.com>
> Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Will Deacon <will@kernel.org>
> Cc: kvmarm@lists.linux.dev
> Cc: linux-arm-kernel@lists.infradead.org
> CC: linux-kernel@vger.kernel.org
> Signed-off-by: Anshuman Khandual <anshuman.khandual@arm.com>
> ---
> Changes in V15:
>
> - Dropped runtime BRBE enable for setting DEBUG_STATE_SAVE_BRBE
> - Dropped BRBFCR_EL1 from __debug_save_brbe()/__debug_restore_brbe()
> - Always save the live SYS_BRBCR_EL1 in host context and then check if
> BRBE was enabled before resetting SYS_BRBCR_EL1 for the host
>
> arch/arm64/include/asm/kvm_host.h | 4 ++++
> arch/arm64/kvm/debug.c | 5 +++++
> arch/arm64/kvm/hyp/nvhe/debug-sr.c | 33 ++++++++++++++++++++++++++++++
> 3 files changed, 42 insertions(+)
>
> diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
> index 68421c74283a..1faa0430d8dd 100644
> --- a/arch/arm64/include/asm/kvm_host.h
> +++ b/arch/arm64/include/asm/kvm_host.h
> @@ -449,6 +449,8 @@ enum vcpu_sysreg {
> CNTHV_CVAL_EL2,
> PMSCR_EL1, /* Statistical profiling extension */
> TRFCR_EL1, /* Self-hosted trace filters */
> + BRBCR_EL1, /* Branch Record Buffer Control Register */
> + BRBFCR_EL1, /* Branch Record Buffer Function Control Register */
Whose state is this? If this is limited to the host, it has no purpose
in this enum. Once you add guest support, then it will make sense.
>
> NR_SYS_REGS /* Nothing after this line! */
> };
> @@ -753,6 +755,8 @@ struct kvm_vcpu_arch {
> #define VCPU_HYP_CONTEXT __vcpu_single_flag(iflags, BIT(7))
> /* Save trace filter controls */
> #define DEBUG_STATE_SAVE_TRFCR __vcpu_single_flag(iflags, BIT(8))
> +/* Save BRBE context if active */
> +#define DEBUG_STATE_SAVE_BRBE __vcpu_single_flag(iflags, BIT(9))
>
> /* SVE enabled for host EL0 */
> #define HOST_SVE_ENABLED __vcpu_single_flag(sflags, BIT(0))
> diff --git a/arch/arm64/kvm/debug.c b/arch/arm64/kvm/debug.c
> index 2ab41b954512..fa46a70a9503 100644
> --- a/arch/arm64/kvm/debug.c
> +++ b/arch/arm64/kvm/debug.c
> @@ -354,6 +354,10 @@ void kvm_arch_vcpu_load_debug_state_flags(struct kvm_vcpu *vcpu)
> !(read_sysreg_s(SYS_TRBIDR_EL1) & TRBIDR_EL1_P))
> vcpu_set_flag(vcpu, DEBUG_STATE_SAVE_TRBE);
> }
> +
> + /* Check if we have BRBE implemented and available at the host */
> + if (cpuid_feature_extract_unsigned_field(dfr0, ID_AA64DFR0_EL1_BRBE_SHIFT))
> + vcpu_set_flag(vcpu, DEBUG_STATE_SAVE_BRBE);
> }
>
> void kvm_arch_vcpu_put_debug_state_flags(struct kvm_vcpu *vcpu)
> @@ -361,6 +365,7 @@ void kvm_arch_vcpu_put_debug_state_flags(struct kvm_vcpu *vcpu)
> vcpu_clear_flag(vcpu, DEBUG_STATE_SAVE_SPE);
> vcpu_clear_flag(vcpu, DEBUG_STATE_SAVE_TRBE);
> vcpu_clear_flag(vcpu, DEBUG_STATE_SAVE_TRFCR);
> + vcpu_clear_flag(vcpu, DEBUG_STATE_SAVE_BRBE);
> }
>
> void kvm_etm_set_guest_trfcr(u64 trfcr_guest)
> diff --git a/arch/arm64/kvm/hyp/nvhe/debug-sr.c b/arch/arm64/kvm/hyp/nvhe/debug-sr.c
> index 6174f710948e..1994fc48b57c 100644
> --- a/arch/arm64/kvm/hyp/nvhe/debug-sr.c
> +++ b/arch/arm64/kvm/hyp/nvhe/debug-sr.c
> @@ -93,6 +93,33 @@ static void __debug_restore_trace(struct kvm_cpu_context *host_ctxt,
> write_sysreg_s(ctxt_sys_reg(host_ctxt, TRFCR_EL1), SYS_TRFCR_EL1);
> }
>
> +static void __debug_save_brbe(struct kvm_cpu_context *host_ctxt)
> +{
> + ctxt_sys_reg(host_ctxt, BRBCR_EL1) = read_sysreg_s(SYS_BRBCR_EL1);
> +
> + /* Check if the BRBE is enabled */
> + if (!(ctxt_sys_reg(host_ctxt, BRBCR_EL1) & (BRBCR_ELx_E0BRE | BRBCR_ELx_ExBRE)))
> + return;
Why save BRBCR_EL1 if there is nothing enabled? It isn't like it can
change behind your back, can it?
