From: "Radim Krčmář" <rkrcmar@ventanamicro.com>
To: "Andrew Jones" <ajones@ventanamicro.com>
Cc: <kvm-riscv@lists.infradead.org>, <kvm@vger.kernel.org>,
<linux-riscv@lists.infradead.org>, <linux-kernel@vger.kernel.org>,
"Anup Patel" <anup@brainfault.org>,
"Atish Patra" <atishp@atishpatra.org>,
"Paul Walmsley" <paul.walmsley@sifive.com>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
"Albert Ou" <aou@eecs.berkeley.edu>,
"Alexandre Ghiti" <alex@ghiti.fr>,
"Mayuresh Chitale" <mchitale@ventanamicro.com>
Subject: Re: [PATCH 4/5] KVM: RISC-V: reset VCPU state when becoming runnable
Date: Fri, 25 Apr 2025 18:04:52 +0200 [thread overview]
Message-ID: <D9FUIXQ1FIHS.2BLRCEWLXZL45@ventanamicro.com> (raw)
In-Reply-To: <20250425-2bc11e21ecef7269702c424e@orel>
2025-04-25T15:26:08+02:00, Andrew Jones <ajones@ventanamicro.com>:
> On Thu, Apr 03, 2025 at 01:25:23PM +0200, Radim Krčmář wrote:
>> Beware, this patch is "breaking" the userspace interface, because it
>> fixes a KVM/QEMU bug where the boot VCPU is not being reset by KVM.
>>
>> The VCPU reset paths are inconsistent right now. KVM resets VCPUs that
>> are brought up by KVM-accelerated SBI calls, but does nothing for VCPUs
>> brought up through ioctls.
>
> I guess we currently expect userspace to make a series of set-one-reg
> ioctls in order to prepare ("reset") newly created vcpus,
Userspace should currently get-one-reg a freshly reset VCPU to know what
KVM SBI decides is the correct reset. Userspace shouldn't set-one-reg
anything other than what KVM decides, hence we can currently just let
KVM do it.
> and I guess
> the problem is that KVM isn't capturing the resulting configuration
> in order to replay it when SBI HSM reset is invoked by the guest.
That can also be a solution, but it's not possible to capture the
desired reset state with current IOCTLs, because the first run of a VCPU
can just as well be a resume from a mid-execution.
> But,
> instead of capture-replay we could just exit to userspace on an SBI
> HSM reset call and let userspace repeat what it did at vcpu-create
> time.
Right, I like the idea. (It doesn't fix current userspaces, though.)
>> We need to perform a KVM reset even when the VCPU is started through an
>> ioctl. This patch is one of the ways we can achieve it.
>>
>> Assume that userspace has no business setting the post-reset state.
>> KVM is de-facto the SBI implementation, as the SBI HSM acceleration
>> cannot be disabled and userspace cannot control the reset state, so KVM
>> should be in full control of the post-reset state.
>>
>> Do not reset the pc and a1 registers, because SBI reset is expected to
>> provide them and KVM has no idea what these registers should be -- only
>> the userspace knows where it put the data.
>
> s/userspace/guest/
Both are correct... I should have made the context clearer here.
I meant the initial hart boot, where userspace loads code/dt and sets
pc/a1 to them.
>> An important consideration is resume. Userspace might want to start
>> with non-reset state. Check ran_atleast_once to allow this, because
>> KVM-SBI HSM creates some VCPUs as STOPPED.
>>
>> The drawback is that userspace can still start the boot VCPU with an
>> incorrect reset state, because there is no way to distinguish a freshly
>> reset new VCPU on the KVM side (userspace might set some values by
>> mistake) from a restored VCPU (userspace must set all values).
>
> If there's a correct vs. incorrect reset state that KVM needs to enforce,
> then we'll need a different API than just a bunch of set-one-reg calls,
> or set/get-one-reg should be WARL for userpace.
Incorrect might have been too strong word... while the SBI reset state
is technically UNSPECIFIED, I think it's just asking for bugs if the
harts have different initial states based on their reset method.
> set/get-one-reg should be WARL for userpace.
WAAAA! :)
>> The advantage of this solution is that it fixes current QEMU and makes
>> some sense with the assumption that KVM implements SBI HSM.
