lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160118140012.GA14830@potion.brq.redhat.com>
Date:	Mon, 18 Jan 2016 15:00:13 +0100
From:	Radim Krcmár <rkrcmar@...hat.com>
To:	"Wu, Feng" <feng.wu@...el.com>
Cc:	"pbonzini@...hat.com" <pbonzini@...hat.com>,
	"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2 1/2] KVM: x86: Use vector-hashing to deliver
 lowest-priority interrupts

2016-01-18 05:19+0000, Wu, Feng:
>> From: Radim Krčmář [mailto:rkrcmar@...hat.com]
>> The drawback is that buggy software that included hardware disabled
>> APICs to lowest priority destinations could stop working ...
> 
> Yes, if guest hardware disabled the APIC and we don't check "!dst[i]" above,
> interrupts could be still delivered to the hardware disabled APIC, right?

The change allows hardware disabled APIC to be selected, but interrupts
directed to it are (and should be) dropped on subsequent checks.

>> Do you think it's too risky?
> 
> If you think the first loop have big bad impact on the performance,

We don't want to do any unnecessary operations in the fast path.

>                                                                     I think
> your suggestion above is okay, since it is software's responsibility to make
> sure the LAPIC is hardware enabled before receiving the interrupt.

I agree, thanks.

>                                                                    However,
> this will make the vector-hashing lowest-priority handling slightly different
> compare to round-robin, since RR checks "!dst[i]" before injecting the
> interrupts. What is your opinion about it? Thanks a lot!

I think that differing in forbidden (undefined) cases is not an issue.

(We also differ on broadcast delivery, which goes through the slow path
 and currently omits disabled APICs;  that's fine with me.)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