From: Sean Christopherson <seanjc@google.com>
To: Vipin Sharma <vipinsh@google.com>
Cc: Vitaly Kuznetsov <vkuznets@redhat.com>,
pbonzini@redhat.com, dmatlack@google.com, kvm@vger.kernel.org,
shujunxue@google.com, terrytaehyun@google.com,
linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH] Add Hyperv extended hypercall support in KVM
Date: Mon, 24 Oct 2022 19:36:42 +0000 [thread overview]
Message-ID: <Y1bpSlNGeVkqRYxI@google.com> (raw)
In-Reply-To: <CAHVum0f=gRgrP=rTySn1zwPz65g6jm_3f-=qusmS7jOkKyUMSw@mail.gmail.com>
On Mon, Oct 24, 2022, Vipin Sharma wrote:
> On Mon, Oct 24, 2022 at 8:22 AM Sean Christopherson <seanjc@google.com> wrote:
> >
> > On Mon, Oct 24, 2022, Vitaly Kuznetsov wrote:
> > > While some 'extended' hypercalls may indeed need to be handled in KVM,
> > > there's no harm done in forwarding all unknown-to-KVM hypercalls to
> > > userspace. The only issue I envision is how would userspace discover
> > > which extended hypercalls are supported by KVM in case it (userspace) is
> > > responsible for handling HvExtCallQueryCapabilities call which returns
> > > the list of supported hypercalls. E.g. in case we decide to implement
> > > HvExtCallMemoryHeatHint in KVM, how are we going to communicate this to
> > > userspace?
> > >
> > > Normally, VMM discovers the availability of Hyper-V features through
> > > KVM_GET_SUPPORTED_HV_CPUID but extended hypercalls are not listed in
> > > CPUID. This can be always be solved by adding new KVM CAPs of
> > > course. Alternatively, we can add a single
> > > "KVM_CAP_HYPERV_EXT_CALL_QUERY" which will just return the list of
> > > extended hypercalls supported by KVM (which Vipin's patch adds anyway to
> > > *set* the list instead).
> >
> > AIUI, the TLFS uses a 64-bit mask to enumerate which extended hypercalls are
> > supported, so a single CAP should be a perfect fit. And KVM can use the capability
> > to enumerate support for _and_ to allow userspace to enable in-kernel handling. E.g.
> >
> > check():
> > case KVM_CAP_HYPERV_EXT_CALL:
> > return KVM_SUPPORTED_HYPERV_EXT_CALL;
> >
> >
> > enable():
> >
> > case KVM_CAP_HYPERV_EXT_CALL:
> > r = -EINVAL;
> > if (mask & ~KVM_SUPPORTED_HYPERV_EXT_CALL)
> > break;
> >
> > mutex_lock(&kvm->lock);
> > if (!kvm->created_vcpus) {
>
> Any reason for setting capability only after vcpus are created?
This only allows setting the capability _before_ vCPUs are created. Attempting
to set the cap after vCPUs are created gets rejected with -EINVAL. This
requirement means vCPUs don't need to take a lock to consume per-VM state, as KVM
prevents the state from changing once vCPUs are created.
> Also, in my patch I wrote the ioctl at kvm_vcpu_ioctl_enable_cap() as
> all of the hyperv related code was there but since this capability is
> a vm setting not a per vcpu setting, should this be at kvm_vm_ioctl()
> as a better choice?
Yep!
> > to_kvm_hv(kvm)->ext_call = cap->args[0];
> > r = 0;
> > }
> > mutex_unlock(&kvm->lock);
> >
> > kvm_hv_hypercall()
> >
> >
> > case HV_EXT_CALL_QUERY_CAPABILITIES ... HV_EXT_CALL_MAX:
> > if (unlikely(hc.fast)) {
> > ret = HV_STATUS_INVALID_PARAMETER;
> > break;
> > }
> > if (!(hc.code & to_kvm_hv(vcpu->kvm)->ext_call))
>
> It won't be directly this. There will be a mapping of hc.code to the
> corresponding bit and then "&" with ext_call.
>
>
> > goto hypercall_userspace_exit;
> >
> > ret = kvm_hv_ext_hypercall(...)
> > break;
> >
> >
> > That maintains backwards compatibility with "exit on everything" as userspace
> > still needs to opt-in to having KVM handle specific hypercalls in-kernel, and it
> > provides the necessary knob for userspace to tell KVM which hypercalls should be
> > allowed, i.e. ensures KVM doesn't violate HV_EXT_CALL_QUERY_CAPABILITIES.
>
> So, should I send a version with KVM capability similar to above
No, the above was just a sketch of how we can extend support if necessary. In
general, we try to avoid creating _any_ APIs before they are strictly required.
For uAPIs, that's pretty much a hard rule.
> or for now just send the version which by default exit to userspace and later
> whenever the need arises KVM capability can be added then?
This one please :-)
next prev parent reply other threads:[~2022-10-24 21:31 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-21 18:59 [RFC PATCH] Add Hyperv extended hypercall support in KVM Vipin Sharma
2022-10-21 20:13 ` Sean Christopherson
2022-10-21 21:51 ` Vipin Sharma
2022-10-21 22:04 ` Sean Christopherson
2022-10-24 11:52 ` Vitaly Kuznetsov
2022-10-24 15:22 ` Sean Christopherson
2022-10-24 18:29 ` Vipin Sharma
2022-10-24 19:36 ` Sean Christopherson [this message]
2022-10-24 20:24 ` Vipin Sharma
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y1bpSlNGeVkqRYxI@google.com \
--to=seanjc@google.com \
--cc=dmatlack@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=shujunxue@google.com \
--cc=terrytaehyun@google.com \
--cc=vipinsh@google.com \
--cc=vkuznets@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.