> +
> + /*
> + * Prohibit branch record generation while we are in guest.
> + * Since access to BRBCR_EL1 is trapped, the guest can't
> + * modify the filtering set by the host.
> + */
> + write_sysreg_s(0, SYS_BRBCR_EL1);
> + isb();
What is the point of this ISB? We're at EL2, and this only affects
EL1.
> +}
> +
> +static void __debug_restore_brbe(struct kvm_cpu_context *host_ctxt)
> +{
> + if (!ctxt_sys_reg(host_ctxt, BRBCR_EL1))
> + return;
So on one side you're using a flag, and on the other you're using the
*value*. You need some consistency.
> +
> + /* Restore BRBE controls */
> + write_sysreg_s(ctxt_sys_reg(host_ctxt, BRBCR_EL1), SYS_BRBCR_EL1);
> + isb();
Same question.
> +}
> +
> void __debug_save_host_buffers_nvhe(struct kvm_cpu_context *host_ctxt,
> struct kvm_cpu_context *guest_ctxt)
> {
> @@ -102,6 +129,10 @@ void __debug_save_host_buffers_nvhe(struct kvm_cpu_context *host_ctxt,
>
> if (vcpu_get_flag(host_ctxt->__hyp_running_vcpu, DEBUG_STATE_SAVE_TRFCR))
> __debug_save_trace(host_ctxt, guest_ctxt);
> +
> + /* Disable BRBE branch records */
> + if (vcpu_get_flag(host_ctxt->__hyp_running_vcpu, DEBUG_STATE_SAVE_BRBE))
> + __debug_save_brbe(host_ctxt);
> }
>
> void __debug_switch_to_guest(struct kvm_vcpu *vcpu)
> @@ -116,6 +147,8 @@ void __debug_restore_host_buffers_nvhe(struct kvm_cpu_context *host_ctxt,
> __debug_restore_spe(host_ctxt);
> if (vcpu_get_flag(host_ctxt->__hyp_running_vcpu, DEBUG_STATE_SAVE_TRFCR))
> __debug_restore_trace(host_ctxt, guest_ctxt);
> + if (vcpu_get_flag(host_ctxt->__hyp_running_vcpu, DEBUG_STATE_SAVE_BRBE))
> + __debug_restore_brbe(host_ctxt);
> }
>
> void __debug_switch_to_host(struct kvm_vcpu *vcpu)
The lifetime of this flag seems bogus, specially when there is nothing
to do, which will always be the arch-majority of the executions.
M.
--
Without deviation from the norm, progress is not possible.
