[v4,0/4] Add support for the Idle HLT intercept feature

Message ID	20241022054810.23369-1-manali.shukla@amd.com
Headers	show Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2055.outbound.protection.outlook.com [40.107.243.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 062A81E529; Tue, 22 Oct 2024 05:48:29 +0000 (UTC) Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C From: Manali Shukla <manali.shukla@amd.com> To: <kvm@vger.kernel.org>, <linux-kselftest@vger.kernel.org> CC: <pbonzini@redhat.com>, <seanjc@google.com>, <shuah@kernel.org>, <nikunj@amd.com>, <thomas.lendacky@amd.com>, <vkuznets@redhat.com>, <manali.shukla@amd.com>, <bp@alien8.de>, <babu.moger@amd.com> Subject: [PATCH v4 0/4] Add support for the Idle HLT intercept feature Date: Tue, 22 Oct 2024 05:48:06 +0000 Message-ID: <20241022054810.23369-1-manali.shukla@amd.com> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit
Series	Add support for the Idle HLT intercept feature \| expand [v4,0/4] Add support for the Idle HLT intercept feature [v4,1/4] x86/cpufeatures: Add CPUID feature bit for Idle HLT intercept [v4,2/4] KVM: SVM: Add Idle HLT intercept support [v4,3/4] KVM: nSVM: implement the nested idle halt intercept [v4,4/4] KVM: selftests: KVM: SVM: Add Idle HLT intercept test

Message ID

20241022054810.23369-1-manali.shukla@amd.com

Headers

Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
From: Manali Shukla <manali.shukla@amd.com>
To: <kvm@vger.kernel.org>, <linux-kselftest@vger.kernel.org>
CC: <pbonzini@redhat.com>, <seanjc@google.com>, <shuah@kernel.org>,
	<nikunj@amd.com>, <thomas.lendacky@amd.com>, <vkuznets@redhat.com>,
	<manali.shukla@amd.com>, <bp@alien8.de>, <babu.moger@amd.com>
Subject: [PATCH v4 0/4] Add support for the Idle HLT intercept feature
Date: Tue, 22 Oct 2024 05:48:06 +0000
Message-ID: <20241022054810.23369-1-manali.shukla@amd.com>
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Oct 2024 05:48:25.8716
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 9ca4d8ee-87b7-478f-144c-08dcf25d25d6
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	CO1PEPF000075ED.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB8780

Series

Add support for the Idle HLT intercept feature | expand

Message

Manali Shukla Oct. 22, 2024, 5:48 a.m. UTC

The upcoming new Idle HLT Intercept feature allows for the HLT
instruction execution by a vCPU to be intercepted by the hypervisor
only if there are no pending V_INTR and V_NMI events for the vCPU.
When the vCPU is expected to service the pending V_INTR and V_NMI
events, the Idle HLT intercept won’t trigger. The feature allows the
hypervisor to determine if the vCPU is actually idle and reduces
wasteful VMEXITs.

The idle HLT intercept feature is used for enlightened guests who wish
to securely handle the events. When an enlightened guest does a HLT
while an interrupt is pending, hypervisor will not have a way to
figure out whether the guest needs to be re-entered or not. The Idle
HLT intercept feature allows the HLT execution only if there are no
pending V_INTR and V_NMI events.

Presence of the Idle HLT Intercept feature is indicated via CPUID
function Fn8000_000A_EDX[30].

Document for the Idle HLT intercept feature is available at [1].

This series is based on kvm-next/next (64dbb3a771a1) + [2].

Experiments done:
----------------

kvm_amd.avic is set to '0' for this experiment.

The below numbers represent the average of 10 runs.

Normal guest (L1)
The below netperf command was run on the guest with smp = 1 (pinned).

netperf -H <host ip> -t TCP_RR -l 60
----------------------------------------------------------------
|with Idle HLT(transactions/Sec)|w/o Idle HLT(transactions/Sec)|
----------------------------------------------------------------
|         25645.7136            |        25773.2796            |
----------------------------------------------------------------

Number of transactions/sec with and without idle HLT intercept feature
are almost same.

Nested guest (L2)
The below netperf command was run on L2 guest with smp = 1 (pinned).

netperf -H <host ip> -t TCP_RR -l 60
----------------------------------------------------------------
|with Idle HLT(transactions/Sec)|w/o Idle HLT(transactions/Sec)|
----------------------------------------------------------------
|          5655.4468            |          5755.2189           |
----------------------------------------------------------------

Number of transactions/sec with and without idle HLT intercept feature
are almost same.

