Re: [PATCH v5 5/5] perf: Correct perf sampling with guest VMs

From: Mark Rutland
Date: Fri Oct 04 2024 - 11:44:21 EST


On Fri, Sep 20, 2024 at 05:47:40PM +0000, Colton Lewis wrote:
> Previously any PMU overflow interrupt that fired while a VCPU was
> loaded was recorded as a guest event whether it truly was or not. This
> resulted in nonsense perf recordings that did not honor
> perf_event_attr.exclude_guest and recorded guest IPs where it should
> have recorded host IPs.
>
> Rework the sampling logic to only record guest samples for events with
> exclude_guest = 0. This way any host-only events with exclude_guest
> set will never see unexpected guest samples. The behaviour of events
> with exclude_guest = 0 is unchanged.
>
> Note that events configured to sample both host and guest may still
> misattribute a PMI that arrived in the host as a guest event depending
> on KVM arch and vendor behavior.
>
> Signed-off-by: Colton Lewis <coltonlewis@xxxxxxxxxx>

This looks good to me, though I wonder if we should handle all of the
exclude_* flags in one go and pick the right user/kernel/guest regs to
sample from...

As this stands, it's definitely an improvement on what we have, so:

Acked-by: Mark Rutland <mark.rutland@xxxxxxx>

Mark.

