Xen project Mailing List

Re: [Xen-devel] [PATCH v2 2/3] x86/svm: Always intercept ICEBP

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Petre Ovidiu PIRCALABU <ppircalabu@xxxxxxxxxxxxxxx>

Date: Tue, 26 Nov 2019 15:15:52 +0000

Accept-language: ro-RO, en-US

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bitdefender.com; dmarc=pass action=none header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xNznjxZuOkHDFRDIGzF9SX34mxPvc8saxIvRedCBp2M=; b=Lg/da601iAtYcL9xGf/wLue2cAKMiwAD9x1mcu4byn3hmTBz6QGooKa64b+mnBYogxlv7ppRWQt9NlPDykqwJGwVJeb89ti07/KrWXCkr38HIN9yOnHDaJQNiiQPXWwLw4AC2ULZ/CvFjt4ze2vgoJqj3QDcHJjbuS8gNiSEOyZ7ZpMjHN0eBaw9Jyuo3uhb3RxYAbrx75CeHhUwhCxWqOd1sznrteOKb0iR5YXQoiBfcReaXvFkIlGQ/0wgHpywvr3WMkHslZGbo8Jf2vNLSpXu+H1iIpiJc75t4D7KPrJxGDVSzt70H3WWhCZukLb5LT1kdkXjLGhRyBMyOUMsOw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HHADuWjgqYsn702I1uOCMM0HkfAJDLvlsh7OIRWnujulx+/VPdfnI2XovTtQ8vje7YYyHVKF+V7MJiGMJcIivJAuA0ujdO8mjUPX8M7IQUOlH9C5YYMqulMsuidqrqdJ5ifJG02YyaTjuuvh6GRDeLk4weT4zn4slABtwwGSvA430ADQMyJovjUWavDbE046/skYs+U7pjpszQi7Nacs1adhVeizXGCajfcIOkrcBjxgrsxyZwcBppv7mys5cWUdra9uQQyNnf7aiI7FLqvvq9kXJshrYWBti4+UMfpAFQFqsg4/FSGBnk1vrCwdLiQu21Z60zsqHN8d93PIHztEjw==

Authentication-results: spf=none (sender IP is ) smtp.mailfrom=ppircalabu@xxxxxxxxxxxxxxx;

Cc: Juergen Gross <jgross@xxxxxxxx>, Tamas K Lengyel <tamas@xxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Razvan COJOCARU <rcojocaru@xxxxxxxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Alexandru Stefan ISAILA <aisaila@xxxxxxxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>

Delivery-date: Tue, 26 Nov 2019 15:16:05 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHVpFGs2dLY1rb8bkmMGlapXTy5F6edkCOA

Thread-topic: [PATCH v2 2/3] x86/svm: Always intercept ICEBP

On Tue, 2019-11-26 at 12:03 +0000, Andrew Cooper wrote: > ICEBP isn't handled well by SVM. > > The VMexit state for a #DB-vectored TASK_SWITCH has %rip pointing to > the > appropriate instruction boundary (fault or trap, as appropriate), > except for > an ICEBP-induced #DB TASK_SWITCH, where %rip points at the ICEBP > instruction > rather than after it. As ICEBP isn't distinguished in the vectoring > event > type, the state is ambiguous. > > To add to the confusion, an ICEBP which occurs due to Introspection > intercepting the instruction, or from x86_emulate() will have %rip > updated as > a consequence of partial emulation required to inject an ICEBP event > in the > first place. > > We could in principle spot the non-injected case in the TASK_SWITCH > handler, > but this still results in complexity if the ICEBP instruction also > has an > Instruction Breakpoint active on it (which genuinely has fault > semantics). > > Unconditionally intercept ICEBP. This does have a trap semantics for > the > intercept, and allows us to move %rip forwards appropriately before > the > TASK_SWITCH intercept is hit. This makes the behaviour of #DB- > vectored > switches consistent however the ICEBP #DB came about, and avoids > special cases > in the TASK_SWITCH intercept. > > This in turn allows for the removal of the conditional > hvm_set_icebp_interception() logic used by the monitor subsystem, as > ICEBP's > will now always be submitted for monitoring checks. > > Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > Reviewed-by: Petre Pircalabu <ppircalabu@xxxxxxxxxxxxxxx> _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.