WARNING: multiple messages have this Message-ID (diff)
From: Marc Zyngier <maz@kernel.org>
To: Anshuman Khandual <anshuman.khandual@arm.com>
Cc: linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, will@kernel.org,
catalin.marinas@arm.com, mark.rutland@arm.com,
Mark Brown <broonie@kernel.org>,
James Clark <james.clark@arm.com>, Rob Herring <robh@kernel.org>,
Suzuki Poulose <suzuki.poulose@arm.com>,
Peter Zijlstra <peterz@infradead.org>,
Ingo Molnar <mingo@redhat.com>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
linux-perf-users@vger.kernel.org,
Oliver Upton <oliver.upton@linux.dev>,
James Morse <james.morse@arm.com>,
kvmarm@lists.linux.dev
Subject: Re: [PATCH V15 5/8] KVM: arm64: nvhe: Disable branch generation in nVHE guests
Date: Mon, 04 Dec 2023 08:42:47 +0000 [thread overview]
Message-ID: <86ttoybbp4.wl-maz@kernel.org> (raw)
In-Reply-To: <20231201053906.1261704-6-anshuman.khandual@arm.com>
On Fri, 01 Dec 2023 05:39:03 +0000,
Anshuman Khandual <anshuman.khandual@arm.com> wrote:
>
> Disable the BRBE before we enter the guest, saving the status and enable it
> back once we get out of the guest. This is just to avoid capturing records
> in the guest kernel/userspace, which would be confusing the samples.
Why does it have to be limited to non-VHE? What protects host EL0
records from guest's EL0 execution when the host is VHE?
>
> Cc: Marc Zyngier <maz@kernel.org>
> Cc: Oliver Upton <oliver.upton@linux.dev>
> Cc: James Morse <james.morse@arm.com>
> Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
> Cc: Catalin Marinas <catalin.marinas@arm.com>
> Cc: Will Deacon <will@kernel.org>
> Cc: kvmarm@lists.linux.dev
> Cc: linux-arm-kernel@lists.infradead.org
> CC: linux-kernel@vger.kernel.org
> Signed-off-by: Anshuman Khandual <anshuman.khandual@arm.com>
> ---
> Changes in V15:
>
> - Dropped runtime BRBE enable for setting DEBUG_STATE_SAVE_BRBE
> - Dropped BRBFCR_EL1 from __debug_save_brbe()/__debug_restore_brbe()
> - Always save the live SYS_BRBCR_EL1 in host context and then check if
> BRBE was enabled before resetting SYS_BRBCR_EL1 for the host
>
> arch/arm64/include/asm/kvm_host.h | 4 ++++
> arch/arm64/kvm/debug.c | 5 +++++
> arch/arm64/kvm/hyp/nvhe/debug-sr.c | 33 ++++++++++++++++++++++++++++++
> 3 files changed, 42 insertions(+)
>
> diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h
> index 68421c74283a..1faa0430d8dd 100644
> --- a/arch/arm64/include/asm/kvm_host.h
> +++ b/arch/arm64/include/asm/kvm_host.h
> @@ -449,6 +449,8 @@ enum vcpu_sysreg {
> CNTHV_CVAL_EL2,
> PMSCR_EL1, /* Statistical profiling extension */
> TRFCR_EL1, /* Self-hosted trace filters */
> + BRBCR_EL1, /* Branch Record Buffer Control Register */
> + BRBFCR_EL1, /* Branch Record Buffer Function Control Register */
Whose state is this? If this is limited to the host, it has no purpose
in this enum. Once you add guest support, then it will make sense.
