| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Jan 2020 09:51:01 +0000
From: Jianyong Wu <Jianyong.Wu@....com>
To: Marc Zyngier <maz@...nel.org>
CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"yangbo.lu@....com" <yangbo.lu@....com>,
"john.stultz@...aro.org" <john.stultz@...aro.org>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"pbonzini@...hat.com" <pbonzini@...hat.com>,
"sean.j.christopherson@...el.com" <sean.j.christopherson@...el.com>,
"richardcochran@...il.com" <richardcochran@...il.com>,
Mark Rutland <Mark.Rutland@....com>,
"will@...nel.org" <will@...nel.org>,
Suzuki Poulose <Suzuki.Poulose@....com>,
Steven Price <Steven.Price@....com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
"kvmarm@...ts.cs.columbia.edu" <kvmarm@...ts.cs.columbia.edu>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
Steve Capper <Steve.Capper@....com>,
Kaly Xin <Kaly.Xin@....com>, Justin He <Justin.He@....com>,
nd <nd@....com>
Subject: RE: [RFC PATCH v9 6/8] psci: Add hvc call service for ptp_kvm.
Hi Marc,
> -----Original Message-----
> From: Marc Zyngier <maz@...nel.org>
> Sent: Thursday, January 9, 2020 5:16 PM
> To: Jianyong Wu <Jianyong.Wu@....com>
> Cc: netdev@...r.kernel.org; yangbo.lu@....com; john.stultz@...aro.org;
> tglx@...utronix.de; pbonzini@...hat.com; sean.j.christopherson@...el.com;
> richardcochran@...il.com; Mark Rutland <Mark.Rutland@....com>;
> will@...nel.org; Suzuki Poulose <Suzuki.Poulose@....com>; Steven Price
> <Steven.Price@....com>; linux-kernel@...r.kernel.org; linux-arm-
> kernel@...ts.infradead.org; kvmarm@...ts.cs.columbia.edu;
> kvm@...r.kernel.org; Steve Capper <Steve.Capper@....com>; Kaly Xin
> <Kaly.Xin@....com>; Justin He <Justin.He@....com>; nd <nd@....com>
> Subject: Re: [RFC PATCH v9 6/8] psci: Add hvc call service for ptp_kvm.
>
> On 2020-01-09 05:45, Jianyong Wu wrote:
> > Hi Marc,
> >
> >> -----Original Message-----
> >> From: Marc Zyngier <maz@...nel.org>
> >> Sent: Tuesday, January 7, 2020 5:16 PM
> >> To: Jianyong Wu <Jianyong.Wu@....com>
> >> Cc: netdev@...r.kernel.org; yangbo.lu@....com;
> >> john.stultz@...aro.org; tglx@...utronix.de; pbonzini@...hat.com;
> >> sean.j.christopherson@...el.com; richardcochran@...il.com; Mark
> >> Rutland <Mark.Rutland@....com>; will@...nel.org; Suzuki Poulose
> >> <Suzuki.Poulose@....com>; Steven Price <Steven.Price@....com>;
> >> linux-kernel@...r.kernel.org; linux-arm- kernel@...ts.infradead.org;
> >> kvmarm@...ts.cs.columbia.edu; kvm@...r.kernel.org; Steve Capper
> >> <Steve.Capper@....com>; Kaly Xin <Kaly.Xin@....com>; Justin He
> >> <Justin.He@....com>; nd <nd@....com>
> >> Subject: Re: [RFC PATCH v9 6/8] psci: Add hvc call service for
> >> ptp_kvm.
> >>
> >> On 2019-12-10 03:40, Jianyong Wu wrote:
> >> > ptp_kvm modules will call hvc to get this service.
> >> > The service offers real time and counter cycle of host for guest.
> >> >
> >> > Signed-off-by: Jianyong Wu <jianyong.wu@....com>
> >> > ---
> >> > include/linux/arm-smccc.h | 12 ++++++++++++
> >> > virt/kvm/arm/psci.c | 22 ++++++++++++++++++++++
> >> > 2 files changed, 34 insertions(+)
> >> >
> >> > diff --git a/include/linux/arm-smccc.h b/include/linux/arm-smccc.h
> >> > index 6f82c87308ed..aafb6bac167d 100644
> >> > --- a/include/linux/arm-smccc.h
> >> > +++ b/include/linux/arm-smccc.h
> >> > @@ -94,6 +94,7 @@
> >> >
> >> > /* KVM "vendor specific" services */
> >> > #define ARM_SMCCC_KVM_FUNC_FEATURES 0
> >> > +#define ARM_SMCCC_KVM_PTP 1
> >> > #define ARM_SMCCC_KVM_FUNC_FEATURES_2 127
> >> > #define ARM_SMCCC_KVM_NUM_FUNCS 128
> >> >
> >> > @@ -103,6 +104,17 @@
> >> > ARM_SMCCC_OWNER_VENDOR_HYP,
> >> \
> >> > ARM_SMCCC_KVM_FUNC_FEATURES)
> >> >
> >> > +/*
> >> > + * This ID used for virtual ptp kvm clock and it will pass second
> >> > value
> >> > + * and nanosecond value of host real time and system counter by
> >> > +vcpu
> >> > + * register to guest.
> >> > + */
> >> > +#define ARM_SMCCC_VENDOR_HYP_KVM_PTP_FUNC_ID
> >> \
> >> > + ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL,
> >> \
> >> > + ARM_SMCCC_SMC_32,
> >> \
> >> > + ARM_SMCCC_OWNER_VENDOR_HYP,
> >> \
> >> > + ARM_SMCCC_KVM_PTP)
> >> > +
> >>
> >> All of this depends on patches that have never need posted to any ML,
> >> and just linger in Will's tree. You need to pick them up and post
> >> them as part of this series so that they can at least be reviewed.