>> I do not like it too much, so I'd be in favor of a different solution if
>> we can still afford to drop support for current userspaces.
>>
>> For a cleaner solution, we should add interfaces to perform the KVM-SBI
>> reset request on userspace demand.
>
> That's what the change to kvm_arch_vcpu_ioctl_set_mpstate() in this
> patch is providing, right?
It does. With conditions to be as compatible as possible.
>> I think it would also be much better
>> if userspace was in control of the post-reset state.
>
> Agreed. Can we just exit to userspace on SBI HSM reset?
Yes. (It needs an userspace toggle if we care about
backward-compatiblity, though.)
How much do we want to fix/break current userspaces?
Thanks.
--
kvm-riscv mailing list
kvm-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kvm-riscv
WARNING: multiple messages have this Message-ID (diff)
From: "Radim Krčmář" <rkrcmar@ventanamicro.com>
To: "Andrew Jones" <ajones@ventanamicro.com>
Cc: <kvm-riscv@lists.infradead.org>, <kvm@vger.kernel.org>,
<linux-riscv@lists.infradead.org>, <linux-kernel@vger.kernel.org>,
"Anup Patel" <anup@brainfault.org>,
"Atish Patra" <atishp@atishpatra.org>,
"Paul Walmsley" <paul.walmsley@sifive.com>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
"Albert Ou" <aou@eecs.berkeley.edu>,
"Alexandre Ghiti" <alex@ghiti.fr>,
"Mayuresh Chitale" <mchitale@ventanamicro.com>
Subject: Re: [PATCH 4/5] KVM: RISC-V: reset VCPU state when becoming runnable
Date: Fri, 25 Apr 2025 18:04:52 +0200 [thread overview]
Message-ID: <D9FUIXQ1FIHS.2BLRCEWLXZL45@ventanamicro.com> (raw)
In-Reply-To: <20250425-2bc11e21ecef7269702c424e@orel>
2025-04-25T15:26:08+02:00, Andrew Jones <ajones@ventanamicro.com>:
> On Thu, Apr 03, 2025 at 01:25:23PM +0200, Radim Krčmář wrote:
>> Beware, this patch is "breaking" the userspace interface, because it
>> fixes a KVM/QEMU bug where the boot VCPU is not being reset by KVM.
>>
>> The VCPU reset paths are inconsistent right now. KVM resets VCPUs that
>> are brought up by KVM-accelerated SBI calls, but does nothing for VCPUs
>> brought up through ioctls.
>
> I guess we currently expect userspace to make a series of set-one-reg
> ioctls in order to prepare ("reset") newly created vcpus,
Userspace should currently get-one-reg a freshly reset VCPU to know what
KVM SBI decides is the correct reset. Userspace shouldn't set-one-reg
anything other than what KVM decides, hence we can currently just let
KVM do it.
> and I guess
> the problem is that KVM isn't capturing the resulting configuration
> in order to replay it when SBI HSM reset is invoked by the guest.
That can also be a solution, but it's not possible to capture the
desired reset state with current IOCTLs, because the first run of a VCPU
can just as well be a resume from a mid-execution.
> But,
> instead of capture-replay we could just exit to userspace on an SBI
> HSM reset call and let userspace repeat what it did at vcpu-create
> time.
Right, I like the idea. (It doesn't fix current userspaces, though.)
>> We need to perform a KVM reset even when the VCPU is started through an
>> ioctl. This patch is one of the ways we can achieve it.
>>
>> Assume that userspace has no business setting the post-reset state.
>> KVM is de-facto the SBI implementation, as the SBI HSM acceleration
>> cannot be disabled and userspace cannot control the reset state, so KVM
>> should be in full control of the post-reset state.
>>
>> Do not reset the pc and a1 registers, because SBI reset is expected to
>> provide them and KVM has no idea what these registers should be -- only
>> the userspace knows where it put the data.
>
> s/userspace/guest/
Both are correct... I should have made the context clearer here.
I meant the initial hart boot, where userspace loads code/dt and sets
pc/a1 to them.
>> An important consideration is resume. Userspace might want to start
>> with non-reset state. Check ran_atleast_once to allow this, because
>> KVM-SBI HSM creates some VCPUs as STOPPED.
