From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jan Kiszka <jan.kiszka@siemens.com>
Subject: Re: [PATCH 0/8] use jump labels to streamline common APIC configuration
Date: Tue, 14 Aug 2012 16:13:17 +0200
Message-ID: <502A5CFD.8080604@siemens.com>
References: <1344171513-4659-1-git-send-email-gleb@redhat.com> <501E760E.9050109@redhat.com> <20120805133549.GL27579@redhat.com> <501E7839.2030008@redhat.com> <20120805134842.GM27579@redhat.com> <501E7C85.70001@redhat.com> <20120805140305.GN27579@redhat.com> <502A5A16.6040506@siemens.com> <502A5AE0.3080608@redhat.com> <20120814140701.GN11194@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: Avi Kivity <avi@redhat.com>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	"mtosatti@redhat.com" <mtosatti@redhat.com>
To: Gleb Natapov <gleb@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from goliath.siemens.de ([192.35.17.28]:25241 "EHLO
	goliath.siemens.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750954Ab2HNONW (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 14 Aug 2012 10:13:22 -0400
In-Reply-To: <20120814140701.GN11194@redhat.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 2012-08-14 16:07, Gleb Natapov wrote:
> On Tue, Aug 14, 2012 at 05:04:16PM +0300, Avi Kivity wrote:
>> On 08/14/2012 05:00 PM, Jan Kiszka wrote:
>>
>>>>> The host can prevent this by leaving disabling the guest pmu.  But
>>>>> disabling jump labels for real-time kernels may be acceptable too.  We
>>>>> can probably to it at run time by forcing the slow path at all times.
>>>> Yes, it is possible to add module option that will force slow path if
>>>> needed.
>>>
>>> Should I write a patch or will you? Having host-side stop_machine due to
>>> such common guest operations is indeed a no-go for RT.
>>>
>>
>> Note that an additional patch is needed for perf, otherwise the guest
>> (or a user, but that's less of a concern for realtime) can easily invoke
>> stop_machine by configuring and unconfiguring its pmu.
>>
>>
> Are we talking about malicious guests? Why not compile kernel with jump
> label disabled if this is serious concern?

Because jump labels are still useful for other purposes (e.g. tracing) -
provided you don't use them while a critical operation is running. It's
cumbersome to require static configuration, specifically given that we
could easily control dynamically it at KVM level.

Jan

-- 
Siemens AG, Corporate Technology, CT RTC ITP SDP-DE
Corporate Competence Center Embedded Linux