From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Roedel, Joerg" <Joerg.Roedel@amd.com>
Subject: Re: [PATCH 12/13] KVM: SVM: Add checks for IO instructions
Date: Thu, 31 Mar 2011 11:42:52 +0200
Message-ID: <20110331094252.GA2207@amd.com>
References: <1301309210-11120-1-git-send-email-joerg.roedel@amd.com>
 <1301309210-11120-13-git-send-email-joerg.roedel@amd.com>
 <4D907EDC.1050607@redhat.com>
 <20110331071440.GQ2085@amd.com>
 <4D9446E4.2050508@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: Marcelo Tosatti <mtosatti@redhat.com>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>
To: Avi Kivity <avi@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from ch1outboundpool.messaging.microsoft.com ([216.32.181.183]:49904
	"EHLO CH1EHSOBE001.bigfish.com" rhost-flags-OK-OK-OK-FAIL)
	by vger.kernel.org with ESMTP id S1754075Ab1CaJnA (ORCPT
	<rfc822;kvm@vger.kernel.org>); Thu, 31 Mar 2011 05:43:00 -0400
Content-Disposition: inline
In-Reply-To: <4D9446E4.2050508@redhat.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On Thu, Mar 31, 2011 at 05:18:28AM -0400, Avi Kivity wrote:
> On 03/31/2011 09:14 AM, Roedel, Joerg wrote:
> > On Mon, Mar 28, 2011 at 08:28:12AM -0400, Avi Kivity wrote:
> > >  The spec indicates we need to check the TSS and IOPL based permissions
> > >  before the intercept (vmx agrees).  With the code as is, it happens
> > >  afterwards.
> > >
> > >  One way to do this is to have an ExtraChecks bit in the opcode::flags.
> > >  Then opcode::u.xcheck->perms() is the pre-intercept check and
> > >  opcode::u.xcheck->execute() is the post-intercept execution.  Should
> > >  work for monitor/mwait/rdtsc(p)/rdpmc/other crap x86 throws at us.
> >
> > Okay, as you suggested, I put these checks into the instruction emulator
> > and let the hard work of implementing per-arch checks to the nested-vmx
> > people ;)
> > I doubt that this makes the opcode-tables more readable, but lets see :)
> 
> I think we're miscommunicating.  I'm talking about x86 checks, not virt 
> vendor specific checks.

The place of the intercept check may be vendor specific. I havn't looked
at the Intel spec, though. But there are probably differences.

> For example, the flow for IOIO would be:
> 
>    #UD check (lock prefix)
>    PE/IOPL/CPL/VM check
>    TSS bitmap check (can cause #PF)
>    Intercept check
>    Operand segment check
>    Possible #PF
>    Execution
> 
> We need to make sure the TSS bitmap check happens before the intercept, 
> so we need to split ->execute() into two.

Right. For the generic case, how about factor out the checks (for the
POST_EX intercept case) into a seperate excp_check-callback (similar to the
execute-callback) and execute it before the post-exception-intercept
check?

	Joerg

-- 
AMD Operating System Research Center

Advanced Micro Devices GmbH Einsteinring 24 85609 Dornach
General Managers: Alberto Bozzo, Andrew Bowd
Registration: Dornach, Landkr. Muenchen; Registerger. Muenchen, HRB Nr. 43632