> >>
> > Ok, I will add them next version.
> >
> >> > #ifndef __ASSEMBLY__
> >> >
> >> > #include <linux/linkage.h>
> >> > diff --git a/virt/kvm/arm/psci.c b/virt/kvm/arm/psci.c index
> >> > 0debf49bf259..682d892d6717 100644
> >> > --- a/virt/kvm/arm/psci.c
> >> > +++ b/virt/kvm/arm/psci.c
> >> > @@ -9,6 +9,7 @@
> >> > #include <linux/kvm_host.h>
> >> > #include <linux/uaccess.h>
> >> > #include <linux/wait.h>
> >> > +#include <linux/clocksource_ids.h>
> >> >
> >> > #include <asm/cputype.h>
> >> > #include <asm/kvm_emulate.h>
> >> > @@ -389,6 +390,8 @@ static int kvm_psci_call(struct kvm_vcpu *vcpu)
> >> >
> >> > int kvm_hvc_call_handler(struct kvm_vcpu *vcpu) {
> >> > + struct system_time_snapshot systime_snapshot;
> >> > + u64 cycles;
> >> > u32 func_id = smccc_get_function(vcpu);
> >> > u32 val[4] = {};
> >> > u32 option;
> >> > @@ -431,6 +434,25 @@ int kvm_hvc_call_handler(struct kvm_vcpu
> *vcpu)
> >> > case ARM_SMCCC_VENDOR_HYP_KVM_FEATURES_FUNC_ID:
> >> > val[0] = BIT(ARM_SMCCC_KVM_FUNC_FEATURES);
> >> > break;
> >> > + /*
> >> > + * This will used for virtual ptp kvm clock. three
> >> > + * values will be passed back.
> >> > + * reg0 stores high 32-bit host ktime;
> >> > + * reg1 stores low 32-bit host ktime;
> >> > + * reg2 stores high 32-bit difference of host cycles and cntvoff;
> >> > + * reg3 stores low 32-bit difference of host cycles and cntvoff.
> >>
> >> That's either two or four values, and not three as you claim above.
> >>
> > Sorry, I'm not sure what do you mean "three", the registers here is 4
> > from reg0 to reg3.
>
> Please read the comment you have written above...
oh, I see it.
>
> >> Also, I fail to understand the meaning of the host cycle vs cntvoff
> >> comparison.
> >> This is something that guest can perform on its own (it has access to
> >> both physical and virtual timers, and can compute cntvoff without
> >> intervention of the hypervisor).
> >>
> > To keep consistency and precision, clock time and counter cycle must
> > captured at the same time. It will perform at ktime_get_snapshot.
>
> Fair enough. It would vertainly help if you documented it. It would also help if
> you explained why it is so much worse to read the counter in the guest
> before *and* after the call, and assume that the clock time read happened
> right in the middle?
>
ok, I will give explain in comments.
> That aside, what you are returning is something that *looks* like the virtual
> counter. What if the guest is using the physical counter, which is likely to be
> the case with nested virt? Do you expect the guest to always use the virtual
> counter? This isn't going to fly.
To be honest, I have little knowledge of nested virtualization for arm and I'm confused with that
guest'guest will use physical counter.
IMO, ptp_kvm will call hvc to trap to its hypervisor adjacent to it. So guest'guest will trap to hypervisor in guest and will
get guest's counter cycle then calculate guest'guest's counter cycle by something like offset to sync time with it. So only if the
guest's hypervisor can calculate the guest'guest's counter value, can ptp_kvm works.
the implementation of calculating the return value of counter cycle vary with the way deriving counter cycle from hypervisor to guest.
If considering nested virt here, we need the basic knowledge of how guest'guest's counter cycle is calculated from its hypervisor and how to determine
we are in guest's hypervisor or guest'guest's hypervisor.
If it is the case, can you give me some knowledge, something like a document, about that?
>
> >> Finally, how does it work with nested virt, where cntvoff is for the
> >> the vEL2 guest?
> >>
> > For now, I have not considered ptp_kvm in nested virtualization. Also
> > I'm not sure about if nested virtualization is ready on arm64 , as I
> > need test ptp_kvm on it. If so, I can consider it.
>
> It is not about testing. It is about taking the architecture into account.
> And ready or not doesn't come into play here. What you're defining here is
> an ABI, and it better be totally future proof.
>
Yeah, should included it in design.
> But if you want to test, help yourself to [1] and have fun!
> >
Thanks
> >> > + */
> >> > + case ARM_SMCCC_VENDOR_HYP_KVM_PTP_FUNC_ID:
> >> > + ktime_get_snapshot(&systime_snapshot);
> >> > + if (systime_snapshot.cs_id != CSID_ARM_ARCH_COUNTER)
> >> > + return kvm_psci_call(vcpu);
> >>
> >> What does this mean? Calling PSCI because you've failed to identify
> >> the clock source? What result do you expect from this? Hint: this
> >> isn't a PSCI call.
> >>
> > Sorry, what I want to do here is that return to guest with the error
> > info.
> > Maybe I should set val[0] to -1 and break to let the guest know that
> > error comes, as the guest will check if val[0] is positive to
> > determine the next step.
>
> What you should do is handle it like a normal SMCCC failure.
>
Yeah, I will fix it.
Thanks
Jianyong
> M.
>
> [1]
> https://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-
> platforms.git/log/?h=kvm-arm64/nv-5.5-rc4-WIP
> --
> Jazz is not dead. It just smells funny...
Powered by blists - more mailing lists