From: Marcelo Tosatti <mtosatti@redhat.com>
To: Alexander Graf <agraf@suse.de>
Cc: qemu-devel@nongnu.org, kvm@vger.kernel.org
Subject: Re: [PATCH] kvmclock: Ensure time in migration never goes backward
Date: Mon, 5 May 2014 20:23:43 -0300 [thread overview]
Message-ID: <20140505232343.GA20638@amt.cnet> (raw)
In-Reply-To: <1399297882-3444-1-git-send-email-agraf@suse.de>
Hi Alexander,
On Mon, May 05, 2014 at 03:51:22PM +0200, Alexander Graf wrote:
> When we migrate we ask the kernel about its current belief on what the guest
> time would be.
KVM_GET_CLOCK which returns the time in "struct kvm_clock_data".
> However, I've seen cases where the kvmclock guest structure
> indicates a time more recent than the kvm returned time.
More details please:
1) By what algorithm you retrieve
and compare time in kvmclock guest structure and KVM_GET_CLOCK.
What are the results of the comparison.
And whether and backwards time was visible in the guest.
2) What is the host clocksource.
The test below is not a good one because:
T1) KVM_GET_CLOCK (save s->clock).
T2) save env->tsc.
The difference in scaled time between T1 and T2 is larger than 1
nanosecond, so the
(time_at_migration > s->clock)
check is almost always positive (what matters though is whether
time backwards event can be seen reading kvmclock in the guest).
> To make sure we never go backwards, calculate what the guest would have seen
> as time at the point of migration and use that value instead of the kernel
> returned one when it's more recent.
>
> While this doesn't fix the underlying issue that the kernel's view of time
> is skewed, it allows us to safely migrate guests even from sources that are
> known broken.
>
> Signed-off-by: Alexander Graf <agraf@suse.de>
> ---
> hw/i386/kvm/clock.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 48 insertions(+)
>
> diff --git a/hw/i386/kvm/clock.c b/hw/i386/kvm/clock.c
> index 892aa02..c6521cf 100644
> --- a/hw/i386/kvm/clock.c
> +++ b/hw/i386/kvm/clock.c
> @@ -14,6 +14,7 @@
> */
>
> #include "qemu-common.h"
> +#include "qemu/host-utils.h"
> #include "sysemu/sysemu.h"
> #include "sysemu/kvm.h"
> #include "hw/sysbus.h"
> @@ -34,6 +35,47 @@ typedef struct KVMClockState {
> bool clock_valid;
> } KVMClockState;
>
> +struct pvclock_vcpu_time_info {
> + uint32_t version;
> + uint32_t pad0;
> + uint64_t tsc_timestamp;
> + uint64_t system_time;
> + uint32_t tsc_to_system_mul;
> + int8_t tsc_shift;
> + uint8_t flags;
> + uint8_t pad[2];
> +} __attribute__((__packed__)); /* 32 bytes */
> +
> +static uint64_t kvmclock_current_nsec(KVMClockState *s)
> +{
> + CPUState *cpu = first_cpu;
> + CPUX86State *env = cpu->env_ptr;
> + hwaddr kvmclock_struct_pa = env->system_time_msr & ~1ULL;
> + uint64_t migration_tsc = env->tsc;
> + struct pvclock_vcpu_time_info time;
> + uint64_t delta;
> + uint64_t nsec_lo;
> + uint64_t nsec_hi;
> + uint64_t nsec;
> +
> + if (!(env->system_time_msr & 1ULL)) {
> + /* KVM clock not active */
> + return 0;
> + }
> +
> + cpu_physical_memory_read(kvmclock_struct_pa, &time, sizeof(time));
> +
> + delta = migration_tsc - time.tsc_timestamp;
> + if (time.tsc_shift < 0) {
> + delta >>= -time.tsc_shift;
> + } else {
> + delta <<= time.tsc_shift;
> + }
> +
> + mulu64(&nsec_lo, &nsec_hi, delta, time.tsc_to_system_mul);
> + nsec = (nsec_lo >> 32) | (nsec_hi << 32);
> + return nsec + time.system_time;
