From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Egger, Christoph" <chegger@amazon.de>
Subject: Re: [PATCH] nested EPT: fixing wrong handling for L2
 guest's direct mmio access
Date: Fri, 17 Jan 2014 09:59:54 +0100
Message-ID: <52D8F10A.7080501@amazon.de>
References: <1389940508-2239-1-git-send-email-yang.z.zhang@intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <1389940508-2239-1-git-send-email-yang.z.zhang@intel.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Yang Zhang <yang.z.zhang@intel.com>, xen-devel@lists.xen.org
Cc: andrew.cooper3@citrix.com, xiantao.zhang@intel.com, eddie.dong@intel.com, jun.nakajima@intel.com, JBeulich@suse.com
List-Id: xen-devel@lists.xenproject.org

On 17.01.14 07:35, Yang Zhang wrote:
> From: Yang Zhang <yang.z.zhang@Intel.com>
> 
> L2 guest will access the physical device directly(nested VT-d). For such access,
> Shadow EPT table should point to device's MMIO. But in current logic, L0 doesn't
> distinguish the MMIO whether from qemu or physical device when building shadow EPT table.
> This is wrong. This patch will setup the correct shadow EPT table for such MMIO ranges.
> 
> Signed-off-by: Yang Zhang <yang.z.zhang@Intel.com>
> ---
>  xen/arch/x86/mm/hap/nested_hap.c    |   10 ++++++++--
>  xen/include/asm-x86/hvm/nestedhvm.h |    1 +
>  2 files changed, 9 insertions(+), 2 deletions(-)
> 
> diff --git a/xen/arch/x86/mm/hap/nested_hap.c b/xen/arch/x86/mm/hap/nested_hap.c
> index c2ef1d1..38e2327 100644
> --- a/xen/arch/x86/mm/hap/nested_hap.c
> +++ b/xen/arch/x86/mm/hap/nested_hap.c
> @@ -170,8 +170,11 @@ nestedhap_walk_L0_p2m(struct p2m_domain *p2m, paddr_t L1_gpa, paddr_t *L0_gpa,
>      mfn = get_gfn_type_access(p2m, L1_gpa >> PAGE_SHIFT, p2mt, p2ma,
>                                0, page_order);
>  
> +    rc = NESTEDHVM_PAGEFAULT_DIRECT_MMIO;
> +    if ( *p2mt == p2m_mmio_direct )
> +        goto direct_mmio_out;
>      rc = NESTEDHVM_PAGEFAULT_MMIO;
> -    if ( p2m_is_mmio(*p2mt) )
> +    if ( *p2mt == p2m_mmio_dm )
>          goto out;

Why does p2m_is_mmio() not cover p2m_mmio_direct ?

Christoph

>      rc = NESTEDHVM_PAGEFAULT_L0_ERROR;
> @@ -184,8 +187,9 @@ nestedhap_walk_L0_p2m(struct p2m_domain *p2m, paddr_t L1_gpa, paddr_t *L0_gpa,
>      if ( !mfn_valid(mfn) )
>          goto out;
>  
> -    *L0_gpa = (mfn_x(mfn) << PAGE_SHIFT) + (L1_gpa & ~PAGE_MASK);
>      rc = NESTEDHVM_PAGEFAULT_DONE;
> +direct_mmio_out:
> +    *L0_gpa = (mfn_x(mfn) << PAGE_SHIFT) + (L1_gpa & ~PAGE_MASK);
>  out:
>      __put_gfn(p2m, L1_gpa >> PAGE_SHIFT);
>      return rc;
> @@ -245,6 +249,8 @@ nestedhvm_hap_nested_page_fault(struct vcpu *v, paddr_t *L2_gpa,
>          break;
>      case NESTEDHVM_PAGEFAULT_MMIO:
>          return rv;
> +    case NESTEDHVM_PAGEFAULT_DIRECT_MMIO:
> +        break;
>      default:
>          BUG();
>          break;
> diff --git a/xen/include/asm-x86/hvm/nestedhvm.h b/xen/include/asm-x86/hvm/nestedhvm.h
> index d8124cf..cca41b3 100644
> --- a/xen/include/asm-x86/hvm/nestedhvm.h
> +++ b/xen/include/asm-x86/hvm/nestedhvm.h
> @@ -53,6 +53,7 @@ bool_t nestedhvm_vcpu_in_guestmode(struct vcpu *v);
>  #define NESTEDHVM_PAGEFAULT_L0_ERROR   3
>  #define NESTEDHVM_PAGEFAULT_MMIO       4
>  #define NESTEDHVM_PAGEFAULT_RETRY      5
> +#define NESTEDHVM_PAGEFAULT_DIRECT_MMIO 6
>  int nestedhvm_hap_nested_page_fault(struct vcpu *v, paddr_t *L2_gpa,
>      bool_t access_r, bool_t access_w, bool_t access_x);
>  
>