[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-ia64-devel] Protection key support for PV domains

  • To: xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
  • From: Dietmar Hahn <dietmar.hahn@xxxxxxxxxxxxxxxxxxx>
  • Date: Wed, 11 Jul 2007 16:02:16 +0200
  • Delivery-date: Wed, 11 Jul 2007 06:59:56 -0700
  • Domainkey-signature: s=s768; d=fujitsu-siemens.com; c=nofws; q=dns; b=P4fWtkkUmkoFSejFynsVyMv6q4zM4qsjr2X/XvtMLtMfHJlqq98dBIo0Obdi3VboO3IGWoJRJg6EGYfLncbryI6HKRraNUOp5vayG/T48nHAmrYW8f/mQI0J14/mcTpO;
  • List-id: Discussion of the ia64 port of Xen <xen-ia64-devel.lists.xensource.com>
Am Mittwoch, 11. Juli 2007 schrieb Dietmar Hahn:
> Hi
>
> as already mentioned I'm working on protection key support for PV domains.
>
> A way to use protection in the hypervisor was already discussed on the
> list:
> http://lists.xensource.com/archives/html/xen-ia64-devel/2007-04/msg00165.ht
>ml The principle was the hypervisor replaces the key, the domU uses for the
> trap vector address, by the key 0. With this solution there would be no
> restrictions to the architecture requirements for ia64.
>
> As we don't have a real OS using protection keys for tests on HVM I looked
> this time only on PV.
> As a first step to the complete solution I did an implementation with
> reserving 1 pkr for the hypervisor und uses mini-os for tests.
> The following steps are done:
> 1. make the hypervisor fit for running with psr.pk == 1
>    - fix itir handling in traps -> see my previous patch for itir handling
> 2. add 'u64 pkrs[16] to struct arch_vcpu
>    add a flag to struct arch_vcpu for signaling using psr.pk
> 3. add a function to context_switch() to load the new pkrs[] into the
>    cpu-pkr's
> 4. extend different functions for the key handling:
>    vcpu_itc_no_srlz(), ia64_itc(), vhpt_insert(), vhpt_multiple_insert(),
>    translate_domain_pte()
> 5. the PAL call PAL_VM_SUMMARY has to return the correct value for number
> of pkr in max_pkr
> 6. in vcpu_set_pkr() write the new key into pkrs[] and into the cpu-pkr
> 7. if the guest sets psr.pk, activate the key 0 in the reserved pkr.
>
> A later step would be:
> 8. extend the hyperprivops with setting protection key registers.
>
> Limitation:
> Because the hypervisor uses key 0 all address translations with key 0 in
> the domU will work, even though this is a domU fault.
>
> Attached is a patch to xen for the protection key support described above
> and a patch for mini-os to test this.
> With this patch mini-os runs with psr.pk == 1 and a key for region 5
> (kernel addresses) and region 7 (identity mapped addresses). For the region
> 7 the new opt_feature is used too.
>
> With this patches I'am able to run domU-linux and mini-os in parallel.
> Please have a look and send comments.
> Thanks.
>

To build the hypervisor you have to call
make xen_ia64_use_pkr=y
I added a config flag to arch/ia64/Rules.mk.
Sorry!

Dietmar.

_______________________________________________
Xen-ia64-devel mailing list
Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-ia64-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.