>>
>> The drawback is that userspace can still start the boot VCPU with an
>> incorrect reset state, because there is no way to distinguish a freshly
>> reset new VCPU on the KVM side (userspace might set some values by
>> mistake) from a restored VCPU (userspace must set all values).
>
> If there's a correct vs. incorrect reset state that KVM needs to enforce,
> then we'll need a different API than just a bunch of set-one-reg calls,
> or set/get-one-reg should be WARL for userpace.
Incorrect might have been too strong word... while the SBI reset state
is technically UNSPECIFIED, I think it's just asking for bugs if the
harts have different initial states based on their reset method.
> set/get-one-reg should be WARL for userpace.
WAAAA! :)
>> The advantage of this solution is that it fixes current QEMU and makes
>> some sense with the assumption that KVM implements SBI HSM.
>> I do not like it too much, so I'd be in favor of a different solution if
>> we can still afford to drop support for current userspaces.
>>
>> For a cleaner solution, we should add interfaces to perform the KVM-SBI
>> reset request on userspace demand.
>
> That's what the change to kvm_arch_vcpu_ioctl_set_mpstate() in this
> patch is providing, right?
It does. With conditions to be as compatible as possible.
>> I think it would also be much better
>> if userspace was in control of the post-reset state.
>
> Agreed. Can we just exit to userspace on SBI HSM reset?
Yes. (It needs an userspace toggle if we care about
backward-compatiblity, though.)
How much do we want to fix/break current userspaces?
Thanks.
WARNING: multiple messages have this Message-ID (diff)
From: "Radim Krčmář" <rkrcmar@ventanamicro.com>
To: "Andrew Jones" <ajones@ventanamicro.com>
Cc: <kvm-riscv@lists.infradead.org>, <kvm@vger.kernel.org>,
<linux-riscv@lists.infradead.org>, <linux-kernel@vger.kernel.org>,
"Anup Patel" <anup@brainfault.org>,
"Atish Patra" <atishp@atishpatra.org>,
"Paul Walmsley" <paul.walmsley@sifive.com>,
"Palmer Dabbelt" <palmer@dabbelt.com>,
"Albert Ou" <aou@eecs.berkeley.edu>,
"Alexandre Ghiti" <alex@ghiti.fr>,
"Mayuresh Chitale" <mchitale@ventanamicro.com>
Subject: Re: [PATCH 4/5] KVM: RISC-V: reset VCPU state when becoming runnable
Date: Fri, 25 Apr 2025 18:04:52 +0200 [thread overview]
Message-ID: <D9FUIXQ1FIHS.2BLRCEWLXZL45@ventanamicro.com> (raw)
In-Reply-To: <20250425-2bc11e21ecef7269702c424e@orel>
2025-04-25T15:26:08+02:00, Andrew Jones <ajones@ventanamicro.com>:
> On Thu, Apr 03, 2025 at 01:25:23PM +0200, Radim Krčmář wrote:
>> Beware, this patch is "breaking" the userspace interface, because it
>> fixes a KVM/QEMU bug where the boot VCPU is not being reset by KVM.
>>
>> The VCPU reset paths are inconsistent right now. KVM resets VCPUs that
>> are brought up by KVM-accelerated SBI calls, but does nothing for VCPUs
>> brought up through ioctls.
>
> I guess we currently expect userspace to make a series of set-one-reg
> ioctls in order to prepare ("reset") newly created vcpus,
Userspace should currently get-one-reg a freshly reset VCPU to know what
KVM SBI decides is the correct reset. Userspace shouldn't set-one-reg
anything other than what KVM decides, hence we can currently just let
KVM do it.
> and I guess
> the problem is that KVM isn't capturing the resulting configuration
> in order to replay it when SBI HSM reset is invoked by the guest.
That can also be a solution, but it's not possible to capture the
desired reset state with current IOCTLs, because the first run of a VCPU
can just as well be a resume from a mid-execution.
> But,
> instead of capture-replay we could just exit to userspace on an SBI
> HSM reset call and let userspace repeat what it did at vcpu-create
> time.
