[dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes

Maxime Coquelin maxime.coquelin at redhat.com
Fri May 18 09:15:31 CEST 2018

Previous message: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes
Next message: [dpdk-dev] [PATCH v2] net/i40e: fix missing some offload capabilities
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On 05/18/2018 04:02 AM, Yao, Lei A wrote:
> Hi, Maxime
> 
> Any idea for this performance drop? Will we improve it in this release
> or it will be long term work? Thanks.

No, it will not be improved for this release. I'll create a Bz to track
this so that the release note can mention it.

Regards,
Maxime

> BRs
> Lei
> 
>> -----Original Message-----
>> From: Yao, Lei A
>> Sent: Wednesday, May 2, 2018 8:10 PM
>> To: Maxime Coquelin <maxime.coquelin at redhat.com>; dev at dpdk.org
>> Cc: Bie, Tiwei <tiwei.bie at intel.com>
>> Subject: RE: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes
>>
>>
>>
>>> -----Original Message-----
>>> From: Maxime Coquelin [mailto:maxime.coquelin at redhat.com]
>>> Sent: Wednesday, May 2, 2018 5:20 PM
>>> To: Yao, Lei A <lei.a.yao at intel.com>; dev at dpdk.org
>>> Cc: Bie, Tiwei <tiwei.bie at intel.com>
>>> Subject: Re: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes
>>>
>>> Hi Lei,
>>>
>>> Thanks for the perf report.
>>>
>>> On 05/02/2018 07:08 AM, Yao, Lei A wrote:
>>>> Hi, Maxime
>>>>
>>>> During the 18.05-rc1 performance testing, I find this patch set will bring
>>>> slightly performance drop on mergeable and normal path, and big
>>> performance
>>>> drop on vector path. Could you have a check on this? I know this patch is
>>>> important for security. Not sure if there is any way to improve the
>>> performance.
>>>>
>>>
>>> Could you please share info about the use cases you are benchmarking?
>>>
>> I run vhost/virtio loopback test .
>>> There may be ways to improve the performance, for this we would need to
>>> profile the code to understand where the bottlenecks are.
>>>
>>>
>>>> Mergebale
>>>> packet size
>>>> 64	0.80%
>>>> 128	-2.75%
>>>> 260	-2.93%
>>>> 520	-2.72%
>>>> 1024	-1.18%
>>>> 1500	-0.65%
>>>>
>>>> Normal
>>>> packet size
>>>> 64	-1.47%
>>>> 128	-7.43%
>>>> 260	-3.66%
>>>> 520	-2.52%
>>>> 1024	-1.19%
>>>> 1500	-0.78%
>>>>
>>>> Vector
>>>> packet size
>>>> 64	-8.60%
>>>> 128	-3.54%
>>>> 260	-2.63%
>>>> 520	-6.12%
>>>> 1024	-1.05%
>>>> 1500	-1.20%
>>>
>>> Are you sure this is only this series that induces such a big
>>> performance drop in vector test? I.e. have you run the benchmark
>>> just before and right after the series is applied?
>> Yes. The performance drop I list here is just compared before and after your
>> patch set. The key patch bring performance drop is this commit
>> " Commit hash:	41333fba5b98945b8051e7b48f8fe47432cdd356"
>> vhost: introduce safe API for GPA translation.
>>
>> Between 18.02 and 18.05-rc1, there are some other performance drop, but
>> not
>> so large. I need more git bisect work to identify.
>>
>>
>>>
>>> Thanks,
>>> Maxime
>>>> CPU info: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
>>>> OS: Ubuntu 16.04
>>>>
>>>> BRs
>>>> Lei
>>>>
>>>>> -----Original Message-----
>>>>> From: dev [mailto:dev-bounces at dpdk.org] On Behalf Of Maxime
>>> Coquelin
>>>>> Sent: Monday, April 23, 2018 11:58 PM
>>>>> To: dev at dpdk.org
>>>>> Cc: Maxime Coquelin <maxime.coquelin at redhat.com>
>>>>> Subject: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes
>>>>>
>>>>> This series fixes the security vulnerability referenced
>>>>> as CVE-2018-1059.
>>>>>
>>>>> Patches are already applied to the branch, but reviews
>>>>> are encouraged. Any issues spotted would be fixed on top.
>>>>>
>>>>> Maxime Coquelin (12):
>>>>>     vhost: fix indirect descriptors table translation size
>>>>>     vhost: check all range is mapped when translating GPAs
>>>>>     vhost: introduce safe API for GPA translation
>>>>>     vhost: ensure all range is mapped when translating QVAs
>>>>>     vhost: add support for non-contiguous indirect descs tables
>>>>>     vhost: handle virtually non-contiguous buffers in Tx
>>>>>     vhost: handle virtually non-contiguous buffers in Rx
>>>>>     vhost: handle virtually non-contiguous buffers in Rx-mrg
>>>>>     examples/vhost: move to safe GPA translation API
>>>>>     examples/vhost_scsi: move to safe GPA translation API
>>>>>     vhost/crypto: move to safe GPA translation API
>>>>>     vhost: deprecate unsafe GPA translation API
>>>>>
>>>>>    examples/vhost/virtio_net.c            |  94 +++++++-
>>>>>    examples/vhost_scsi/vhost_scsi.c       |  56 ++++-
>>>>>    lib/librte_vhost/rte_vhost.h           |  46 ++++
>>>>>    lib/librte_vhost/rte_vhost_version.map |   4 +-
>>>>>    lib/librte_vhost/vhost.c               |  39 ++--
>>>>>    lib/librte_vhost/vhost.h               |   8 +-
>>>>>    lib/librte_vhost/vhost_crypto.c        |  65 ++++--
>>>>>    lib/librte_vhost/vhost_user.c          |  58 +++--
>>>>>    lib/librte_vhost/virtio_net.c          | 411
>>> ++++++++++++++++++++++++++++-
>>>>> ----
>>>>>    9 files changed, 650 insertions(+), 131 deletions(-)
>>>>>
>>>>> --
>>>>> 2.14.3
>>>>

Previous message: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes
Next message: [dpdk-dev] [PATCH v2] net/i40e: fix missing some offload capabilities
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list