lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 30 Aug 2010 09:59:06 +0300
From:	Avi Kivity <avi@...hat.com>
To:	Xiao Guangrong <xiaoguangrong@...fujitsu.com>
CC:	Marcelo Tosatti <mtosatti@...hat.com>,
	LKML <linux-kernel@...r.kernel.org>, KVM <kvm@...r.kernel.org>
Subject: Re: [PATCH 4/4] KVM: MMU: lower the aduit frequency

  On 08/30/2010 05:16 AM, Xiao Guangrong wrote:
> On 08/29/2010 05:19 PM, Avi Kivity wrote:
>>   On 08/28/2010 03:03 PM, Xiao Guangrong wrote:
>>> The audit is very high overhead, so we need lower the frequency to
>>> assure the guest running
>>>
>>>
>>>     */
>>>
>>>    #include<linux/debugfs.h>
>>> +#include<linux/ratelimit.h>
>>>
>>>    static struct dentry *debugfs_file;
>>>    static bool mmu_debug;
>>> @@ -233,6 +234,11 @@ static void audit_vcpu_spte(struct kvm_vcpu *vcpu)
>>>
>>>    static void kvm_mmu_audit(void *ignore, struct kvm_vcpu *vcpu, const
>>> char *msg)
>>>    {
>>> +    static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 10);
>>> +
>>> +    if (!__ratelimit(&ratelimit_state))
>>> +        return;
>>> +
>>>        audit_msg = msg;
>>>        audit_all_active_sps(vcpu->kvm);
>>>        audit_vcpu_spte(vcpu);
>> This means we see a bug long after it happened, so we can't correlate it
>> to the cause.
>>
>> It's fine as an option (even the default) but I'd like to be able to
>> audit after every operation.  Perhaps a partial audit that only looks at
>> the gfns and vaddrs that were affected in the last operation?
>>
> Audit checks all the active shadow pages and all vcpu's page table, so the
> overload is very high :-)
>
> During my test, if enable the aduit, the guest mostly hung, it means the guest
> not do anything.
> (Host: Intel(R) Xeon(R) X3430  @ 2.40GHz * 4 + 4G memory
>   GUest: x2VCPU + 1G memory
> )

You're right, I remember that from the last time I used audit many years 
ago.

> I'll set the 'ratelimit' as a module parameter, then if the user's machine is
> fast enough, the ratelimit can be disabled.

It's only useful in very special cases - low memory and a very fast 
reproducer.  I think we can live without the parameter, if someone has 
this special case they can hack the code.

-- 
error compiling committee.c: too many arguments to function

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