From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: [PATCH 12/13] KVM: SVM: Add checks for IO instructions
Date: Thu, 31 Mar 2011 12:03:37 +0200
Message-ID: <4D945179.1050800@redhat.com>
References: <1301309210-11120-1-git-send-email-joerg.roedel@amd.com> <1301309210-11120-13-git-send-email-joerg.roedel@amd.com> <4D907EDC.1050607@redhat.com> <20110331071440.GQ2085@amd.com> <4D9446E4.2050508@redhat.com> <20110331094252.GA2207@amd.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Marcelo Tosatti <mtosatti@redhat.com>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>
To: "Roedel, Joerg" <Joerg.Roedel@amd.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:37128 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1754073Ab1CaKDm (ORCPT <rfc822;kvm@vger.kernel.org>);
	Thu, 31 Mar 2011 06:03:42 -0400
In-Reply-To: <20110331094252.GA2207@amd.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 03/31/2011 11:42 AM, Roedel, Joerg wrote:
> On Thu, Mar 31, 2011 at 05:18:28AM -0400, Avi Kivity wrote:
> >  On 03/31/2011 09:14 AM, Roedel, Joerg wrote:
> >  >  On Mon, Mar 28, 2011 at 08:28:12AM -0400, Avi Kivity wrote:
> >  >  >   The spec indicates we need to check the TSS and IOPL based permissions
> >  >  >   before the intercept (vmx agrees).  With the code as is, it happens
> >  >  >   afterwards.
> >  >  >
> >  >  >   One way to do this is to have an ExtraChecks bit in the opcode::flags.
> >  >  >   Then opcode::u.xcheck->perms() is the pre-intercept check and
> >  >  >   opcode::u.xcheck->execute() is the post-intercept execution.  Should
> >  >  >   work for monitor/mwait/rdtsc(p)/rdpmc/other crap x86 throws at us.
> >  >
> >  >  Okay, as you suggested, I put these checks into the instruction emulator
> >  >  and let the hard work of implementing per-arch checks to the nested-vmx
> >  >  people ;)
> >  >  I doubt that this makes the opcode-tables more readable, but lets see :)
> >
> >  I think we're miscommunicating.  I'm talking about x86 checks, not virt
> >  vendor specific checks.
>
> The place of the intercept check may be vendor specific. I havn't looked
> at the Intel spec, though. But there are probably differences.

That's why there are three hooks: pre-ex, post-ex, post-mem.  If an 
intercept fits in between, use the pre-ex hook and duplicate the checks 
in the intercept.

As far as I recall, everything should fit into those three, though.

> >  For example, the flow for IOIO would be:
> >
> >     #UD check (lock prefix)
> >     PE/IOPL/CPL/VM check
> >     TSS bitmap check (can cause #PF)
> >     Intercept check
> >     Operand segment check
> >     Possible #PF
> >     Execution
> >
> >  We need to make sure the TSS bitmap check happens before the intercept,
> >  so we need to split ->execute() into two.
>
> Right. For the generic case, how about factor out the checks (for the
> POST_EX intercept case) into a seperate excp_check-callback (similar to the
> execute-callback) and execute it before the post-exception-intercept
> check?

That is exactly my suggestion.

-- 
error compiling committee.c: too many arguments to function