* Intercepting task switches in svm/vmx with tdp enabled @ 2013-06-05 5:51 Leo Prasath 2013-06-05 6:16 ` Gleb Natapov 0 siblings, 1 reply; 4+ messages in thread From: Leo Prasath @ 2013-06-05 5:51 UTC (permalink / raw) To: kvm Hi, I am interested in intercepting task switches in vmx/svm in 64 bit mode with ept/npt enabled. However, I am not seeing the exit code due to task switch ( 9 for vmx and 125 for svm ) in the list of vm exits that I see in a typical guest run. I log the vm exit codes in the x86/svm.c:handle_exit method for svm and x86/vmx.c:vmx_handle_exit for vmx. Any pointers regarding this is very much appreciated. On a related note, does cr3 write interception approximate task switch interception ? ( I was able to intercept cr3 writes with svm while npt was enabled. but with vmx, I could intercept cr3 writes only with ept disabled ) Thanks, Leo Looking through the manuals, svm has a control bit in VMCS for enabling / disabling task switch interception while vmx does not seem to have such a control bit. ----------------------------------------- Excerpts from the manuals : Intel ------ Exit reason #9 indicates a vm exit due to task switch. Vol. 3C 24-9 : Some instructions cause VM exits regardless of the settings of the processor-based VM-execution controls (see Section 25.1.2), as do task switches (see Section 25.2). Vol. 3C 25-6 : Task switches. Task switches are not allowed in VMX non-root operation. Any attempt to effect a task switch in VMX non-root operation causes a VM exit. See Section 25.4.2 AMD ------- Intercept code to look for is: 7Dh VMEXIT_TASK_SWITCH task switch 15.14 AMD64 Technology Miscellaneous Intercepts : The SVM architecture includes intercepts to handle task switches, processor freezes due to FERR, and shutdown operations. Task switches can modify several resources that a VMM may want to protect (CR3, EFLAGS, LDT). However, instead of checking various intercepts (e.g., CR3 Write, LDTR Write) individually, task switches check only a single intercept bit. Page 581 : Layout of VMCB says Byte offset 00Ch : bit 29 Intercept task switches. ---------------------------------------- ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Intercepting task switches in svm/vmx with tdp enabled 2013-06-05 5:51 Intercepting task switches in svm/vmx with tdp enabled Leo Prasath @ 2013-06-05 6:16 ` Gleb Natapov 2013-06-06 1:44 ` Leo Prasath 0 siblings, 1 reply; 4+ messages in thread From: Gleb Natapov @ 2013-06-05 6:16 UTC (permalink / raw) To: Leo Prasath; +Cc: kvm On Wed, Jun 05, 2013 at 12:51:29AM -0500, Leo Prasath wrote: > Hi, > > I am interested in intercepting task switches in vmx/svm in 64 bit > mode with ept/npt enabled. > However, I am not seeing the exit code due to task switch ( 9 for vmx > and 125 for svm ) in the list of vm exits that I see in a typical > guest run. I do not think "task switch" exit means what you think it means. This is not OS context switches, but some x86 cpu concept of task that can be switched by using HW mechanism. No modern OS uses it. Actually in 64 bit mode it does not exists at all. > I log the vm exit codes in the x86/svm.c:handle_exit method for svm > and x86/vmx.c:vmx_handle_exit for vmx. > > Any pointers regarding this is very much appreciated. > > On a related note, does cr3 write interception approximate task switch > interception ? Depending on how OS works. For Linux it is probably true (if cr3 value changes). > ( I was able to intercept cr3 writes with svm while npt was enabled. > but with vmx, I could intercept cr3 writes only with ept disabled ) > > Thanks, > Leo > > Looking through the manuals, svm has a control bit in VMCS for > enabling / disabling task switch interception while vmx does not seem > to have such a control bit. Again, this is not "task switch" you are looking for. > ----------------------------------------- > Excerpts from the manuals : > > Intel > ------ > > Exit reason #9 indicates a vm exit due to task switch. > > Vol. 3C 24-9 : Some instructions cause VM exits regardless of the > settings of the processor-based VM-execution controls (see Section > 25.1.2), as > do task switches (see Section 25.2). > > Vol. 3C 25-6 : Task switches. Task switches are not allowed in VMX > non-root operation. Any attempt to effect a task switch in VMX > non-root operation causes a VM exit. See Section 25.4.2 > > AMD > ------- > > Intercept code to look for is: 7Dh VMEXIT_TASK_SWITCH task switch > > 15.14 AMD64 Technology Miscellaneous Intercepts : The SVM architecture > includes intercepts to handle task switches, processor freezes due to > FERR, and shutdown operations. > Task switches can modify several resources that a VMM may want to > protect (CR3, EFLAGS, LDT). However, instead of checking various > intercepts (e.g., CR3 Write, LDTR Write) individually, task switches > check only a single intercept bit. > > Page 581 : Layout of VMCB says Byte offset 00Ch : bit 29 Intercept > task switches. > > ---------------------------------------- > -- > To unsubscribe from this list: send the line "unsubscribe kvm" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- Gleb. ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Intercepting task switches in svm/vmx with tdp enabled 2013-06-05 6:16 ` Gleb Natapov @ 2013-06-06 1:44 ` Leo Prasath 2013-06-06 5:25 ` Gleb Natapov 0 siblings, 1 reply; 4+ messages in thread From: Leo Prasath @ 2013-06-06 1:44 UTC (permalink / raw) To: Gleb Natapov; +Cc: kvm Thanks much for the reply. It seems Linux stopped using the hardware context switch mechanisms ( like far jmp ) since kernel version 2.2 ( per understanding linux kernel book ). For now, I am just going to use cr3 write interception to detect guest process context switches. ( on a related note however, with linux running in a single cpu guest vm, I see interceptions printing writes to cr3 with same value as the one that already is in the register - possibly threads or other scenarios ) Thanks, -Leo On Wed, Jun 5, 2013 at 1:16 AM, Gleb Natapov <gleb@redhat.com> wrote: > On Wed, Jun 05, 2013 at 12:51:29AM -0500, Leo Prasath wrote: >> Hi, >> >> I am interested in intercepting task switches in vmx/svm in 64 bit >> mode with ept/npt enabled. >> However, I am not seeing the exit code due to task switch ( 9 for vmx >> and 125 for svm ) in the list of vm exits that I see in a typical >> guest run. > I do not think "task switch" exit means what you think it means. This is > not OS context switches, but some x86 cpu concept of task that can be > switched by using HW mechanism. No modern OS uses it. Actually in 64 bit > mode it does not exists at all. > >> I log the vm exit codes in the x86/svm.c:handle_exit method for svm >> and x86/vmx.c:vmx_handle_exit for vmx. >> >> Any pointers regarding this is very much appreciated. >> >> On a related note, does cr3 write interception approximate task switch >> interception ? > Depending on how OS works. For Linux it is probably true (if cr3 value > changes). > >> ( I was able to intercept cr3 writes with svm while npt was enabled. >> but with vmx, I could intercept cr3 writes only with ept disabled ) >> >> Thanks, >> Leo >> >> Looking through the manuals, svm has a control bit in VMCS for >> enabling / disabling task switch interception while vmx does not seem >> to have such a control bit. > Again, this is not "task switch" you are looking for. > >> ----------------------------------------- >> Excerpts from the manuals : >> >> Intel >> ------ >> >> Exit reason #9 indicates a vm exit due to task switch. >> >> Vol. 3C 24-9 : Some instructions cause VM exits regardless of the >> settings of the processor-based VM-execution controls (see Section >> 25.1.2), as >> do task switches (see Section 25.2). >> >> Vol. 3C 25-6 : Task switches. Task switches are not allowed in VMX >> non-root operation. Any attempt to effect a task switch in VMX >> non-root operation causes a VM exit. See Section 25.4.2 >> >> AMD >> ------- >> >> Intercept code to look for is: 7Dh VMEXIT_TASK_SWITCH task switch >> >> 15.14 AMD64 Technology Miscellaneous Intercepts : The SVM architecture >> includes intercepts to handle task switches, processor freezes due to >> FERR, and shutdown operations. >> Task switches can modify several resources that a VMM may want to >> protect (CR3, EFLAGS, LDT). However, instead of checking various >> intercepts (e.g., CR3 Write, LDTR Write) individually, task switches >> check only a single intercept bit. >> >> Page 581 : Layout of VMCB says Byte offset 00Ch : bit 29 Intercept >> task switches. >> >> ---------------------------------------- >> -- >> To unsubscribe from this list: send the line "unsubscribe kvm" in >> the body of a message to majordomo@vger.kernel.org >> More majordomo info at http://vger.kernel.org/majordomo-info.html > > -- > Gleb. ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Intercepting task switches in svm/vmx with tdp enabled 2013-06-06 1:44 ` Leo Prasath @ 2013-06-06 5:25 ` Gleb Natapov 0 siblings, 0 replies; 4+ messages in thread From: Gleb Natapov @ 2013-06-06 5:25 UTC (permalink / raw) To: Leo Prasath; +Cc: kvm On Wed, Jun 05, 2013 at 08:44:38PM -0500, Leo Prasath wrote: > Thanks much for the reply. It seems Linux stopped using the hardware > context switch mechanisms ( like far jmp ) since kernel version 2.2 ( > per understanding linux kernel book ). > Linux never used it. > For now, I am just going to use cr3 write interception to detect guest > process context switches. ( on a related note however, with linux > running in a single cpu guest vm, I see interceptions printing writes > to cr3 with same value as the one that already is in the register - > possibly threads or other scenarios ) > That's TLB flushes. > Thanks, > -Leo > > > On Wed, Jun 5, 2013 at 1:16 AM, Gleb Natapov <gleb@redhat.com> wrote: > > On Wed, Jun 05, 2013 at 12:51:29AM -0500, Leo Prasath wrote: > >> Hi, > >> > >> I am interested in intercepting task switches in vmx/svm in 64 bit > >> mode with ept/npt enabled. > >> However, I am not seeing the exit code due to task switch ( 9 for vmx > >> and 125 for svm ) in the list of vm exits that I see in a typical > >> guest run. > > I do not think "task switch" exit means what you think it means. This is > > not OS context switches, but some x86 cpu concept of task that can be > > switched by using HW mechanism. No modern OS uses it. Actually in 64 bit > > mode it does not exists at all. > > > >> I log the vm exit codes in the x86/svm.c:handle_exit method for svm > >> and x86/vmx.c:vmx_handle_exit for vmx. > >> > >> Any pointers regarding this is very much appreciated. > >> > >> On a related note, does cr3 write interception approximate task switch > >> interception ? > > Depending on how OS works. For Linux it is probably true (if cr3 value > > changes). > > > >> ( I was able to intercept cr3 writes with svm while npt was enabled. > >> but with vmx, I could intercept cr3 writes only with ept disabled ) > >> > >> Thanks, > >> Leo > >> > >> Looking through the manuals, svm has a control bit in VMCS for > >> enabling / disabling task switch interception while vmx does not seem > >> to have such a control bit. > > Again, this is not "task switch" you are looking for. > > > >> ----------------------------------------- > >> Excerpts from the manuals : > >> > >> Intel > >> ------ > >> > >> Exit reason #9 indicates a vm exit due to task switch. > >> > >> Vol. 3C 24-9 : Some instructions cause VM exits regardless of the > >> settings of the processor-based VM-execution controls (see Section > >> 25.1.2), as > >> do task switches (see Section 25.2). > >> > >> Vol. 3C 25-6 : Task switches. Task switches are not allowed in VMX > >> non-root operation. Any attempt to effect a task switch in VMX > >> non-root operation causes a VM exit. See Section 25.4.2 > >> > >> AMD > >> ------- > >> > >> Intercept code to look for is: 7Dh VMEXIT_TASK_SWITCH task switch > >> > >> 15.14 AMD64 Technology Miscellaneous Intercepts : The SVM architecture > >> includes intercepts to handle task switches, processor freezes due to > >> FERR, and shutdown operations. > >> Task switches can modify several resources that a VMM may want to > >> protect (CR3, EFLAGS, LDT). However, instead of checking various > >> intercepts (e.g., CR3 Write, LDTR Write) individually, task switches > >> check only a single intercept bit. > >> > >> Page 581 : Layout of VMCB says Byte offset 00Ch : bit 29 Intercept > >> task switches. > >> > >> ---------------------------------------- > >> -- > >> To unsubscribe from this list: send the line "unsubscribe kvm" in > >> the body of a message to majordomo@vger.kernel.org > >> More majordomo info at http://vger.kernel.org/majordomo-info.html > > > > -- > > Gleb. -- Gleb. ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2013-06-06 5:25 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2013-06-05 5:51 Intercepting task switches in svm/vmx with tdp enabled Leo Prasath 2013-06-05 6:16 ` Gleb Natapov 2013-06-06 1:44 ` Leo Prasath 2013-06-06 5:25 ` Gleb Natapov
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.