Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp235336ybe; Wed, 18 Sep 2019 16:14:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqxAaMGgxFTs6+76kdfy9D0CCZo61KPeithbGYAZfjg0fFWAUZ4IHmNEzFK6G4G1+mI/jgS8 X-Received: by 2002:a05:6402:1699:: with SMTP id a25mr13039963edv.91.1568848441628; Wed, 18 Sep 2019 16:14:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568848441; cv=none; d=google.com; s=arc-20160816; b=GLG86GpN2Lhpt2dNpaa5p0UVdJSLn+3r/xCEJZPOSB+dQI1Sb9DAWK20bjZ67hRS0z bC0GvWr1U8jtUHjA7dwSErkL5rysL5NB0fskNxI2lhsPIXc4sdSFAU4RuVboukSN1S0J z8XwYUWQgZbFYW3iTw1r0N1DkxwCMX8EW0do5sjHtzI0AZJXTamODKZG2pQlPnotJ4i1 6rmDJAbNKR3Tpi124YXGw081zF6PzK+dQ4M0GcTPDBgrDgZrEljHO7qEmKv8Rk9YcCeh 4lsviaakYj9PexqbAOupRlX6bhrSjWKN8oT/sSUmxNOA04ym5CVfXr12p6Im3esqbnKs Wtpw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:subject:autocrypt:openpgp:from:references:cc:to; bh=ejW0peZKKgqEifyLAb436WqutgOIDcVB6hsXvyOnooo=; b=aUCiW2RYGlJKU2xzdPxUd5XeJVAAmJ+r6oDQAhE5ckh8cYv8K6z5sy82GXWnsioV1Q yUBG0QIe4iwov945/Wwa5zPPlhlT9YIJrJf9fGFyluryG7zLxqE5lR2ZdwpI8RlSVyO0 0nsiLh5tB629ad/9z/vXFSFrSPUqJsMEJCwut0lN1B7/LsFICSubK/Q15l08j0t+ot2k 0rYF9u/87lzSrfOUk7R0XLDhEqrpiLgHNxsT13/jV3nqGHVsClUgVE/HEv9pxoIHF2sX nbsoj0s7a8uZnqHkUXzhZU9TkvGaN7aUoy1K4JWf8JGeLufQqUE++7HvOkSgCVds3yOd 7+qA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p1si4278280eda.406.2019.09.18.16.13.38; Wed, 18 Sep 2019 16:14:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387930AbfIRVMJ (ORCPT + 99 others); Wed, 18 Sep 2019 17:12:09 -0400 Received: from mga04.intel.com ([192.55.52.120]:7858 "EHLO mga04.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387891AbfIRVMJ (ORCPT ); Wed, 18 Sep 2019 17:12:09 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Sep 2019 14:12:08 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,522,1559545200"; d="scan'208";a="387039966" Received: from schen9-desk.jf.intel.com (HELO [10.54.74.162]) ([10.54.74.162]) by fmsmga005.fm.intel.com with ESMTP; 18 Sep 2019 14:12:07 -0700 To: Julien Desfossez , Peter Zijlstra Cc: Phil Auld , Matthew Garrett , Vineeth Remanan Pillai , Nishanth Aravamudan , mingo@kernel.org, tglx@linutronix.de, pjt@google.com, torvalds@linux-foundation.org, linux-kernel@vger.kernel.org, subhra.mazumdar@oracle.com, fweisbec@gmail.com, keescook@chromium.org, kerrnel@google.com, Aaron Lu , Aubrey Li , Valentin Schneider , Mel Gorman , Pawan Gupta , Paolo Bonzini , Dave Stewart References: <20190827211417.snpwgnhsu5t6u52y@srcf.ucam.org> <20190827215035.GH2332@hirez.programming.kicks-ass.net> <20190828153033.GA15512@pauld.bos.csb> <20190828160114.GE17205@worktop.programming.kicks-ass.net> <20190829143050.GA7262@pauld.bos.csb> <20190829143821.GX2369@hirez.programming.kicks-ass.net> <20190910142717.GA1855@sinkpad> From: