Re: tlb flush after each vm_exit, also virtual interrupts injection

["Radim Krčmář" <rkrcmar@redhat.com>]

2016-07-27 13:19+0300, charls chap:
> Hello List,
> 
> 1)
> I've seen some slides, back in 08, in which it is described
> that the use of VPID, will solve the problem of TLB flush after each VM_EXIT.

VPID solves a problem of excessive TLB flushing by tagging TLB entries
with VPID.
VMX without VPID features flushes TLB on transitions (entry/exit),
because the hardware cannot tell what is valid in current context.

> But, i see from the code that it actually does a flush after a VM_EXIT.

Please quote the code you are seeing.

> Obviously, i am wrong. So I need some help,
> Where to look, i mean which lines of code, in order to figure out, what is
> happening with TLB flush and VM_EXITS

I don't know what you know, so I can only recommend:

 1) read SDM for a while
 2) git grep -W -i 'tlb\|vpid' arch/x86/kvm virt/kvm
 3) goto (1)

> 2) system call from ing 0 (non-root), to ring 0(root)
> Could guest os, do a system call to host os?

Somewhat, there are many ways how to communicate, it would not be a
system call in linux terminology, though.

Maybe you are thinking about hypercalls?

(In any case, KVM was not designed for sharing host kernel
 infrastructure with programs running in non-root ring 0.)

> 3) what is the mechanism of virtual interrupt injection
> What is the mechanism that is used for a virtual interrupt injection,
> in full virtualization?

Every interrupt delivery starts by configuring data structures that
depends on the chosen method.  There are two main categories of methods:

1) Hardware can be configured while the guest is running.
   These methods usually send a special interrupt to the physical CPU
   that evaluates the configured data structures.
   Hardware can also be the one that configures data structures, so
   there is no need for a hypervisor intervention for sending the
   interrupt.

2) Hardware cannot be configured while the guest is running.
   Configured data structures are evaluated on guest entry.
   (The interrupt might also be postponed until guest state allows it,
    e.g. TPR.)

Hardware will deliver both interrupts using the guest state.

> Host injects an interrupt to guest, HOW?  eg. hardware interrupt?

Same as above.

> to which point of guest? guest complete_bh?

The guest shouldn't be able to tell a difference, so at any point that
is possible in the host (also a subset of them).

> 4)
> I've seen from bibliography, that KVM operates in protection ring -1.
> What doe it mean? Is there HW implementation for that ring?
> 
> Why not in ring 0?

If we are taking about VMX, ring -1 is an analogy.

Host (KVM) operates with CPL 0 in VMX root mode, which was likely called
ring -1 by the authors.  A guest operates with CPL 0 too, but it is in
VMX non-root mode, so called ring 0.

(VMX can also operate in dual monitor mode, so the analogy could be
 extended to call VMX operating in SMM as ring -2.)