From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
qemu-devel@nongnu.org, linux-hyperv@vger.kernel.org,
linux-crypto@vger.kernel.org, graf@amazon.com,
mikelley@microsoft.com, gregkh@linuxfoundation.org,
adrian@parity.io, lersek@redhat.com, berrange@redhat.com,
linux@dominikbrodowski.net, jannh@google.com, rafael@kernel.org,
len.brown@intel.com, pavel@ucw.cz, linux-pm@vger.kernel.org,
colmmacc@amazon.com, tytso@mit.edu, arnd@arndb.de
Subject: Re: propagating vmgenid outward and upward
Date: Tue, 1 Mar 2022 17:35:25 +0100 [thread overview]
Message-ID: <Yh5LTd1k1uB1eGFF@zx2c4.com> (raw)
In-Reply-To: <20220301111459-mutt-send-email-mst@kernel.org>
Hi Michael,
On Tue, Mar 01, 2022 at 11:21:38AM -0500, Michael S. Tsirkin wrote:
> > If we had a "pull" model, rather than just expose a 16-byte unique
> > identifier, the vmgenid virtual hardware would _also_ expose a
> > word-sized generation counter, which would be incremented every time the
> > unique ID changed. Then, every time we would touch the RNG, we'd simply
> > do an inexpensive check of this memremap()'d integer, and reinitialize
> > with the unique ID if the integer changed. In this way, the race would
> > be entirely eliminated. We would then be able to propagate this outwards
> > to other drivers, by just exporting an extern symbol, in the manner of
> > `jiffies`, and propagate it upwards to userspace, by putting it in the
> > vDSO, in the manner of gettimeofday. And like that, there'd be no
> > terrible async thing and things would work pretty easily.
>
> I am not sure what the difference is though. So we have a 16 byte unique
> value and you would prefer a dword counter. How is the former not a
> superset of the later?
Laszlo just asked the same question, which I answered here:
<https://lore.kernel.org/lkml/Yh5JwK6toc%2FzBNL7@zx2c4.com/>. You have
to read the full 16 bytes. You can't safely just read the first 4 or 8
or something, because it's a "unique ID" rather than a counter. That
seems like a needlessly expensive thing to do on each-and-every packet.
> I'm not sure how safe it is to expose it to
> userspace specifically, but rest of text talks about exposing it to a
> kernel driver so maybe not an issue? So what makes interrupt driven
> required, and why not just remap and read existing vmgenid in the pull
> manner? What did I miss?
I don't really understand your question, but guessing your meaning: I'm
not talking about exposing the actual 16-byte value to any other
drivers, but just notifying them that their sessions should be dropped.
If it's easier to think about this in code, grep for wg_pm_notification(),
and consider that it'd be changing this code:
if (action != PM_HIBERNATION_PREPARE && action != PM_SUSPEND_PREPARE)
return 0;
into:
if (action != PM_HIBERNATION_PREPARE && action != PM_SUSPEND_PREPARE &&
action != PM_VMFORK_POST)
return 0;
But perhaps I misunderstood this part of your question?
Jason
next prev parent reply other threads:[~2022-03-01 16:35 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-01 15:42 propagating vmgenid outward and upward Jason A. Donenfeld
2022-03-01 16:15 ` Laszlo Ersek
2022-03-01 16:28 ` Jason A. Donenfeld
2022-03-01 17:17 ` Michael S. Tsirkin
2022-03-01 18:37 ` Jason A. Donenfeld
2022-03-02 7:42 ` Michael S. Tsirkin
2022-03-02 7:48 ` Michael S. Tsirkin
2022-03-02 8:30 ` Michael S. Tsirkin
2022-03-02 11:26 ` Jason A. Donenfeld
2022-03-02 12:58 ` Michael S. Tsirkin
2022-03-02 13:55 ` Jason A. Donenfeld
2022-03-02 14:46 ` Michael S. Tsirkin
2022-03-02 15:14 ` Jason A. Donenfeld
2022-03-02 15:20 ` Michael S. Tsirkin
2022-03-02 15:36 ` Jason A. Donenfeld
2022-03-02 16:22 ` Michael S. Tsirkin
2022-03-02 16:32 ` Jason A. Donenfeld
2022-03-02 17:27 ` Michael S. Tsirkin
2022-03-03 13:07 ` Michael S. Tsirkin
2022-03-02 16:29 ` Michael S. Tsirkin
2022-03-01 16:21 ` Michael S. Tsirkin
2022-03-01 16:35 ` Jason A. Donenfeld [this message]
2022-03-01 18:01 ` Greg KH
2022-03-01 18:24 ` Jason A. Donenfeld
2022-03-01 19:41 ` Greg KH
2022-03-01 23:12 ` Jason A. Donenfeld
2022-03-02 14:35 ` Jason A. Donenfeld
2022-03-09 10:10 ` Alexander Graf
2022-03-09 22:02 ` Jason A. Donenfeld
2022-03-10 11:18 ` Alexander Graf
2022-03-20 22:53 ` Michael S. Tsirkin
2022-04-19 15:12 ` Jason A. Donenfeld
2022-04-19 16:43 ` Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yh5LTd1k1uB1eGFF@zx2c4.com \
--to=jason@zx2c4.com \
--cc=adrian@parity.io \
--cc=arnd@arndb.de \
--cc=berrange@redhat.com \
--cc=colmmacc@amazon.com \
--cc=graf@amazon.com \
--cc=gregkh@linuxfoundation.org \
--cc=jannh@google.com \
--cc=kvm@vger.kernel.org \
--cc=len.brown@intel.com \
--cc=lersek@redhat.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=linux@dominikbrodowski.net \
--cc=mikelley@microsoft.com \
--cc=mst@redhat.com \
--cc=pavel@ucw.cz \
--cc=qemu-devel@nongnu.org \
--cc=rafael@kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).