Tim Chen Openpgp: preference=signencrypt Autocrypt: addr=tim.c.chen@linux.intel.com; prefer-encrypt=mutual; keydata= mQINBE6ONugBEAC1c8laQ2QrezbYFetwrzD0v8rOqanj5X1jkySQr3hm/rqVcDJudcfdSMv0 BNCCjt2dofFxVfRL0G8eQR4qoSgzDGDzoFva3NjTJ/34TlK9MMouLY7X5x3sXdZtrV4zhKGv 3Rt2osfARdH3QDoTUHujhQxlcPk7cwjTXe4o3aHIFbcIBUmxhqPaz3AMfdCqbhd7uWe9MAZX 7M9vk6PboyO4PgZRAs5lWRoD4ZfROtSViX49KEkO7BDClacVsODITpiaWtZVDxkYUX/D9OxG AkxmqrCxZxxZHDQos1SnS08aKD0QITm/LWQtwx1y0P4GGMXRlIAQE4rK69BDvzSaLB45ppOw AO7kw8aR3eu/sW8p016dx34bUFFTwbILJFvazpvRImdjmZGcTcvRd8QgmhNV5INyGwtfA8sn L4V13aZNZA9eWd+iuB8qZfoFiyAeHNWzLX/Moi8hB7LxFuEGnvbxYByRS83jsxjH2Bd49bTi XOsAY/YyGj6gl8KkjSbKOkj0IRy28nLisFdGBvgeQrvaLaA06VexptmrLjp1Qtyesw6zIJeP oHUImJltjPjFvyfkuIPfVIB87kukpB78bhSRA5mC365LsLRl+nrX7SauEo8b7MX0qbW9pg0f wsiyCCK0ioTTm4IWL2wiDB7PeiJSsViBORNKoxA093B42BWFJQARAQABtDRUaW0gQ2hlbiAo d29yayByZWxhdGVkKSA8dGltLmMuY2hlbkBsaW51eC5pbnRlbC5jb20+iQI+BBMBAgAoAhsD BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAUCXFIuxAUJEYZe0wAKCRCiZ7WKota4STH3EACW 1jBRzdzEd5QeTQWrTtB0Dxs5cC8/P7gEYlYQCr3Dod8fG7UcPbY7wlZXc3vr7+A47/bSTVc0 DhUAUwJT+VBMIpKdYUbvfjmgicL9mOYW73/PHTO38BsMyoeOtuZlyoUl3yoxWmIqD4S1xV04 q5qKyTakghFa+1ZlGTAIqjIzixY0E6309spVTHoImJTkXNdDQSF0AxjW0YNejt52rkGXXSoi IgYLRb3mLJE/k1KziYtXbkgQRYssty3n731prN5XrupcS4AiZIQl6+uG7nN2DGn9ozy2dgTi smPAOFH7PKJwj8UU8HUYtX24mQA6LKRNmOgB290PvrIy89FsBot/xKT2kpSlk20Ftmke7KCa 65br/ExDzfaBKLynztcF8o72DXuJ4nS2IxfT/Zmkekvvx/s9R4kyPyebJ5IA/CH2Ez6kXIP+ q0QVS25WF21vOtK52buUgt4SeRbqSpTZc8bpBBpWQcmeJqleo19WzITojpt0JvdVNC/1H7mF 4l7og76MYSTCqIKcLzvKFeJSie50PM3IOPp4U2czSrmZURlTO0o1TRAa7Z5v/j8KxtSJKTgD lYKhR0MTIaNw3z5LPWCCYCmYfcwCsIa2vd3aZr3/Ao31ZnBuF4K2LCkZR7RQgLu+y5Tr8P7c e82t/AhTZrzQowzP0Vl6NQo8N6C2fcwjSrkCDQROjjboARAAx+LxKhznLH0RFvuBEGTcntrC 3S0tpYmVsuWbdWr2ZL9VqZmXh6UWb0K7w7OpPNW1FiaWtVLnG1nuMmBJhE5jpYsi+yU8sbMA 5BEiQn2hUo0k5eww5/oiyNI9H7vql9h628JhYd9T1CcDMghTNOKfCPNGzQ8Js33cFnszqL4I N9jh+qdg5FnMHs/+oBNtlvNjD1dQdM6gm8WLhFttXNPn7nRUPuLQxTqbuoPgoTmxUxR3/M5A KDjntKEdYZziBYfQJkvfLJdnRZnuHvXhO2EU1/7bAhdz7nULZktw9j1Sp9zRYfKRnQdIvXXa jHkOn3N41n0zjoKV1J1KpAH3UcVfOmnTj+u6iVMW5dkxLo07CddJDaayXtCBSmmd90OG0Odx cq9VaIu/DOQJ8OZU3JORiuuq40jlFsF1fy7nZSvQFsJlSmHkb+cDMZDc1yk0ko65girmNjMF hsAdVYfVsqS1TJrnengBgbPgesYO5eY0Tm3+0pa07EkONsxnzyWJDn4fh/eA6IEUo2JrOrex O6cRBNv9dwrUfJbMgzFeKdoyq/Zwe9QmdStkFpoh9036iWsj6Nt58NhXP8WDHOfBg9o86z9O VMZMC2Q0r6pGm7L0yHmPiixrxWdW0dGKvTHu/DH/ORUrjBYYeMsCc4jWoUt4Xq49LX98KDGN dhkZDGwKnAUAEQEAAYkCJQQYAQIADwIbDAUCXFIulQUJEYZenwAKCRCiZ7WKota4SYqUEACj P/GMnWbaG6s4TPM5Dg6lkiSjFLWWJi74m34I19vaX2CAJDxPXoTU6ya8KwNgXU4yhVq7TMId