Re: Patching guest kernel code for better performance from HOST

[Dushyant Bansal <cs5070214@cse.iitd.ac.in>]

On Monday 09 May 2011 04:08 PM, Alexander Graf wrote:
> On 09.05.2011, at 12:34, Dushyant Bansal wrote:
>
>> On Sunday 08 May 2011 02:22 AM, Alexander Graf wrote:
>>> On 07.05.2011, at 22:32, Dushyant Bansal wrote:
>>>
>>>> Hi,
>>>>
>>>> On patching 'mfmsr' instruction with 'lwz', guest exits when it tries to execute that 'lwz' instruction. I am looking for possible causes for this exit.
>>>>
>>>> Here are the details:
>>>> Initially,
>>>> pc: 0xc0019420, instruction: 0x7c0000a6 [mfmsr r0]
>>>> As this is a privileged instruction, this causes an exit.
>>>>
>>>> qemu-system-ppc-4443  [000] 19733.740013: kvm_book3s_exit: exit=0x700 | pc=0xc0019420 | inst=0x7c0000a6 | msr=0x1032 | dar=0xe1736a00 | srr1=0x100000000004d032
>>>> qemu-system-ppc-4443  [000] 19733.740029: kvm_book3s_patch: return=0 | pc=0xc0019420 | inst=0x7c0000a6 | msr=0x1032 | new_inst=0x8000f05c
>>>> qemu-system-ppc-4443  [000] 19733.740030: kvm_ppc_instr: inst 2080374950 pc 0xc0019420 emulate 0
>>>> qemu-system-ppc-4443  [000] 19733.740037: kvm_book3s_reenter: reentry r=1 | pc=0xc0019420
>>>>
>>>> I patched this instruction with:
>>>> 0x8000f05c:     lwz    r0, -4096(offset of msr)
>>>> This instruction reads the 'msr' field of the magic page into register r0.
>>>>
>>>> Then, I do not increment the pc value, so the guest starts at the same pc which now points to the new patched instruction.
>>>>
>>>> This 'lwz' instruction is causing a exit due to 'BOOK3S_INTERRUPT_PROGRAM' (exit_nr: 0x700).
>>>> What could be the reason for this exit? As, 'lwz' is not a privileged instruction, I am unable to think of any reason.
>>> Did you flush the icache after you patched the instruction? See the function flush_icache_range. Without, your CPU still has the old instruction in its cache, making it trap again :).
>> Thanks.
>>
>> I tried     flush_icache_range((ulong)pc, (ulong)pc + 4);
>> The system becomes unresponsive and I have to use force shut down.
>>
>> Here, pc will have the address of guest instruction and flush_icache_range is called from host. Maybe, I am not using flush_icache_range in the correct way.
>> Also, my host os is ppc64 and the guest is ppc32.
>>
>> I also tried:  flush_cache_all()
>> But the instruction is still present in the instruction cache.
> Just patch the _st function to flush the icache on the host virtual address every time it gets invoked :).
Sorry for replying so late.
It worked. Thanks a lot :)


Dushyant