From: "Radim Krčmář" <rkrcmar@redhat.com>
To: Roman Kagan <rkagan@virtuozzo.com>
Cc: kvm@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
Marcelo Tosatti <mtosatti@redhat.com>,
"Denis V. Lunev" <den@openvz.org>
Subject: Re: [PATCH 3/3] x86/kvm: implement Hyper-V reference TSC page clock
Date: Mon, 25 Apr 2016 22:54:12 +0200 [thread overview]
Message-ID: <20160425205412.GA19872@potion> (raw)
In-Reply-To: <1461258686-28161-4-git-send-email-rkagan@virtuozzo.com>
2016-04-21 20:11+0300, Roman Kagan:
> diff --git a/arch/x86/kvm/hyperv.c b/arch/x86/kvm/hyperv.c
> @@ -797,23 +798,11 @@ static int kvm_hv_set_msr_pw(struct kvm_vcpu *vcpu, u32 msr, u64 data,
> mark_page_dirty(kvm, gfn);
> break;
> }
> + case HV_X64_MSR_REFERENCE_TSC:
(Would be nicer to check for HV_X64_MSR_REFERENCE_TSC_AVAILABLE.)
> hv->hv_tsc_page = data;
> + if (hv->hv_tsc_page & HV_X64_MSR_TSC_REFERENCE_ENABLE)
> + kvm_make_request(KVM_REQ_MASTERCLOCK_UPDATE, vcpu);
The MSR value is global and will be seen by other VCPUs before we write
the page for the first time, which means there is an extremely unlikely
race that could read random data from a guest page and interpret it as
time. Initialization before setting hv_tsc_page would be fine.
(Also, TLFS 4.0b says that the guest can pick any frame in the GPA
space. The guest could specify a frame that wouldn't be mapped in KVM
and the guest would fail for no good reason. HyperV's "overlay pages"
likely don't read or overwrite content of mapped frames either.
I think it would be safer to create a new mapping for the page ...)
> @@ -1143,3 +1132,107 @@ set_result:
> +static int pvclock_to_tscpage(struct pvclock_vcpu_time_info *hv_clock,
> + HV_REFERENCE_TSC_PAGE *tsc_ref)
> +{
| [...]
> + * tsc_scale = (tsc_to_system_mul << (tsc_shift + 32)) / 100
| [...]
> + * Note that although tsc_to_system_mul is 32 bit, we may need 128 bit
> + * division to calculate tsc_scale
Linux has a function that handles u96/u64 with 64 and even 32 bit
arithmetics, mul_u64_u32_div(). Do you think this would be ok?
tsc_ref->tsc_scale = mul_u64_u32_div(1ULL << hv_clock->tsc_shift + 32,
tsc_to_system_mul, 100);
Thanks.
next prev parent reply other threads:[~2016-04-25 20:54 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-21 17:11 [PATCH 0/3] x86/kvm: implement Hyper-V reference TSC page clock Roman Kagan
2016-04-21 17:11 ` [PATCH 1/3] hyperv: add define for time unit Roman Kagan
2016-04-21 17:11 ` [PATCH 2/3] x86/kvm: factor out updating kvm_clock in guest Roman Kagan
2016-04-21 17:11 ` [PATCH 3/3] x86/kvm: implement Hyper-V reference TSC page clock Roman Kagan
2016-04-25 20:54 ` Radim Krčmář [this message]
2016-04-26 9:02 ` Roman Kagan
2016-04-26 13:00 ` Radim Krčmář
2016-04-26 14:16 ` Roman Kagan
2016-04-26 14:36 ` Radim Krčmář
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160425205412.GA19872@potion \
--to=rkrcmar@redhat.com \
--cc=den@openvz.org \
--cc=kvm@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rkagan@virtuozzo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox