From: Chao Gao <chao.gao@intel.com>
To: Dave Hansen <dave.hansen@intel.com>
Cc: <tglx@linutronix.de>, <x86@kernel.org>, <seanjc@google.com>,
<pbonzini@redhat.com>, <linux-kernel@vger.kernel.org>,
<kvm@vger.kernel.org>, <peterz@infradead.org>,
<rick.p.edgecombe@intel.com>, <weijiang.yang@intel.com>,
<john.allen@amd.com>, <bp@alien8.de>
Subject: Re: [PATCH v3 00/10] Introduce CET supervisor state support
Date: Tue, 18 Mar 2025 23:24:39 +0800 [thread overview]
Message-ID: <Z9mQN3gPpcWPGTwA@intel.com> (raw)
In-Reply-To: <b9389b35-c1ef-4a53-9eb2-051df0aaf33d@intel.com>
On Fri, Mar 07, 2025 at 11:09:42AM -0800, Dave Hansen wrote:
>On 3/7/25 08:41, Chao Gao wrote:
>> case |IA32_XSS[12] | Space | RFBM[12] | Drop%
>> -----+-------------+-------+----------+------
>> 1 | 0 | None | 0 | 0.0%
>> 2 | 1 | None | 0 | 0.2%
>> 3 | 1 | 24B? | 1 | 0.2%
>
>So, 0.2% is still, what, dozens of cycles? Are you sure that it really
>takes the CPU dozens of cycles to skip over the feature during XSAVE?
>
>If it really turns out to be this measurable, we should probably follow
>up with the folks that implement XSAVE and see what's going on under the
>covers.
I reran the performance tests and observed a run-to-run variation of 0.4%
to 0.7%. So, I don't think there is any measurable performance difference.
I will update the performance statements in the cover letter.
>
>On a separate note, I was bugging Thomas a bit on IRC. His memory was
>that the AMX-era FPU rework only expected KVM to support user features.
>You might want to dig through the history a bit and see if _that_ was
>ever properly addressed because that would change the problem you're
>trying to solve.
I went through the email discussions and found only one relevant thread:
https://lore.kernel.org/kvm/87wnmf66m5.ffs@tglx/#t
where Thomas mentioned that guest_perm would be set as follows:
guest_fpu::__state_perm = supported_xcr0 & xstate_get_group_perm();
If implemented this way, KVM would only support user features. However, the
committed change is:
980fe2fddcff ("x86/fpu: Extend fpu_xstate_prctl() with guest permissions")
In this change, fpu->guest_perm is copied from fpu->perm:
+ /* Same defaults for guests */
+ fpu->guest_perm = fpu->perm;
There are indeed some issues with enabling supervisor features for guest
FPUs, but they have been addressed by recent changes in the tip-tree ([1],
[2]) and patch 1 of this series.
[1]: https://lore.kernel.org/all/20250218141045.85201-1-stanspas@amazon.de/
[2]: https://lore.kernel.org/all/20250317140613.1761633-1-chao.gao@intel.com/
prev parent reply other threads:[~2025-03-18 15:24 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-07 16:41 [PATCH v3 00/10] Introduce CET supervisor state support Chao Gao
2025-03-07 16:41 ` [PATCH v3 01/10] x86/fpu/xstate: Always preserve non-user xfeatures/flags in __state_perm Chao Gao
2025-03-07 16:41 ` [PATCH v3 02/10] x86/fpu/xstate: Drop @perm from guest pseudo FPU container Chao Gao
2025-03-07 16:41 ` [PATCH v3 03/10] x86/fpu/xstate: Correct xfeatures cache in guest pseudo fpu container Chao Gao
2025-03-07 17:48 ` Dave Hansen
2025-03-08 2:44 ` Chao Gao
2025-03-07 16:41 ` [PATCH v3 04/10] x86/fpu/xstate: Correct guest fpstate size calculation Chao Gao
2025-03-07 17:53 ` Dave Hansen
2025-03-08 2:56 ` Chao Gao
2025-03-07 21:37 ` Chang S. Bae
2025-03-08 2:49 ` Chao Gao
2025-03-09 22:06 ` Chang S. Bae
2025-03-10 1:33 ` Chao Gao
2025-03-10 5:21 ` Chang S. Bae
2025-03-10 7:06 ` Chao Gao
2025-03-10 17:33 ` Chang S. Bae
2025-03-11 12:09 ` Chao Gao
2025-03-12 1:03 ` Chang S. Bae
2025-03-07 16:41 ` [PATCH v3 05/10] x86/fpu/xstate: Introduce guest FPU configuration Chao Gao
2025-03-07 18:06 ` Dave Hansen
2025-03-08 3:00 ` Chao Gao
2025-03-07 16:41 ` [PATCH v3 06/10] x86/fpu/xstate: Initialize guest perm with fpu_guest_cfg Chao Gao
2025-03-07 18:14 ` Dave Hansen
2025-03-08 3:14 ` Chao Gao
2025-03-07 16:41 ` [PATCH v3 07/10] x86/fpu/xstate: Initialize guest fpstate with fpu_guest_config Chao Gao
2025-03-07 18:41 ` Dave Hansen
2025-03-08 3:38 ` Chao Gao
2025-03-07 16:41 ` [PATCH v3 08/10] x86/fpu/xstate: Add CET supervisor xfeature support Chao Gao
2025-03-07 18:39 ` Dave Hansen
2025-03-08 3:24 ` Chao Gao
2025-03-07 16:41 ` [PATCH v3 09/10] x86/fpu/xstate: Introduce XFEATURE_MASK_KERNEL_DYNAMIC xfeature set Chao Gao
2025-03-09 22:06 ` Chang S. Bae
2025-03-10 3:49 ` Chao Gao
2025-03-10 5:20 ` Chang S. Bae
2025-03-10 5:53 ` Chao Gao
2025-03-11 12:27 ` Chao Gao
2025-03-12 1:03 ` Chang S. Bae
2025-03-07 16:41 ` [PATCH v3 10/10] x86/fpu/xstate: Warn if CET supervisor state is detected in normal fpstate Chao Gao
2025-03-07 19:09 ` [PATCH v3 00/10] Introduce CET supervisor state support Dave Hansen
2025-03-18 15:24 ` Chao Gao [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z9mQN3gPpcWPGTwA@intel.com \
--to=chao.gao@intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=john.allen@amd.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=weijiang.yang@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.