Re: [PATCH v3 2/4] hvm/svm: Enable Breakpoint events

From: Alexandru Stefan ISAILA <aisaila@bitdefender.com>
To: "andrew.cooper3@citrix.com" <andrew.cooper3@citrix.com>,
	"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
Cc: "suravee.suthikulpanit@amd.com" <suravee.suthikulpanit@amd.com>,
	"boris.ostrovsky@oracle.com" <boris.ostrovsky@oracle.com>,
	"tamas@tklengyel.com" <tamas@tklengyel.com>,
	"rcojocaru@bitdefender.com" <rcojocaru@bitdefender.com>,
	"jbeulich@suse.com" <jbeulich@suse.com>
Subject: Re: [PATCH v3 2/4] hvm/svm: Enable Breakpoint events
Date: Thu, 15 Feb 2018 08:20:18 +0000	[thread overview]
Message-ID: <1518682818.4963.23.camel@bitdefender.com> (raw)
In-Reply-To: <04caaad7-1c30-c5cd-fd4e-ed42cd18eedc@citrix.com>

On Mi, 2018-02-14 at 19:11 +0000, Andrew Cooper wrote:
> On 14/02/18 18:22, Andrew Cooper wrote:
> >
> > On 14/02/18 16:10, Alexandru Stefan ISAILA wrote:
> > >
> > > On Lu, 2018-02-12 at 15:54 +0000, Andrew Cooper wrote:
> > > >
> > > > On 12/02/18 15:08, Alexandru Isaila wrote:
> > > > >
> > > > > @@ -2619,14 +2634,31 @@ void svm_vmexit_handler(struct
> > > > > cpu_user_regs *regs)
> > > > >          break;
> > > > >
> > > > >      case VMEXIT_EXCEPTION_BP:
> > > > > -        if ( !v->domain->debugger_attached )
> > > > > -            goto unexpected_exit_type;
> > > > > -        /* AMD Vol2, 15.11: INT3, INTO, BOUND intercepts do
> > > > > not
> > > > > update RIP. */
> > > > > -        if ( (inst_len = __get_instruction_length(v,
> > > > > INSTR_INT3))
> > > > > == 0 )
> > > > > +        inst_len = __get_instruction_length(v, INSTR_INT3);
> > > > There are multiple ways of ending up with this vmexit, and INT3
> > > > is
> > > > not
> > > > the only way.
> > > >
> > > > The old code was somewhat broken (but only in the case that a
> > > > debugger
> > > > was attached), but now with  this introspection hook active,
> > > > executing
> > > > `0xcd 0x03` will end up crashing the domain because of a length
> > > > mismatch
> > > > looking for 0xcc.
> > > >
> > > > You need to inspect EXITINTINFO to work out what went on here,
> > > > and
> > > > distinguish INT3 from INT $3.
> > > >
> > > > Can I suggest that you run this unit test
> > > > http://xenbits.xen.org/docs/xtf/test-swint-emulation.html under
> > > > debug
> > > > introspection an check that you get all expected events?  Every
> > > > time
> > > > we
> > > > touch this code, we seem to break it :(
> > > >
> > > > ~Andrew
> > > >
> > > I've tested on Intel and AMD and I only get events on int3.
> > > Further
> > > more, I don't think there is any way to use the vmcb->exitintinfo
> > > because all the fields are 0 on the time of VMEXIT_EXCEPTION_BP.
> > > Did I
> > > understand the test scenario correctly?
> > Quite possibly, but now I'm even more confused.  I'll have a quick
> > play.
> Ok - after some investigation, executing `int $3` triggers
> VMEXIT_SWINT,
> with the vector in EXITINFO1, as opposed to triggering VMEXIT_EXCP3,
> except that we don't have INTERCEPT_SWINT active, so it completes
> internally.
>
> Therefore, in your patch, we do expect only ever to find an int3
> triggering VMEXIT_EXCEPTION_BP.  Sorry for the noise.
>
> However, do you mind rebasing the remainder of your series onto
> staging?  It doesn't apply cleanly any more.
>
> ~Andrew
>
Nice to hear that. Ok, I will re base to staging and address your other
comments  as well.

Alex

________________________
This email was scanned by Bitdefender
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel