From: Andrew Cooper <andrew.cooper3@citrix.com>
To: "Mihai Donțu" <mdontu@bitdefender.com>
Cc: Andrei LUTAS <vlutas@bitdefender.com>,
xen-devel@lists.xensource.com, keir@xen.org, jbeulich@suse.com
Subject: Re: xen: generic instruction re-execution mechanism for execute faults
Date: Tue, 09 Sep 2014 09:35:55 +0100 [thread overview]
Message-ID: <540EBBEB.7030708@citrix.com> (raw)
In-Reply-To: <20140909060111.0d888575@bitdefender.com>
On 09/09/2014 04:01, Mihai Donțu wrote:
> Hi,
>
> This is another patch from which we stepped back for a while in order
> to give it a better thought:
>
> http://lists.xenproject.org/archives/html/xen-devel/2014-07/msg00309.html
>
> Our argument for it is that memory introspection technologies can cause
> a VMEXIT practically at any point during the guest execution, even
> without any 'malicious' activity going on in it. If the instruction
> that caused the exit is well within a protected page, we would need to:
>
> a) emulate it
> b) single step it
>
> The emulation part would be the desired option, but unfortunately it
> requires a full blown emulator which I believe is beyond the scope of
> Xen.
As I said on the thread before, the current emulator in Xen is all Xen
has needed in the past.
I think it is perfectly reasonable to extend the emulator if a plausible
use (such as this) arises, but we would specifically want to avoid is
having multiple emulators in Xen.
> One would rather have to somehow tap into qemu (if at all
> possible).
It is technically possible, but the overheads would be massive.
>
> The other option, which is permanent in that it does not need to be
> maintained like an emulator, is to suspend all vCPU's, grant
> permissions to the fault page, single step the guest, return to Xen and
> then resume. It has a bit of overhead, but the fact that this code path
> is seldom taken and cumulated with the efficiency of latest hardware
> makes it the better choice. Also, the tests we have conducted show no
> observable slowdown.
No observable slowdown from whose point of view? How often are
instructions trapped and replayed like this?
>
> In conclusion: is there any way we can bring this idea (either in the
> proposed form by the patch or any other) into Xen?
A proposition email like this with a clear high level goal is certainly
a good start.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
prev parent reply other threads:[~2014-09-09 8:35 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-09 3:01 xen: generic instruction re-execution mechanism for execute faults Mihai Donțu
2014-09-09 8:35 ` Andrew Cooper [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=540EBBEB.7030708@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=keir@xen.org \
--cc=mdontu@bitdefender.com \
--cc=vlutas@bitdefender.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.