Xen project Mailing List

Re: [Xen-devel] Future x86 emulator direction

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>

From: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>

Date: Tue, 13 Dec 2016 22:51:29 +0200

Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Tamas K Lengyel <tamas.lengyel@xxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Xen-devel List <xen-devel@xxxxxxxxxxxxx>, SuraveeSuthikulpanit <suravee.suthikulpanit@xxxxxxx>, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>

Delivery-date: Tue, 13 Dec 2016 20:52:08 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 12/13/2016 07:10 PM, Andrew Cooper wrote: > On 13/12/16 15:58, Razvan Cojocaru wrote: >> Hello, and first of all thanks for the discussion! >> >>> Think of it a bit more like introducing a new action emulator (name >>> definitely subject to improvement), which implements things such as >>> wrmsr, cpuid, pagewalk, task_switch, etc. >>> >>> The vmexit helpers, given decode assistance from hardware, can directly >>> call action->task_switch(). If insufficient information is available >>> (e.g. LMSW on AMD), the helpers invoke the instruction emulator to work >>> out what to do, and the instruction emulator would invoke the action >>> emulator as part of its execute phase. >>> >>> Wherever possible, the action emulator should be guest-neutral, and >>> ideally the single point of implementation of non-architectural actions >>> such as "the vm_event subsystem is interested in this." >>> >>>> And to be honest, on the road towards >>>> completion of the emulator I think the SVM/VMX insns are pretty >>>> close to the end of the priority list. >>> I'd expect them to show up frequently during introspection, although >>> maybe I am wrong. Razvan: Any thoughts? >> I definitely think this is a good idea as far as introspection goes - >> having a single contact surface with the underlying logic would be a >> significant improvement. >> >> As for SVM/VMX instructions, we're interested in anything that is able >> to trigger an EPT fault (and hence a mem_access event) - we've had our >> share of adventures with VMX-specific instructions, so they're not low >> priority for us. > > In reality, this is any instruction if you set EPT NX on a page, I presume? > > Do you have stats on which instructions you most frequently have to > singlestep because of lack of emulator support, or is the spread > essentially random? We do set some pages NX, so those too, but there are also a lot of events coming from instructions that simply try to write to a page marked RX - so we'll have an EPT fault even for an instruction running from a legitimate page, but which has a destination address in a read-only page. We've unfortunately not kept track of them beyond the discussions and patches that occured on xen-devel, but it's been important enough to warrant writing patches that basically set the MTF and "single-step" intstructions that fail emulation. Thanks, Razvan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.