Re: [RFC][PATCH 0/4] x86/entry: disallow #DB more

From: Andy Lutomirski
Date: Fri May 22 2020 - 18:14:12 EST


On Fri, May 22, 2020 at 1:49 PM Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
>
> Hai, this kills #DB during NMI/#MC and with that allows removing all the nasty
> IST rewrite crud.
>

This is great, except that the unconditional DR7 write is going to
seriously hurt perf performance. Fortunately, no one cares about
perf, right? :) Even just reading first won't help enough because DR7
reads are likely to be VM exits. Can we have a percpu dr7 shadow
(with careful ordering) or even just a percpu count of dr7 users so we
can skip this if there are no breakpoints? We have cpu_dr7, and some
minor changes would make this work. Maybe replace all the direct
cpu_dr7 access with helpers like dr7_set_bits() and dr7_clear_bits()?

Also, I like raving at DR7 :)