[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH V6] x86/hvm: fix domain crash when CR3 has the noflush bit set

To: Jan Beulich <JBeulich@xxxxxxxx>, Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>
From: George Dunlap <george.dunlap@xxxxxxxxxx>
Date: Thu, 1 Mar 2018 11:02:21 +0000
Cc: kevin.tian@xxxxxxxxx, tamas@xxxxxxxxxxxxx, suravee.suthikulpanit@xxxxxxx, george.dunlap@xxxxxxxxxxxxx, andrew.cooper3@xxxxxxxxxx, tim@xxxxxxx, xen-devel@xxxxxxxxxxxxx, jun.nakajima@xxxxxxxxx, boris.ostrovsky@xxxxxxxxxx
Delivery-date: Thu, 01 Mar 2018 11:02:33 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 03/01/2018 10:58 AM, Jan Beulich wrote:
>>>> On 28.02.18 at 11:38, <rcojocaru@xxxxxxxxxxxxxxx> wrote:
>> In hardware, when PCID support is enabled and the NOFLUSH bit is set
>> when writing a CR3 value, the hardware will clear that that bit and
>> change the CR3 without flushing the TLB. hvm_set_cr3(), however, was
>> ignoring this bit; the result was that post-vm_event checks detected
>> an invalid CR3 value and crashed the domain.
>>
>> Handle NOFLUSH in hvm_set_cr3() by:
>> 1. Clearing the bit
>> 2. Passing a "noflush" flag to lower-level cr3 setting functions to
>> indicate that a flush should not be performed.
>>
>> Also clear X86_CR3_NOFLUSH when reporting CR3 monitored CR3 writes.
>>
>> This allows introspection to be used on VMs whose operating system uses
>> the NOFLUSH bit.
>>
>> Signed-off-by: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>
>> Reported-by: Bitweasil <bitweasil@xxxxxxxxxxxxxx>
>> Suggested-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>> Acked-by: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
>> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
>> Reviewed-by: Kevin Tian <kevin.tian@xxxxxxxxx>
>> Acked-by: George Dunlap <george.dunlap@xxxxxxxxxx>
> 
> There's now the question of whether to backport this change:
> It's quite large, and as per the description it deals with an
> introspection issue only. Hence for the moment I'll leave this
> out. If someone comes forward with good reasons to take this
> for some or all of the still maintained older trees, I'm willing to
> reconsider. But of course possible interdependencies with
> other changes that weren't backported will also need to be
> taken into consideration with any such request.

That seems reasonable to me.

 -George

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- Re: [Xen-devel] [PATCH V6] x86/hvm: fix domain crash when CR3 has the noflush bit set
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH 4/6] xen/sched: Remove {init, destroy}_domain() interfaces
Next by Date: Re: [Xen-devel] [PATCH 6/6] x86/msr: Blacklist various MSRs which guests definitely shouldn't be using
Previous by thread: Re: [Xen-devel] [PATCH V6] x86/hvm: fix domain crash when CR3 has the noflush bit set
Next by thread: Re: [Xen-devel] [PATCH 4/6] xen/sched: Remove {init, destroy}_domain() interfaces
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.