Xen project Mailing List

RE: [Xen-devel] trap/interrupt gate for hypercall

To: "Liu, Jinsong" <jinsong.liu@xxxxxxxxx>, "Keir Fraser" <keir@xxxxxxxxxxxxx>, "Tian, Kevin" <kevin.tian@xxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>

From: "Liu, Jinsong" <jinsong.liu@xxxxxxxxx>

Date: Thu, 17 May 2007 20:36:20 +0800

Delivery-date: Thu, 17 May 2007 05:34:45 -0700

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Thread-index: AceW/1gtu6fdM4mZSxqwxNTDwzvRGgAAqkSIAAAj7oAAANfAdwARq1qgAEzH0KA=

Thread-topic: [Xen-devel] trap/interrupt gate for hypercall

Sorry, this email is sent before I join xen-devel lists, and it was automatically sent by sever today. Sorry to disturb you. -----Original Message----- From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx [mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Liu, Jinsong Sent: 2007年5月16日 8:23 To: Keir Fraser; Tian, Kevin; xen-devel@xxxxxxxxxxxxxxxxxxx Subject: RE: [Xen-devel] trap/interrupt gate for hypercall In native linux, syscall (gate type 15) and its RESTORE_ALL code provides weak fixup mechanism when reload segment register, by sending 0 selector to ds/es/gs, or kill the process when iret meets problem. Native linux can pay the price with this way since it doesn't matter when a ring3 process meet problem (and the possibility of doing so is very low). In xen, hypercall (gate type 14) and its restore code provides stronger fixup mechanism by sending more reasonable value to segment registers, since we cannot simply kill a ring 1 guest os kernel process. Type 14 gate of hypercall is used to reduce the risk/possibility of segment register issue. Thanks, Jinsong -----Original Message----- From: Keir Fraser [mailto:keir@xxxxxxxxxxxxx] Sent: 2007年5月15日 23:30 To: Tian, Kevin; Keir Fraser; xen-devel@xxxxxxxxxxxxxxxxxxx Cc: Liu, Jinsong Subject: Re: [Xen-devel] trap/interrupt gate for hypercall On 15/5/07 16:18, "Tian, Kevin" <kevin.tian@xxxxxxxxx> wrote: >> Everything's an interrupt gate on 32-bit Xen, so that we can safely >> (atomically) save away guest segment register state. NMI is the only real >> pain, and I suppose MCE too. Coincidentally Jan just emailed about this >> very point. > > So why is atomic save required for hypercall here? NMI can break > atomic save here for both types, as you said. Normally external > interrupt handler doesn't need communicate with interrupted > context. So even when an external interrupt comes in the middle > of the guest context save for hypercall (if by trap gate), that > interrupted save process can still continue since interrupt handler > itself will impose atomic context save/restore on top of interrupted > context. Interrupt handlers save and restore segment registers. We could fault on a reload of a segment register and lose the original segment register value. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.