From: "Catangiu, Adrian Costin" via <qemu-devel@nongnu.org>
To: Alexander Graf <graf@amazon.de>,
"Eric W. Biederman" <ebiederm@xmission.com>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>,
"dgunigun@redhat.com" <dgunigun@redhat.com>,
KVM list <kvm@vger.kernel.org>,
"open list:DOCUMENTATION" <linux-doc@vger.kernel.org>,
"ghammer@redhat.com" <ghammer@redhat.com>,
"vijaysun@ca.ibm.com" <vijaysun@ca.ibm.com>,
"Weiss, Radu" <raduweis@amazon.com>,
Qemu Developers <qemu-devel@nongnu.org>,
Michal Hocko <mhocko@kernel.org>, Andrey Vagin <avagin@gmail.com>,
Pavel Machek <pavel@ucw.cz>,
Pavel Tikhomirov <ptikhomirov@virtuozzo.com>,
linux-s390 <linux-s390@vger.kernel.org>,
Jonathan Corbet <corbet@lwn.net>,
"mpe@ellerman.id.au" <mpe@ellerman.id.au>,
"Michael S. Tsirkin" <mst@redhat.com>,
Eric Biggers <ebiggers@kernel.org>,
Christian Borntraeger <borntraeger@de.ibm.com>,
"Singh, Balbir" <sblbir@amazon.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
"bonzini@gnu.org" <bonzini@gnu.org>, Jann Horn <jannh@google.com>,
"asmehra@redhat.com" <asmehra@redhat.com>,
"oridgar@gmail.com" <oridgar@gmail.com>,
Andy Lutomirski <luto@kernel.org>, "gil@azul.com" <gil@azul.com>,
"MacCarthaigh, Colm" <colmmacc@amazon.com>,
"Theodore Y. Ts'o" <tytso@mit.edu>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"areber@redhat.com" <areber@redhat.com>,
kernel list <linux-kernel@vger.kernel.org>,
Pavel Emelyanov <ovzxemul@gmail.com>,
Mike Rapoport <rppt@kernel.org>,
Linux API <linux-api@vger.kernel.org>,
"Rafael J. Wysocki" <rafael@kernel.org>, Willy Tarreau <w@1wt.eu>,
"Woodhouse, David" <dwmw@amazon.co.uk>
Subject: Re: [PATCH v3] drivers/virt: vmgenid: add vm generation id driver
Date: Mon, 11 Jan 2021 09:35:03 +0200 [thread overview]
Message-ID: <96326843-d4cd-a371-98a7-d9862cbe331b@amazon.com> (raw)
In-Reply-To: <145eaa0b-a118-1d80-7f2c-d73f0d3f1db0@amazon.de>
[-- Attachment #1: Type: text/plain, Size: 4121 bytes --]
+ Eric W. Biederman
Eric's email was filtered by my server for some reason so I can't
directly reply to it, this is the closest thread relative I could answer on.
On 01/12/2020 12:00, Eric W. Biederman wrote:
>
>
> On 27.11.20 19:26, Catangiu, Adrian Costin wrote:
>> - Background
>>
>> The VM Generation ID is a feature defined by Microsoft (paper:
>> http://go.microsoft.com/fwlink/?LinkId=260709) and supported by
>> multiple hypervisor vendors.
>>
>> The feature is required in virtualized environments by apps that work
>> with local copies/caches of world-unique data such as random values,
>> uuids, monotonically increasing counters, etc.
>> Such apps can be negatively affected by VM snapshotting when the VM
>> is either cloned or returned to an earlier point in time.
>>
> How does this differ from /proc/sys/kernel/random/boot_id?
The boot_id only changes at OS boot whereas we need the generation id to
change _while_ the system/guest-os is running - generation changes because
underlyingVM or container goes through a snapshot restore event which is
otherwisetransparent to guest system.
>>
>> The VM Generation ID is a simple concept meant to alleviate the issue
>> by providing a unique ID that changes each time the VM is restored
>> from a snapshot. The hw provided UUID value can be used to
>> differentiate between VMs or different generations of the same VM.
>>
> Does the VM generation ID change in a running that effectively things it
> is running?
Yes, the generation id changes while guest OS is running, the generation
change itself is what lets the guest OS and guest userspace know there's
been a VM or container snapshot restore event.
>>
>> - Problem
>>
>> The VM Generation ID is exposed through an ACPI device by multiple
>> hypervisor vendors but neither the vendors or upstream Linux have no
>> default driver for it leaving users to fend for themselves.
>>
>> Furthermore, simply finding out about a VM generation change is only
>> the starting point of a process to renew internal states of possibly
>> multiple applications across the system. This process could benefit
>> from a driver that provides an interface through which orchestration
>> can be easily done.
>>
>> - Solution
>>
>> This patch is a driver that exposes a monotonic incremental Virtual
>> Machine Generation u32 counter via a char-dev FS interface.
> Earlier it was a UUID now it is 32bit number?
The generation id exposed to userspace is a 32bit monotonic incremental
counter. This counter is internally driven by the acpi vmgenid device. The
128-bit vmgenid-device-provided UUID is only used internally by the driver.
