[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs

To: "Roger Pau MonnÃ" <roger.pau@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Wed, 30 Sep 2015 06:35:09 -0600
Cc: Ian Campbell <ian.campbell@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 30 Sep 2015 12:35:31 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 30.09.15 at 14:19, <roger.pau@xxxxxxxxxx> wrote:
> El 30/09/15 a les 13.54, Jan Beulich ha escrit:
>>>>> On 30.09.15 at 13:37, <roger.pau@xxxxxxxxxx> wrote:
>>>     /*
>>>      * Using VCPU_HVM_MODE_64B implies that the vCPU is launched
>>>      * directly in long mode, so the type of the cached part
>>>      * of the TR register is set to describe a 64-bit TSS (Busy).
>>>      * The cached part of the CS register will also have the L bit
>>>      * set (64-bit code segment).
>> 
>> I'd leave out mentioning TR here (or else it'll be odd not to mention
>> e.g. LDTR too). Perhaps just "..., so the cached parts of the segment
>> registers get set to match that environment"?
> 
> That sounds fine. I'm going to update the patch and the FreeBSD part in
> order to test it. Since we also spoke about adding sanity checks, I
> wonder whether I should add those checks now, or leave them for a later
> patch. IMHO those checks are only useful for developers.

Fundamentally, checks done here should include everything that
would otherwise lead to the domain getting killed due to failed
VMENTRY. I.e. both sets below may need extending.

> For VCPU_HVM_MODE_32B:
>  - rIP within CS limit.
>  - Check that CS.DPL == SS.DPL.
>  - rSP within SS limit.
> 
> TBH I don't think we should enforce the last two checks, starting with
> an invalid stack should be fine as long as the user knows it. Maybe
> print a warning/debug message in this case?

I wouldn't check ESP at all. As to the two DPLs to, I don't think you
could launch a guest with these disagreeing.

> For VCPU_HVM_MODE_64B:
>  - Check that cr0 has paging enabled.
>  - Check that cr4 has pae enabled.
>  - Check that efer has the LMA/LME bits set.
> 
> Those should be always enforced for long mode.

Agreed, plus RIP being canonical.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Roger Pau MonnÃ
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Andrew Cooper

References:
- [Xen-devel] [PATCH v6 00/29] Introduce HVM without dm and new boot ABI
  - From: Roger Pau Monne
- [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Roger Pau Monne
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Roger Pau MonnÃ
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Roger Pau MonnÃ
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Roger Pau MonnÃ
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Roger Pau MonnÃ
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Roger Pau MonnÃ
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
  - From: Roger Pau MonnÃ

Prev by Date: Re: [Xen-devel] [PATCH v3] x86/EPT: work around hardware erratum setting A bit
Next by Date: Re: [Xen-devel] [PATCH] x86/EPT: defer enabling of A/D maintenance until PML get enabled
Previous by thread: Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
Next by thread: Re: [Xen-devel] [PATCH v6 24/29] xen/x86: allow HVM guests to use hypercalls to bring up vCPUs
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.