Re: [RFC PATCH v7 17/23] kernel/entry: Add support for core-wide protection of kernel-mode

From: Dario Faggioli
Date: Thu Sep 03 2020 - 10:34:37 EST

Next message: Christoph Hellwig: "[PATCH 03/14] proc: add a read_iter method to proc proc_ops"
Previous message: Vignesh Raghavendra: "Re: [PATCH V2 7/8] arm64: dts: ti: k3-am65-wakeup: Use generic temperature-sensor for node name"
In reply to: Joel Fernandes: "Re: [RFC PATCH v7 17/23] kernel/entry: Add support for core-wide protection of kernel-mode"
Next in thread: Joel Fernandes: "Re: [RFC PATCH v7 17/23] kernel/entry: Add support for core-wide protection of kernel-mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2020-09-03 at 00:34 -0400, Joel Fernandes wrote:
> On Wed, Sep 2, 2020 at 12:57 PM Dario Faggioli <dfaggioli@xxxxxxxx>
> wrote:
> > 2) protection of the kernel from the other thread running in
> > userspace
> > may be achieved in different ways. This is one, sure. ASI will
> > probably
> > be another. Hence if/when we'll have both, this and ASI, it would
> > be
> > cool to be able to configure the system in such a way that there is
> > only one active, to avoid paying the price of both! :-)
>
> Actually, no. Part of ASI will involve exactly what this patch does -
> IPI-pausing siblings but ASI does so when they have no choice but to
> switch away from the "limited kernel" mapping, into the full host
> kernel mapping. I am not sure if they have yet implemented that part
> but they do talk of it in [1] and in their pretty LPC slides. It is
> just that ASI tries to avoid that scenario of kicking all siblings
> out
> of guest mode. So, maybe this patch can be a stepping stone to ASI.
>
Ah, sure! I mean, it of course depends on how things get mixed
together, which we still don't know. :-)

I know that ASI wants to do this very same thing some times. I just
wanted to say that we need/want only one mechanism for doing that, in
place at any given time.

If that mechanism will be this one, and ASI then uses it (e.g., in a
scenario where for whatever reason one wants ASI with the kicking but
not Core Scheduling), then great, I agree, and everything does makes
sense.

> Why do you feel that ASI on its own offers some magical protection
> that eliminates the need for this patch?
>
I don't. I was just trying to think at different use cases, how they
mix and match, etc. But as you're suggesting (and as Thomas has shown
very clearly in another reply to this email), the thing that makes the
most sense is to have one mechanism for the kicking, used by anyone
that needs it. :-)

Thanks and Regards
--
Dario Faggioli, Ph.D
http://about.me/dario.faggioli
Virtualization Software Engineer
SUSE Labs, SUSE https://www.suse.com/
-------------------------------------------------------------------
<<This happens because _I_ choose it to happen!>> (Raistlin Majere)

Attachment: signature.asc
Description: This is a digitally signed message part

Next message: Christoph Hellwig: "[PATCH 03/14] proc: add a read_iter method to proc proc_ops"
Previous message: Vignesh Raghavendra: "Re: [PATCH V2 7/8] arm64: dts: ti: k3-am65-wakeup: Use generic temperature-sensor for node name"
In reply to: Joel Fernandes: "Re: [RFC PATCH v7 17/23] kernel/entry: Add support for core-wide protection of kernel-mode"
Next in thread: Joel Fernandes: "Re: [RFC PATCH v7 17/23] kernel/entry: Add support for core-wide protection of kernel-mode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]