[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [RFC 4/4] HVM x86 deprivileged mode: Trap handlers for deprivileged mode

To: Ben Catterall <Ben.Catterall@xxxxxxxxxx>
From: Tim Deegan <tim@xxxxxxx>
Date: Mon, 17 Aug 2015 15:58:50 +0100
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx, keir@xxxxxxx, ian.campbell@xxxxxxxxxx, george.dunlap@xxxxxxxxxxxxx, andrew.cooper3@xxxxxxxxxx, jbeulich@xxxxxxxx
Delivery-date: Mon, 17 Aug 2015 14:59:20 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

At 14:59 +0100 on 17 Aug (1439823550), Ben Catterall wrote:
> On 11/08/15 11:33, Ben Catterall wrote:
> > On 10/08/15 11:07, Tim Deegan wrote:
> >> This should happen in paging_fault() so it can guard the
> >> shadow-pagetable paths too.  Once it's there, it'll need a check for
> >> is_hvm_vcpu() as well as for user_mode.  Maybe have a helper function
> >> 'is_hvm_deprivileged_vcpu()' to do both checks, also used in
> >> hvm_deprivileged_check_trap() &c.
> I've moved this and now need to add shadow page table support as this 
> currently only supports HAP.

Thanks.  There shouldn't be very much work to do for this -- after all
we're not running in the guest's pagetables so the actual shadow PT
mechanism won't be needed.  Maybe just a common helper function called
from the shadow & hap monitor-table builders?

> >> I wonder whether it would be better to switch to an IDT with all
> >> unacceptable traps stubbed out, rather than have to blacklist them all
> >> separately.  Probably not - this check is cheap, and maintaining the
> >> parallel tables would be a pain.
> >>
> >> Or maybe there's some single point upstream of here, in the asm
> >> handlers, that would catch all the cases where this check is needed?
> >>
> > Yep, I think this can be done.
> Had a deeper look at this. There is a point where all exceptions come in 
> in the asm (handle_exception in entry.S) and we could branch out at this 
> point. It does mean that we'd treat _all_ exceptions that occur in this 
> mode the same way whereas the current way means that we can treat them 
> differently (e.g. get __func__). So, should I make all exceptions go to 
> the same point or keep as is?

I think trap them all at the same point, unless you plan to have any
exceptions that don't just kill the guest.  I don't think you do, do
you?

This code is really Jan and Andrew's area, though.

Cheers,

Tim.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [RFC 4/4] HVM x86 deprivileged mode: Trap handlers for deprivileged mode
  - From: Jan Beulich

References:
- [Xen-devel] [RFC 0/4] HVM x86 enhancements to run Xen deprivileged mode operations
  - From: Ben Catterall
- [Xen-devel] [RFC 4/4] HVM x86 deprivileged mode: Trap handlers for deprivileged mode
  - From: Ben Catterall
- Re: [Xen-devel] [RFC 4/4] HVM x86 deprivileged mode: Trap handlers for deprivileged mode
  - From: Tim Deegan
- Re: [Xen-devel] [RFC 4/4] HVM x86 deprivileged mode: Trap handlers for deprivileged mode
  - From: Ben Catterall
- Re: [Xen-devel] [RFC 4/4] HVM x86 deprivileged mode: Trap handlers for deprivileged mode
  - From: Ben Catterall

Prev by Date: Re: [Xen-devel] Linux 4.2-rc6 regression: RIP: e030:[<ffffffff8110fb18>] [<ffffffff8110fb18>] detach_if_pending+0x18/0x80
Next by Date: Re: [Xen-devel] [RFC 3/4] HVM x86 deprivileged mode: Code for switching into/out of deprivileged mode
Previous by thread: Re: [Xen-devel] [RFC 4/4] HVM x86 deprivileged mode: Trap handlers for deprivileged mode
Next by thread: Re: [Xen-devel] [RFC 4/4] HVM x86 deprivileged mode: Trap handlers for deprivileged mode
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.