From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Don Slutz <dslutz@verizon.com>, xen-devel@lists.xen.org
Cc: Kevin Tian <kevin.tian@intel.com>, Keir Fraser <keir@xen.org>,
Ian Campbell <ian.campbell@citrix.com>,
Stefano Stabellini <stefano.stabellini@eu.citrix.com>,
Jun Nakajima <jun.nakajima@intel.com>,
Eddie Dong <eddie.dong@intel.com>,
Ian Jackson <ian.jackson@eu.citrix.com>, Tim Deegan <tim@xen.org>,
George Dunlap <George.Dunlap@eu.citrix.com>,
Aravind Gopalakrishnan <Aravind.Gopalakrishnan@amd.com>,
Jan Beulich <jbeulich@suse.com>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
Subject: Re: [PATCH v9 06/13] xen: Add ring 3 vmware_port support
Date: Wed, 18 Feb 2015 18:19:14 +0000 [thread overview]
Message-ID: <54E4D7A2.3090505@citrix.com> (raw)
In-Reply-To: <54E4C5C8.6060003@terremark.com>
On 18/02/15 17:03, Don Slutz wrote:
> On 02/17/15 09:38, Andrew Cooper wrote:
>> On 16/02/15 23:05, Don Slutz wrote:
>>> Summary is that VMware treats "in (%dx),%eax" (or "out %eax,(%dx)")
>>> to port 0x5658 specially. Note: since many operations return data
>>> in EAX, "in (%dx),%eax" is the one to use. The other lengths like
>>> "in (%dx),%al" will still do things, only AL part of EAX will be
>>> changed. For "out %eax,(%dx)" of all lengths, EAX will remain
>>> unchanged.
>>>
>>> This instruction is allowed to be used from ring 3. To
>>> support this the vmexit for GP needs to be enabled. I have not
>>> fully tested that nested HVM is doing the right thing for this.
>>>
>>> The support included is enough to allow VMware tools to install in a
>>> HVM domU.
>>>
>>> Enable no-fault of pio in x86_emulate for VMware port
>>>
>>> Also adjust the emulation registers after doing a VMware
>>> backdoor operation.
>>>
>>> Add new routine hvm_emulate_one_gp() to be used by the #GP fault
>>> handler.
>>>
>>> Some of the best info is at:
>>>
>>> https://sites.google.com/site/chitchatvmback/backdoor
>>>
>>> Signed-off-by: Don Slutz <dslutz@verizon.com>
>>> ---
>>> v9:
>>> Split #GP handling (or skipping of #GP) code out of previous
>>> patch to help with the review process.
>>> Switch to x86_emulator to handle #GP
>>> I think the hvm_emulate_ops_gp() covers all needed ops. Not able
>>> to validate
>>> all paths though _hvm_emulate_one().
>>>
>>> xen/arch/x86/hvm/emulate.c | 62
>>> ++++++++++++++++++++++++++++++++--
>>> xen/arch/x86/hvm/svm/svm.c | 27 +++++++++++++++
>>> xen/arch/x86/hvm/svm/vmcb.c | 2 ++
>>> xen/arch/x86/hvm/vmware/vmport.c | 11 ++++++
>>> xen/arch/x86/hvm/vmx/vmcs.c | 2 ++
>>> xen/arch/x86/hvm/vmx/vmx.c | 38 +++++++++++++++++++++
>>> xen/arch/x86/x86_emulate/x86_emulate.c | 25 +++++++++++---
>>> xen/arch/x86/x86_emulate/x86_emulate.h | 8 +++++
>>> xen/include/asm-x86/hvm/emulate.h | 2 ++
>>> xen/include/asm-x86/hvm/vmport.h | 1 +
>>> 10 files changed, 172 insertions(+), 6 deletions(-)
>>>
>>> diff --git a/xen/arch/x86/hvm/emulate.c b/xen/arch/x86/hvm/emulate.c
>>> index 636c909..a6a6a5c 100644
>>> --- a/xen/arch/x86/hvm/emulate.c
>>> +++ b/xen/arch/x86/hvm/emulate.c
>>> @@ -22,6 +22,7 @@
>>> #include <asm/hvm/trace.h>
>>> #include <asm/hvm/support.h>
>>> #include <asm/hvm/svm/svm.h>
>>> +#include <asm/hvm/vmport.h>
>>>
>>> static void hvmtrace_io_assist(int is_mmio, ioreq_t *p)
>>> {
>>> @@ -776,6 +777,7 @@ static int hvmemul_read_io_discard(
>>> unsigned long *val,
>>> struct x86_emulate_ctxt *ctxt)
>>> {
>>> + ctxt->do_vmport = 0;
>>
>> This looks horribly invasive.
>>
>> Why are emulation changes needed? What is wrong with the normal
>> handling with a registered ioport handler?
>
> Because VMware made a bad way to provide a "hyper call". They decided to
> allow user access to this. So when a #GP fault should have been
> reported, they instead do the "hyper call".
>
Urgh - now I remember.
Right. In the case that vmport is active, we start intercepting #GP
faults and emulating access. That part of the patch looks ok.
However, the rest is very invasive to the emulation infrastructure.
Something along the lines of:
diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c
b/xen/arch/x86/x86_emulate/x86_emulate.c
index 5e9e040..dd40d6a 100644
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -3394,7 +3394,8 @@ static int inject_swint(enum x86_swint_type type,
? insn_fetch_type(uint8_t)
: (uint16_t)_regs.edx);
op_bytes = !(b & 1) ? 1 : (op_bytes == 8) ? 4 : op_bytes;
- if ( (rc = ioport_access_check(port, op_bytes, ctxt, ops)) != 0 )
+ if ( ((rc = ioport_access_check(port, op_bytes, ctxt, ops)) !=
0) ||
+ (ops->vmport_check && ((rc = ops->vmport_check(port,
ctxt)) != 0)) )
goto done;
if ( b & 2 )
{
would be far less invasive and AFAICT, replace the entire rest of your
patch.
