Re: [PATCH 1/1] vfio-ccw: Enable transparent CCW IPL from DASD

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2020-04-24 08:50, Halil Pasic wrote:
On Thu, 23 Apr 2020 16:25:39 -0400
Eric Farman <farman@xxxxxxxxxxxxx> wrote:



On 4/23/20 11:11 AM, Cornelia Huck wrote:
> On Thu, 23 Apr 2020 15:56:20 +0200
> Halil Pasic <pasic@xxxxxxxxxxxxx> wrote:
>
>> On Fri, 17 Apr 2020 14:29:39 -0400
>> Jared Rossi <jrossi@xxxxxxxxxxxxx> wrote:
>>
>>> Remove the explicit prefetch check when using vfio-ccw devices.
>>> This check is not needed as all Linux channel programs are intended
>>> to use prefetch and will be executed in the same way regardless.
>>
>> Hm. This is a guest thing or? So you basically say, it is OK to do
>> this, because you know that the guest is gonna be Linux and that it
>> the channel program is intended to use prefetch -- but the ORB supplied
>> by the guest that designates the channel program happens to state the
>> opposite.
>>
>> Or am I missing something?
>
> I see this as a kind of architecture compliance/ease of administration
> tradeoff, as we none of the guests we currently support uses something
> that breaks with prefetching outside of IPL (which has a different
> workaround).>

And that workaround AFAIR makes sure that we don't issue a CP that is
self-modifying or otherwise reliant on non-prefetch. So any time we see
a self-modifying program we know, we have an incompatible setup.

In any case I believe the commit message is inadequate, as it does not
reflect about the risks.

> One thing that still concerns me a bit is debuggability if a future
> guest indeed does want to dynamically rewrite a channel program: the

+1 for some debuggability, just in general

> guest thinks it instructed the device to not prefetch, and then
> suddenly things do not work as expected. We can log when a guest
> submits an orb without prefetch set, but we can't find out if the guest
> actually does something that relies on non-prefetch.

Without going too far down a non-prefetch rabbit-hole, can we use the
cpa_within_range logic to see if the address of the CCW being fetched
exists as the CDA of an earlier (non-TIC) CCW in the chain we're
processing, and tracing/logging/messaging something about a possible
conflict?

(Jared, you did some level of this tracing with our real/synthetic tests
some time ago.  Any chance something of it could be polished and made
useful, without being overly heavy on the mainline path?)


Back then I believe I made a proposal on how this logic could look like.
I think all we need is checking for self rewrites (ccw reads to the
addresses that comprise the complete original channel program), and for status-modifier 'skips'. The latter could be easily done by putting some
sort of poison at the end of the detected channel program segments.


From what I previously did with the tracing, I don't think that there is a practical way to determine if a cp is actually doing something that relies on non-prefetch. It seems we would need to examine the CCWs to find reads
and also validate the addresses those CCWs access to check if there is a
conflict.  Probably this is too much overhead considering that we expect
it to be a rare occurrence?

Is it too simplistic to print a kernel warning stating that an ORB did not
have the p-bit set, but it is being prefetched anyway?

Regards,
Jared Rossi



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Kernel Development]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Info]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Linux Media]     [Device Mapper]

  Powered by Linux