Motivation:
-----------
This is part of the effort to enable AMD SEV technologies in Xen. For
AMD SEV support, we need a fixed ASID associated with all vcpus of the
same domain throughout the domain's lifetime. This is because for SEV/
SEV-{ES,SNP} VM, the ASID is the index which is associated with the
encryption key.Currently, ASID generation and management is done per-PCPU in Xen. And at the time of each VMENTER, the ASID associated with vcpus of the domain is changed. This implementation is incompatible with SEV technologies for the above mentioned reasons. In a discussion with Andrew Cooper, it came up that it’ll be nice to have fixed ASIDs not only for SEV VMs but also for all VMs. Because it opens up the opportunity to use instructions like TLBSYNC and INVLPGB (Section 5.5.3 in AMD Architecture manual[0]) for broadcasting the TLB Invalidations. Changes since v1: ----------------- As discussed in v1 and at the Xen summit, this version changes the flow of the asid assignment. I initialize asids by calling CPUID on each cpu during the __start_xen. The assignment of the asid happens at the domain creation time at HVM level and later it is mapped to individual hardware fields ASID/VPID at the VMRUN. ASID is flushed when the domain is destroyed. Please check the comment in xen/arch/x86/hvm/asid.c to check the implemenmtation flow. Detailed list of changes is mentioned in the patch. Few questions I have: --------------------- 1. While in this version I keep using hvm_asid_flush_domain in svm_invlpg, I'm wondering if we need to do hvm_asid_flush_vcpu in this case? If so, what would be the preferred way to flush vcpu specific TLB entries here? 2. Currently I assign asid at the VCPU level at VMRUN. But is there any way to do it more early in the process? I tried to do it after the hvm_vcpu_initialize and hvm_vcpu_up but wasn't really successfull in doing so. 3. While there is a plan to use TLBSYNC in the future. My understanding is intel doesn't have an equivalent instruction. Do we need a separate function that is able to do it? 4. How is the freeing of resources done when Xen is destroyed? I couldn't find something equivalent of svm_hardware_unsetup in linux kernel. Notes: ------ 1. As discussed at Xen Summit, changes related to demonstrating the use of TLBSYNC and INVLPGB won't be part of this patchset. 2. Changes are tested on AMD EPYC Genoa at the moment. Vaishali Thakkar (1): x86/hvm: Introduce Xen-wide ASID allocator xen/arch/x86/domain.c | 7 ++ xen/arch/x86/flushtlb.c | 4 - xen/arch/x86/hvm/asid.c | 136 +++++++++++++------------ xen/arch/x86/hvm/hvm.c | 6 +- xen/arch/x86/hvm/nestedhvm.c | 4 +- xen/arch/x86/hvm/svm/asid.c | 37 ++++--- xen/arch/x86/hvm/svm/nestedsvm.c | 5 +- xen/arch/x86/hvm/svm/svm.c | 32 ++---- xen/arch/x86/hvm/svm/svm.h | 3 - xen/arch/x86/hvm/vmx/vmcs.c | 2 - xen/arch/x86/hvm/vmx/vmx.c | 37 ++----- xen/arch/x86/hvm/vmx/vvmx.c | 7 +- xen/arch/x86/include/asm/hvm/asid.h | 24 ++--- xen/arch/x86/include/asm/hvm/domain.h | 7 ++ xen/arch/x86/include/asm/hvm/hvm.h | 11 -- xen/arch/x86/include/asm/hvm/svm/svm.h | 2 + xen/arch/x86/include/asm/hvm/vcpu.h | 9 -- xen/arch/x86/include/asm/hvm/vmx/vmx.h | 3 +- xen/arch/x86/mm/hap/hap.c | 5 +- xen/arch/x86/mm/p2m.c | 6 +- xen/arch/x86/mm/paging.c | 3 +- xen/arch/x86/pv/domain.c | 1 + xen/arch/x86/setup.c | 10 ++ 23 files changed, 173 insertions(+), 188 deletions(-) -- 2.46.0
