From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joanna Rutkowska Subject: Re: S3 sleep in dom0 breaks dom0<->domU wallclock synchronization Date: Thu, 01 Jul 2010 17:18:22 +0200 Message-ID: <4C2CB1BE.2080804@invisiblethingslab.com> References: Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0727533071==" Return-path: In-Reply-To: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Keir Fraser Cc: "xen-devel@lists.xensource.com" , Rafal Wojtczuk List-Id: xen-devel@lists.xenproject.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0727533071== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigCCFD35B6F24D41B6F79B574F" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigCCFD35B6F24D41B6F79B574F Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 07/01/10 16:50, Keir Fraser wrote: > On 01/07/2010 04:04, "Rafal Wojtczuk" wr= ote: >=20 >> Hello, >> xen-3.4.3 x86_64, dom0 2.6.34-9.xenlinux as dom0, >> 2.6.32.14-1.2.105.pvops0 in PV domU. /proc/sys/xen/independent_wallclo= ck is >> 0. >> After resume from S3 sleep in dom0, the wall clock in domU is >> desynchronized from dom0's one (the delta is the length of S3 sleep). = It >> does not seem that adj_timex is in progress (the delta is constant in = time). >> >> Is it a known issue ? If so, could someone point me to a solution ? >=20 > I think that pv_ops domU kernels pick up Xen's wallclock at boot time, = but > won't listen for updates thereafter. So if you ran a non-pv_ops domU, y= ou'd > probably find that its wallclock would be correctly updated after S3. C= c'ing > Jeremy as he'll be able to confirm this. I think his answer will be tha= t you > should run ntp in every guest, but I'm not sure how that will react to > unexpected warps in time. >=20 Actually we're running a pvops kernel in DomUs (in fact a fairly recent pvops0, as we had some bad experience with regular Fedora kernels in DomU= ). Running an NTP in every VM is not a good solution. Some VMs might be forbidden any access to the network (e.g. my "vault" VM, that I use for storing passwords, and other very sensitive stuff, doesn't have any networking), while some other might be allowed only very limited network traffic, e.g. only HTTPS to specific, white-listed servers (e.g. "banking" VM). joanna. --------------enigCCFD35B6F24D41B6F79B574F Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkwsscMACgkQORdkotfEW85NXgCgzSY65/PhtVjrSi1aoWf2wzW1 EGAAn3S7Y094klG22E8li2wkOikaUbPA =PuLR -----END PGP SIGNATURE----- --------------enigCCFD35B6F24D41B6F79B574F-- --===============0727533071== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --===============0727533071==--