Received: by 10.192.165.148 with SMTP id m20csp4003336imm;
        Tue, 8 May 2018 00:56:13 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZrwv+FhK4A2KVvTOHGSLZ5HeD3hadNWJwdTPkPCMwJMJK2r6C7mEVs0f00mxPLu5R7pAG9q
X-Received: by 2002:a17:902:1e3:: with SMTP id b90-v6mr39466204plb.273.1525766173540;
        Tue, 08 May 2018 00:56:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1525766173; cv=none;
        d=google.com; s=arc-20160816;
        b=pltPwYC5s3vVX4XfR4MXK0AYL6sQ7ug1QJJIVuXs0Z46fpJg4T+IEO89xFqae1Qpro
         BY38rW6p9wXkJ1nxGYFpQsiwLooodbDHhM5mT6OK0DzRc57WXhLwbDlvtaRHmnBZ1IZh
         DtF4abX83FPdPrXl5+73Z+si/ZeYjDdYE2LwwE5jarVbSnp9ajxZjEy+Che9tJ3LvOFw
         9U8HPl9Dr4PBITk1NAPAbNx8NYHYPLaLJ2SMnKoG4bYPYviitY2YW/ymsZe6wbJjtk5W
         BNFjmCbDq+fCgGqhBsrf63n8wnar8cnRzGgJ75UA53uTR1zMUVo9PZ2tnzUPMkqWiCQl
         m9Ew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject
         :message-id:date:from:references:in-reply-to:mime-version
         :dkim-signature:arc-authentication-results;
        bh=QUZR2+6ICZxWT58I6rXrbkkWLa1l5d0V3yDz0o0piCU=;
        b=E/yOovgsE5wP2+Y3h5MY6wyH13qciprop4InOy8brSciS1Jeqrv74rHVJS0Ni7MHtg
         7oMzta7gkoEVDbcP6AwDiNUjNSXKjEVeThSBC+kYRjutIcrQJgxK+ik+EOuGNiBjk0vN
         Yo+eXpbYuTrTFPRtpN2b+UvrToQpp7P37343nyYEIPMIpDPXYKUdVrJ9Bl/9xKWt/zVB
         8rueXmqyHjPlpMn6LzXPNLzTUjD7NpAwHQphoM6DXkaKZnD1iV1Ws8eMY4ZahCfByJUF
         yfueCfAd4b1VzVNdkx4tvCfKFjL7kzEPHnFqy6zhNTc2DFlc8fSBX03qqo9opqOeczVg
         0PvA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=NpcNS1rJ;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id l81si23821667pfj.127.2018.05.08.00.55.59;
        Tue, 08 May 2018 00:56:13 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=NpcNS1rJ;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1754546AbeEHHzk (ORCPT <rfc822;gklkml16@gmail.com> + 99 others);
        Tue, 8 May 2018 03:55:40 -0400
Received: from mail-oi0-f68.google.com ([209.85.218.68]:32997 "EHLO
        mail-oi0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1754269AbeEHHzi (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 8 May 2018 03:55:38 -0400
Received: by mail-oi0-f68.google.com with SMTP id k5-v6so20741000oiw.0;
        Tue, 08 May 2018 00:55:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc:content-transfer-encoding;
        bh=QUZR2+6ICZxWT58I6rXrbkkWLa1l5d0V3yDz0o0piCU=;
        b=NpcNS1rJCRf3fScOJBeN4Ru585GAj7B6wTXIY/XJVMU+01kS+YPX8BE0NdYJihYKuh
         AvXtehCwBMn/7oOW0wGhfSoqepBYT3mX6ZYkaHjyVwghv6t0JVcIzNUoIlpW48XX93xB
         wziJkYlvwFohRmf3yh2qSSg/AOvU2s8SO+SrxDpxSDorGOEXcMnKp0vNYI32/UoAW2kr
         NJW5b6I4HUewmCuJJKuV+RyXqOuETyI3qbV1ymmpLhLK9zoI/xZWh8MHPlIZrLA5lFyi
         fAjMOaZTswkqMYbduB/Y7sdNj6MTLlKzF8ErIGHTVyhjIQ0o7zZh181Jz8NELQ8WuRjh
         NhKQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc:content-transfer-encoding;
        bh=QUZR2+6ICZxWT58I6rXrbkkWLa1l5d0V3yDz0o0piCU=;
        b=EMZPq9dUddWYIcjd0atLJ5oCP5Us1n0nMsqitkkKX8rQJZpy1RA61Sax8qrd3CNZ/Z
         QBs7Q/HK2vUhy6jcY+2YdOmHVaiNCXxzZn2aFpMchGCfCsJ1NktpVfDvOOsBY15whJg8
         0flM4KazOaL+qywaN8t+2WF3PMruCW7OkGiFtbakXzPU8J244yoD3ftA4cE5fm7KlvdH
         Jw3aTdZDsPhv22w+jU6F/UWaGQk6BJ81QWsUFyYOBZV9Bw8C0VEJrfJkMGz/fkZRk4iS
         VGf1mKAbiBu7iXLQH4NbrAZYueZwh4sgt77AyGlPlPxVCcvtNfEENt4wFVqRc0MJEeMq
         cyug==
X-Gm-Message-State: ALQs6tD08KPAlKDtzM5Ji8uTcW4j2zrsOeI/D6s2sig9WSxZGQm7KD5f
        Kbl9xGYLndMl5axBnyDoNn5roHYUrWoyu4Mn5rU=
X-Received: by 2002:aca:b2c6:: with SMTP id b189-v6mr26487961oif.186.1525766138098;
 Tue, 08 May 2018 00:55:38 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.74.70.211 with HTTP; Tue, 8 May 2018 00:55:37 -0700 (PDT)
In-Reply-To: <1523943962-25415-1-git-send-email-wanpengli@tencent.com>
References: <1523943962-25415-1-git-send-email-wanpengli@tencent.com>
From:   Wanpeng Li <kernellwp@gmail.com>
Date:   Tue, 8 May 2018 15:55:37 +0800
Message-ID: <CANRm+CzEdE2xMWju56g8jPVAHQ7BTue_=CV+zP6_46dpfb3Kgg@mail.gmail.com>
Subject: Re: [PATCH 0/3] KVM: VMX: Allow to disable ioport intercept per-VM by userspace
To:     LKML <linux-kernel@vger.kernel.org>, kvm <kvm@vger.kernel.org>
Cc:     Paolo Bonzini <pbonzini@redhat.com>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Tim Shearer <tshearer@advaoptical.com>,
        Liran Alon <liran.alon@oracle.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

