Re: [PATCH 15/17] KVM: retpolines: x86: eliminate retpoline from vmx.c exit handlers

From: Sean Christopherson
Date: Mon Sep 23 2019 - 17:24:38 EST

Next message: Mike Kravetz: "Re: [PATCH v5 0/7] hugetlb_cgroup: Add hugetlb_cgroup reservation limits"
Previous message: Eric W. Biederman: "Re: threads-max observe limits"
In reply to: Andrea Arcangeli: "Re: [PATCH 15/17] KVM: retpolines: x86: eliminate retpoline from vmx.c exit handlers"
Next in thread: Andrea Arcangeli: "Re: [PATCH 15/17] KVM: retpolines: x86: eliminate retpoline from vmx.c exit handlers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Sep 23, 2019 at 05:08:38PM -0400, Andrea Arcangeli wrote:
> Hello,
>
> On Mon, Sep 23, 2019 at 01:23:49PM -0700, Sean Christopherson wrote:
> > The attached patch should do the trick.
>
> The two most attractive options to me remains what I already have
> implemented under #ifdef CONFIG_RETPOLINE with direct calls
> (optionally replacing the "if" with a small "switch" still under
> CONFIG_RETPOLINE if we give up the prioritization of the checks), or
> the replacement of kvm_vmx_exit_handlers with a switch() as suggested
> by Vitaly which would cleanup some code.
>
> The intermediate solution that makes "const" work, has the cons of
> forcing to parse EXIT_REASON_VMCLEAR and the other vmx exit reasons
> twice, first through a pointer to function (or another if or switch
> statement) then with a second switch() statement.
>
> If we'd use a single switch statement per Vitaly's suggestion, the "if
> nested" would better be more simply implemented as:
>
> switch (exit_reason) {
> case EXIT_REASON_VMCLEAR:
> if (nested)
> return handle_vmclear(vcpu);
> else
> return handle_vmx_instruction(vcpu);
> case EXIT_REASON_VMCLEAR:
> if (nested)
> [..]

Combing if/case statements would mitigate this to some degree, e.g.:

if (exit_reason >= EXIT_REASON_VMCALL &&
exit_reason <= EXIT_REASON_VMON)
return handle_vmx_instruction(vcpu);

or

case EXIT_REASON_VMCALL ... EXIT_REASON_VMON:
return handle_vmx_instruction(vcpu);

> This also removes the compiler dependency to auto inline
> handle_vmclear in the added nested_vmx_handle_vmx_instruction extern
> call.

I like the idea of routing through handle_vmx_instruction() because it
allows the individual handlers to be wholly encapsulated in nested.c,
e.g. handle_vmclear() and company don't have to be exposed.

An extra CALL+RET isn't going to be noticeable, especially on modern
hardware as the high frequency VMWRITE/VMREAD fields should hit the
shadow VMCS.

> VMREAD/WRITE/RESUME are the most frequent vmexit in l0 while nested
> runs in l2.
>
> Thanks,
> Andrea

Next message: Mike Kravetz: "Re: [PATCH v5 0/7] hugetlb_cgroup: Add hugetlb_cgroup reservation limits"
Previous message: Eric W. Biederman: "Re: threads-max observe limits"
In reply to: Andrea Arcangeli: "Re: [PATCH 15/17] KVM: retpolines: x86: eliminate retpoline from vmx.c exit handlers"
Next in thread: Andrea Arcangeli: "Re: [PATCH 15/17] KVM: retpolines: x86: eliminate retpoline from vmx.c exit handlers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]