With nestedhvm=1, the L2 HVM guest is either hanging (Xen 4.8) or crashing (Xen 4.12.1) the L1 Xen hypervisor with recent versions of Linux. We
isolated the commit to:
commit 093ae8f9a86a974c920b613860f1f7fd5bbd70ab
Author: Borislav Petkov <b...@suse.de>
Date: Thu Apr 12 13:11:36 2018 +0200
x86/TSC: Use RDTSCP
Currently, the kernel uses
[LM]FENCE; RDTSC
in the timekeeping code, to guarantee monotonicity of time where the
*FENCE is selected based on vendor.
Replace that sequence with RDTSCP which is faster or on-par and gives
the same guarantees.
A microbenchmark on Intel shows that the change is on-par.
On AMD, the change is either on-par with the current LFENCE-prefixed
RDTSC or slightly better with RDTSCP.
The comparison is done with the LFENCE-prefixed RDTSC (and not with the
MFENCE-prefixed one, as one would normally expect) because all modern
AMD families make LFENCE serializing and thus avoid the heavy MFENCE by
effectively enabling X86_FEATURE_LFENCE_RDTSC.
I could not find RDTSCP instruction being used by Linux before the given commit, which is present in Linux v5.1 and newer. As expected, masking off
the RDTSCP cpuid flag in leaf 0x80000001 prevents a cooperative guest from using that instruction and therefore prevents the crash.
--Sarah
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
