From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Jan Beulich <JBeulich@suse.com>, Dongxiao Xu <dongxiao.xu@intel.com>
Cc: "keir@xen.org" <keir@xen.org>,
"Ian.Campbell@citrix.com" <Ian.Campbell@citrix.com>,
"George.Dunlap@eu.citrix.com" <George.Dunlap@eu.citrix.com>,
"stefano.stabellini@eu.citrix.com"
<stefano.stabellini@eu.citrix.com>,
"Ian.Jackson@eu.citrix.com" <Ian.Jackson@eu.citrix.com>,
"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>,
"dgdegra@tycho.nsa.gov" <dgdegra@tycho.nsa.gov>
Subject: Re: [PATCH v12 1/9] x86: add generic resource (e.g. MSR) access hypercall
Date: Wed, 23 Jul 2014 10:09:33 +0100 [thread overview]
Message-ID: <53CF7BCD.8020503@citrix.com> (raw)
In-Reply-To: <53CF84290200007800024F4E@mail.emea.novell.com>
On 23/07/14 08:45, Jan Beulich wrote:
>>>> On 15.07.14 at 12:00, <andrew.cooper3@citrix.com> wrote:
>> Hmm - I am very sorry for pushing at continue_hypercall_on_cpu(), but
>> looking at the code, there is no possible way it can be made to work in
>> its current form. It will BUG() at the second attempt to nest, making
>> it inappropriate to use.
> Not sure why - look at microcode.c's use of it, which also makes
> use of it more than once for a single hypercall.
>
> Jan
>
Eugh. That highlights several more issues.
Any two continue_hypercall_on_cpu()'s which target the same cpu may fall
over the BUG_ON(info->nest != 0). A microcode update and this proposed
hypercall run a very real risk of intersecting.
The vcpu_pause_nosync(curr); in continue_hypercall_on_cpu() is bogus
given the do_microcode_update() example, as it will be pausing the wrong
vcpu.
As a result, the vcpu which made the hypercall will be unpaused after
the first continue_hypercall_on_cpu() returns, which is before the
hypercall has actually completed.
Irrespective of that, copying data back to guest context from the
continue_hypercall_tasklet is in the wrong vcpu context, and likely even
the wrong domain context.
Finally, we have seen in the past that using AMD SVM with mismatched
microcode patch levels can result in hardware lockup. The only safe way
to apply microcode in these circumstances would be to rendezvous in Xen
and update every core at once, ensuring that no SVM operations are being
performed on sibling processors.
~Andrew
next prev parent reply other threads:[~2014-07-23 9:09 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-15 2:23 [PATCH v12 1/9] x86: add generic resource (e.g. MSR) access hypercall Xu, Dongxiao
2014-07-15 10:00 ` Andrew Cooper
2014-07-23 7:45 ` Jan Beulich
2014-07-23 9:09 ` Andrew Cooper [this message]
2014-07-28 10:01 ` Jan Beulich
-- strict thread matches above, loose matches on Subject: below --
2014-07-04 8:34 [PATCH v12 0/9] enable Cache QoS Monitoring (CQM) feature Dongxiao Xu
2014-07-04 8:34 ` [PATCH v12 1/9] x86: add generic resource (e.g. MSR) access hypercall Dongxiao Xu
2014-07-04 9:40 ` Andrew Cooper
2014-07-04 10:30 ` Jan Beulich
2014-07-04 10:52 ` Andrew Cooper
2014-07-08 7:06 ` Xu, Dongxiao
2014-07-08 9:07 ` Andrew Cooper
2014-07-08 9:30 ` Jürgen Groß
2014-07-09 2:06 ` Xu, Dongxiao
2014-07-09 14:17 ` Daniel De Graaf
2014-07-08 8:57 ` George Dunlap
2014-07-08 9:20 ` Andrew Cooper
2014-07-04 10:44 ` Jan Beulich
2014-07-11 4:29 ` Xu, Dongxiao
2014-07-11 9:24 ` Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53CF7BCD.8020503@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=George.Dunlap@eu.citrix.com \
--cc=Ian.Campbell@citrix.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=JBeulich@suse.com \
--cc=dgdegra@tycho.nsa.gov \
--cc=dongxiao.xu@intel.com \
--cc=keir@xen.org \
--cc=stefano.stabellini@eu.citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).