From: Thomas Gleixner <tglx@linutronix.de>
To: Joel Fernandes <joel@joelfernandes.org>,
Dario Faggioli <dfaggioli@suse.com>
Cc: "Julien Desfossez" <jdesfossez@digitalocean.com>,
"Peter Zijlstra" <peterz@infradead.org>,
"Vineeth Pillai" <viremana@linux.microsoft.com>,
"Tim Chen" <tim.c.chen@linux.intel.com>,
"Aaron Lu" <aaron.lwe@gmail.com>,
"Aubrey Li" <aubrey.intel@gmail.com>,
"Dhaval Giani" <dhaval.giani@oracle.com>,
"Chris Hyser" <chris.hyser@oracle.com>,
"Nishanth Aravamudan" <naravamudan@digitalocean.com>,
"Ingo Molnar" <mingo@kernel.org>, "Paul Turner" <pjt@google.com>,
"Linus Torvalds" <torvalds@linux-foundation.org>,
LKML <linux-kernel@vger.kernel.org>,
"Frederic Weisbecker" <fweisbec@gmail.com>,
"Kees Cook" <keescook@chromium.org>,
"Greg Kerr" <kerrnel@google.com>, "Phil Auld" <pauld@redhat.com>,
"Valentin Schneider" <valentin.schneider@arm.com>,
"Mel Gorman" <mgorman@techsingularity.net>,
"Pawan Gupta" <pawan.kumar.gupta@linux.intel.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
vineeth@bitbyteword.org, "Chen Yu" <yu.c.chen@intel.com>,
"Christian Brauner" <christian.brauner@ubuntu.com>,
"Agata Gruza" <agata.gruza@intel.com>,
"Antonio Gomez Iglesias" <antonio.gomez.iglesias@intel.com>,
graf@amazon.com, konrad.wilk@oracle.com,
"Steven Rostedt" <rostedt@goodmis.org>,
"Patrick Bellasi" <derkling@google.com>,
"benbjiang(蒋彪)" <benbjiang@tencent.com>,
"Aubrey Li" <aubrey.li@linux.intel.com>,
"Tim Chen" <tim.c.chen@intel.com>,
"Paul E . McKenney" <paulmck@kernel.org>
Subject: Re: [RFC PATCH v7 17/23] kernel/entry: Add support for core-wide protection of kernel-mode
Date: Thu, 03 Sep 2020 15:20:35 +0200 [thread overview]
Message-ID: <87wo1buhcs.fsf@nanos.tec.linutronix.de> (raw)
In-Reply-To: <CAEXW_YRQiC_0edO5L2vVmL0NcfeZaRt4WYoyrcKmzbFcQP3PvA@mail.gmail.com>
On Thu, Sep 03 2020 at 00:34, Joel Fernandes wrote:
> On Wed, Sep 2, 2020 at 12:57 PM Dario Faggioli <dfaggioli@suse.com> wrote:
>> 2) protection of the kernel from the other thread running in userspace
>> may be achieved in different ways. This is one, sure. ASI will probably
>> be another. Hence if/when we'll have both, this and ASI, it would be
>> cool to be able to configure the system in such a way that there is
>> only one active, to avoid paying the price of both! :-)
>
> Actually, no. Part of ASI will involve exactly what this patch does -
> IPI-pausing siblings but ASI does so when they have no choice but to
> switch away from the "limited kernel" mapping, into the full host
> kernel mapping. I am not sure if they have yet implemented that part
> but they do talk of it in [1] and in their pretty LPC slides. It is
> just that ASI tries to avoid that scenario of kicking all siblings out
> of guest mode. So, maybe this patch can be a stepping stone to ASI.
> At least I got the entry hooks right, and the algorithm is efficient
> IMO (useless IPIs are avoided). ASI can then come in and avoid
> sending IPIs even more by doing their limited-kernel-mapping things if
> needed. So, it does not need to be this vs ASI, both may be needed.
Right. There are different parts which are seperate:
1) Core scheduling as a best effort feature (performance for certain use
cases)
2) Enforced core scheduling (utilizes #1 basics)
3) ASI
4) Kick sibling out of guest/host and wait mechanics
#1, #2, #3 can be used stand alone. #4 is a utility
Then you get combos:
A) #2 + #4:
core wide protection. i.e. what this series tries to achieve. #3
triggers the kick at the low level VMEXIT or entry from user mode
boundary. The wait happens at the same level
B) #3 + #4:
ASI plus kicking the sibling/wait mechanics independent of what's
scheduled. #3 triggers the kick at the ASI switch to full host
mapping boundary and the wait is probably the same as in #A
C) #2 + #3 + #4:
The full concert, but trigger/wait wise the same as #B
So we really want to make at least #4 an independent utility.
