Xen project Mailing List

Re: [Xen-devel] [PATCH for-4.7 3/4] x86/hvm: Correct the emulated interaction of invlpg with segments

To: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>

From: Paul Durrant <Paul.Durrant@xxxxxxxxxx>

Date: Mon, 9 May 2016 13:48:18 +0000

Accept-language: en-GB, en-US

Cc: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>

Delivery-date: Mon, 09 May 2016 13:48:24 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Thread-index: AQHRqfTomnO0S6a1UUeH/+XoQW7245+wnt2Q

Thread-topic: [PATCH for-4.7 3/4] x86/hvm: Correct the emulated interaction of invlpg with segments

> -----Original Message----- > From: Andrew Cooper [mailto:andrew.cooper3@xxxxxxxxxx] > Sent: 09 May 2016 14:16 > To: Xen-devel > Cc: Andrew Cooper; Jan Beulich; Paul Durrant; Wei Liu > Subject: [PATCH for-4.7 3/4] x86/hvm: Correct the emulated interaction of > invlpg with segments > > The `invlpg` instruction is documented to take a memory address, and is not > documented to suffer faults from segmentation violations. > > Experimentally, and subsequently confirmed by both Intel and AMD, the > instruction does take into account segment bases, but will happily invalidate > a TLB entry for a mapping beyond the segment limit. > > The emulation logic will currently raise #GP/#SS faults for segment limit > violations, or non-canonical addresses, which doesn't match hardware's > behaviour. Instead, squash exceptions generated by > hvmemul_virtual_to_linear() and proceed with invalidation. > > Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Reviewed-by: Paul Durrant <paul.durrant@xxxxxxxxxx> > --- > CC: Jan Beulich <JBeulich@xxxxxxxx> > CC: Paul Durrant <paul.durrant@xxxxxxxxxx> > CC: Wei Liu <wei.liu2@xxxxxxxxxx> > --- > xen/arch/x86/hvm/emulate.c | 17 ++++++++++++++++- > 1 file changed, 16 insertions(+), 1 deletion(-) > > diff --git a/xen/arch/x86/hvm/emulate.c b/xen/arch/x86/hvm/emulate.c > index ee5cf1f..e6316be 100644 > --- a/xen/arch/x86/hvm/emulate.c > +++ b/xen/arch/x86/hvm/emulate.c > @@ -1608,7 +1608,22 @@ static int hvmemul_invlpg( > rc = hvmemul_virtual_to_linear( > seg, offset, 1, &reps, hvm_access_none, hvmemul_ctxt, &addr); > > - if ( rc == X86EMUL_OKAY ) > + if ( rc == X86EMUL_EXCEPTION ) > + { > + /* > + * `invlpg` takes segment bases into account, but is not subject to > + * faults from segment type/limit checks, and is specified as a NOP > + * when issued on non-canonical addresses. > + * > + * hvmemul_virtual_to_linear() raises exceptions for type/limit > + * violations, so squash them. > + */ > + hvmemul_ctxt->exn_pending = 0; > + hvmemul_ctxt->trap = (struct hvm_trap){}; > + rc = X86EMUL_OKAY; > + } > + > + if ( rc == X86EMUL_OKAY && is_canonical_address(addr) ) > hvm_funcs.invlpg_intercept(addr); > > return rc; > -- > 2.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.