| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87va41czk5.fsf@vitty.brq.redhat.com>
Date: Mon, 10 Dec 2018 13:54:18 +0100
From: Vitaly Kuznetsov <vkuznets@...hat.com>
To: Roman Kagan <rkagan@...tuozzo.com>
Cc: "kvm\@vger.kernel.org" <kvm@...r.kernel.org>,
Paolo Bonzini <pbonzini@...hat.com>,
Radim Krčmář <rkrcmar@...hat.com>,
"linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org>,
"K. Y. Srinivasan" <kys@...rosoft.com>,
Haiyang Zhang <haiyangz@...rosoft.com>,
Stephen Hemminger <sthemmin@...rosoft.com>,
"x86\@kernel.org" <x86@...nel.org>,
"Michael Kelley \(EOSG\)" <Michael.H.Kelley@...rosoft.com>
Subject: Re: [PATCH v2 3/4] x86/kvm/hyper-v: direct mode for synthetic timers
Roman Kagan <rkagan@...tuozzo.com> writes:
> On Mon, Nov 26, 2018 at 04:47:31PM +0100, Vitaly Kuznetsov wrote:
>> Turns out Hyper-V on KVM (as of 2016) will only use synthetic timers
>> if direct mode is available. With direct mode we notify the guest by
>> asserting APIC irq instead of sending a SynIC message.
>>
>> The implementation uses existing vec_bitmap for letting lapic code
>> know that we're interested in the particular IRQ's EOI request. We assume
>> that the same APIC irq won't be used by the guest for both direct mode
>> stimer and as sint source (especially with AutoEOI semantics). It is
>> unclear how things should be handled if that's not true.
>>
>> Direct mode is also somewhat less expensive; in my testing
>> stimer_send_msg() takes not less than 1500 cpu cycles and
>> stimer_notify_direct() can usually be done in 300-400. WS2016 without
>> Hyper-V, however, always sticks to non-direct version.
>>
>> Signed-off-by: Vitaly Kuznetsov <vkuznets@...hat.com>
>> ---
>> - Changes since v1: avoid open-coding stimer_mark_pending() in
>> kvm_hv_synic_send_eoi() [Paolo Bonzini]
>> ---
>> arch/x86/kvm/hyperv.c | 67 +++++++++++++++++++++++++++++++++++-----
>> arch/x86/kvm/trace.h | 10 +++---
>> arch/x86/kvm/x86.c | 1 +
>> include/uapi/linux/kvm.h | 1 +
>> 4 files changed, 67 insertions(+), 12 deletions(-)
>>
>> diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
>> index eaec15c738df..9533133be566 100644
>> --- a/arch/x86/kvm/hyperv.c
>> +++ b/arch/x86/kvm/hyperv.c
>> @@ -38,6 +38,9 @@
>>
>> #define KVM_HV_MAX_SPARSE_VCPU_SET_BITS DIV_ROUND_UP(KVM_MAX_VCPUS, 64)
>>
>> +static void stimer_mark_pending(struct kvm_vcpu_hv_stimer *stimer,
>> + bool vcpu_kick);
>> +
>> static inline u64 synic_read_sint(struct kvm_vcpu_hv_synic *synic, int sint)
>> {
>> return atomic64_read(&synic->sint[sint]);
>> @@ -53,8 +56,21 @@ static inline int synic_get_sint_vector(u64 sint_value)
>> static bool synic_has_vector_connected(struct kvm_vcpu_hv_synic *synic,
>> int vector)
>> {
>> + struct kvm_vcpu *vcpu = synic_to_vcpu(synic);
>> + struct kvm_vcpu_hv *hv_vcpu = vcpu_to_hv_vcpu(vcpu);
>> + struct kvm_vcpu_hv_stimer *stimer;
>> int i;
>>
>> + for (i = 0; i < ARRAY_SIZE(hv_vcpu->stimer); i++) {
>> + stimer = &hv_vcpu->stimer[i];
>> + if (stimer->config.enable && stimer->config.direct_mode &&
>> + stimer->config.apic_vector == vector)
>> + return true;
>> + }
>> +
>> + if (vector < HV_SYNIC_FIRST_VALID_VECTOR)
>> + return false;
>> +
>> for (i = 0; i < ARRAY_SIZE(synic->sint); i++) {
>> if (synic_get_sint_vector(synic_read_sint(synic, i)) == vector)
>> return true;
>> @@ -80,14 +96,14 @@ static bool synic_has_vector_auto_eoi(struct kvm_vcpu_hv_synic *synic,
>> static void synic_update_vector(struct kvm_vcpu_hv_synic *synic,
>> int vector)
>> {
>> - if (vector < HV_SYNIC_FIRST_VALID_VECTOR)
>> - return;
>> -
>> if (synic_has_vector_connected(synic, vector))
>> __set_bit(vector, synic->vec_bitmap);
>> else
>> __clear_bit(vector, synic->vec_bitmap);
>>
>> + if (vector < HV_SYNIC_FIRST_VALID_VECTOR)
>> + return;
>> +
>
> Just noticed that the patch seems to assume that "direct" timers are
> allowed to use any vectors including 0-15. I guess this is incorrect,
> and instead stimer_set_config should error out on direct mode with a
> vector less than HV_SYNIC_FIRST_VALID_VECTOR.
The spec is really vague about this and I'm not sure that this has
anything to do with HV_SYNIC_FIRST_VALID_VECTOR (as these are actually
not "synic" vectors, I *think* that SynIC doesn't even need to be
enabled to make them work).
I checked and Hyper-V 2016 uses vector '0xff', not sure if it proves
your point :-)
Do you envision any issues in KVM if we keep allowing vectors <
HV_SYNIC_FIRST_VALID_VECTOR?
--
Vitaly
Powered by blists - more mailing lists