From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jan Kiszka <jan.kiszka@web.de>
Subject: Re: KVM handling external interrupts
Date: Thu, 07 Jun 2012 12:23:15 +0200
Message-ID: <4FD08113.9080709@web.de>
References: <CAB7xdi=b_2jK33bW=cMt_k4+ehwzzf6synHsXf+1gboXtvWVNQ@mail.gmail.com> <OF0A8D80DC.FDEDAC2E-ONC2257A16.002A8BD4-C2257A16.002B31FA@il.ibm.com> <4FD062BC.5090703@web.de> <OFB1DF9654.3F7DAE26-ONC2257A16.0035B4BD-C2257A16.00368575@il.ibm.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enig5E3A8C5E7C075589CCE31CAC"
Cc: Alex Landau <LALEX@il.ibm.com>,
	Dan Tsafrir <dan.tsafrir@gmail.com>,
	sheng qiu <herbert1984106@gmail.com>,
	kvm <kvm@vger.kernel.org>,
	Muli Ben-Yehuda <muli@cs.technion.ac.il>,
	Nadav Har'El <NYH@il.ibm.com>,
	Nadav Amit <nadav.amit@gmail.com>
To: Abel Gordon <ABELG@il.ibm.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mout.web.de ([212.227.17.12]:59918 "EHLO mout.web.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1757853Ab2FGKXX (ORCPT <rfc822;kvm@vger.kernel.org>);
	Thu, 7 Jun 2012 06:23:23 -0400
In-Reply-To: <OFB1DF9654.3F7DAE26-ONC2257A16.0035B4BD-C2257A16.00368575@il.ibm.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig5E3A8C5E7C075589CCE31CAC
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On 2012-06-07 11:55, Abel Gordon wrote:
>=20
>>> Note this is not so simple, there are many other issues you should
>>> consider.
>>
>> Is it just complicated, not upstreamable, or are the unsolved issues
>> like security holes or the need to paravirtualize the guest?
>=20
> Well, I let you read the paper first :) It will answer all these questi=
ons.

I'm on it. Two general remarks so far:

 - At least the preemption timer is not common x86 architecture but can
   only be found in VT-x. You should mention that you are focusing on
   Intel.
 - You discuss interrupt delivery without stating that you have MSIs in
   mind. Some aspects may be helpful for legacy interrupts as well, but
   you obviously can't achieve exit-less operation there. Not an issue,
   should just be made clear.

>=20
> In a nutshell,
> Complicated: that always depends who you ask and relative to what you
> consider something complicated. ELI changes some critical points in KVM=
=2E
> Unsolved issues: there are some issues solves in theory but not impleme=
nted
> Security holes: not if you are OK with the threat model we describe in =
the
> paper

The thread model looks sane, but I'm not feeling well with the "let's
poll the guest to see if it misbehaved" solution. It should work but is
a bit ugly.

> need paravirtualize the guest: no if you have x2APIC.

=2E..and the guest makes use of it. This excludes older OSes. When did
Windows start to use it?

Jan


--------------enig5E3A8C5E7C075589CCE31CAC
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk/QgRcACgkQitSsb3rl5xQQcwCgp+W/FF4wjvrdtYYjFSYRFoUr
CaQAn1tD4gKouN1RKLm2k/v4i789dsx4
=UT79
-----END PGP SIGNATURE-----

--------------enig5E3A8C5E7C075589CCE31CAC--