2018-04-17 13:45 GMT+08:00 Wanpeng Li <kernellwp@gmail.com>:
> Tim Shearer reported that "There is a guest which is running a packet
> forwarding app based on the DPDK (dpdk.org). The packet receive routine
> writes to 0xc070 using glibc's "outw_p" function which does an additional
> write to I/O port 0x80. It does this write for every packet that's
> received, causing a flood of KVM userspace context switches". He uses
> mpstat to observe a CPU performing L2 packet forwarding on a pinned
> guest vCPU, the guest time is 95 percent when allowing I/O port 0x80
> bypass, however, it is 65.78 percent when I/O port 0x80 bypss is
> disabled.
>
> This patchset introduces per-VM I/O permission bitmaps, the userspace
> can disable the ioport intercept when they are more concern the
> performance than the security.
>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Radim Kr=C4=8Dm=C3=A1=C5=99 <rkrcmar@redhat.com>
> Cc: Tim Shearer <tshearer@advaoptical.com>
> Cc: Liran Alon <liran.alon@oracle.com>
>

Hi Paolo,

Did you send the patch to glibc or the patchset still can be considered?

Regards,
Wanpeng Li

> Wanpeng Li (3):
>   KVM: VMX: Introduce per-VM I/O permission bitmaps
>   KVM: X86: Allow userspace to disable ioport intercept
>   KVM: VMX: Allow I/O port 0x80 bypass when userspace prefer
>
>  Documentation/virtual/kvm/api.txt | 11 +++++++++++
>  arch/x86/include/asm/kvm_host.h   |  2 ++
>  arch/x86/kvm/vmx.c                | 41 +++++++++++++++++++++++++++++++++=
+++---
>  arch/x86/kvm/x86.c                |  5 +++++
>  include/uapi/linux/kvm.h          |  1 +
>  5 files changed, 57 insertions(+), 3 deletions(-)
>
> --
> 2.7.4
>