From: Razvan Cojocaru <rcojocaru@bitdefender.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: kevin.tian@intel.com, ian.campbell@citrix.com,
stefano.stabellini@eu.citrix.com, andrew.cooper3@citrix.com,
eddie.dong@intel.com, xen-devel@lists.xen.org,
jun.nakajima@intel.com, ian.jackson@eu.citrix.com
Subject: Re: [PATCH RFC V5 3/5] xen: Force-enable relevant MSR events; optimize the number of sent MSR events
Date: Fri, 08 Aug 2014 17:47:43 +0300 [thread overview]
Message-ID: <53E4E30F.2010807@bitdefender.com> (raw)
In-Reply-To: <53E4FC26020000780002AA23@mail.emea.novell.com>
On 08/08/2014 05:34 PM, Jan Beulich wrote:
>>>> On 06.08.14 at 17:58, <rcojocaru@bitdefender.com> wrote:
>> @@ -695,11 +696,30 @@ static void vmx_set_host_env(struct vcpu *v)
>> void vmx_disable_intercept_for_msr(struct vcpu *v, u32 msr, int type)
>> {
>> unsigned long *msr_bitmap = v->arch.hvm_vmx.msr_bitmap;
>> + struct domain *d = v->domain;
>>
>> /* VMX MSR bitmap supported? */
>> if ( msr_bitmap == NULL )
>> return;
>>
>> + if ( mem_event_check_ring(&d->mem_event->access) )
>> + {
>> + /* Filter out MSR-s needed for memory introspection */
>
> I continue to be unconvinced that this code block's surrounding
> conditional is as precise as possible: Your introspection code
> surely isn't the only mem-event based mechanism. Yet you'd
> impact guests in all other cases too.
I agree, however I can't think of a way to be more specific without
introducing a special new parameter / bit when enabling mem_access.
If you feel that that would not be a problem, I'll add one.
>> --- a/xen/arch/x86/hvm/vmx/vmx.c
>> +++ b/xen/arch/x86/hvm/vmx/vmx.c
>> @@ -1682,6 +1682,22 @@ void vmx_hypervisor_cpuid_leaf(uint32_t sub_idx,
>> *eax |= XEN_HVM_CPUID_X2APIC_VIRT;
>> }
>>
>> +static void vmx_enable_intro_msr_interception(struct domain *d)
>
> The "intro" in the name is surely odd: For one, it implies that _only_
> introspection might be interested in doing this. And then it may
> (without reading the comments inside the function) well be an
> abbreviation for something else, e.g. "introduction".
It's no problem to either drop "intro" or expand it into
"introspection". Would one be preferable to the other?
>> +{
>> + struct vcpu *v;
>> +
>> + /* Enable interception for MSRs needed for memory introspection. */
>> + for_each_vcpu ( d, v )
>> + {
>> + vmx_enable_intercept_for_msr(v, MSR_IA32_SYSENTER_EIP, MSR_TYPE_W);
>> + vmx_enable_intercept_for_msr(v, MSR_IA32_SYSENTER_ESP, MSR_TYPE_W);
>> + vmx_enable_intercept_for_msr(v, MSR_IA32_SYSENTER_CS, MSR_TYPE_W);
>> + vmx_enable_intercept_for_msr(v, MSR_IA32_MC0_CTL, MSR_TYPE_W);
>> + vmx_enable_intercept_for_msr(v, MSR_STAR, MSR_TYPE_W);
>> + vmx_enable_intercept_for_msr(v, MSR_LSTAR, MSR_TYPE_W);
>
> I also wonder whether the redundant enumeration of all these
> MSRs couldn't be abstracted to just a single place.
I'll add them to a const array and iterate through that.
>> --- a/xen/arch/x86/mm/mem_event.c
>> +++ b/xen/arch/x86/mm/mem_event.c
>> @@ -600,6 +600,9 @@ int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec,
>> rc = mem_event_enable(d, mec, med, _VPF_mem_access,
>> HVM_PARAM_ACCESS_RING_PFN,
>> mem_access_notification);
>> +
>> + if ( rc == 0 && hvm_funcs.enable_intro_msr_interception )
>> + hvm_funcs.enable_intro_msr_interception(d);
>
> Isn't the sequence of operations wrong here (leaving a window in
> time where mem events are already enabled but the necessary MSRs
> aren't being intercepted yet? Or was it that guests are being paused
> while all this takes place?
The guest is paused, but that's a fair point. I'll look into it.
Thanks,
Razvan Cojocaru
next prev parent reply other threads:[~2014-08-08 14:47 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-06 15:58 [PATCH RFC V5 1/5] xen: Emulate with no writes Razvan Cojocaru
2014-08-06 15:58 ` [PATCH RFC V5 2/5] xen: Optimize introspection access to guest state Razvan Cojocaru
2014-08-08 14:27 ` Jan Beulich
2014-08-06 15:58 ` [PATCH RFC V5 3/5] xen: Force-enable relevant MSR events; optimize the number of sent MSR events Razvan Cojocaru
2014-08-08 14:34 ` Jan Beulich
2014-08-08 14:47 ` Razvan Cojocaru [this message]
2014-08-08 15:11 ` Jan Beulich
2014-08-11 8:57 ` Razvan Cojocaru
2014-08-06 15:58 ` [PATCH RFC V5 4/5] xen, libxc: Request page fault injection via libxc Razvan Cojocaru
2014-08-07 7:22 ` Razvan Cojocaru
2014-08-08 14:48 ` Jan Beulich
2014-08-08 14:55 ` Razvan Cojocaru
2014-08-08 21:45 ` Andrei LUTAS
2014-08-06 15:58 ` [PATCH RFC V5 5/5] xen: Handle resumed instruction based on previous mem_event reply Razvan Cojocaru
2014-08-08 14:54 ` Jan Beulich
2014-08-08 14:25 ` [PATCH RFC V5 1/5] xen: Emulate with no writes Jan Beulich
2014-08-08 14:33 ` Razvan Cojocaru
2014-08-08 15:08 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53E4E30F.2010807@bitdefender.com \
--to=rcojocaru@bitdefender.com \
--cc=JBeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=eddie.dong@intel.com \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jun.nakajima@intel.com \
--cc=kevin.tian@intel.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.