I will make all of this clearer in the next patch version.
>> The FS
>> interface provides sync and async VmGen counter updates notifications.
>> It also provides VmGen counter retrieval and confirmation mechanisms.
>>
>> The generation counter and the interface through which it is exposed
>> are available even when there is no acpi device present.
>>
>> When the device is present, the hw provided UUID is not exposed to
>> userspace, it is internally used by the driver to keep accounting for
>> the exposed VmGen counter. The counter starts from zero when the
>> driver is initialized and monotonically increments every time the hw
>> UUID changes (the VM generation changes).
>> On each hw UUID change, the new hypervisor-provided UUID is also fed
>> to the kernel RNG.
> Should this be a hotplug even rather than a new character device?
>
> Without plugging into udev and the rest of the hotplug infrastructure
> I suspect things will be missed.
That's a good idea, I will look into it.
>>
>> If there is no acpi vmgenid device present, the generation changes are
>> not driven by hw vmgenid events but can be driven by software through
>> a dedicated driver ioctl.
>>
>> This patch builds on top of Or Idgar <oridgar@gmail.com>'s proposal
>> https://lkml.org/lkml/2018/3/1/498
> Eric
>
Amazon Development Center (Romania) S.R.L. registered office: 27A Sf. Lazar Street, UBC5, floor 2, Iasi, Iasi County, 700045, Romania. Registered in Romania. Registration number J22/2621/2005.
[-- Attachment #2: Type: text/html, Size: 7257 bytes --]
next prev parent reply other threads:[~2021-01-11 7:37 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-16 15:34 [PATCH v2] drivers/virt: vmgenid: add vm generation id driver Catangiu, Adrian Costin
2020-11-18 10:30 ` Alexander Graf
2020-11-27 17:17 ` Catangiu, Adrian Costin
2020-12-07 13:23 ` Alexander Graf
2020-11-19 12:02 ` Christian Borntraeger
2020-11-19 12:02 ` Christian Borntraeger
2020-11-19 12:51 ` Alexander Graf
2020-11-19 13:09 ` Christian Borntraeger
2020-11-19 13:09 ` Christian Borntraeger
2020-11-19 17:38 ` Mike Rapoport
2020-11-19 17:38 ` Mike Rapoport
2020-11-19 18:36 ` Alexander Graf
2020-11-19 18:36 ` Alexander Graf
2020-11-20 21:18 ` Dmitry Safonov
2020-11-20 21:18 ` Dmitry Safonov
2020-11-20 21:18 ` Dmitry Safonov
2020-11-27 18:26 ` [PATCH v3] " Catangiu, Adrian Costin
2020-11-27 18:26 ` Catangiu, Adrian Costin
2020-11-28 10:16 ` Mike Rapoport
2020-11-28 10:16 ` Mike Rapoport
2020-11-28 10:16 ` Mike Rapoport
2020-12-01 18:00 ` Eric W. Biederman
2020-12-01 18:00 ` Eric W. Biederman
2020-12-01 18:00 ` Eric W. Biederman
2020-12-07 13:11 ` Alexander Graf
2020-12-07 13:11 ` Alexander Graf
2021-01-11 7:35 ` Catangiu, Adrian Costin via [this message]
2020-11-20 22:29 ` [PATCH v2] " Jann Horn
2020-11-20 22:29 ` Jann Horn
2020-11-27 18:22 ` Jann Horn
2020-11-27 18:22 ` Jann Horn
2020-11-27 19:04 ` Catangiu, Adrian Costin
2020-11-27 20:20 ` Jann Horn
2020-11-27 20:20 ` Jann Horn
2020-12-07 14:22 ` Alexander Graf
2020-12-07 14:22 ` Alexander Graf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=96326843-d4cd-a371-98a7-d9862cbe331b@amazon.com \
--to=qemu-devel@nongnu.org \
--cc=Jason@zx2c4.com \
--cc=acatan@amazon.com \
--cc=areber@redhat.com \
--cc=asmehra@redhat.com \
--cc=avagin@gmail.com \
--cc=bonzini@gnu.org \
--cc=borntraeger@de.ibm.com \
--cc=colmmacc@amazon.com \
--cc=corbet@lwn.net \
--cc=dgunigun@redhat.com \
--cc=dwmw@amazon.co.uk \
--cc=ebiederm@xmission.com \
--cc=ebiggers@kernel.org \
--cc=ghammer@redhat.com \
--cc=gil@azul.com \
--cc=graf@amazon.de \
--cc=gregkh@linuxfoundation.org \
--cc=jannh@google.com \
--cc=kvm@vger.kernel.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mhocko@kernel.org \
--cc=mpe@ellerman.id.au \
--cc=mst@redhat.com \
--cc=oridgar@gmail.com \
--cc=ovzxemul@gmail.com \
--cc=pavel@ucw.cz \
--cc=ptikhomirov@virtuozzo.com \
--cc=raduweis@amazon.com \
--cc=rafael@kernel.org \
--cc=rppt@kernel.org \
--cc=sblbir@amazon.com \
--cc=tytso@mit.edu \
--cc=vijaysun@ca.ibm.com \
--cc=w@1wt.eu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.