Re: [PATCH RFC 6/9] xen, libxc: Request page fault injection via libxc

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Razvan Cojocaru <rcojocaru@bitdefender.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: tim@xen.org, xen-devel@lists.xen.org
Subject: Re: [PATCH RFC 6/9] xen, libxc: Request page fault injection via libxc
Date: Wed, 02 Jul 2014 19:06:05 +0300	[thread overview]
Message-ID: <53B42DED.1000406@bitdefender.com> (raw)
In-Reply-To: <53B4468D020000780001FB40@mail.emea.novell.com>

On 07/02/2014 06:51 PM, Jan Beulich wrote:
>>>> On 02.07.14 at 15:33, <rcojocaru@bitdefender.com> wrote:
>> Added new XEN_DOMCTL_set_pagefault_info hypercall, used by libxc's
>> new xc_domain_set_pagefault_info() function to set per-domain page
>> fault injection information. This information is then used to call
>> hvm_inject_page_fault() at the first VMENTRY where the guest status
>> matches and there are no other pending traps.
> 
> So the first question that strikes me here: What good can it do to be
> able to inject arbitrary page faults, possibly at times where the guest
> OS is absolutely not expecting them?

The guest, as Andrew Cooper said, is waiting for a mem_event reply.

>> @@ -430,6 +431,9 @@ static void vmx_vmcs_save(struct vcpu *v, struct hvm_hw_cpu *c)
>>      __vmread(GUEST_SYSENTER_CS, &c->sysenter_cs);
>>      __vmread(GUEST_SYSENTER_ESP, &c->sysenter_esp);
>>      __vmread(GUEST_SYSENTER_EIP, &c->sysenter_eip);
>> +    __vmread(GUEST_CS_AR_BYTES, &cs_arbytes);
>> +
>> +    c->cs_arbytes = (uint32_t)cs_arbytes;
> 
> This again looks like an unrelated change without any explanation.

It's used here, to check if we're in user mode before injecting the page
fault:

 92 +static void check_pf_injection(void)
 93 +{
 94 +    struct vcpu *curr = current;
 95 +    struct domain *d = curr->domain;
 96 +    struct hvm_hw_cpu ctxt;
 97 +    uint32_t cs_dpl;
 98 +
 99 +    if ( !is_hvm_domain(d) || d->fault_info.virtual_address == 0 )
100 +        return;
101 +
102 +    memset(&ctxt, 0, sizeof(struct hvm_hw_cpu));
103 +    hvm_funcs.save_cpu_ctxt(curr, &ctxt);
104 +
105 +    cs_dpl = (ctxt.cs_arbytes >> 5) & 3;
106 +
107 +    if ( cs_dpl == 3 /* Guest is in user mode */
108 +         && !ctxt.pending_event
109 +         && ctxt.cr3 == d->fault_info.address_space )
110 +    {
111 +        /* Cache */
112 +        uint64_t virtual_address = d->fault_info.virtual_address;
113 +        uint32_t write_access = d->fault_info.write_access;
114 +
115 +        /* Reset */
116 +        d->fault_info.address_space = 0;
117 +        d->fault_info.virtual_address = 0;
118 +        d->fault_info.write_access = 0;
119 +
120 +        hvm_inject_page_fault((write_access << 1) | PFEC_user_mode,
121 +            virtual_address);
122 +    }
123 +}


Thanks,
Razvan Cojocaru

next prev parent reply	other threads:[~2014-07-02 16:06 UTC|newest]

