| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Dec 2017 14:38:45 +0800
From: Wei Wang <wei.w.wang@...el.com>
To: "Michael S. Tsirkin" <mst@...hat.com>
CC: virtio-dev@...ts.oasis-open.org, linux-kernel@...r.kernel.org,
qemu-devel@...gnu.org, virtualization@...ts.linux-foundation.org,
kvm@...r.kernel.org, linux-mm@...ck.org, mhocko@...nel.org,
akpm@...ux-foundation.org, mawilcox@...rosoft.com,
david@...hat.com, penguin-kernel@...ove.SAKURA.ne.jp,
cornelia.huck@...ibm.com, mgorman@...hsingularity.net,
aarcange@...hat.com, amit.shah@...hat.com, pbonzini@...hat.com,
willy@...radead.org, liliang.opensource@...il.com,
yang.zhang.wz@...il.com, quan.xu@...yun.com, nilal@...hat.com,
riel@...hat.com
Subject: Re: [PATCH v18 10/10] virtio-balloon: don't report free pages when
page poisoning is enabled
On 12/01/2017 11:49 PM, Michael S. Tsirkin wrote:
> On Wed, Nov 29, 2017 at 09:55:26PM +0800, Wei Wang wrote:
>> The guest free pages should not be discarded by the live migration thread
>> when page poisoning is enabled with PAGE_POISONING_NO_SANITY=n, because
>> skipping the transfer of such poisoned free pages will trigger false
>> positive when new pages are allocated and checked on the destination.
>> This patch skips the reporting of free pages in the above case.
>>
>> Reported-by: Michael S. Tsirkin <mst@...hat.com>
>> Signed-off-by: Wei Wang <wei.w.wang@...el.com>
>> Cc: Michal Hocko <mhocko@...e.com>
>> ---
>> drivers/virtio/virtio_balloon.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/drivers/virtio/virtio_balloon.c b/drivers/virtio/virtio_balloon.c
>> index 035bd3a..6ac4cff 100644
>> --- a/drivers/virtio/virtio_balloon.c
>> +++ b/drivers/virtio/virtio_balloon.c
>> @@ -652,7 +652,9 @@ static void report_free_page(struct work_struct *work)
>> /* Start by sending the obtained cmd id to the host with an outbuf */
>> send_one_desc(vb, vb->free_page_vq, virt_to_phys(&vb->start_cmd_id),
>> sizeof(uint32_t), false, true, false);
>> - walk_free_mem_block(vb, 0, &virtio_balloon_send_free_pages);
>> + if (!(page_poisoning_enabled() &&
>> + !IS_ENABLED(CONFIG_PAGE_POISONING_NO_SANITY)))
>> + walk_free_mem_block(vb, 0, &virtio_balloon_send_free_pages);
>> /*
>> * End by sending the stop id to the host with an outbuf. Use the
>> * non-batching mode here to trigger a kick after adding the stop id.
> PAGE_POISONING_ZERO is actually OK.
>
> But I really would prefer it that we still send pages to host,
> otherwise debugging becomes much harder.
>
> And it does not have to be completely useless, even though
> you can not discard them as they would be zero-filled then.
>
> How about a config field telling host what should be there in the free
> pages? This way even though host can not discard them, host can send
> them out without reading them, still a win.
>
>
Since this poison value comes with the free page reporting feature, how
about sending the poison value via the free_page_vq, along with the cmd
id in the outbuf? That is, use the following interface:
struct virtio_balloon_free_page_vq_hdr {
bool page_poisoning;
__virtio32 poison_value;
__virtio32 cmd_id;
}
We need "bool page_poisoning" because "poison_value=0" doesn't tell
whether page poising is in use by the guest. PAGE_POISONING_ZERO sets
"page_poisoning=true, poisoning_value=0", and the host will send the
0-filled pages to the destination (if not sending 0-filled pages, the
destination host would offer non-zero pages to the guest)
The host can discard free pages only when "page_poisoning=false".
Best,
Wei
Powered by blists - more mailing lists