Hi,
On 31/10/2025 11:54, Mohamed Mediouni wrote:
Per the Arm Arm each CPU have their own private TLBs. So we have to flush between vCPU of
the same domains to avoid translations from vCPU 1 to "leak" to the vCPU 2
(they may have confliected page-tables).
Hm… it varies on whether the VM uses CnP or not (and whether the HW supports
it)… (Linux does…)
Skimming through the Arm Arm, it seems that CnP is a per page-table/ASID
decision. So I think it would be difficult to take advantage of this
knowlege in Xen unless we start trapping access to TTBRn_EL1 which is
likely going to be expensive.
Obviously, if someone trusts and knows their VM then they could rely
on it. But that's not something I would want to accept in upstream
Xen at the moment.
KVM has a similar logic see "last_vcpu_ran" and "__kvm_flush_cpu_context()". That said... they are
using "vmalle1" whereas we are using "vmalls12e1". So maybe we can relax it. Not sure if this would
make any difference for the performance though.
vmalle1 avoids the problem here (because it only invalidates stage-1
translations).
I saw Haseeb provided some good numbers. I think switching to vmalle1 is
a no brainer.
Cheers,
--
Julien Grall
