[dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes

Yao, Lei A lei.a.yao at intel.com
Wed May 2 07:08:56 CEST 2018

Previous message: [dpdk-dev] [PATCH v2 1/2] net/i40e: fix queue offload initialize
Next message: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi, Maxime

During the 18.05-rc1 performance testing, I find this patch set will bring
slightly performance drop on mergeable and normal path, and big performance
drop on vector path. Could you have a check on this? I know this patch is 
important for security. Not sure if there is any way to improve the performance.

Mergebale	
packet size	
64	0.80%
128	-2.75%
260	-2.93%
520	-2.72%
1024	-1.18%
1500	-0.65%
	
Normal	
packet size	
64	-1.47%
128	-7.43%
260	-3.66%
520	-2.52%
1024	-1.19%
1500	-0.78%
	
Vector	
packet size	
64	-8.60%
128	-3.54%
260	-2.63%
520	-6.12%
1024	-1.05%
1500	-1.20% 

CPU info: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
OS: Ubuntu 16.04

BRs
Lei

> -----Original Message-----
> From: dev [mailto:dev-bounces at dpdk.org] On Behalf Of Maxime Coquelin
> Sent: Monday, April 23, 2018 11:58 PM
> To: dev at dpdk.org
> Cc: Maxime Coquelin <maxime.coquelin at redhat.com>
> Subject: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes
> 
> This series fixes the security vulnerability referenced
> as CVE-2018-1059.
> 
> Patches are already applied to the branch, but reviews
> are encouraged. Any issues spotted would be fixed on top.
> 
> Maxime Coquelin (12):
>   vhost: fix indirect descriptors table translation size
>   vhost: check all range is mapped when translating GPAs
>   vhost: introduce safe API for GPA translation
>   vhost: ensure all range is mapped when translating QVAs
>   vhost: add support for non-contiguous indirect descs tables
>   vhost: handle virtually non-contiguous buffers in Tx
>   vhost: handle virtually non-contiguous buffers in Rx
>   vhost: handle virtually non-contiguous buffers in Rx-mrg
>   examples/vhost: move to safe GPA translation API
>   examples/vhost_scsi: move to safe GPA translation API
>   vhost/crypto: move to safe GPA translation API
>   vhost: deprecate unsafe GPA translation API
> 
>  examples/vhost/virtio_net.c            |  94 +++++++-
>  examples/vhost_scsi/vhost_scsi.c       |  56 ++++-
>  lib/librte_vhost/rte_vhost.h           |  46 ++++
>  lib/librte_vhost/rte_vhost_version.map |   4 +-
>  lib/librte_vhost/vhost.c               |  39 ++--
>  lib/librte_vhost/vhost.h               |   8 +-
>  lib/librte_vhost/vhost_crypto.c        |  65 ++++--
>  lib/librte_vhost/vhost_user.c          |  58 +++--
>  lib/librte_vhost/virtio_net.c          | 411 ++++++++++++++++++++++++++++-
> ----
>  9 files changed, 650 insertions(+), 131 deletions(-)
> 
> --
> 2.14.3

Previous message: [dpdk-dev] [PATCH v2 1/2] net/i40e: fix queue offload initialize
Next message: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list