From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by dpdk.org (Postfix) with ESMTP id BDE81DD2 for ; Wed, 2 May 2018 11:20:10 +0200 (CEST) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3C0F081A88B3; Wed, 2 May 2018 09:20:10 +0000 (UTC) Received: from [10.36.112.54] (ovpn-112-54.ams2.redhat.com [10.36.112.54]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 81FE063539; Wed, 2 May 2018 09:20:09 +0000 (UTC) To: "Yao, Lei A" , "dev@dpdk.org" Cc: "Bie, Tiwei" References: <20180423155818.21285-1-maxime.coquelin@redhat.com> <2DBBFF226F7CF64BAFCA79B681719D953A432589@SHSMSX101.ccr.corp.intel.com> From: Maxime Coquelin Message-ID: <16b1e2a6-c675-a402-4dfa-fd3953b9ff11@redhat.com> Date: Wed, 2 May 2018 11:20:07 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <2DBBFF226F7CF64BAFCA79B681719D953A432589@SHSMSX101.ccr.corp.intel.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Wed, 02 May 2018 09:20:10 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Wed, 02 May 2018 09:20:10 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'maxime.coquelin@redhat.com' RCPT:'' Subject: Re: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 May 2018 09:20:11 -0000 Hi Lei, Thanks for the perf report. On 05/02/2018 07:08 AM, Yao, Lei A wrote: > Hi, Maxime > > During the 18.05-rc1 performance testing, I find this patch set will bring > slightly performance drop on mergeable and normal path, and big performance > drop on vector path. Could you have a check on this? I know this patch is > important for security. Not sure if there is any way to improve the performance. > Could you please share info about the use cases you are benchmarking? There may be ways to improve the performance, for this we would need to profile the code to understand where the bottlenecks are. > Mergebale > packet size > 64 0.80% > 128 -2.75% > 260 -2.93% > 520 -2.72% > 1024 -1.18% > 1500 -0.65% > > Normal > packet size > 64 -1.47% > 128 -7.43% > 260 -3.66% > 520 -2.52% > 1024 -1.19% > 1500 -0.78% > > Vector > packet size > 64 -8.60% > 128 -3.54% > 260 -2.63% > 520 -6.12% > 1024 -1.05% > 1500 -1.20% Are you sure this is only this series that induces such a big performance drop in vector test? I.e. have you run the benchmark just before and right after the series is applied? Thanks, Maxime > CPU info: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz > OS: Ubuntu 16.04 > > BRs > Lei > >> -----Original Message----- >> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Maxime Coquelin >> Sent: Monday, April 23, 2018 11:58 PM >> To: dev@dpdk.org >> Cc: Maxime Coquelin >> Subject: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes >> >> This series fixes the security vulnerability referenced >> as CVE-2018-1059. >> >> Patches are already applied to the branch, but reviews >> are encouraged. Any issues spotted would be fixed on top. >> >> Maxime Coquelin (12): >> vhost: fix indirect descriptors table translation size >> vhost: check all range is mapped when translating GPAs >> vhost: introduce safe API for GPA translation >> vhost: ensure all range is mapped when translating QVAs >> vhost: add support for non-contiguous indirect descs tables >> vhost: handle virtually non-contiguous buffers in Tx >> vhost: handle virtually non-contiguous buffers in Rx >> vhost: handle virtually non-contiguous buffers in Rx-mrg >> examples/vhost: move to safe GPA translation API >> examples/vhost_scsi: move to safe GPA translation API >> vhost/crypto: move to safe GPA translation API >> vhost: deprecate unsafe GPA translation API >> >> examples/vhost/virtio_net.c | 94 +++++++- >> examples/vhost_scsi/vhost_scsi.c | 56 ++++- >> lib/librte_vhost/rte_vhost.h | 46 ++++ >> lib/librte_vhost/rte_vhost_version.map | 4 +- >> lib/librte_vhost/vhost.c | 39 ++-- >> lib/librte_vhost/vhost.h | 8 +- >> lib/librte_vhost/vhost_crypto.c | 65 ++++-- >> lib/librte_vhost/vhost_user.c | 58 +++-- >> lib/librte_vhost/virtio_net.c | 411 ++++++++++++++++++++++++++++- >> ---- >> 9 files changed, 650 insertions(+), 131 deletions(-) >> >> -- >> 2.14.3 >