>
> NR_SYS_REGS /* Nothing after this line! */
> };
> @@ -753,6 +755,8 @@ struct kvm_vcpu_arch {
> #define VCPU_HYP_CONTEXT __vcpu_single_flag(iflags, BIT(7))
> /* Save trace filter controls */
> #define DEBUG_STATE_SAVE_TRFCR __vcpu_single_flag(iflags, BIT(8))
> +/* Save BRBE context if active */
> +#define DEBUG_STATE_SAVE_BRBE __vcpu_single_flag(iflags, BIT(9))
>
> /* SVE enabled for host EL0 */
> #define HOST_SVE_ENABLED __vcpu_single_flag(sflags, BIT(0))
> diff --git a/arch/arm64/kvm/debug.c b/arch/arm64/kvm/debug.c
> index 2ab41b954512..fa46a70a9503 100644
> --- a/arch/arm64/kvm/debug.c
> +++ b/arch/arm64/kvm/debug.c
> @@ -354,6 +354,10 @@ void kvm_arch_vcpu_load_debug_state_flags(struct kvm_vcpu *vcpu)
> !(read_sysreg_s(SYS_TRBIDR_EL1) & TRBIDR_EL1_P))
> vcpu_set_flag(vcpu, DEBUG_STATE_SAVE_TRBE);
> }
> +
> + /* Check if we have BRBE implemented and available at the host */
> + if (cpuid_feature_extract_unsigned_field(dfr0, ID_AA64DFR0_EL1_BRBE_SHIFT))
> + vcpu_set_flag(vcpu, DEBUG_STATE_SAVE_BRBE);
> }
>
> void kvm_arch_vcpu_put_debug_state_flags(struct kvm_vcpu *vcpu)
> @@ -361,6 +365,7 @@ void kvm_arch_vcpu_put_debug_state_flags(struct kvm_vcpu *vcpu)
> vcpu_clear_flag(vcpu, DEBUG_STATE_SAVE_SPE);
> vcpu_clear_flag(vcpu, DEBUG_STATE_SAVE_TRBE);
> vcpu_clear_flag(vcpu, DEBUG_STATE_SAVE_TRFCR);
> + vcpu_clear_flag(vcpu, DEBUG_STATE_SAVE_BRBE);
> }
>
> void kvm_etm_set_guest_trfcr(u64 trfcr_guest)
> diff --git a/arch/arm64/kvm/hyp/nvhe/debug-sr.c b/arch/arm64/kvm/hyp/nvhe/debug-sr.c
> index 6174f710948e..1994fc48b57c 100644
> --- a/arch/arm64/kvm/hyp/nvhe/debug-sr.c
> +++ b/arch/arm64/kvm/hyp/nvhe/debug-sr.c
> @@ -93,6 +93,33 @@ static void __debug_restore_trace(struct kvm_cpu_context *host_ctxt,
> write_sysreg_s(ctxt_sys_reg(host_ctxt, TRFCR_EL1), SYS_TRFCR_EL1);
> }
>
> +static void __debug_save_brbe(struct kvm_cpu_context *host_ctxt)
> +{
> + ctxt_sys_reg(host_ctxt, BRBCR_EL1) = read_sysreg_s(SYS_BRBCR_EL1);
> +
> + /* Check if the BRBE is enabled */
> + if (!(ctxt_sys_reg(host_ctxt, BRBCR_EL1) & (BRBCR_ELx_E0BRE | BRBCR_ELx_ExBRE)))
> + return;
Why save BRBCR_EL1 if there is nothing enabled? It isn't like it can
change behind your back, can it?
> +
> + /*
> + * Prohibit branch record generation while we are in guest.
> + * Since access to BRBCR_EL1 is trapped, the guest can't
> + * modify the filtering set by the host.
> + */
> + write_sysreg_s(0, SYS_BRBCR_EL1);
> + isb();
What is the point of this ISB? We're at EL2, and this only affects
EL1.
> +}
> +
> +static void __debug_restore_brbe(struct kvm_cpu_context *host_ctxt)
> +{
> + if (!ctxt_sys_reg(host_ctxt, BRBCR_EL1))
> + return;
So on one side you're using a flag, and on the other you're using the
*value*. You need some consistency.
> +
> + /* Restore BRBE controls */
> + write_sysreg_s(ctxt_sys_reg(host_ctxt, BRBCR_EL1), SYS_BRBCR_EL1);
> + isb();
Same question.
> +}
> +
> void __debug_save_host_buffers_nvhe(struct kvm_cpu_context *host_ctxt,
> struct kvm_cpu_context *guest_ctxt)
> {
> @@ -102,6 +129,10 @@ void __debug_save_host_buffers_nvhe(struct kvm_cpu_context *host_ctxt,
>
> if (vcpu_get_flag(host_ctxt->__hyp_running_vcpu, DEBUG_STATE_SAVE_TRFCR))
> __debug_save_trace(host_ctxt, guest_ctxt);
> +
> + /* Disable BRBE branch records */
> + if (vcpu_get_flag(host_ctxt->__hyp_running_vcpu, DEBUG_STATE_SAVE_BRBE))
> + __debug_save_brbe(host_ctxt);
> }
>
> void __debug_switch_to_guest(struct kvm_vcpu *vcpu)
> @@ -116,6 +147,8 @@ void __debug_restore_host_buffers_nvhe(struct kvm_cpu_context *host_ctxt,
> __debug_restore_spe(host_ctxt);
> if (vcpu_get_flag(host_ctxt->__hyp_running_vcpu, DEBUG_STATE_SAVE_TRFCR))
> __debug_restore_trace(host_ctxt, guest_ctxt);
> + if (vcpu_get_flag(host_ctxt->__hyp_running_vcpu, DEBUG_STATE_SAVE_BRBE))
> + __debug_restore_brbe(host_ctxt);
> }
>
> void __debug_switch_to_host(struct kvm_vcpu *vcpu)
The lifetime of this flag seems bogus, specially when there is nothing
to do, which will always be the arch-majority of the executions.
