|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2 2/3] x86/svm: Always intercept ICEBP
On 26.11.2019 13:03, Andrew Cooper wrote: > ICEBP isn't handled well by SVM. > > The VMexit state for a #DB-vectored TASK_SWITCH has %rip pointing to the > appropriate instruction boundary (fault or trap, as appropriate), except for > an ICEBP-induced #DB TASK_SWITCH, where %rip points at the ICEBP instruction > rather than after it. As ICEBP isn't distinguished in the vectoring event > type, the state is ambiguous. > > To add to the confusion, an ICEBP which occurs due to Introspection > intercepting the instruction, or from x86_emulate() will have %rip updated as > a consequence of partial emulation required to inject an ICEBP event in the > first place. > > We could in principle spot the non-injected case in the TASK_SWITCH handler, > but this still results in complexity if the ICEBP instruction also has an > Instruction Breakpoint active on it (which genuinely has fault semantics). > > Unconditionally intercept ICEBP. This does have a trap semantics for the > intercept, and allows us to move %rip forwards appropriately before the > TASK_SWITCH intercept is hit. Both because of you mentioning the moving forwards of %rip and with the irc discussion in mind that we had no irc, don't you mean "fault semantics" here? If so Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> Otherwise I guess I'm still missing something. > --- > xen/arch/x86/hvm/svm/svm.c | 19 ------------------- > xen/arch/x86/hvm/svm/vmcb.c | 2 +- > xen/arch/x86/monitor.c | 3 --- > xen/include/asm-x86/hvm/hvm.h | 11 ----------- > 4 files changed, 1 insertion(+), 34 deletions(-) This, of course, is pretty nice in any event. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |