Re: Intercepting task switches in svm/vmx with tdp enabled

[Gleb Natapov <gleb@redhat.com>]

On Wed, Jun 05, 2013 at 08:44:38PM -0500, Leo Prasath wrote:
> Thanks much for the reply. It seems Linux stopped using the hardware
> context switch mechanisms ( like far jmp ) since kernel version 2.2 (
> per understanding linux kernel book ).
> 
Linux never used it.

> For now, I am just going to use cr3 write interception to detect guest
> process context switches. ( on a related note however, with linux
> running in a single cpu guest vm, I see interceptions printing writes
> to cr3 with same value as the one that already is in the register -
> possibly threads  or other scenarios )
> 
That's TLB flushes.

> Thanks,
> -Leo
> 
> 
> On Wed, Jun 5, 2013 at 1:16 AM, Gleb Natapov <gleb@redhat.com> wrote:
> > On Wed, Jun 05, 2013 at 12:51:29AM -0500, Leo Prasath wrote:
> >> Hi,
> >>
> >> I am interested in intercepting task switches in vmx/svm in 64 bit
> >> mode with ept/npt enabled.
> >> However, I am not seeing the exit code due to task switch ( 9 for vmx
> >> and 125 for svm ) in the list of vm exits that I see in a typical
> >> guest run.
> > I do not think "task switch" exit means what you think it means. This is
> > not OS context switches, but some x86 cpu concept of task that can be
> > switched by using HW mechanism. No modern OS uses it. Actually in 64 bit
> > mode it does not exists at all.
> >
> >> I log the vm exit codes in the x86/svm.c:handle_exit method for svm
> >> and x86/vmx.c:vmx_handle_exit for vmx.
> >>
> >> Any pointers regarding this is very much appreciated.
> >>
> >> On a related note, does cr3 write interception approximate task switch
> >> interception ?
> > Depending on how OS works. For Linux it is probably true (if cr3 value
> > changes).
> >
> >> ( I was able to intercept cr3 writes with svm while npt was enabled.
> >> but with vmx, I could intercept cr3 writes only with ept disabled )
> >>
> >> Thanks,
> >> Leo
> >>
> >> Looking through the manuals, svm has a control bit in VMCS for
> >> enabling / disabling task switch interception while vmx does not seem
> >> to have such a control bit.
> > Again, this is not "task switch" you are looking for.
> >
> >> -----------------------------------------
> >> Excerpts from the manuals :
> >>
> >> Intel
> >> ------
> >>
> >> Exit reason #9 indicates a vm exit due to task switch.
> >>
> >> Vol. 3C 24-9 : Some instructions cause VM exits regardless of the
> >> settings of the processor-based VM-execution controls (see Section
> >> 25.1.2), as
> >> do task switches (see Section 25.2).
> >>
> >> Vol. 3C 25-6 : Task switches. Task switches are not allowed in VMX
> >> non-root operation. Any attempt to effect a task switch in VMX
> >> non-root operation causes a VM exit. See Section 25.4.2
> >>
> >> AMD
> >> -------
> >>
> >> Intercept code to look for is: 7Dh VMEXIT_TASK_SWITCH task switch
> >>
> >> 15.14 AMD64 Technology Miscellaneous Intercepts : The SVM architecture
> >> includes intercepts to handle task switches, processor freezes due to
> >> FERR, and shutdown operations.
> >> Task switches can modify several resources that a VMM may want to
> >> protect (CR3, EFLAGS, LDT).  However, instead of checking various
> >> intercepts (e.g., CR3 Write, LDTR Write) individually, task switches
> >> check only a single intercept bit.
> >>
> >> Page 581 : Layout of VMCB says Byte offset 00Ch : bit 29 Intercept
> >> task switches.
> >>
> >> ----------------------------------------
> >> --
> >> To unsubscribe from this list: send the line "unsubscribe kvm" in
> >> the body of a message to majordomo@vger.kernel.org
> >> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> >
> > --
> >                         Gleb.

--
			Gleb.