Thanks,
tglx
next prev parent reply other threads:[~2020-09-03 14:50 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-28 19:51 [RFC PATCH v7 00/23] Core scheduling v7 Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 01/23] sched: Wrap rq::lock access Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 02/23] sched: Introduce sched_class::pick_task() Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 03/23] sched: Core-wide rq->lock Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 04/23] sched/fair: Add a few assertions Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 05/23] sched: Basic tracking of matching tasks Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 06/23] bitops: Introduce find_next_or_bit Julien Desfossez
2020-09-03 5:13 ` Randy Dunlap
2020-08-28 19:51 ` [RFC PATCH v7 07/23] cpumask: Introduce a new iterator for_each_cpu_wrap_or Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 08/23] sched: Add core wide task selection and scheduling Julien Desfossez
2020-08-28 20:51 ` Peter Zijlstra
2020-08-28 22:02 ` Vineeth Pillai
2020-08-28 22:23 ` Joel Fernandes
2020-08-29 7:47 ` peterz
2020-08-31 13:01 ` Vineeth Pillai
2020-08-31 14:24 ` Joel Fernandes
2020-09-01 3:38 ` Joel Fernandes
2020-09-01 5:10 ` Joel Fernandes
2020-09-01 12:34 ` Vineeth Pillai
2020-09-01 17:30 ` Joel Fernandes
2020-09-01 21:23 ` Vineeth Pillai
2020-09-02 1:11 ` Joel Fernandes
2020-08-28 20:55 ` Peter Zijlstra
2020-08-28 22:15 ` Vineeth Pillai
2020-09-15 20:08 ` Joel Fernandes
2020-08-28 19:51 ` [RFC PATCH v7 09/23] sched/fair: Fix forced idle sibling starvation corner case Julien Desfossez
2020-08-28 21:25 ` Peter Zijlstra
2020-08-28 23:24 ` Vineeth Pillai
2020-08-28 19:51 ` [RFC PATCH v7 10/23] sched/fair: wrapper for cfs_rq->min_vruntime Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 11/23] sched/fair: core wide cfs task priority comparison Julien Desfossez
2020-08-28 21:29 ` Peter Zijlstra
2020-09-17 14:15 ` Vineeth Pillai
2020-09-17 20:39 ` Vineeth Pillai
2020-09-23 1:46 ` Joel Fernandes
2020-09-23 1:52 ` Joel Fernandes
2020-09-25 15:02 ` Joel Fernandes
2020-09-15 21:49 ` chris hyser
[not found] ` <81b208ad-b9e6-bfbf-631e-02e9f75d73a2@linux.intel.com>
2020-09-16 14:24 ` chris hyser
2020-09-16 20:53 ` chris hyser
2020-09-17 1:09 ` Li, Aubrey
2020-08-28 19:51 ` [RFC PATCH v7 12/23] sched: Trivial forced-newidle balancer Julien Desfossez
2020-09-02 7:08 ` Pavan Kondeti
2020-08-28 19:51 ` [RFC PATCH v7 13/23] sched: migration changes for core scheduling Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 14/23] irq_work: Add support to detect if work is pending Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 15/23] entry/idle: Add a common function for activites during idle entry/exit Julien Desfossez
2020-08-30 2:17 ` kernel test robot
2020-08-28 19:51 ` [RFC PATCH v7 16/23] arch/x86: Add a new TIF flag for untrusted tasks Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 17/23] kernel/entry: Add support for core-wide protection of kernel-mode Julien Desfossez
2020-08-30 6:50 ` [kernel/entry] 872a0a3f0b: will-it-scale.per_thread_ops -18.7% regression kernel test robot
2020-09-01 15:54 ` [RFC PATCH v7 17/23] kernel/entry: Add support for core-wide protection of kernel-mode Thomas Gleixner
2020-09-01 16:50 ` Joel Fernandes
2020-09-01 20:02 ` Thomas Gleixner
2020-09-02 1:29 ` Joel Fernandes
2020-09-02 7:53 ` Thomas Gleixner
2020-09-02 15:12 ` Joel Fernandes
2020-09-02 16:57 ` Dario Faggioli
2020-09-03 4:34 ` Joel Fernandes
2020-09-03 11:05 ` Vineeth Pillai
2020-09-03 13:20 ` Thomas Gleixner [this message]
2020-09-03 20:30 ` Joel Fernandes
2020-09-03 13:43 ` Dario Faggioli
2020-09-03 20:25 ` Joel Fernandes
2020-08-28 19:51 ` [RFC PATCH v7 18/23] entry/idle: Enter and exit kernel protection during idle entry and exit Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 19/23] entry/kvm: Protect the kernel when entering from guest Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 20/23] sched/coresched: config option for kernel protection Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 21/23] sched: cgroup tagging interface for core scheduling Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 22/23] Documentation: Add documentation on " Julien Desfossez
2020-08-28 19:51 ` [RFC PATCH v7 23/23] sched: Debug bits Julien Desfossez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wo1buhcs.fsf@nanos.tec.linutronix.de \
--to=tglx@linutronix.de \
--cc=aaron.lwe@gmail.com \
--cc=agata.gruza@intel.com \
--cc=antonio.gomez.iglesias@intel.com \
--cc=aubrey.intel@gmail.com \
--cc=aubrey.li@linux.intel.com \
--cc=benbjiang@tencent.com \
--cc=chris.hyser@oracle.com \
--cc=christian.brauner@ubuntu.com \
--cc=derkling@google.com \
--cc=dfaggioli@suse.com \
--cc=dhaval.giani@oracle.com \
--cc=fweisbec@gmail.com \
--cc=graf@amazon.com \
--cc=jdesfossez@digitalocean.com \
--cc=joel@joelfernandes.org \
--cc=keescook@chromium.org \
--cc=kerrnel@google.com \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mgorman@techsingularity.net \
--cc=mingo@kernel.org \
--cc=naravamudan@digitalocean.com \
--cc=pauld@redhat.com \
--cc=paulmck@kernel.org \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=pjt@google.com \
--cc=rostedt@goodmis.org \
--cc=tim.c.chen@intel.com \
--cc=tim.c.chen@linux.intel.com \
--cc=torvalds@linux-foundation.org \
--cc=valentin.schneider@arm.com \
--cc=vineeth@bitbyteword.org \
--cc=viremana@linux.microsoft.com \
--cc=yu.c.chen@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.