> +}
>
> static void kvmclock_vm_state_change(void *opaque, int running,
> RunState state)
> @@ -45,9 +87,15 @@ static void kvmclock_vm_state_change(void *opaque, int running,
>
> if (running) {
> struct kvm_clock_data data;
> + uint64_t time_at_migration = kvmclock_current_nsec(s);
>
> s->clock_valid = false;
>
> + if (time_at_migration > s->clock) {
> + fprintf(stderr, "KVM Clock migrated backwards, using later time\n");
> + s->clock = time_at_migration;
> + }
> +
> data.clock = s->clock;
> data.flags = 0;
> ret = kvm_vm_ioctl(kvm_state, KVM_SET_CLOCK, &data);
> --
> 1.7.12.4
>
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: Marcelo Tosatti <mtosatti@redhat.com>
To: Alexander Graf <agraf@suse.de>
Cc: qemu-devel@nongnu.org, kvm@vger.kernel.org
Subject: Re: [Qemu-devel] [PATCH] kvmclock: Ensure time in migration never goes backward
Date: Mon, 5 May 2014 20:23:43 -0300 [thread overview]
Message-ID: <20140505232343.GA20638@amt.cnet> (raw)
In-Reply-To: <1399297882-3444-1-git-send-email-agraf@suse.de>
Hi Alexander,
On Mon, May 05, 2014 at 03:51:22PM +0200, Alexander Graf wrote:
> When we migrate we ask the kernel about its current belief on what the guest
> time would be.
KVM_GET_CLOCK which returns the time in "struct kvm_clock_data".
> However, I've seen cases where the kvmclock guest structure
> indicates a time more recent than the kvm returned time.
More details please:
1) By what algorithm you retrieve
and compare time in kvmclock guest structure and KVM_GET_CLOCK.
What are the results of the comparison.
And whether and backwards time was visible in the guest.
2) What is the host clocksource.
The test below is not a good one because:
T1) KVM_GET_CLOCK (save s->clock).
T2) save env->tsc.
The difference in scaled time between T1 and T2 is larger than 1
nanosecond, so the
(time_at_migration > s->clock)
check is almost always positive (what matters though is whether
time backwards event can be seen reading kvmclock in the guest).
> To make sure we never go backwards, calculate what the guest would have seen
> as time at the point of migration and use that value instead of the kernel
> returned one when it's more recent.
>
> While this doesn't fix the underlying issue that the kernel's view of time
> is skewed, it allows us to safely migrate guests even from sources that are
> known broken.
>
> Signed-off-by: Alexander Graf <agraf@suse.de>
> ---
> hw/i386/kvm/clock.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 48 insertions(+)
>
> diff --git a/hw/i386/kvm/clock.c b/hw/i386/kvm/clock.c
> index 892aa02..c6521cf 100644
> --- a/hw/i386/kvm/clock.c
> +++ b/hw/i386/kvm/clock.c
> @@ -14,6 +14,7 @@
> */
>
> #include "qemu-common.h"
> +#include "qemu/host-utils.h"
> #include "sysemu/sysemu.h"
> #include "sysemu/kvm.h"
> #include "hw/sysbus.h"
> @@ -34,6 +35,47 @@ typedef struct KVMClockState {
> bool clock_valid;
> } KVMClockState;
>
> +struct pvclock_vcpu_time_info {
> + uint32_t version;
> + uint32_t pad0;
> + uint64_t tsc_timestamp;
> + uint64_t system_time;
> + uint32_t tsc_to_system_mul;
> + int8_t tsc_shift;
> + uint8_t flags;
> + uint8_t pad[2];
> +} __attribute__((__packed__)); /* 32 bytes */
> +
> +static uint64_t kvmclock_current_nsec(KVMClockState *s)
> +{
> + CPUState *cpu = first_cpu;
> + CPUX86State *env = cpu->env_ptr;
> + hwaddr kvmclock_struct_pa = env->system_time_msr & ~1ULL;
