When settings HVM_PARAM_IDENT_PT, skip domain pausing when :
- there is no vcpu
- unrestricted guest capability is used

Signed-off-by: Teddy Astie <teddy.astie@vates.tech>
---
 xen/arch/x86/hvm/hvm.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index e2720daf1e..39ff1bdbe1 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4286,11 +4286,13 @@ static int hvm_set_param(struct domain *d, uint32_t index, uint64_t value)
             rc = -EINVAL;
         break;
     case HVM_PARAM_IDENT_PT:
+        v = domain_vcpu(d, 0);
+
         /*
          * Only actually required for VT-x lacking unrestricted_guest
          * capabilities.  Short circuit the pause if possible.
          */
-        if ( !paging_mode_hap(d) || !cpu_has_vmx )
+        if ( !paging_mode_hap(d) || !cpu_has_vmx || !v || vmx_unrestricted_guest(v) )
         {
             d->arch.hvm.params[index] = value;
             break;
-- 
2.50.1



Teddy Astie | Vates XCP-ng Developer

XCP-ng & Xen Orchestra - Vates solutions

web: https://vates.tech

On 30/07/2025 5:40 pm, Teddy Astie wrote:
> When settings HVM_PARAM_IDENT_PT, skip domain pausing when :
> - there is no vcpu
> - unrestricted guest capability is used
>
> Signed-off-by: Teddy Astie <teddy.astie@vates.tech>
> ---
>  xen/arch/x86/hvm/hvm.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
> index e2720daf1e..39ff1bdbe1 100644
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -4286,11 +4286,13 @@ static int hvm_set_param(struct domain *d, uint32_t index, uint64_t value)
>              rc = -EINVAL;
>          break;
>      case HVM_PARAM_IDENT_PT:
> +        v = domain_vcpu(d, 0);
> +
>          /*
>           * Only actually required for VT-x lacking unrestricted_guest
>           * capabilities.  Short circuit the pause if possible.
>           */
> -        if ( !paging_mode_hap(d) || !cpu_has_vmx )
> +        if ( !paging_mode_hap(d) || !cpu_has_vmx || !v || vmx_unrestricted_guest(v) )
>          {
>              d->arch.hvm.params[index] = value;
>              break;

You cannot safely skip these.  Otherwise you break a sequence of
migrates which passes through a machine that needs the IDENT_PT.

Although that said, it looks like it will break when passing through a
machine running Shadow too, even though that in principle ought to work.

HVM guests don't reasonably work cross vendor, and we probably should
finally stop pretending it's an option.

~Andrew

On 30.07.2025 18:48, Andrew Cooper wrote:
> On 30/07/2025 5:40 pm, Teddy Astie wrote:
>> When settings HVM_PARAM_IDENT_PT, skip domain pausing when :
>> - there is no vcpu
>> - unrestricted guest capability is used
>>
>> Signed-off-by: Teddy Astie <teddy.astie@vates.tech>
>> ---
>>  xen/arch/x86/hvm/hvm.c | 4 +++-
>>  1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
>> index e2720daf1e..39ff1bdbe1 100644
>> --- a/xen/arch/x86/hvm/hvm.c
>> +++ b/xen/arch/x86/hvm/hvm.c
>> @@ -4286,11 +4286,13 @@ static int hvm_set_param(struct domain *d, uint32_t index, uint64_t value)
>>              rc = -EINVAL;
>>          break;
>>      case HVM_PARAM_IDENT_PT:
>> +        v = domain_vcpu(d, 0);
>> +
>>          /*
>>           * Only actually required for VT-x lacking unrestricted_guest
>>           * capabilities.  Short circuit the pause if possible.
>>           */
>> -        if ( !paging_mode_hap(d) || !cpu_has_vmx )
>> +        if ( !paging_mode_hap(d) || !cpu_has_vmx || !v || vmx_unrestricted_guest(v) )
>>          {
>>              d->arch.hvm.params[index] = value;
>>              break;
> 
> You cannot safely skip these.  Otherwise you break a sequence of
> migrates which passes through a machine that needs the IDENT_PT.
> 
> Although that said, it looks like it will break when passing through a
> machine running Shadow too, even though that in principle ought to work.

Where's this concern coming from? We don't lose the param in that case.
The next time the VM is moved, the param will still be there, and the
same code will be gone through on that new host. Depending on that host's
capabilities we then may take the full (pausing) path there.

Jan

Le 30/07/2025 à 18:40, Teddy Astie a écrit :
> When settings HVM_PARAM_IDENT_PT, skip domain pausing when :
> - there is no vcpu
> - unrestricted guest capability is used
> 
> Signed-off-by: Teddy Astie <teddy.astie@vates.tech>
> ---
>   xen/arch/x86/hvm/hvm.c | 4 +++-
>   1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
> index e2720daf1e..39ff1bdbe1 100644
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -4286,11 +4286,13 @@ static int hvm_set_param(struct domain *d, uint32_t index, uint64_t value)
>               rc = -EINVAL;
>           break;
>       case HVM_PARAM_IDENT_PT:
> +        v = domain_vcpu(d, 0);
> +
>           /*
>            * Only actually required for VT-x lacking unrestricted_guest
>            * capabilities.  Short circuit the pause if possible.
>            */
> -        if ( !paging_mode_hap(d) || !cpu_has_vmx )
> +        if ( !paging_mode_hap(d) || !cpu_has_vmx || !v || vmx_unrestricted_guest(v) )
>           {
>               d->arch.hvm.params[index] = value;
>               break;

Although, I am not completely sure if the vcpu checks (including 
vmx_unrestricted_guest one) needs to be moved after the domctl_lock_acquire.


Teddy Astie | Vates XCP-ng Developer

XCP-ng & Xen Orchestra - Vates solutions

web: https://vates.tech