From: "Yao, Lei A" <lei.a.yao@intel.com>
To: Maxime Coquelin <maxime.coquelin@redhat.com>,
"dev@dpdk.org" <dev@dpdk.org>
Cc: "Bie, Tiwei" <tiwei.bie@intel.com>
Subject: Re: [PATCH 00/12] Vhost: CVE-2018-1059 fixes
Date: Wed, 2 May 2018 05:08:56 +0000 [thread overview]
Message-ID: <2DBBFF226F7CF64BAFCA79B681719D953A432589@SHSMSX101.ccr.corp.intel.com> (raw)
In-Reply-To: <20180423155818.21285-1-maxime.coquelin@redhat.com>
Hi, Maxime
During the 18.05-rc1 performance testing, I find this patch set will bring
slightly performance drop on mergeable and normal path, and big performance
drop on vector path. Could you have a check on this? I know this patch is
important for security. Not sure if there is any way to improve the performance.
Mergebale
packet size
64 0.80%
128 -2.75%
260 -2.93%
520 -2.72%
1024 -1.18%
1500 -0.65%
Normal
packet size
64 -1.47%
128 -7.43%
260 -3.66%
520 -2.52%
1024 -1.19%
1500 -0.78%
Vector
packet size
64 -8.60%
128 -3.54%
260 -2.63%
520 -6.12%
1024 -1.05%
1500 -1.20%
CPU info: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
OS: Ubuntu 16.04
BRs
Lei
> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Maxime Coquelin
> Sent: Monday, April 23, 2018 11:58 PM
> To: dev@dpdk.org
> Cc: Maxime Coquelin <maxime.coquelin@redhat.com>
> Subject: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes
>
> This series fixes the security vulnerability referenced
> as CVE-2018-1059.
>
> Patches are already applied to the branch, but reviews
> are encouraged. Any issues spotted would be fixed on top.
>
> Maxime Coquelin (12):
> vhost: fix indirect descriptors table translation size
> vhost: check all range is mapped when translating GPAs
> vhost: introduce safe API for GPA translation
> vhost: ensure all range is mapped when translating QVAs
> vhost: add support for non-contiguous indirect descs tables
> vhost: handle virtually non-contiguous buffers in Tx
> vhost: handle virtually non-contiguous buffers in Rx
> vhost: handle virtually non-contiguous buffers in Rx-mrg
> examples/vhost: move to safe GPA translation API
> examples/vhost_scsi: move to safe GPA translation API
> vhost/crypto: move to safe GPA translation API
> vhost: deprecate unsafe GPA translation API
>
> examples/vhost/virtio_net.c | 94 +++++++-
> examples/vhost_scsi/vhost_scsi.c | 56 ++++-
> lib/librte_vhost/rte_vhost.h | 46 ++++
> lib/librte_vhost/rte_vhost_version.map | 4 +-
> lib/librte_vhost/vhost.c | 39 ++--
> lib/librte_vhost/vhost.h | 8 +-
> lib/librte_vhost/vhost_crypto.c | 65 ++++--
> lib/librte_vhost/vhost_user.c | 58 +++--
> lib/librte_vhost/virtio_net.c | 411 ++++++++++++++++++++++++++++-
> ----
> 9 files changed, 650 insertions(+), 131 deletions(-)
>
> --
> 2.14.3
next prev parent reply other threads:[~2018-05-02 5:09 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-23 15:58 [PATCH 00/12] Vhost: CVE-2018-1059 fixes Maxime Coquelin
2018-04-23 15:58 ` [PATCH 01/12] vhost: fix indirect descriptors table translation size Maxime Coquelin
2018-04-23 15:58 ` [PATCH 02/12] vhost: check all range is mapped when translating GPAs Maxime Coquelin
2018-04-23 15:58 ` [PATCH 03/12] vhost: introduce safe API for GPA translation Maxime Coquelin
2018-04-23 15:58 ` [PATCH 04/12] vhost: ensure all range is mapped when translating QVAs Maxime Coquelin
2018-04-23 15:58 ` [PATCH 05/12] vhost: add support for non-contiguous indirect descs tables Maxime Coquelin
2018-04-23 15:58 ` [PATCH 06/12] vhost: handle virtually non-contiguous buffers in Tx Maxime Coquelin
2018-04-23 15:58 ` [PATCH 07/12] vhost: handle virtually non-contiguous buffers in Rx Maxime Coquelin
2018-04-23 15:58 ` [PATCH 08/12] vhost: handle virtually non-contiguous buffers in Rx-mrg Maxime Coquelin
2018-04-23 15:58 ` [PATCH 09/12] examples/vhost: move to safe GPA translation API Maxime Coquelin
2018-04-23 15:58 ` [PATCH 10/12] examples/vhost_scsi: " Maxime Coquelin
2018-04-23 15:58 ` [PATCH 11/12] vhost/crypto: " Maxime Coquelin
2018-04-23 15:58 ` [PATCH 12/12] vhost: deprecate unsafe " Maxime Coquelin
2018-05-02 5:08 ` Yao, Lei A [this message]
2018-05-02 9:20 ` [PATCH 00/12] Vhost: CVE-2018-1059 fixes Maxime Coquelin
2018-05-02 12:10 ` Yao, Lei A
2018-05-18 2:02 ` Yao, Lei A
2018-05-18 7:15 ` Maxime Coquelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2DBBFF226F7CF64BAFCA79B681719D953A432589@SHSMSX101.ccr.corp.intel.com \
--to=lei.a.yao@intel.com \
--cc=dev@dpdk.org \
--cc=maxime.coquelin@redhat.com \
--cc=tiwei.bie@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.