lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <f9c62280-efb4-197d-1444-fce8f3d15132@amazon.com>
Date:   Tue, 27 Aug 2019 10:20:57 +0200
From:   Alexander Graf <graf@...zon.com>
To:     "Suthikulpanit, Suravee" <Suravee.Suthikulpanit@....com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>
CC:     "pbonzini@...hat.com" <pbonzini@...hat.com>,
        "rkrcmar@...hat.com" <rkrcmar@...hat.com>,
        "joro@...tes.org" <joro@...tes.org>,
        "jschoenh@...zon.de" <jschoenh@...zon.de>,
        "karahmed@...zon.de" <karahmed@...zon.de>,
        "rimasluk@...zon.com" <rimasluk@...zon.com>,
        "Grimm, Jon" <Jon.Grimm@....com>
Subject: Re: [PATCH v2 04/15] kvm: x86: Add per-VM APICv state debugfs



On 26.08.19 21:41, Suthikulpanit, Suravee wrote:
> Alex,
> 
> On 8/19/2019 4:57 AM, Alexander Graf wrote:
>>
>>
>> On 15.08.19 18:25, Suthikulpanit, Suravee wrote:
>>> Currently, there is no way to tell whether APICv is active
>>> on a particular VM. This often cause confusion since APICv
>>> can be deactivated at runtime.
>>>
>>> Introduce a debugfs entry to report APICv state of a VM.
>>> This creates a read-only file:
>>>
>>>      /sys/kernel/debug/kvm/70860-14/apicv-state
>>>
>>> Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@....com>
>>
>> Shouldn't this first and foremost be a VM ioctl so that user space can inquire its own state?
>>
>>
>> Alex
> 
> I introduce this mainly for debugging similar to how KVM is currently provides
> some per-VCPU information:
> 
>       /sys/kernel/debug/kvm/15957-14/vcpu0/
>           lapic_timer_advance_ns
>           tsc-offset
>           tsc-scaling-ratio
>           tsc-scaling-ratio-frac-bits
> 
> I'm not sure if this needs to be VM ioctl at this point. If this information is
> useful for user-space tool to inquire via ioctl, we can also provide it.

I'm mostly thinking of something like "info apic" in QEMU which to me 
seems like the natural place for APIC information exposure to a user. 
The problem with debugfs is that it's not accessible to the user that 
created the VM, but only root, right?

That said, I don't feel very strongly here.


Alex



Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Ralf Herbrich
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