[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v7] kvm: notify host when the guest is panicked

From: Sasha Levin
Subject: Re: [Qemu-devel] [PATCH v7] kvm: notify host when the guest is panicked
Date: Mon, 23 Jul 2012 01:35:29 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120713 Thunderbird/13.0

On 07/23/2012 12:29 AM, Anthony Liguori wrote:
> Sasha Levin <address@hidden> writes:
>> On 07/22/2012 10:19 PM, Sasha Levin wrote:
>>> On 07/22/2012 09:22 PM, Anthony Liguori wrote:
>>>> Sasha Levin <address@hidden> writes:
>>>>> On 07/21/2012 09:12 AM, Wen Congyang wrote:
>>>>>> +#define KVM_PV_PORT     (0x505UL)
>>>>>> +
>>>>>>  #ifdef __KERNEL__
>>>>>>  #include <asm/processor.h>
>>>>>> @@ -221,6 +223,11 @@ static inline void kvm_disable_steal_time(void)
>>>>>>  }
>>>>>>  #endif
>>>>>> +static inline unsigned int kvm_arch_pv_features(void)
>>>>>> +{
>>>>>> +        return inl(KVM_PV_PORT);
>>>>>> +}
>>>>>> +
>>>>> Why is this safe?
>>>>> I'm not sure you can just pick any ioport you'd like and use it.
>>>> There are three ways I/O ports get used on a PC:
>>>> 1) Platform devices
>>>>  - This is well defined since the vast majority of platform devices are
>>>>    implemented within a single chip.  If you're emulating an i440fx
>>>>    chipset, the PIIX4 spec has an exhaustive list.
>>>> 2) PCI devices
>>>>  - Typically, PCI only allocates ports starting at 0x0d00 to avoid
>>>>    conflicts with ISA devices.
>>>> 3) ISA devices
>>>>  - ISA uses subtractive decoding so any ISA device can access.  In
>>>>    theory, an ISA device could attempt to use port 0x0505 but it's
>>>>    unlikely.  In a modern guest, there aren't really any ISA devices being
>>>>    added either.
>>>> So yes, picking port 0x0505 is safe for something like this (as long as
>>>> you check to make sure that you really are under KVM).
>>> Is there anything that actually prevents me from using PCI ports lower than 
>>> 0x0d00? As you said in (3), ISA isn't really used anymore (nor is 
>>> implemented by lkvm for example), so placing PCI below 0x0d00 might even 
>>> make sense in that case.
>>> Furthermore, I can place one of these brand new virtio-mmio devices which 
>>> got introduced recently wherever I want right now - Having a device that 
>>> uses 0x505 would cause a pretty non-obvious failure mode.
>>> Either way, If we are going to grab an ioport, then:
>>>  - It should be documented well somewhere in Documentation/virt/kvm
>>>  - It should go through request_region() to actually claim those ioports.
>>>  - It should fail gracefully if that port is taken for some reason, instead 
>>> of not even checking it.
>> Out of curiosity I tested that, and apparently lkvm has no problem 
>> allocating virtio-pci devices in that range:
>> sh-4.2# pwd
>> /sys/devices/pci0000:00/0000:00:01.0
>> sh-4.2# cat resource | head -n1
>> 0x0000000000000500 0x00000000000005ff 0x0000000000040101
>> This was with the commit in question applied.
> With all due respect, lkvm has a half-baked implementation of PCI.  This
> is why you have to pass kernel parameters to disable ACPI and disable
> PCI BIOS probing.
> So yeah, you can do funky things in lkvm but that doesn't mean a system
> that emulated actual hardware would ever do that.

We disable ACPI simply because we don't support it. MPtable is a perfectly 
valid mechanism to do everything we need so far, so implementing ACPI didn't 
interest either of us too much. What's more - why implement a "complete design 
disaster in every way" ;)

Regarding PCI probing, while we do force the use of direct memory probing this 
is because we lack anything which reassembles a BIOS. Like the above, this 
wasn't too interesting in a virtualized environment, and the kernel is pretty 
happy running without it. PCI probing does happen in a standard way.

I think that the interesting part in that test was not that you could actually 
put a PCI device in the 0x500 range, but that nothing failed and no one yelled 
at me (with the panic commit applied).

I'm not worried about port 0x505 being taken, I'm worried that it'll silently 
break a (although not very common/reasonable/typical) perfectly valid use case.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]