Right, I like the idea. (It doesn't fix current userspaces, though.)
>> We need to perform a KVM reset even when the VCPU is started through an
>> ioctl. This patch is one of the ways we can achieve it.
>>
>> Assume that userspace has no business setting the post-reset state.
>> KVM is de-facto the SBI implementation, as the SBI HSM acceleration
>> cannot be disabled and userspace cannot control the reset state, so KVM
>> should be in full control of the post-reset state.
>>
>> Do not reset the pc and a1 registers, because SBI reset is expected to
>> provide them and KVM has no idea what these registers should be -- only
>> the userspace knows where it put the data.
>
> s/userspace/guest/
Both are correct... I should have made the context clearer here.
I meant the initial hart boot, where userspace loads code/dt and sets
pc/a1 to them.
>> An important consideration is resume. Userspace might want to start
>> with non-reset state. Check ran_atleast_once to allow this, because
>> KVM-SBI HSM creates some VCPUs as STOPPED.
>>
>> The drawback is that userspace can still start the boot VCPU with an
>> incorrect reset state, because there is no way to distinguish a freshly
>> reset new VCPU on the KVM side (userspace might set some values by
>> mistake) from a restored VCPU (userspace must set all values).
>
> If there's a correct vs. incorrect reset state that KVM needs to enforce,
> then we'll need a different API than just a bunch of set-one-reg calls,
> or set/get-one-reg should be WARL for userpace.
Incorrect might have been too strong word... while the SBI reset state
is technically UNSPECIFIED, I think it's just asking for bugs if the
harts have different initial states based on their reset method.
> set/get-one-reg should be WARL for userpace.
WAAAA! :)
>> The advantage of this solution is that it fixes current QEMU and makes
>> some sense with the assumption that KVM implements SBI HSM.
>> I do not like it too much, so I'd be in favor of a different solution if
>> we can still afford to drop support for current userspaces.
>>
>> For a cleaner solution, we should add interfaces to perform the KVM-SBI
>> reset request on userspace demand.
>
> That's what the change to kvm_arch_vcpu_ioctl_set_mpstate() in this
> patch is providing, right?
It does. With conditions to be as compatible as possible.
>> I think it would also be much better
>> if userspace was in control of the post-reset state.
>
> Agreed. Can we just exit to userspace on SBI HSM reset?
Yes. (It needs an userspace toggle if we care about
backward-compatiblity, though.)
How much do we want to fix/break current userspaces?
Thanks.
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
next prev parent reply other threads:[~2025-04-25 17:07 UTC|newest]
Thread overview: 105+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-03 11:25 [PATCH 0/5] KVM: RISC-V: VCPU reset fixes Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-03 11:25 ` [PATCH 1/5] KVM: RISC-V: refactor vector state reset Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-25 12:56 ` Andrew Jones
2025-04-25 12:56 ` Andrew Jones
2025-04-25 12:56 ` Andrew Jones
2025-05-07 11:43 ` Anup Patel
2025-05-07 11:43 ` Anup Patel
2025-05-07 11:43 ` Anup Patel
2025-04-03 11:25 ` [PATCH 2/5] KVM: RISC-V: refactor sbi reset request Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-25 12:58 ` Andrew Jones
