lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 11 Sep 2019 12:30:35 +0100
From:   Marc Zyngier <maz@...nel.org>
To:     "Jianyong Wu (Arm Technology China)" <Jianyong.Wu@....com>
Cc:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "pbonzini@...hat.com" <pbonzini@...hat.com>,
        "sean.j.christopherson@...el.com" <sean.j.christopherson@...el.com>,
        "richardcochran@...il.com" <richardcochran@...il.com>,
        Mark Rutland <Mark.Rutland@....com>,
        Will Deacon <Will.Deacon@....com>,
        Suzuki Poulose <Suzuki.Poulose@....com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Steve Capper <Steve.Capper@....com>,
        "Kaly Xin (Arm Technology China)" <Kaly.Xin@....com>,
        "Justin He (Arm Technology China)" <Justin.He@....com>
Subject: Re: [RFC PATCH 3/3] Enable ptp_kvm for arm64

On Wed, 11 Sep 2019 11:06:18 +0100,
"Jianyong Wu (Arm Technology China)" <Jianyong.Wu@....com> wrote:
> 
> Hi Marc,
> 
> I think there are three points for the migration issue of ptp_kvm,
> where a VM using ptp_kvm migrates to a host without ptp_kvm support.
> 
> First: how does it impact the VM having migrated?
> I run a VM with ptp_kvm support in guest but not support in
> host. the ptp0 will return 0 when get time from it which can't pass
> the check of chrony, then chrony will choose another clocksource.
> From this point, VM will only get lost in precision of time sync.

"only" is a bit of an understatement. Once the guest has started
relying on a service, it seems rather harsh to pretend this service
doesn't exist anymore. It could well be that the VM cannot perform its
function if the precision is not good enough.

The analogy is the Spectre-v2 mitigation, which is implemented as a
hypercall. Nothing will break if you migrate to a host that doesn't
support the mitigation, but the guest will now be unsafe. Is that
acceptable? the answer is of course "no".

> Second: how to check the failure of the ptp kvm service
> when there is no ptp kvm service, hypercall will go into default
> ops, so we can check the return value which can inform us the
> failure.

Sure. But that's still an issue. The VM relied on the service, and the
service isn't available anymore.

> Third: how to inform VMM
> There is ioctl cmd call "KVM_CHECK_EXTENSION" in kvm, which may do
> that thing. Accordingly, qemu should be offered the support which
> will block us.  We can try to add this support in kvm but we are not
> sure the response from qemu side.

It doesn't matter whether QEMU implements that check or . The
important thing is that we give userspace a way to check this for
this, and having a capability that can be checked against is probably
the right thing to do.

Thanks,

	M.

-- 
Jazz is not dead, it just smells funny.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