From: Adrian Pop <apop@bitdefender.com>
To: xen-devel@lists.xenproject.org
Cc: Tamas K Lengyel <tamas@tklengyel.com>,
Wei Liu <wei.liu2@citrix.com>,
Razvan Cojocaru <rcojocaru@bitdefender.com>,
Adrian Pop <apop@bitdefender.com>,
George Dunlap <george.dunlap@eu.citrix.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Ian Jackson <ian.jackson@eu.citrix.com>,
Jan Beulich <jbeulich@suse.com>
Subject: [PATCH 0/3] x86: Add a hvmop for setting the #VE suppress bit
Date: Thu, 18 May 2017 18:07:55 +0300 [thread overview]
Message-ID: <20170518150758.9414-1-apop@bitdefender.com> (raw)
As the code stands right now, after DomU has enabled #VE using
HVMOP_altp2m_vcpu_enable_notify, all its pages have the #VE suppress bit
cleared, generating #VEs for any EPT violation. There is currently no
way to change the value of the #VE suppress bit for a page from a
domain; it can only be done in Xen internally using ept_set_entry().
Following the discussion from
https://lists.xen.org/archives/html/xen-devel/2017-03/msg01312.html this
patch introduces a new hvmop to set this bit and thus have control over
which pages generate #VE and which VM-Exit.
I'm not sure whether it's best to define p2m_set_suppress_ve() in
mem_access.c since this file contains common functions for x86 (vmx &
svm) and the function is Intel-specific.
Adrian Pop (2):
x86/altp2m: Add a hvmop for setting the suppress #VE bit
libxc: Add support for the altp2m suppress #VE hvmop
Vlad Ioan Topan (1):
x86/mm: Change default value for suppress #VE in set_mem_access()
tools/libxc/include/xenctrl.h | 2 ++
tools/libxc/xc_altp2m.c | 24 +++++++++++++++++++
xen/arch/x86/hvm/hvm.c | 14 +++++++++++
xen/arch/x86/mm/mem_access.c | 51 +++++++++++++++++++++++++++++++++++++++--
xen/include/public/hvm/hvm_op.h | 15 ++++++++++++
xen/include/xen/mem_access.h | 3 +++
6 files changed, 107 insertions(+), 2 deletions(-)
--
2.12.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next reply other threads:[~2017-05-18 15:08 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-18 15:07 Adrian Pop [this message]
2017-05-18 15:07 ` [PATCH 1/3] x86/mm: Change default value for suppress #VE in set_mem_access() Adrian Pop
2017-05-18 15:07 ` [PATCH 2/3] x86/altp2m: Add a hvmop for setting the suppress #VE bit Adrian Pop
2017-05-18 17:27 ` Tamas K Lengyel
2017-05-23 12:03 ` Adrian Pop
2017-05-29 14:38 ` Jan Beulich
2017-06-06 13:00 ` Adrian Pop
2017-06-06 13:08 ` Jan Beulich
2017-06-08 13:49 ` Adrian Pop
2017-06-08 14:08 ` Jan Beulich
2017-06-09 14:18 ` Adrian Pop
2017-05-18 15:07 ` [PATCH 3/3] libxc: Add support for the altp2m suppress #VE hvmop Adrian Pop
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170518150758.9414-1-apop@bitdefender.com \
--to=apop@bitdefender.com \
--cc=andrew.cooper3@citrix.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=rcojocaru@bitdefender.com \
--cc=tamas@tklengyel.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.