2025-04-25 12:58 ` Andrew Jones
2025-04-25 12:58 ` Andrew Jones
2025-05-07 12:01 ` Anup Patel
2025-05-07 12:01 ` Anup Patel
2025-05-07 12:01 ` Anup Patel
2025-05-07 17:28 ` Radim Krčmář
2025-05-07 17:28 ` Radim Krčmář
2025-05-07 17:28 ` Radim Krčmář
2025-05-08 5:02 ` Anup Patel
2025-05-08 5:02 ` Anup Patel
2025-05-08 5:02 ` Anup Patel
2025-04-03 11:25 ` [PATCH 3/5] KVM: RISC-V: remove unnecessary SBI reset state Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-25 13:05 ` Andrew Jones
2025-04-25 13:05 ` Andrew Jones
2025-04-25 13:05 ` Andrew Jones
2025-04-28 12:16 ` Anup Patel
2025-04-28 12:16 ` Anup Patel
2025-04-28 12:16 ` Anup Patel
2025-04-28 18:00 ` Radim Krčmář
2025-04-28 18:00 ` Radim Krčmář
2025-04-28 18:00 ` Radim Krčmář
2025-04-29 5:50 ` Anup Patel
2025-04-29 5:50 ` Anup Patel
2025-04-29 5:50 ` Anup Patel
2025-05-08 6:18 ` Anup Patel
2025-05-08 6:18 ` Anup Patel
2025-05-08 6:18 ` Anup Patel
2025-05-08 10:02 ` Radim Krčmář
2025-05-08 10:02 ` Radim Krčmář
2025-05-08 10:02 ` Radim Krčmář
2025-05-08 13:11 ` Anup Patel
2025-05-08 13:11 ` Anup Patel
2025-05-08 13:11 ` Anup Patel
2025-04-03 11:25 ` [PATCH 4/5] KVM: RISC-V: reset VCPU state when becoming runnable Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-25 13:26 ` Andrew Jones
2025-04-25 13:26 ` Andrew Jones
2025-04-25 13:26 ` Andrew Jones
2025-04-25 16:04 ` Radim Krčmář [this message]
2025-04-25 16:04 ` Radim Krčmář
2025-04-25 16:04 ` Radim Krčmář
2025-04-28 12:22 ` Anup Patel
2025-04-28 12:22 ` Anup Patel
2025-04-28 12:22 ` Anup Patel
2025-04-28 17:45 ` Radim Krčmář
2025-04-28 17:45 ` Radim Krčmář
2025-04-28 17:45 ` Radim Krčmář
2025-04-29 5:55 ` Anup Patel
2025-04-29 5:55 ` Anup Patel
2025-04-29 5:55 ` Anup Patel
2025-04-29 10:25 ` Radim Krčmář
2025-04-29 10:25 ` Radim Krčmář
2025-04-29 10:25 ` Radim Krčmář
2025-04-29 15:01 ` Anup Patel
2025-04-29 15:01 ` Anup Patel
2025-04-29 15:01 ` Anup Patel
2025-04-29 16:21 ` Radim Krčmář
2025-04-29 16:21 ` Radim Krčmář
2025-04-29 16:21 ` Radim Krčmář
2025-04-30 4:22 ` Anup Patel
2025-04-30 4:22 ` Anup Patel
2025-04-30 4:22 ` Anup Patel
2025-04-30 5:26 ` Anup Patel
2025-04-30 5:26 ` Anup Patel
2025-04-30 5:26 ` Anup Patel
2025-04-30 8:29 ` Radim Krčmář
2025-04-30 8:29 ` Radim Krčmář
2025-04-30 8:29 ` Radim Krčmář
2025-04-30 10:17 ` Anup Patel
2025-04-30 10:17 ` Anup Patel
2025-04-30 10:17 ` Anup Patel
2025-04-30 11:45 ` Radim Krčmář
2025-04-30 11:45 ` Radim Krčmář
2025-04-30 11:45 ` Radim Krčmář
2025-04-30 13:02 ` Anup Patel
2025-04-30 13:02 ` Anup Patel
2025-04-30 13:02 ` Anup Patel
2025-04-30 14:38 ` Radim Krčmář
2025-04-30 14:38 ` Radim Krčmář
2025-04-30 14:38 ` Radim Krčmář
2025-04-03 11:25 ` [PATCH 5/5] KVM: RISC-V: reset smstateen CSRs Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-03 11:25 ` Radim Krčmář
2025-04-25 12:38 ` Anup Patel
2025-04-25 12:38 ` Anup Patel
2025-04-25 12:38 ` Anup Patel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D9FUIXQ1FIHS.2BLRCEWLXZL45@ventanamicro.com \
--to=rkrcmar@ventanamicro.com \
--cc=ajones@ventanamicro.com \
--cc=alex@ghiti.fr \
--cc=anup@brainfault.org \
--cc=aou@eecs.berkeley.edu \
--cc=atishp@atishpatra.org \
--cc=kvm-riscv@lists.infradead.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-riscv@lists.infradead.org \
--cc=mchitale@ventanamicro.com \
--cc=palmer@dabbelt.com \
--cc=paul.walmsley@sifive.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.