> + uint64_t migration_tsc = env->tsc;
> + struct pvclock_vcpu_time_info time;
> + uint64_t delta;
> + uint64_t nsec_lo;
> + uint64_t nsec_hi;
> + uint64_t nsec;
> +
> + if (!(env->system_time_msr & 1ULL)) {
> + /* KVM clock not active */
> + return 0;
> + }
> +
> + cpu_physical_memory_read(kvmclock_struct_pa, &time, sizeof(time));
> +
> + delta = migration_tsc - time.tsc_timestamp;
> + if (time.tsc_shift < 0) {
> + delta >>= -time.tsc_shift;
> + } else {
> + delta <<= time.tsc_shift;
> + }
> +
> + mulu64(&nsec_lo, &nsec_hi, delta, time.tsc_to_system_mul);
> + nsec = (nsec_lo >> 32) | (nsec_hi << 32);
> + return nsec + time.system_time;
> +}
>
> static void kvmclock_vm_state_change(void *opaque, int running,
> RunState state)
> @@ -45,9 +87,15 @@ static void kvmclock_vm_state_change(void *opaque, int running,
>
> if (running) {
> struct kvm_clock_data data;
> + uint64_t time_at_migration = kvmclock_current_nsec(s);
>
> s->clock_valid = false;
>
> + if (time_at_migration > s->clock) {
> + fprintf(stderr, "KVM Clock migrated backwards, using later time\n");
> + s->clock = time_at_migration;
> + }
> +
> data.clock = s->clock;
> data.flags = 0;
> ret = kvm_vm_ioctl(kvm_state, KVM_SET_CLOCK, &data);
> --
> 1.7.12.4
>
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2014-05-05 23:24 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-05 13:51 [PATCH] kvmclock: Ensure time in migration never goes backward Alexander Graf
2014-05-05 13:51 ` [Qemu-devel] " Alexander Graf
2014-05-05 17:46 ` Marcin Gibuła
2014-05-05 18:05 ` Alexander Graf
2014-05-05 18:26 ` Marcin Gibuła
2014-05-05 23:27 ` Marcelo Tosatti
2014-05-05 23:27 ` Marcelo Tosatti
2014-05-05 23:31 ` Marcelo Tosatti
2014-05-05 23:31 ` Marcelo Tosatti
2014-05-06 8:07 ` Marcin Gibuła
2014-05-06 8:07 ` [Qemu-devel] " Marcin Gibuła
2014-05-06 7:11 ` Alexander Graf
2014-05-06 7:37 ` Marcin Gibuła
2014-05-05 23:23 ` Marcelo Tosatti [this message]
2014-05-05 23:23 ` Marcelo Tosatti
2014-05-05 23:31 ` Marcelo Tosatti
2014-05-05 23:31 ` [Qemu-devel] " Marcelo Tosatti
2014-05-06 7:18 ` Alexander Graf
2014-05-06 7:18 ` [Qemu-devel] " Alexander Graf
2014-05-06 19:54 ` Marcin Gibuła
2014-05-07 23:23 ` Marcelo Tosatti
2014-05-07 23:23 ` Marcelo Tosatti
2014-05-07 23:21 ` Marcelo Tosatti
2014-05-07 23:21 ` [Qemu-devel] " Marcelo Tosatti
2014-05-07 23:29 ` Alexander Graf
2014-05-07 23:29 ` [Qemu-devel] " Alexander Graf
2014-05-06 7:16 ` Alexander Graf
2014-05-06 7:16 ` [Qemu-devel] " Alexander Graf
2014-05-07 10:04 ` Nick Thomas
2014-05-07 10:04 ` [Qemu-devel] " Nick Thomas
2014-05-08 1:33 ` Marcelo Tosatti
2014-05-08 1:33 ` [Qemu-devel] " Marcelo Tosatti
2014-05-08 7:21 ` Alexander Graf
2014-05-08 7:21 ` [Qemu-devel] " Alexander Graf
2014-05-09 2:28 ` Marcelo Tosatti
2014-05-09 2:28 ` [Qemu-devel] " Marcelo Tosatti
2014-05-09 11:53 ` Paolo Bonzini
2014-05-09 11:53 ` [Qemu-devel] " Paolo Bonzini
2014-05-12 20:26 ` Alexander Graf
2014-05-12 20:26 ` [Qemu-devel] " Alexander Graf
2014-05-14 7:26 ` Marcelo Tosatti
2014-05-14 7:26 ` [Qemu-devel] " Marcelo Tosatti
2014-05-14 6:47 ` Marcelo Tosatti
2014-05-14 6:47 ` [Qemu-devel] " Marcelo Tosatti
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140505232343.GA20638@amt.cnet \
--to=mtosatti@redhat.com \
--cc=agraf@suse.de \
--cc=kvm@vger.kernel.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.