> ---
> arch/arm64/include/asm/perf_event.h | 4 ----
> arch/arm64/kernel/perf_callchain.c | 28 ----------------------------
> arch/x86/events/core.c | 16 ++++------------
> include/linux/perf_event.h | 21 +++++++++++++++++++--
> kernel/events/core.c | 21 +++++++++++++++++----
> 5 files changed, 40 insertions(+), 50 deletions(-)
>
> diff --git a/arch/arm64/include/asm/perf_event.h b/arch/arm64/include/asm/perf_event.h
> index 31a5584ed423..ee45b4e77347 100644
> --- a/arch/arm64/include/asm/perf_event.h
> +++ b/arch/arm64/include/asm/perf_event.h
> @@ -10,10 +10,6 @@
> #include <asm/ptrace.h>
>
> #ifdef CONFIG_PERF_EVENTS
> -struct pt_regs;
> -extern unsigned long perf_arch_instruction_pointer(struct pt_regs *regs);
> -extern unsigned long perf_arch_misc_flags(struct pt_regs *regs);
> -#define perf_arch_misc_flags(regs) perf_misc_flags(regs)
> #define perf_arch_bpf_user_pt_regs(regs) &regs->user_regs
> #endif
>
> diff --git a/arch/arm64/kernel/perf_callchain.c b/arch/arm64/kernel/perf_callchain.c
> index 01a9d08fc009..9b7f26b128b5 100644
> --- a/arch/arm64/kernel/perf_callchain.c
> +++ b/arch/arm64/kernel/perf_callchain.c
> @@ -38,31 +38,3 @@ void perf_callchain_kernel(struct perf_callchain_entry_ctx *entry,
>
> arch_stack_walk(callchain_trace, entry, current, regs);
> }
> -
> -unsigned long perf_arch_instruction_pointer(struct pt_regs *regs)
> -{
> - if (perf_guest_state())
> - return perf_guest_get_ip();
> -
> - return instruction_pointer(regs);
> -}
> -
> -unsigned long perf_arch_misc_flags(struct pt_regs *regs)
> -{
> - unsigned int guest_state = perf_guest_state();
> - int misc = 0;
> -
> - if (guest_state) {
> - if (guest_state & PERF_GUEST_USER)
> - misc |= PERF_RECORD_MISC_GUEST_USER;
> - else
> - misc |= PERF_RECORD_MISC_GUEST_KERNEL;
> - } else {
> - if (user_mode(regs))
> - misc |= PERF_RECORD_MISC_USER;
> - else
> - misc |= PERF_RECORD_MISC_KERNEL;
> - }
> -
> - return misc;
> -}
> diff --git a/arch/x86/events/core.c b/arch/x86/events/core.c
> index d51e5d24802b..3c5f512d2bcf 100644
> --- a/arch/x86/events/core.c
> +++ b/arch/x86/events/core.c
> @@ -2942,9 +2942,6 @@ static unsigned long code_segment_base(struct pt_regs *regs)
>
> unsigned long perf_arch_instruction_pointer(struct pt_regs *regs)
> {
> - if (perf_guest_state())
> - return perf_guest_get_ip();
> -
> return regs->ip + code_segment_base(regs);
> }
>
> @@ -2971,17 +2968,12 @@ unsigned long perf_arch_guest_misc_flags(struct pt_regs *regs)
>
> unsigned long perf_arch_misc_flags(struct pt_regs *regs)
> {
> - unsigned int guest_state = perf_guest_state();
> unsigned long misc = common_misc_flags(regs);
>
> - if (guest_state) {
> - misc |= perf_arch_guest_misc_flags(regs);
> - } else {
> - if (user_mode(regs))
> - misc |= PERF_RECORD_MISC_USER;
> - else
> - misc |= PERF_RECORD_MISC_KERNEL;
> - }
> + if (user_mode(regs))
> + misc |= PERF_RECORD_MISC_USER;
> + else
> + misc |= PERF_RECORD_MISC_KERNEL;
>
> return misc;
> }
> diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h
> index d061e327ad54..968f3edd95e4 100644
> --- a/include/linux/perf_event.h
> +++ b/include/linux/perf_event.h
> @@ -1633,8 +1633,9 @@ extern void perf_tp_event(u16 event_type, u64 count, void *record,
> struct task_struct *task);
> extern void perf_bp_event(struct perf_event *event, void *data);
>
> -extern unsigned long perf_misc_flags(struct pt_regs *regs);
> -extern unsigned long perf_instruction_pointer(struct pt_regs *regs);
> +extern unsigned long perf_misc_flags(struct perf_event *event, struct pt_regs *regs);
> +extern unsigned long perf_instruction_pointer(struct perf_event *event,
> + struct pt_regs *regs);
>
> #ifndef perf_arch_misc_flags
> # define perf_arch_misc_flags(regs) \
> @@ -1645,6 +1646,22 @@ extern unsigned long perf_instruction_pointer(struct pt_regs *regs);
> # define perf_arch_bpf_user_pt_regs(regs) regs
> #endif
>
> +#ifndef perf_arch_guest_misc_flags
> +static inline unsigned long perf_arch_guest_misc_flags(struct pt_regs *regs)
> +{
> + unsigned long guest_state = perf_guest_state();
> +
> + if (guest_state & PERF_GUEST_USER)
> + return PERF_RECORD_MISC_GUEST_USER;
> +
> + if (guest_state & PERF_GUEST_ACTIVE)
> + return PERF_RECORD_MISC_GUEST_KERNEL;
> +
> + return 0;
> +}
> +# define perf_arch_guest_misc_flags(regs) perf_arch_guest_misc_flags(regs)
> +#endif
> +
> static inline bool has_branch_stack(struct perf_event *event)
> {
> return event->attr.sample_type & PERF_SAMPLE_BRANCH_STACK;
> diff --git a/kernel/events/core.c b/kernel/events/core.c
> index eeabbf791a8c..c5e57c024d9a 100644
> --- a/kernel/events/core.c
> +++ b/kernel/events/core.c
> @@ -6921,13 +6921,26 @@ void perf_unregister_guest_info_callbacks(struct perf_guest_info_callbacks *cbs)
> EXPORT_SYMBOL_GPL(perf_unregister_guest_info_callbacks);
> #endif
>
> -unsigned long perf_misc_flags(struct pt_regs *regs)
> +static bool should_sample_guest(struct perf_event *event)
> {
> + return !event->attr.exclude_guest && perf_guest_state();
> +}
> +
> +unsigned long perf_misc_flags(struct perf_event *event,
> + struct pt_regs *regs)
> +{
> + if (should_sample_guest(event))
> + return perf_arch_guest_misc_flags(regs);
> +
> return perf_arch_misc_flags(regs);
> }
>
> -unsigned long perf_instruction_pointer(struct pt_regs *regs)
> +unsigned long perf_instruction_pointer(struct perf_event *event,
> + struct pt_regs *regs)
> {
> + if (should_sample_guest(event))
> + return perf_guest_get_ip();
> +
> return perf_arch_instruction_pointer(regs);
> }
>
> @@ -7743,7 +7756,7 @@ void perf_prepare_sample(struct perf_sample_data *data,
> __perf_event_header__init_id(data, event, filtered_sample_type);
>
> if (filtered_sample_type & PERF_SAMPLE_IP) {
> - data->ip = perf_instruction_pointer(regs);
> + data->ip = perf_instruction_pointer(event, regs);
> data->sample_flags |= PERF_SAMPLE_IP;
> }
>
> @@ -7907,7 +7920,7 @@ void perf_prepare_header(struct perf_event_header *header,
> {
> header->type = PERF_RECORD_SAMPLE;
> header->size = perf_sample_data_size(data, event);
> - header->misc = perf_misc_flags(regs);
> + header->misc = perf_misc_flags(event, regs);
>
> /*
> * If you're adding more sample types here, you likely need to do
> --
> 2.46.0.792.g87dc391469-goog
>