[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xen-devel] Re: [PATCH] Add a new p2m type for broken memory
>-----Original Message----- >From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx >[mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Jiang, Yunhong >Sent: Wednesday, July 14, 2010 10:08 PM >To: Keir Fraser; Tim Deegan >Cc: xen-devel >Subject: RE: [Xen-devel] Re: [PATCH] Add a new p2m type for broken memory > > > >>-----Original Message----- >>From: Keir Fraser [mailto:keir.fraser@xxxxxxxxxxxxx] >>Sent: Wednesday, July 14, 2010 9:50 PM >>To: Jiang, Yunhong; Tim Deegan >>Cc: xen-devel >>Subject: Re: [Xen-devel] Re: [PATCH] Add a new p2m type for broken memory >> >>On 14/07/2010 14:41, "Jiang, Yunhong" <yunhong.jiang@xxxxxxxxx> wrote: >> >>>> You should probably do this in more places, even if you don't care >>>> about shadow pagetables -- MMIO emulation should behave the same as >>>> normal accesses. >>> >>> What do you mean of " the same as normal access"? >>> MMIO will not be poisoned and will not be marked as p2m_ram_broken. We only >>> need track guest's access to poison RAM. >>> >>> There are some case need considered, like hypervisor emulate instruction for >>> guest. For example, considering "movs (*rsi), (*rdi)", where rdi points to >>> MMIO or APIC, while rsi points to poison memory. However, In such situation, >>> it will trigger EPT fault firstly and cause the guest be crashed (I tested >>> movs from poison memory to apic range). As there is no prefetch in EPT >>> situation if I understand correctly, I assume it should be ok at least for >>> EPT >>> guest. >> >>I doubt it's architecturally guaranteed. What about edge cases like 'PUSH >>mem' from an MMIO location, destination is stack, pointer to which has just >>crossed a page boundary to a broken page? I don't think it's hard to fill in >>the blanks for emulation of guest instructions so you might as well do so. > >I do have the code in hand for guest instruction emulation (not fully >reviewed, but >should be ok), but as I can't any test case to test it at all and I thought it >will not >happen for EPT guest, so I hold it in hand and didn't send out. Your case is a >excellent >one that this is needed for EPT guest, I will crate a test case for it and try >tomorrow. Just realized your case will not trigger error either. The push cmd will write the broken memory, instead of read. Write a broken memory will not consume the data, instead, it will overwrite it and will not cause MCE. In fact, this is similar to my experiment movs (*rsi), (*rdi), where the src is the local apic id and the target is broken memory, which will cause APIC access VMExit. But xen's emulation will not cause MCE. But I do agree with you that it is not architecturely guranteed, so I will send out the emulation patch seperately for review. I suspect it will be tested only when we do unmap for PV guest. --jyh > >Thanks >--jyh > >> >> -- Keir >> > > >_______________________________________________ >Xen-devel mailing list >Xen-devel@xxxxxxxxxxxxxxxxxxx >http://lists.xensource.com/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |