From: "Teddy Astie" <teddy.astie@vates.tech>
To: xen-devel@lists.xenproject.org
Cc: "Teddy Astie" <teddy.astie@vates.tech>,
"Jan Beulich" <jbeulich@suse.com>,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
"Roger Pau Monné" <roger.pau@citrix.com>,
"Anthony PERARD" <anthony.perard@vates.tech>,
"Michal Orzel" <michal.orzel@amd.com>,
"Julien Grall" <julien@xen.org>,
"Stefano Stabellini" <sstabellini@kernel.org>
Subject: [RFC PATCH v3 0/3] x86/hvm: Introduce Xen-wide ASID allocator
Date: Thu, 26 Jun 2025 14:01:47 +0000 [thread overview]
Message-ID: <cover.1750770621.git.teddy.astie@vates.tech> (raw)
From: Vaishali Thakkar <vaishali.thakkar@suse.com> (formely vates.tech)
original v2: https://lore.kernel.org/xen-devel/cover.1723574652.git.vaishali.thakkar@vates.tech/
This is part of the effort to enable AMD SEV technologies in Xen. For
AMD SEV support, we need a fixed ASID associated with all vcpus of the
same domain throughout the domain's lifetime. This is because for SEV/
SEV-{ES,SNP} VM, the ASID is the index which is associated with the
encryption key.
Currently, ASID generation and management is done per-PCPU in Xen. And
at the time of each VMENTER, the ASID associated with vcpus of the
domain is changed. This implementation is incompatible with SEV
technologies for the above mentioned reasons. In a discussion with
Andrew Cooper, it came up that it'll be nice to have fixed ASIDs not
only for SEV VMs but also for all VMs. Because it opens up the
opportunity to use features like TLBSYNC/INVLPGB (Section
5.5.3 in AMD Architecture manual[0]) and Intel RAR [1] for broadcasting
the TLB Invalidations.
Changes since v2:
-----------------
A lot has changed since v2, though the concept is still the same.
The asid management logic is a lot simpler, by relying a bitmap to track
all used ASIDs, and freeing them individually instead of using a ASID
reclaim strategy.
When a vCPU needs to be flushed, it is signaled through vcpu.needs_tlb_flush,
indicating that the next time the guest is re-entered, a TLB flush will have
to be issued (either using per-context invvpid on Intel or flush-by-asid
tlb_control on AMD).
Changes were tested on Intel Haswell, KVM AMD virtual machine and AMD EPYC Genoa.
Teddy Astie (3):
vmx: Rewrite vpid_sync_vcpu_gva
vmx: Introduce vcpu single context VPID invalidation
x86/hvm: Introduce Xen-wide ASID allocator
xen/arch/x86/flushtlb.c | 31 +++---
xen/arch/x86/hvm/asid.c | 148 +++++++++----------------
xen/arch/x86/hvm/emulate.c | 2 +-
xen/arch/x86/hvm/hvm.c | 14 ++-
xen/arch/x86/hvm/nestedhvm.c | 6 +-
xen/arch/x86/hvm/svm/asid.c | 77 ++++++++-----
xen/arch/x86/hvm/svm/nestedsvm.c | 1 -
xen/arch/x86/hvm/svm/svm.c | 36 +++---
xen/arch/x86/hvm/svm/svm.h | 4 -
xen/arch/x86/hvm/vmx/vmcs.c | 5 +-
xen/arch/x86/hvm/vmx/vmx.c | 68 ++++++------
xen/arch/x86/hvm/vmx/vvmx.c | 5 +-
xen/arch/x86/include/asm/flushtlb.h | 7 --
xen/arch/x86/include/asm/hvm/asid.h | 25 ++---
xen/arch/x86/include/asm/hvm/domain.h | 1 +
xen/arch/x86/include/asm/hvm/hvm.h | 15 +--
xen/arch/x86/include/asm/hvm/svm/svm.h | 5 +
xen/arch/x86/include/asm/hvm/vcpu.h | 10 +-
xen/arch/x86/include/asm/hvm/vmx/vmx.h | 44 ++++----
xen/arch/x86/mm/hap/hap.c | 6 +-
xen/arch/x86/mm/p2m.c | 7 +-
xen/arch/x86/mm/paging.c | 2 +-
xen/arch/x86/mm/shadow/hvm.c | 1 +
xen/arch/x86/mm/shadow/multi.c | 12 +-
xen/include/xen/sched.h | 2 +
25 files changed, 249 insertions(+), 285 deletions(-)
--
2.50.0
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
next reply other threads:[~2025-06-26 14:02 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-26 14:01 Teddy Astie [this message]
2025-06-26 14:01 ` [RFC PATCH v3 1/3] vmx: Rewrite vpid_sync_vcpu_gva Teddy Astie
2025-07-31 15:52 ` Jan Beulich
2025-07-31 16:18 ` Teddy Astie
2025-08-01 5:59 ` Jan Beulich
2025-06-26 14:01 ` [RFC PATCH v3 2/3] vmx: Introduce vcpu single context VPID invalidation Teddy Astie
2025-07-31 15:55 ` Jan Beulich
2025-06-26 14:01 ` [RFC PATCH v3 3/3] x86/hvm: Introduce Xen-wide ASID allocator Teddy Astie
2025-08-28 13:02 ` Jan Beulich
2025-08-29 14:13 ` Teddy Astie
2025-09-01 14:33 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1750770621.git.teddy.astie@vates.tech \
--to=teddy.astie@vates.tech \
--cc=andrew.cooper3@citrix.com \
--cc=anthony.perard@vates.tech \
--cc=jbeulich@suse.com \
--cc=julien@xen.org \
--cc=michal.orzel@amd.com \
--cc=roger.pau@citrix.com \
--cc=sstabellini@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.