Thread overview: 64+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-07-02 13:33 [PATCH RFC 1/9] xen: Emulate with no writes; compute current instruction length Razvan Cojocaru
2014-07-02 13:33 ` [PATCH RFC 2/9] xen: Optimize introspection access to guest state Razvan Cojocaru
2014-07-02 15:31   ` Andrew Cooper
2014-07-07 14:50     ` Razvan Cojocaru
2014-07-10  8:05     ` Razvan Cojocaru
2014-07-10  8:17       ` Andrew Cooper
2014-07-10  8:23         ` Razvan Cojocaru
2014-07-10 11:57         ` Razvan Cojocaru
2014-07-10 12:16           ` Razvan Cojocaru
2014-07-10 13:01           ` Andrew Cooper
2014-07-02 15:37   ` Jan Beulich
2014-07-03  8:12     ` Razvan Cojocaru
2014-07-03  8:54       ` Jan Beulich
2014-07-02 13:33 ` [PATCH RFC 3/9] xen: Force-enable relevant MSR events; optimize the number of sent MSR events Razvan Cojocaru
2014-07-02 15:35   ` Andrew Cooper
2014-07-02 15:43     ` Jan Beulich
2014-07-09  8:02       ` Razvan Cojocaru
2014-07-23  7:56         ` Jan Beulich
2014-07-23  8:03           ` Razvan Cojocaru
2014-07-02 13:33 ` [PATCH RFC 4/9] xenctrl: Make the headers C++ friendly Razvan Cojocaru
2014-07-02 15:37   ` Andrew Cooper
2014-07-02 13:33 ` [PATCH RFC 5/9] xen: Support for VMCALL mem_events Razvan Cojocaru
2014-07-02 15:47   ` Jan Beulich
2014-07-02 15:54     ` Razvan Cojocaru
2014-07-02 16:11       ` Jan Beulich
2014-07-02 16:23         ` Razvan Cojocaru
2014-07-03  6:28           ` Jan Beulich
2014-07-03  7:29             ` Razvan Cojocaru
2014-07-02 15:54   ` Andrew Cooper
2014-07-02 15:59     ` Razvan Cojocaru
2014-07-02 13:33 ` [PATCH RFC 6/9] xen, libxc: Request page fault injection via libxc Razvan Cojocaru
2014-07-02 15:51   ` Jan Beulich
2014-07-02 16:00     ` Andrew Cooper
2014-07-02 16:58       ` Mihai Donțu
2014-07-02 17:07         ` Andrew Cooper
2014-07-03  8:23           ` Mihai Donțu
2014-07-03  9:32             ` Andrew Cooper
2014-07-03  9:40               ` Razvan Cojocaru
2014-07-02 16:06     ` Razvan Cojocaru [this message]
2014-07-02 16:13       ` Jan Beulich
2014-07-02 13:33 ` [PATCH RFC 7/9] xen: Handle resumed instruction based on previous mem_event reply Razvan Cojocaru
2014-07-02 15:56   ` Jan Beulich
2014-07-03  8:55     ` Razvan Cojocaru
2014-07-03  9:02       ` Jan Beulich
2014-07-03  9:12         ` Razvan Cojocaru
2014-07-03  9:18           ` Andrew Cooper
2014-07-03  9:22           ` Jan Beulich
2014-07-03  9:34             ` Razvan Cojocaru
2014-07-03 10:14               ` Jan Beulich
2014-07-02 13:34 ` [PATCH RFC 8/9] xen: Generic instruction re-execution mechanism for execute faults Razvan Cojocaru
2014-07-02 16:04   ` Andrew Cooper
2014-07-02 13:34 ` [PATCH RFC 9/9] mm: mark pages that have their permissions controlled by a domain Razvan Cojocaru
2014-07-03 10:19   ` Jan Beulich
2014-07-03 11:27     ` Razvan Cojocaru
2014-07-03 12:15       ` Jan Beulich
2014-07-02 15:20 ` [PATCH RFC 1/9] xen: Emulate with no writes; compute current instruction length Andrew Cooper
2014-07-03  7:42   ` Razvan Cojocaru
2014-07-02 15:21 ` Jan Beulich
2014-07-02 15:43   ` Razvan Cojocaru
2014-07-02 16:08     ` Jan Beulich
2014-07-02 16:18       ` Razvan Cojocaru
2014-07-03  6:24         ` Jan Beulich
2014-07-03  7:38   ` Razvan Cojocaru
2014-07-03  8:05     ` Jan Beulich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=53B42DED.1000406@bitdefender.com \
    --to=rcojocaru@bitdefender.com \
    --cc=JBeulich@suse.com \
    --cc=tim@xen.org \
    --cc=xen-devel@lists.xen.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.