M.
--
Without deviation from the norm, progress is not possible.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2023-12-04 8:42 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-01 5:38 [PATCH V15 0/8] arm64/perf: Enable branch stack sampling Anshuman Khandual
2023-12-01 5:38 ` Anshuman Khandual
2023-12-01 5:38 ` [PATCH V15 1/8] arm64/sysreg: Add BRBE registers and fields Anshuman Khandual
2023-12-01 5:38 ` Anshuman Khandual
2023-12-01 16:58 ` Mark Brown
2023-12-01 16:58 ` Mark Brown
2023-12-04 4:03 ` Anshuman Khandual
2023-12-04 4:03 ` Anshuman Khandual
2023-12-04 12:18 ` Mark Brown
2023-12-04 12:18 ` Mark Brown
2023-12-01 5:39 ` [PATCH V15 2/8] KVM: arm64: Prevent guest accesses into BRBE system registers/instructions Anshuman Khandual
2023-12-01 5:39 ` Anshuman Khandual
2023-12-04 8:22 ` Marc Zyngier
2023-12-04 8:22 ` Marc Zyngier
2023-12-11 6:34 ` Anshuman Khandual
2023-12-11 6:34 ` Anshuman Khandual
2023-12-13 3:55 ` Anshuman Khandual
2023-12-13 3:55 ` Anshuman Khandual
2023-12-01 5:39 ` [PATCH V15 3/8] drivers: perf: arm_pmuv3: Enable branch stack sampling framework Anshuman Khandual
2023-12-01 5:39 ` Anshuman Khandual
2023-12-01 5:39 ` [PATCH V15 4/8] drivers: perf: arm_pmuv3: Enable branch stack sampling via FEAT_BRBE Anshuman Khandual
2023-12-01 5:39 ` Anshuman Khandual
2023-12-01 5:39 ` [PATCH V15 5/8] KVM: arm64: nvhe: Disable branch generation in nVHE guests Anshuman Khandual
2023-12-01 5:39 ` Anshuman Khandual
2023-12-04 8:42 ` Marc Zyngier [this message]
2023-12-04 8:42 ` Marc Zyngier
2023-12-11 6:00 ` Anshuman Khandual
2023-12-11 6:00 ` Anshuman Khandual
2023-12-13 4:56 ` Anshuman Khandual
2023-12-13 4:56 ` Anshuman Khandual
2023-12-01 5:39 ` [PATCH V15 6/8] perf: test: Speed up running brstack test on an Arm model Anshuman Khandual
2023-12-01 5:39 ` Anshuman Khandual
2023-12-01 5:39 ` [PATCH V15 7/8] perf: test: Remove empty lines from branch filter test output Anshuman Khandual
2023-12-01 5:39 ` Anshuman Khandual
2023-12-01 5:39 ` [PATCH V15 8/8] perf: test: Extend branch stack sampling test for Arm64 BRBE Anshuman Khandual
2023-12-01 5:39 ` Anshuman Khandual
2023-12-04 8:15 ` [PATCH V15 0/8] arm64/perf: Enable branch stack sampling Marc Zyngier
2023-12-04 8:15 ` Marc Zyngier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=86ttoybbp4.wl-maz@kernel.org \
--to=maz@kernel.org \
--cc=acme@kernel.org \
--cc=anshuman.khandual@arm.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=james.clark@arm.com \
--cc=james.morse@arm.com \
--cc=kvmarm@lists.linux.dev \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=mingo@redhat.com \
--cc=oliver.upton@linux.dev \
--cc=peterz@infradead.org \
--cc=robh@kernel.org \
--cc=suzuki.poulose@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.