keQGTIw/fnCv3RLNRcTAapLarxwDPRzzq2snkZKIeNh+WcwilFjTpTRASRMRy9ehKYMq6Zh7 PXXULzxblhF60dsvi7CuRsyiYprJg0h2iZVJbCIjhumCrsLnZ531SbZpnWz6OJM9Y16+HILp iZ77miSE87+xNa5Ye1W1ASRNnTd9ftWoTgLezi0/MeZVQ4Qz2Shk0MIOu56UxBb0asIaOgRj B5RGfDpbHfjy3Ja5WBDWgUQGgLd2b5B6MVruiFjpYK5WwDGPsj0nAOoENByJ+Oa6vvP2Olkl gQzSV2zm9vjgWeWx9H+X0eq40U+ounxTLJYNoJLK3jSkguwdXOfL2/Bvj2IyU35EOC5sgO6h VRt3kA/JPvZK+6MDxXmm6R8OyohR8uM/9NCb9aDw/DnLEWcFPHfzzFFn0idp7zD5SNgAXHzV PFY6UGIm86OuPZuSG31R0AU5zvcmWCeIvhxl5ZNfmZtv5h8TgmfGAgF4PSD0x/Bq4qobcfaL ugWG5FwiybPzu2H9ZLGoaRwRmCnzblJG0pRzNaC/F+0hNf63F1iSXzIlncHZ3By15bnt5QDk l50q2K/r651xphs7CGEdKi1nU0YJVbQxJQ== Subject: Re: [RFC PATCH v3 00/16] Core scheduling v3 Message-ID: Date: Wed, 18 Sep 2019 14:12:07 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0 MIME-Version: 1.0 In-Reply-To: <20190910142717.GA1855@sinkpad> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 9/10/19 7:27 AM, Julien Desfossez wrote: > On 29-Aug-2019 04:38:21 PM, Peter Zijlstra wrote: >> On Thu, Aug 29, 2019 at 10:30:51AM -0400, Phil Auld wrote: >>> I think, though, that you were basically agreeing with me that the current >>> core scheduler does not close the holes, or am I reading that wrong. >> >> Agreed; the missing bits for L1TF are ugly but doable (I've actually >> done them before, Tim has that _somewhere_), but I've not seen a >> 'workable' solution for MDS yet. > The L1TF problem is a much bigger one for HT than MDS. It is relatively easy for a Rogue VM to sniff L1 cached memory locations. While for MDS, it is quite difficult for the attacker to associate data in the cpu buffers with specific memory to make the sniffed data useful. Even if we don't have a complete solution yet for MDS HT vulnerability, it is worthwhile to plug the L1TF hole for HT first with core scheduler, as L1TF is much more exploitable. Tim > Following the discussion we had yesterday at LPC, after we have agreed > on a solution for fixing the current fairness issue, we will post the > v4. We will then work on prototyping the other synchronisation points > (syscalls, interrupts and VMEXIT) to evaluate the overhead in various > use-cases. > > Depending on the use-case, we know the performance overhead maybe > heavier than just disabling SMT, but the benchmarks we have seen so far > indicate that there are valid cases for core scheduling. Core scheduling > will continue to be unused by default, but with it, we will have the > option to tune the system to be both secure and faster than disabling > SMT for those cases. > > Thanks, > > Julien > > P.S: I think the branch that contains the VMEXIT handling is here > https://github.com/pdxChen/gang/commits/sched_1.23-base >