lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240410095244.77109-1-jalliste@amazon.com>
Date: Wed, 10 Apr 2024 09:52:42 +0000
From: Jack Allister <jalliste@...zon.com>
To: <jalliste@...zon.com>
CC: <bp@...en8.de>, <corbet@....net>, <dave.hansen@...ux.intel.com>,
	<dwmw2@...radead.org>, <hpa@...or.com>, <kvm@...r.kernel.org>,
	<linux-doc@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
	<mingo@...hat.com>, <paul@....org>, <pbonzini@...hat.com>,
	<seanjc@...gle.com>, <tglx@...utronix.de>, <x86@...nel.org>
Subject: [PATCH v2 0/2] Add API for accurate KVM/PV clock migration

Guest VMs can be provided with a para-virtualized clock source to
perform timekeeping. A KVM guest can map in a PV clock via the
MSR_KVM_SYSTEM_TIME/MSR_KVM_SYSTEM_TIME_NEW virtualized MSRs.
Where as on a Xen guest this can be provided via the vcpu/shared
info pages.

These PV clocks both use a common structure which is mapped between
host <-> guest to provide the PVTI (paravirtual time information)
for the clock. This reference information is a guest TSC timestamp
and a host system time at a singular point in time.

Upon a live-update of a host or live-migration of an instance the
PVTI may be recalculated by KVM. Using the existing KVM_[GS]ET_CLOCK
functionality the relationship between the TSC and PV clock cannot
be precisely saved and restored by userspace.

This series adds in two patches, one to add in a new interface to
allow a VMM/userspace to perform a correction of the PVTI structure.
Then a second to verify the imprecision after a simulation of a
live-update/migration and then to verify the correction is to within
±1ns.

v1: https://lore.kernel.org/all/20240408220705.7637-1-jalliste@amazon.com/

v2:
- Moved new IOCTLs from vm to vcpu level.
- Adds extra error checks as suggested by Dongli Zhang / David Woodhouse.
- Adds on-demand calculation of PVTI if non currently present in vcpu.
- Adds proper synchronization for PV clock during correction.
- Added option to test without TSC scaling in sefltest.
- Updated commit messages to better explain the situation (thanks David).


Jack Allister (2):
  KVM: x86: Add KVM_[GS]ET_CLOCK_GUEST for accurate KVM clock migration
  KVM: selftests: Add KVM/PV clock selftest to prove timer correction

 Documentation/virt/kvm/api.rst                |  37 ++++
 arch/x86/kvm/x86.c                            | 124 +++++++++++
 include/uapi/linux/kvm.h                      |   3 +
 tools/testing/selftests/kvm/Makefile          |   1 +
 .../selftests/kvm/x86_64/pvclock_test.c       | 192 ++++++++++++++++++
 5 files changed, 357 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/x86_64/pvclock_test.c


base-commit: 8cb4a9a82b21623dbb4b3051dd30d98356cf95bc
-- 
2.40.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