From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by dpdk.org (Postfix) with ESMTP id 6002DAAD8 for ; Fri, 18 May 2018 09:15:34 +0200 (CEST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B88A5402290A; Fri, 18 May 2018 07:15:33 +0000 (UTC) Received: from [10.36.112.43] (ovpn-112-43.ams2.redhat.com [10.36.112.43]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DE055111AF18; Fri, 18 May 2018 07:15:32 +0000 (UTC) To: "Yao, Lei A" , "'dev@dpdk.org'" Cc: "Bie, Tiwei" References: <20180423155818.21285-1-maxime.coquelin@redhat.com> <2DBBFF226F7CF64BAFCA79B681719D953A432589@SHSMSX101.ccr.corp.intel.com> <16b1e2a6-c675-a402-4dfa-fd3953b9ff11@redhat.com> <2DBBFF226F7CF64BAFCA79B681719D953A433F9B@SHSMSX101.ccr.corp.intel.com> <2DBBFF226F7CF64BAFCA79B681719D953A44B0A7@SHSMSX101.ccr.corp.intel.com> From: Maxime Coquelin Message-ID: <0e887817-a680-cd1a-a948-03f75777b7d9@redhat.com> Date: Fri, 18 May 2018 09:15:31 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <2DBBFF226F7CF64BAFCA79B681719D953A44B0A7@SHSMSX101.ccr.corp.intel.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Fri, 18 May 2018 07:15:33 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.6]); Fri, 18 May 2018 07:15:33 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'maxime.coquelin@redhat.com' RCPT:'' Subject: Re: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 May 2018 07:15:34 -0000 Hi, On 05/18/2018 04:02 AM, Yao, Lei A wrote: > Hi, Maxime > > Any idea for this performance drop? Will we improve it in this release > or it will be long term work? Thanks. No, it will not be improved for this release. I'll create a Bz to track this so that the release note can mention it. Regards, Maxime > BRs > Lei > >> -----Original Message----- >> From: Yao, Lei A >> Sent: Wednesday, May 2, 2018 8:10 PM >> To: Maxime Coquelin ; dev@dpdk.org >> Cc: Bie, Tiwei >> Subject: RE: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes >> >> >> >>> -----Original Message----- >>> From: Maxime Coquelin [mailto:maxime.coquelin@redhat.com] >>> Sent: Wednesday, May 2, 2018 5:20 PM >>> To: Yao, Lei A ; dev@dpdk.org >>> Cc: Bie, Tiwei >>> Subject: Re: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes >>> >>> Hi Lei, >>> >>> Thanks for the perf report. >>> >>> On 05/02/2018 07:08 AM, Yao, Lei A wrote: >>>> Hi, Maxime >>>> >>>> During the 18.05-rc1 performance testing, I find this patch set will bring >>>> slightly performance drop on mergeable and normal path, and big >>> performance >>>> drop on vector path. Could you have a check on this? I know this patch is >>>> important for security. Not sure if there is any way to improve the >>> performance. >>>> >>> >>> Could you please share info about the use cases you are benchmarking? >>> >> I run vhost/virtio loopback test . >>> There may be ways to improve the performance, for this we would need to >>> profile the code to understand where the bottlenecks are. >>> >>> >>>> Mergebale >>>> packet size >>>> 64 0.80% >>>> 128 -2.75% >>>> 260 -2.93% >>>> 520 -2.72% >>>> 1024 -1.18% >>>> 1500 -0.65% >>>> >>>> Normal >>>> packet size >>>> 64 -1.47% >>>> 128 -7.43% >>>> 260 -3.66% >>>> 520 -2.52% >>>> 1024 -1.19% >>>> 1500 -0.78% >>>> >>>> Vector >>>> packet size >>>> 64 -8.60% >>>> 128 -3.54% >>>> 260 -2.63% >>>> 520 -6.12% >>>> 1024 -1.05% >>>> 1500 -1.20% >>> >>> Are you sure this is only this series that induces such a big >>> performance drop in vector test? I.e. have you run the benchmark >>> just before and right after the series is applied? >> Yes. The performance drop I list here is just compared before and after your >> patch set. The key patch bring performance drop is this commit >> " Commit hash: 41333fba5b98945b8051e7b48f8fe47432cdd356" >> vhost: introduce safe API for GPA translation. >> >> Between 18.02 and 18.05-rc1, there are some other performance drop, but >> not >> so large. I need more git bisect work to identify. >> >> >>> >>> Thanks, >>> Maxime >>>> CPU info: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz >>>> OS: Ubuntu 16.04 >>>> >>>> BRs >>>> Lei >>>> >>>>> -----Original Message----- >>>>> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Maxime >>> Coquelin >>>>> Sent: Monday, April 23, 2018 11:58 PM >>>>> To: dev@dpdk.org >>>>> Cc: Maxime Coquelin >>>>> Subject: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes >>>>> >>>>> This series fixes the security vulnerability referenced >>>>> as CVE-2018-1059. >>>>> >>>>> Patches are already applied to the branch, but reviews >>>>> are encouraged. Any issues spotted would be fixed on top. >>>>> >>>>> Maxime Coquelin (12): >>>>> vhost: fix indirect descriptors table translation size >>>>> vhost: check all range is mapped when translating GPAs >>>>> vhost: introduce safe API for GPA translation >>>>> vhost: ensure all range is mapped when translating QVAs >>>>> vhost: add support for non-contiguous indirect descs tables >>>>> vhost: handle virtually non-contiguous buffers in Tx >>>>> vhost: handle virtually non-contiguous buffers in Rx >>>>> vhost: handle virtually non-contiguous buffers in Rx-mrg >>>>> examples/vhost: move to safe GPA translation API >>>>> examples/vhost_scsi: move to safe GPA translation API >>>>> vhost/crypto: move to safe GPA translation API >>>>> vhost: deprecate unsafe GPA translation API >>>>> >>>>> examples/vhost/virtio_net.c | 94 +++++++- >>>>> examples/vhost_scsi/vhost_scsi.c | 56 ++++- >>>>> lib/librte_vhost/rte_vhost.h | 46 ++++ >>>>> lib/librte_vhost/rte_vhost_version.map | 4 +- >>>>> lib/librte_vhost/vhost.c | 39 ++-- >>>>> lib/librte_vhost/vhost.h | 8 +- >>>>> lib/librte_vhost/vhost_crypto.c | 65 ++++-- >>>>> lib/librte_vhost/vhost_user.c | 58 +++-- >>>>> lib/librte_vhost/virtio_net.c | 411 >>> ++++++++++++++++++++++++++++- >>>>> ---- >>>>> 9 files changed, 650 insertions(+), 131 deletions(-) >>>>> >>>>> -- >>>>> 2.14.3 >>>>