In this case, if ioport_access_check() succeeds, or if it fails and
vmport_check subsequently succeeds, the standard ioport dispatch will
run, and hit vmport_ioport().
~Andrew
next prev parent reply other threads:[~2015-02-18 18:19 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-16 23:05 [PATCH v9 00/13] Xen VMware tools support Don Slutz
2015-02-16 23:05 ` [PATCH v9 01/13] hvm: Move MAX_INST_LEN into x86_emulate.h Don Slutz
2015-02-17 9:52 ` Andrew Cooper
2015-02-17 21:31 ` Don Slutz
2015-03-03 14:02 ` George Dunlap
2015-03-03 14:08 ` Andrew Cooper
2015-03-03 14:09 ` George Dunlap
2015-02-16 23:05 ` [PATCH v9 02/13] xen: Add support for VMware cpuid leaves Don Slutz
2015-02-17 10:02 ` Andrew Cooper
2015-02-17 15:57 ` Jan Beulich
2015-02-17 15:59 ` Andrew Cooper
2015-02-16 23:05 ` [PATCH v9 03/13] tools: Add vmware_hwver support Don Slutz
2015-03-03 14:14 ` Ian Campbell
2015-02-16 23:05 ` [PATCH v9 04/13] vmware: Add VMware provided include file Don Slutz
2015-02-17 10:03 ` Andrew Cooper
2015-02-16 23:05 ` [PATCH v9 05/13] xen: Add vmware_port support Don Slutz
2015-02-17 10:30 ` Andrew Cooper
2015-02-18 2:18 ` Don Slutz
2015-02-23 15:05 ` Jan Beulich
2015-02-23 16:03 ` Don Slutz
2015-02-23 16:28 ` Jan Beulich
2015-02-16 23:05 ` [PATCH v9 06/13] xen: Add ring 3 " Don Slutz
2015-02-17 14:38 ` Andrew Cooper
2015-02-18 17:03 ` Don Slutz
2015-02-18 18:19 ` Andrew Cooper [this message]
2015-02-21 13:36 ` Don Slutz
2015-02-21 15:40 ` Andrew Cooper
2015-02-21 16:06 ` Don Slutz
2015-02-23 15:12 ` Jan Beulich
2015-02-23 17:11 ` Don Slutz
2015-02-24 8:34 ` Jan Beulich
2015-02-24 17:14 ` Don Slutz
2015-02-25 8:39 ` Jan Beulich
2015-02-16 23:05 ` [PATCH v9 07/13] tools: Add " Don Slutz
2015-03-03 14:23 ` Ian Campbell
2015-05-14 23:10 ` Don Slutz
2015-02-16 23:05 ` [PATCH v9 08/13] Add IOREQ_TYPE_VMWARE_PORT Don Slutz
2015-02-17 10:08 ` Paul Durrant
2015-02-18 2:44 ` Don Slutz
2015-02-24 15:34 ` Jan Beulich
2015-02-25 20:20 ` Don Slutz
2015-02-26 8:07 ` Jan Beulich
2015-02-26 11:49 ` Paul Durrant
2015-02-26 14:55 ` Don Slutz
2015-02-26 15:00 ` Paul Durrant
2015-02-26 15:10 ` Jan Beulich
2015-02-26 19:52 ` Don Slutz
2015-02-27 7:48 ` Jan Beulich
2015-03-03 14:25 ` Ian Campbell
2015-02-16 23:05 ` [PATCH v9 09/13] Add xentrace to vmware_port Don Slutz
2015-02-17 13:45 ` Andrew Cooper
2015-02-17 18:22 ` Don Slutz
2015-02-23 16:57 ` Jan Beulich
2015-02-23 19:13 ` Don Slutz
2015-02-24 7:19 ` Jan Beulich
2015-03-03 14:27 ` Ian Campbell
2015-02-16 23:05 ` [PATCH v9 10/13] test_x86_emulator.c: Add typedef for boot_t Don Slutz
2015-02-17 14:44 ` Andrew Cooper
2015-02-17 22:46 ` Don Slutz
2015-02-16 23:05 ` [PATCH v9 11/13] test_x86_emulator.c: Add emacs block Don Slutz
2015-02-17 14:52 ` Andrew Cooper
2015-03-03 14:28 ` Ian Campbell
2015-03-03 14:31 ` Andrew Cooper
2015-02-16 23:05 ` [PATCH v9 12/13] test_x86_emulator.c: Add tests for #GP usage Don Slutz
2015-02-24 15:38 ` Jan Beulich
2015-02-24 18:29 ` Don Slutz
2015-02-25 8:30 ` Jan Beulich
2015-02-25 13:27 ` Don Slutz
2015-02-16 23:05 ` [OPTIONAL][PATCH v9 13/13] Add xen-hvm-param Don Slutz
2015-02-17 14:11 ` Andrew Cooper
2015-02-18 2:51 ` Don Slutz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54E4D7A2.3090505@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=Aravind.Gopalakrishnan@amd.com \
--cc=George.Dunlap@eu.citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=dslutz@verizon.com \
--cc=eddie.dong@intel.com \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=jun.nakajima@intel.com \
--cc=keir@xen.org \
--cc=kevin.tian@intel.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=suravee.suthikulpanit@amd.com \
--cc=tim@xen.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.