From mboxrd@z Thu Jan  1 00:00:00 1970
From: Steven Rostedt <srostedt@redhat.com>
Subject: Re: Questioning the Xen Design of the VMM
Date: Tue, 08 Aug 2006 12:39:29 -0400
Message-ID: <44D8BE41.9010709@redhat.com>
References: <907625E08839C4409CE5768403633E0BA7FE0E@sefsexmb1.amd.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <907625E08839C4409CE5768403633E0BA7FE0E@sefsexmb1.amd.com>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: "Petersson, Mats" <Mats.Petersson@amd.com>
Cc: Al Boldi <a1426z@gawab.com>, xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org

Mats, thanks for the examples of where the hypervisor needs to know 
otherwise x86 guest doesn't do what it expects to be done.

I've just recently started working with Xen, but my background has been 
more with other architectures than x86.  I understand all that you 
explained, but one: see below. (I'm posting to the list so that others 
can learn too ;)

Petersson, Mats wrote:
>  

[ snipped a lot of good info ]

> 
> Another problem is "hidden bits" in registers. 
> 
> Let's say this:
> 
> 	mov	cr0, eax
> 	mov	eax, ecx
> 	or	$1, eax
> 	mov	eax, cr0
> 	mov	$0x10, eax
> 	mov	eax, fs
> 	mov	ecx, cr0
> 	
> 	mov	$0xF000000, eax
> 	mov	$10000, ecx
> $1:
> 	mov	$0, fs:eax
> 	add	$4, eax
> 	dec	ecx
> 	jnz	$1
> 
> Let's now say that we have an interrupt that the hypervisor would handle
> in the loop in the above code. The hypervisor itself uses FS for some
> special purpose, and thus needs to save/restore the FS register. When it
> returns, the system will crash (GP fault) because the FS register limit
> is 0xFFFF (64KB) and eax is greater than the limit - but the limit of FS
> was set to 0xFFFFFFFF before we took the interrupt... Incorrect
> behaviour like this is terribly difficult to deal with, and there really
> isn't any good way to solve these issues [other than not allowing the
> code to run when it does "funny" things like this - or to perform the
> necessary code in "translation mode" - i.e. emulate each instruction ->
> slow(ish)]. 
> 

The above I'm confused on.  In x86, the hypervisor can't store the fs 
register fully before returning from the interrupt??  You stated that 
the fs register limit was 0xffffffff before the interrupt, but ends up 
being 0xffff afterwards.  As I mentioned, I'm just learning the 
internals of x86, so my full comprehension on segment registers of x86 
is still a little fuzzy.

Could you explain further here?

Thanks,

-- Steve