From: Jan Kiszka <jan.kiszka@siemens.com>
To: Gleb Natapov <gleb@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"mtosatti@redhat.com" <mtosatti@redhat.com>
Subject: Re: [PATCH] x86: kvm: reset the bootstrap processor when it gets an INIT
Date: Mon, 11 Mar 2013 19:05:48 +0100 [thread overview]
Message-ID: <513E1CFC.6010201@siemens.com> (raw)
In-Reply-To: <20130311174155.GU31619@redhat.com>
On 2013-03-11 18:41, Gleb Natapov wrote:
> On Mon, Mar 11, 2013 at 06:34:03PM +0100, Jan Kiszka wrote:
>> On 2013-03-11 18:23, Gleb Natapov wrote:
>>> On Mon, Mar 11, 2013 at 04:36:33PM +0100, Jan Kiszka wrote:
>>>> On 2013-03-11 15:23, Paolo Bonzini wrote:
>>>>> Il 11/03/2013 15:05, Gleb Natapov ha scritto:
>>>>>> On Mon, Mar 11, 2013 at 03:01:40PM +0100, Jan Kiszka wrote:
>>>>>>>> We are not moving away from mp_state, we are moving away from using
>>>>>>>> mp_state for signaling because with nested virt INIT does not always
>>>>>>>> change mp_state, not only that it can change mp_state long after signal
>>>>>>>> is received after vmx off is done.
>>>>>>>
>>>>>>> Right.
>>>>>>>
>>>>>>> BTW, for that to happen, we will also need to influence the INIT level.
>>>>>>> Unless I misread the spec, INIT is blocked while in root mode, and if
>>>>>>> you deassert INIT before leaving root (vmxoff, vmenter), nothing
>>>>>>> actually happens. So what matters is the INIT signal level at the exit
>>>>>>> of root mode.
>>>>>>>
>>>>>> You are talking about INIT# signal received via CPU pin, right? I think
>>>>>> INIT send by IPI cannot go away.
>>>>>
>>>>> Neither can go away. For INIT sent by IPI, 10.4.7 says:
>>>>>
>>>>> Only the Pentium and P6 family processors support the INIT-deassert IPI.
>>>>> An INIT-disassert IPI has no affect on the state of the APIC, other than
>>>>> to reload the arbitration ID register with the value in the APIC ID
>>>>> register.
>>>>>
>>>>> 18.27.1 also says that "In the local APIC, NMI and INIT (except for INIT
>>>>> deassert) are always treated as edge triggered interrupts".
>>>>>
>>>>>
>>>>> For INIT#, the ICH9 chipset says that "INIT# is driven low for 16 PCI
>>>>> clocks" when a soft reset is requested. So we can guess that INIT# is
>>>>> also edge-triggered.
>>>>
>>>> Ah, ok. So, virtually, INIT stays asserted until it can be delivered in
>>>> form of a reset or a vmexit.
>>>>
>>> vmexit clears it?
>>
>> It has to. Otherwise, it would hit the host on vmxoff.
>>
> Why do you thing this is not happening?
>
> Look at [1] page 10 "VMX and INIT blocking". Do you think they were
> lucky to hit CPU while it was in a root mode?
>
> [1] http://www.invisiblethingslab.com/resources/2011/Software%20Attacks%20on%20Intel%20VT-d.pdf
Interesting. And confusing. If a VMM cannot "consume" INIT events by
reentering the guest nor postpone those events up to that point if they
arrived in root mode, the whole vmexit-on-INIT thing is practically
useless. I wonder what use case Intel had in mind while designing this.
That article claims they tested it, though via MSI injection, so they
are probably right, at least for the used CPU type.
Jan
--
Siemens AG, Corporate Technology, CT RTC ITP SDP-DE
Corporate Competence Center Embedded Linux
next prev parent reply other threads:[~2013-03-11 18:05 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-09 6:48 [PATCH] x86: kvm: reset the bootstrap processor when it gets an INIT Paolo Bonzini
2013-03-10 11:46 ` Gleb Natapov
2013-03-10 14:53 ` Paolo Bonzini
2013-03-10 15:35 ` Gleb Natapov
2013-03-10 17:19 ` Paolo Bonzini
2013-03-10 18:10 ` Gleb Natapov
2013-03-11 10:14 ` Paolo Bonzini
2013-03-11 10:28 ` Gleb Natapov
2013-03-11 11:25 ` Paolo Bonzini
2013-03-11 11:51 ` Gleb Natapov
2013-03-11 13:31 ` Paolo Bonzini
2013-03-11 13:54 ` Gleb Natapov
2013-03-11 14:01 ` Jan Kiszka
2013-03-11 14:05 ` Gleb Natapov
2013-03-11 14:06 ` Jan Kiszka
2013-03-11 14:09 ` Gleb Natapov
2013-03-11 14:10 ` Jan Kiszka
2013-03-11 14:12 ` Gleb Natapov
2013-03-11 14:19 ` Jan Kiszka
2013-03-11 14:23 ` Paolo Bonzini
2013-03-11 15:36 ` Jan Kiszka
2013-03-11 17:23 ` Gleb Natapov
2013-03-11 17:34 ` Jan Kiszka
2013-03-11 17:38 ` Jan Kiszka
2013-03-11 17:41 ` Gleb Natapov
2013-03-11 18:05 ` Jan Kiszka [this message]
2013-03-11 18:13 ` Gleb Natapov
2013-03-11 18:27 ` Jan Kiszka
2013-03-11 18:39 ` Gleb Natapov
2013-03-11 18:47 ` Jan Kiszka
2013-03-11 18:51 ` Gleb Natapov
2013-03-11 19:01 ` Jan Kiszka
2013-03-11 19:30 ` Gleb Natapov
2013-03-12 9:25 ` Jan Kiszka
2013-03-12 11:28 ` Gleb Natapov
2013-03-11 14:28 ` Paolo Bonzini
2013-03-11 17:20 ` Gleb Natapov
2013-03-11 17:39 ` Paolo Bonzini
2013-03-11 18:04 ` Gleb Natapov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=513E1CFC.6010201@siemens.com \
--to=jan.kiszka@siemens.com \
--cc=gleb@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox