From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jan Kiszka <jan.kiszka@web.de>
Subject: Re: KVM handling external interrupts
Date: Thu, 07 Jun 2012 14:19:14 +0200
Message-ID: <4FD09C42.8080201@web.de>
References: <CAB7xdi=b_2jK33bW=cMt_k4+ehwzzf6synHsXf+1gboXtvWVNQ@mail.gmail.com> <OF0A8D80DC.FDEDAC2E-ONC2257A16.002A8BD4-C2257A16.002B31FA@il.ibm.com> <4FD062BC.5090703@web.de> <OFB1DF9654.3F7DAE26-ONC2257A16.0035B4BD-C2257A16.00368575@il.ibm.com> <4FD09349.6090305@web.de> <OFE1FFF5F1.85E3FEFB-ONC2257A16.0042A2FA-C2257A16.00437C64@il.ibm.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enig5EFC487246948E59C4140886"
Cc: Alex Landau <LALEX@il.ibm.com>,
	Dan Tsafrir <dan.tsafrir@gmail.com>,
	sheng qiu <herbert1984106@gmail.com>,
	kvm <kvm@vger.kernel.org>,
	Muli Ben-Yehuda <muli@cs.technion.ac.il>,
	Nadav Har'El <NYH@il.ibm.com>,
	Nadav Amit <nadav.amit@gmail.com>
To: Abel Gordon <ABELG@il.ibm.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mout.web.de ([212.227.17.11]:53877 "EHLO mout.web.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751124Ab2FGMTQ (ORCPT <rfc822;kvm@vger.kernel.org>);
	Thu, 7 Jun 2012 08:19:16 -0400
In-Reply-To: <OFE1FFF5F1.85E3FEFB-ONC2257A16.0042A2FA-C2257A16.00437C64@il.ibm.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig5EFC487246948E59C4140886
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On 2012-06-07 14:17, Abel Gordon wrote:
>=20
>=20
> Jan Kiszka <jan.kiszka@web.de> wrote on 07/06/2012 14:40:57:
>=20
>> But even if we consider the IDT unsafe, what does that IDT limiting bu=
y
>> us?
>=20
> The limit lets you force an exit (#GP exception) whenever the shadow ID=
T
> is ok or not. In this case, you simple shadow the GUEST_IDTR register
> and not a memory area
>=20
>> The guest can still mask interrupts above that limit via cli, no?
>> So the only measures that save us from CPU hogging guests are the
>> preemption timer and kicking via NMI. Or what am I missing?
>=20
> Nothing :) As we described in the paper, this is what we do to avoid
> this situation.

So the other measures are redundant, right? They only seem to complicate
the approach without any gain, that is my point.

Jan


--------------enig5EFC487246948E59C4140886
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk/QnEIACgkQitSsb3rl5xSu2gCfWtzwyc5QiKrGe2SxgZceoER4
7HYAoMcz+1WtphdTh+1sIJuH3sFNVnau
=0IXL
-----END PGP SIGNATURE-----

--------------enig5EFC487246948E59C4140886--