[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
From: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>
Date: Tue, 27 Nov 2018 14:12:20 +0200
Cc: "kevin.tian@xxxxxxxxx" <kevin.tian@xxxxxxxxx>, "tamas@xxxxxxxxxxxxx" <tamas@xxxxxxxxxxxxx>, "wei.liu2@xxxxxxxxxx" <wei.liu2@xxxxxxxxxx>, "jbeulich@xxxxxxxx" <jbeulich@xxxxxxxx>, "george.dunlap@xxxxxxxxxxxxx" <george.dunlap@xxxxxxxxxxxxx>, Mihai Donțu <mdontu@xxxxxxxxxxxxxxx>, Andrei Vlad LUTAS <vlutas@xxxxxxxxxxxxxxx>, "jun.nakajima@xxxxxxxxx" <jun.nakajima@xxxxxxxxx>, Alexandru Stefan ISAILA <aisaila@xxxxxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Tue, 27 Nov 2018 12:12:40 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 11/27/18 1:59 PM, Andrew Cooper wrote:
> On 27/11/2018 11:45, Razvan Cojocaru wrote:
>> On 11/27/18 1:32 PM, Roger Pau Monné wrote:
>>> Would it be possible to add some kind of flag to the emulator to
>>> signal whether p2m restrictions should be enforced/ignored?
>>> hvmemul_acquire_page seems like a suitable place, but I'm not that
>>> familiar with the emulator.
>>>
>>> Then you could generate vm events from the emulator itself, which
>>> AFAICT is the only way to handle this instruction execution issue.
>> I hope so, we'll definitely look into that.
> 
> FWIW, There is already a plan(tm).  It was discussed at least in part in
> Budapest.
> 
> The emulator needs to start honouring P2M permissions any generating
> vm_events.
> 
> Then, a vm_event response can reply saying "please emulate the
> instruction with this temporary change to the permissions", so
> write-ability to a read-only page can be granted at the discretion of
> the introspection agent.
> 
> That said, there is a huge amount of work required to make this happen,
> and I haven't had time to do a clear design yet.

Right, but for starters all we need is the ability to say
"hvm_emulate_one_vm_event(bool honour_page_walk_faults, bool
honor_gla_faults)".

Then we just replace all callsites of hvm_emulate_one_vm_event() with
hvm_emulate_one_vm_event(false, false), and the one in
p2m_mem_access_check() that we currently have with
hvm_emulate_one_vm_event(false, true).

Hopefully that makes sense. :)

Finer grained vm_event-based control is probably useful, but to the best
of my knowledge not currently (or in the near-medium future) necessary.


Thanks,
Razvan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
  - From: Roger Pau Monné
- Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
  - From: Razvan Cojocaru
- Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
  - From: Roger Pau Monné
- Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
  - From: Razvan Cojocaru
- Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
  - From: Andrew Cooper

Prev by Date: Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
Next by Date: [Xen-devel] [distros-debian-snapshot test] 75623: tolerable FAIL
Previous by thread: Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
Next by thread: Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.