lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 10 Jan 2020 10:56:25 +0000
From:   Marc Zyngier <maz@...nel.org>
To:     Jianyong Wu <Jianyong.Wu@....com>
Cc:     netdev@...r.kernel.org, yangbo.lu@....com, john.stultz@...aro.org,
        tglx@...utronix.de, pbonzini@...hat.com,
        sean.j.christopherson@...el.com, richardcochran@...il.com,
        Mark Rutland <Mark.Rutland@....com>, will@...nel.org,
        Suzuki Poulose <Suzuki.Poulose@....com>,
        Steven Price <Steven.Price@....com>,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        kvmarm@...ts.cs.columbia.edu, kvm@...r.kernel.org,
        Steve Capper <Steve.Capper@....com>,
        Kaly Xin <Kaly.Xin@....com>, Justin He <Justin.He@....com>,
        nd <nd@....com>
Subject: Re: [RFC PATCH v9 6/8] psci: Add hvc call service for ptp_kvm.

On 2020-01-10 09:51, Jianyong Wu wrote:
> Hi Marc,
> 
>> -----Original Message-----
>> From: Marc Zyngier <maz@...nel.org>
>> Sent: Thursday, January 9, 2020 5:16 PM
>> To: Jianyong Wu <Jianyong.Wu@....com>
>> Cc: netdev@...r.kernel.org; yangbo.lu@....com; john.stultz@...aro.org;
>> tglx@...utronix.de; pbonzini@...hat.com; 
>> sean.j.christopherson@...el.com;
>> richardcochran@...il.com; Mark Rutland <Mark.Rutland@....com>;
>> will@...nel.org; Suzuki Poulose <Suzuki.Poulose@....com>; Steven Price
>> <Steven.Price@....com>; linux-kernel@...r.kernel.org; linux-arm-
>> kernel@...ts.infradead.org; kvmarm@...ts.cs.columbia.edu;
>> kvm@...r.kernel.org; Steve Capper <Steve.Capper@....com>; Kaly Xin
>> <Kaly.Xin@....com>; Justin He <Justin.He@....com>; nd <nd@....com>
>> Subject: Re: [RFC PATCH v9 6/8] psci: Add hvc call service for 
>> ptp_kvm.
>> 
>> On 2020-01-09 05:45, Jianyong Wu wrote:
>> > Hi Marc,
>> >
>> >> -----Original Message-----
>> >> From: Marc Zyngier <maz@...nel.org>
>> >> Sent: Tuesday, January 7, 2020 5:16 PM
>> >> To: Jianyong Wu <Jianyong.Wu@....com>
>> >> Cc: netdev@...r.kernel.org; yangbo.lu@....com;
>> >> john.stultz@...aro.org; tglx@...utronix.de; pbonzini@...hat.com;
>> >> sean.j.christopherson@...el.com; richardcochran@...il.com; Mark
>> >> Rutland <Mark.Rutland@....com>; will@...nel.org; Suzuki Poulose
>> >> <Suzuki.Poulose@....com>; Steven Price <Steven.Price@....com>;
>> >> linux-kernel@...r.kernel.org; linux-arm- kernel@...ts.infradead.org;
>> >> kvmarm@...ts.cs.columbia.edu; kvm@...r.kernel.org; Steve Capper
>> >> <Steve.Capper@....com>; Kaly Xin <Kaly.Xin@....com>; Justin He
>> >> <Justin.He@....com>; nd <nd@....com>
>> >> Subject: Re: [RFC PATCH v9 6/8] psci: Add hvc call service for
>> >> ptp_kvm.
>> >>
>> >> On 2019-12-10 03:40, Jianyong Wu wrote:
>> >> > ptp_kvm modules will call hvc to get this service.
>> >> > The service offers real time and counter cycle of host for guest.
>> >> >
>> >> > Signed-off-by: Jianyong Wu <jianyong.wu@....com>
>> >> > ---
>> >> >  include/linux/arm-smccc.h | 12 ++++++++++++
>> >> >  virt/kvm/arm/psci.c       | 22 ++++++++++++++++++++++
>> >> >  2 files changed, 34 insertions(+)
>> >> >
>> >> > diff --git a/include/linux/arm-smccc.h b/include/linux/arm-smccc.h
>> >> > index 6f82c87308ed..aafb6bac167d 100644
>> >> > --- a/include/linux/arm-smccc.h
>> >> > +++ b/include/linux/arm-smccc.h
>> >> > @@ -94,6 +94,7 @@
>> >> >
>> >> >  /* KVM "vendor specific" services */
>> >> >  #define ARM_SMCCC_KVM_FUNC_FEATURES		0
>> >> > +#define ARM_SMCCC_KVM_PTP			1
>> >> >  #define ARM_SMCCC_KVM_FUNC_FEATURES_2		127
>> >> >  #define ARM_SMCCC_KVM_NUM_FUNCS			128
>> >> >
>> >> > @@ -103,6 +104,17 @@
>> >> >  			   ARM_SMCCC_OWNER_VENDOR_HYP,
>> >> 		\
>> >> >  			   ARM_SMCCC_KVM_FUNC_FEATURES)
>> >> >
>> >> > +/*
>> >> > + * This ID used for virtual ptp kvm clock and it will pass second
>> >> > value
>> >> > + * and nanosecond value of host real time and system counter by
>> >> > +vcpu
>> >> > + * register to guest.
>> >> > + */
>> >> > +#define ARM_SMCCC_VENDOR_HYP_KVM_PTP_FUNC_ID
>> >> 		\
>> >> > +	ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL,
>> >> 		\
>> >> > +			   ARM_SMCCC_SMC_32,
>> >> 	\
>> >> > +			   ARM_SMCCC_OWNER_VENDOR_HYP,
>> >> 		\
>> >> > +			   ARM_SMCCC_KVM_PTP)
>> >> > +
>> >>
>> >> All of this depends on patches that have never need posted to any ML,
>> >> and just linger in Will's tree. You need to pick them up and post
