lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20121106015835.GA11971@localhost.localdomain>
Date:	Tue, 6 Nov 2012 09:58:35 +0800
From:	Hu Tao <hutao@...fujitsu.com>
To:	Sasha Levin <levinsasha928@...il.com>
Cc:	Wen Congyang <wency@...fujitsu.com>,
	Marcelo Tosatti <mtosatti@...hat.com>,
	kvm list <kvm@...r.kernel.org>,
	qemu-devel <qemu-devel@...gnu.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Avi Kivity <avi@...hat.com>,
	"Daniel P. Berrange" <berrange@...hat.com>,
	KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>,
	Jan Kiszka <jan.kiszka@...mens.com>,
	Gleb Natapov <gleb@...hat.com>,
	Blue Swirl <blauwirbel@...il.com>,
	Eric Blake <eblake@...hat.com>,
	Andrew Jones <drjones@...hat.com>,
	Luiz Capitulino <lcapitulino@...hat.com>
Subject: Re: [PATCH v11] kvm: notify host when the guest is panicked

On Tue, Oct 30, 2012 at 10:30:02PM -0400, Sasha Levin wrote:
> On Tue, Oct 30, 2012 at 9:48 PM, Wen Congyang <wency@...fujitsu.com> wrote:
> > At 10/31/2012 09:12 AM, Marcelo Tosatti Wrote:
> >> It has been asked earlier why a simple virtio device is not usable
> >> for this (with no response IIRC).
> >
> > 1. We can't use virtio device when the kernel is booting.
> 
> So the issue here is the small window between the point the guest
> becomes "self aware" and to the point virtio drivers are loaded,
> right?
> 
> I agree that if something happens during that interval, a
> "virtio-notifier" driver won't catch that, but anything beyond that is
> better done with a virtio driver, so how is the generic infrastructure
> added in this patch useful to anything beyond detecting panics in that
> initial interval?

Another point is dependency. To make panic notification more reliable,
we have to reduce its dependency on other parts of kernel as possible as
we can.

> 
> > 2. The virtio's driver can be built as a module, and if it is not loaded
> >    and the kernel is panicked, there is no way to notify the host.
> 
> Even if the suggested virtio-notifier driver is built as a module, it
> would get auto-loaded when the guest is booting, so I'm not sure about
> this point?
> 
> > 3. I/O port is more reliable than virtio device.
> >    If virtio's driver has some bug, and it cause kernel panicked, we can't
> >    use it. The I/O port is more reliable because it only depends on notifier
> >    chain(If we use virtio device, it also depends on notifier chain).
> 
> This is like suggesting that we let KVM emulate virtio-blk on it's
> own, parallel to the virtio implementation, so that even if there's a
> problem with virtio-blk, KVM can emulate a virtio-blk on it's own.

Not the same. On virtio-blk, if we can make use of virtio, why not? If
there is a problem of virtio-blk but caused by virtio itself, just fix
it in virtio.

But in the case of panic notification, more dependency means more
chances of failure of panic notification. Say, if we use a virtio device
to do panic notification, then we will fail if: virtio itself has
problems, virtio for some reason can't be deployed(neither built-in or
as a module), or guest doesn't support virtio, etc.

We choose IO because compared to virtio device, it is not that heavy and
less problematic.

> 
> Furthermore, why stop at virtio? What if the KVM code has a bug and it
> doesn't pass IO properly? Or the x86 code? we still want panic
> notifications if that happens...

Better ideas are welcome.

-- 
Thanks,
Hu Tao
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