[dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes

Maxime Coquelin maxime.coquelin at redhat.com
Wed May 2 11:20:07 CEST 2018


Hi Lei,

Thanks for the perf report.

On 05/02/2018 07:08 AM, Yao, Lei A wrote:
> Hi, Maxime
> 
> During the 18.05-rc1 performance testing, I find this patch set will bring
> slightly performance drop on mergeable and normal path, and big performance
> drop on vector path. Could you have a check on this? I know this patch is
> important for security. Not sure if there is any way to improve the performance.
> 

Could you please share info about the use cases you are benchmarking?

There may be ways to improve the performance, for this we would need to
profile the code to understand where the bottlenecks are.


> Mergebale	
> packet size	
> 64	0.80%
> 128	-2.75%
> 260	-2.93%
> 520	-2.72%
> 1024	-1.18%
> 1500	-0.65%
> 	
> Normal	
> packet size	
> 64	-1.47%
> 128	-7.43%
> 260	-3.66%
> 520	-2.52%
> 1024	-1.19%
> 1500	-0.78%
> 	
> Vector	
> packet size	
> 64	-8.60%
> 128	-3.54%
> 260	-2.63%
> 520	-6.12%
> 1024	-1.05%
> 1500	-1.20%

Are you sure this is only this series that induces such a big
performance drop in vector test? I.e. have you run the benchmark
just before and right after the series is applied?

Thanks,
Maxime
> CPU info: Intel(R) Xeon(R) CPU E5-2699 v4 @ 2.20GHz
> OS: Ubuntu 16.04
> 
> BRs
> Lei
> 
>> -----Original Message-----
>> From: dev [mailto:dev-bounces at dpdk.org] On Behalf Of Maxime Coquelin
>> Sent: Monday, April 23, 2018 11:58 PM
>> To: dev at dpdk.org
>> Cc: Maxime Coquelin <maxime.coquelin at redhat.com>
>> Subject: [dpdk-dev] [PATCH 00/12] Vhost: CVE-2018-1059 fixes
>>
>> This series fixes the security vulnerability referenced
>> as CVE-2018-1059.
>>
>> Patches are already applied to the branch, but reviews
>> are encouraged. Any issues spotted would be fixed on top.
>>
>> Maxime Coquelin (12):
>>    vhost: fix indirect descriptors table translation size
>>    vhost: check all range is mapped when translating GPAs
>>    vhost: introduce safe API for GPA translation
>>    vhost: ensure all range is mapped when translating QVAs
>>    vhost: add support for non-contiguous indirect descs tables
>>    vhost: handle virtually non-contiguous buffers in Tx
>>    vhost: handle virtually non-contiguous buffers in Rx
>>    vhost: handle virtually non-contiguous buffers in Rx-mrg
>>    examples/vhost: move to safe GPA translation API
>>    examples/vhost_scsi: move to safe GPA translation API
>>    vhost/crypto: move to safe GPA translation API
>>    vhost: deprecate unsafe GPA translation API
>>
>>   examples/vhost/virtio_net.c            |  94 +++++++-
>>   examples/vhost_scsi/vhost_scsi.c       |  56 ++++-
>>   lib/librte_vhost/rte_vhost.h           |  46 ++++
>>   lib/librte_vhost/rte_vhost_version.map |   4 +-
>>   lib/librte_vhost/vhost.c               |  39 ++--
>>   lib/librte_vhost/vhost.h               |   8 +-
>>   lib/librte_vhost/vhost_crypto.c        |  65 ++++--
>>   lib/librte_vhost/vhost_user.c          |  58 +++--
>>   lib/librte_vhost/virtio_net.c          | 411 ++++++++++++++++++++++++++++-
>> ----
>>   9 files changed, 650 insertions(+), 131 deletions(-)
>>
>> --
>> 2.14.3
> 


More information about the dev mailing list