>> >> them as part of this series so that they can at least be reviewed.
>> >>
>> > Ok, I will add them next version.
>> >
>> >> >  #ifndef __ASSEMBLY__
>> >> >
>> >> >  #include <linux/linkage.h>
>> >> > diff --git a/virt/kvm/arm/psci.c b/virt/kvm/arm/psci.c index
>> >> > 0debf49bf259..682d892d6717 100644
>> >> > --- a/virt/kvm/arm/psci.c
>> >> > +++ b/virt/kvm/arm/psci.c
>> >> > @@ -9,6 +9,7 @@
>> >> >  #include <linux/kvm_host.h>
>> >> >  #include <linux/uaccess.h>
>> >> >  #include <linux/wait.h>
>> >> > +#include <linux/clocksource_ids.h>
>> >> >
>> >> >  #include <asm/cputype.h>
>> >> >  #include <asm/kvm_emulate.h>
>> >> > @@ -389,6 +390,8 @@ static int kvm_psci_call(struct kvm_vcpu *vcpu)
>> >> >
>> >> >  int kvm_hvc_call_handler(struct kvm_vcpu *vcpu)  {
>> >> > +	struct system_time_snapshot systime_snapshot;
>> >> > +	u64 cycles;
>> >> >  	u32 func_id = smccc_get_function(vcpu);
>> >> >  	u32 val[4] = {};
>> >> >  	u32 option;
>> >> > @@ -431,6 +434,25 @@ int kvm_hvc_call_handler(struct kvm_vcpu
>> *vcpu)
>> >> >  	case ARM_SMCCC_VENDOR_HYP_KVM_FEATURES_FUNC_ID:
>> >> >  		val[0] = BIT(ARM_SMCCC_KVM_FUNC_FEATURES);
>> >> >  		break;
>> >> > +	/*
>> >> > +	 * This will used for virtual ptp kvm clock. three
>> >> > +	 * values will be passed back.
>> >> > +	 * reg0 stores high 32-bit host ktime;
>> >> > +	 * reg1 stores low 32-bit host ktime;
>> >> > +	 * reg2 stores high 32-bit difference of host cycles and cntvoff;
>> >> > +	 * reg3 stores low 32-bit difference of host cycles and cntvoff.
>> >>
>> >> That's either two or four values, and not three as you claim above.
>> >>
>> > Sorry, I'm not sure what do you mean "three", the registers here is 4
>> > from reg0 to reg3.
>> 
>> Please read the comment you have written above...
> 
> oh, I see it.
> 
>> 
>> >> Also, I fail to understand the meaning of the host cycle vs cntvoff
>> >> comparison.
>> >> This is something that guest can perform on its own (it has access to
>> >> both physical and virtual timers, and can compute cntvoff without
>> >> intervention of the hypervisor).
>> >>
>> > To keep consistency and precision, clock time and counter cycle must
>> > captured at the same time. It will perform at ktime_get_snapshot.
>> 
>> Fair enough. It would vertainly help if you documented it. It would 
>> also help if
>> you explained why it is so much worse to read the counter in the guest
>> before *and* after the call, and assume that the clock time read 
>> happened
>> right in the middle?
>> 
> ok, I will give explain in comments.
> 
>> That aside, what you are returning is something that *looks* like the 
>> virtual
>> counter. What if the guest is using the physical counter, which is 
>> likely to be
>> the case with nested virt? Do you expect the guest to always use the 
>> virtual
>> counter? This isn't going to fly.
> 
> To be honest, I have little knowledge of nested virtualization for arm
> and I'm confused with that guest'guest will use physical counter.

Not the guest's guest (L2), but L1. Just look at what counter the
KVM host uses: that's the physical counter. Now imagine you run that
host as a guest, no other change.

> IMO, ptp_kvm will call hvc to trap to its hypervisor adjacent to it.
> So guest'guest will trap to hypervisor in guest and will
> get guest's counter cycle then calculate guest'guest's counter cycle
> by something like offset to sync time with it. So only if the
> guest's hypervisor can calculate the guest'guest's counter value, can
> ptp_kvm works.

Sure, but that's not the problem we're trying to solve. The issue is 
that
of the reference counter value you're including in the hypercall 
response.
It needs to be a value that makes sense to the guest, and so far you're
assuming virtual.

NV breaks that assumtion, because the guest hypervisor is using the 
physical
counter. Also, let's not forget that the hypercall isn't Linux specific.
I can write my own non-Linux guest and still use this hypercall. Nothing
in there says that I can't use the physical counter if I want to.

So somehow, you need to convey the the hypervisor the notion of *which*
counter the guest uses.

Does it make sense? Or am I missing something?

Thanks,

         M.
-- 
Jazz is not dead. It just smells funny...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