Testing Done:
- Tested the functionality for the Idle HLT intercept feature
  using selftest svm_idle_hlt_test.
- Tested SEV and SEV-ES guest for the Idle HLT intercept functionality.
- Tested the Idle HLT intercept functionality on nested guest.

v3 -> v4
- Drop the patches to add vcpu_get_stat() into a new series [2].
- Added nested Idle HLT intercept support.

v2 -> v3
- Incorporated Andrew's suggestion to structure vcpu_stat_types in
  a way that each architecture can share the generic types and also
  provide its own.

v1 -> v2
- Done changes in svm_idle_hlt_test based on the review comments from Sean.
- Added an enum based approach to get binary stats in vcpu_get_stat() which
  doesn't use string to get stat data based on the comments from Sean.
- Added self_halt() and cli() helpers based on the comments from Sean.

[1]: AMD64 Architecture Programmer's Manual Pub. 24593, April 2024,
     Vol 2, 15.9 Instruction Intercepts (Table 15-7: IDLE_HLT).
     https://bugzilla.kernel.org/attachment.cgi?id=306250

[2]: https://lore.kernel.org/kvm/20241021062226.108657-1-manali.shukla@amd.com/T/#t

Manali Shukla (4):
  x86/cpufeatures: Add CPUID feature bit for Idle HLT intercept
  KVM: SVM: Add Idle HLT intercept support
  KVM: nSVM: implement the nested idle halt intercept
  KVM: selftests: KVM: SVM: Add Idle HLT intercept test

 arch/x86/include/asm/cpufeatures.h            |  1 +
 arch/x86/include/asm/svm.h                    |  1 +
 arch/x86/include/uapi/asm/svm.h               |  2 +
 arch/x86/kvm/governed_features.h              |  1 +
 arch/x86/kvm/svm/nested.c                     |  7 ++
 arch/x86/kvm/svm/svm.c                        | 15 +++-
 tools/testing/selftests/kvm/Makefile          |  1 +
 .../selftests/kvm/include/x86_64/processor.h  |  1 +
 .../selftests/kvm/x86_64/svm_idle_hlt_test.c  | 89 +++++++++++++++++++
 9 files changed, 115 insertions(+), 3 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/x86_64/svm_idle_hlt_test.c


base-commit: c8d430db8eec7d4fd13a6bea27b7086a54eda6da
prerequisite-patch-id: ca912571db5c004f77b70843b8dd35517ff1267f
prerequisite-patch-id: 164ea3b4346f9e04bc69819278d20f5e1b5df5ed
prerequisite-patch-id: 90d870f426ebc2cec43c0dd89b701ee998385455
prerequisite-patch-id: 45812b799c517a4521782a1fdbcda881237e1eda

Comments

Borislav Petkov Oct. 22, 2024, 9:32 a.m. UTC | #1

On Tue, Oct 22, 2024 at 05:48:07AM +0000, Manali Shukla wrote:
> From: Manali Shukla <Manali.Shukla@amd.com>
> 
> The Idle HLT Intercept feature allows for the HLT instruction
> execution by a vCPU to be intercepted by the hypervisor only if there
> are no pending events (V_INTR and V_NMI) for the vCPU. When the vCPU
> is expected to service the pending events (V_INTR and V_NMI), the Idle
> HLT intercept won’t trigger. The feature allows the hypervisor to
> determine if the vCPU is idle and reduces wasteful VMEXITs.
> 
> In addition to the aforementioned use case, the Idle HLT intercept
> feature is also used for enlightened guests who aim to securely manage
> events without the hypervisor’s awareness. If a HLT occurs while
> a virtual event is pending and the hypervisor is unaware of this
> pending event (as could be the case with enlightened guests), the
> absence of the Idle HLT intercept feature could result in a vCPU being
> suspended indefinitely.
> 
> Presence of Idle HLT intercept feature for guests is indicated via CPUID
> function 0x8000000A_EDX[30].
> 
> Signed-off-by: Manali Shukla <Manali.Shukla@amd.com>
> Acked-by: Borislav Petkov (AMD) <bp@alien8.de>
> ---
>  arch/x86/include/asm/cpufeatures.h | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h
> index dd4682857c12..7461a49e1045 100644
> --- a/arch/x86/include/asm/cpufeatures.h
> +++ b/arch/x86/include/asm/cpufeatures.h
> @@ -382,6 +382,7 @@
>  #define X86_FEATURE_V_SPEC_CTRL		(15*32+20) /* "v_spec_ctrl" Virtual SPEC_CTRL */
>  #define X86_FEATURE_VNMI		(15*32+25) /* "vnmi" Virtual NMI */
>  #define X86_FEATURE_SVME_ADDR_CHK	(15*32+28) /* SVME addr check */
> +#define X86_FEATURE_IDLE_HLT		(15*32+30) /* "" IDLE HLT intercept */

Whoever commits this, you can remove the "" in the comment now as they're not
needed anymore.

Thx.