From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ed White <edmund.h.white@intel.com>
Subject: Re: [PATCH v2 00/12] Alternate p2m: support multiple
 copies of host p2m
Date: Wed, 24 Jun 2015 09:43:57 -0700
Message-ID: <558ADE4D.9060303@intel.com>
References: <1434999372-3688-1-git-send-email-edmund.h.white@intel.com>
	<CAD33N+5p8U0PCjwN40PMqsH0qJCps=W3OO0NPiTF9tp+WHOiMg@mail.gmail.com>
	<558A4297.9090806@bitdefender.com>
	<CAD33N+5Rd2URM8Q7bE45BE+K+SYh7BAiXVHJZbUVhYsafc+anQ@mail.gmail.com>
	<558AB2B3.4030106@bitdefender.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <558AB2B3.4030106@bitdefender.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Razvan Cojocaru <rcojocaru@bitdefender.com>, "Lengyel, Tamas" <tlengyel@novetta.com>
Cc: Ravi Sahita <ravi.sahita@intel.com>, Wei Liu <wei.liu2@citrix.com>, Tim Deegan <tim@xen.org>, Ian Jackson <ian.jackson@eu.citrix.com>, Xen-devel <xen-devel@lists.xen.org>, Jan Beulich <jbeulich@suse.com>, Andrew Cooper <andrew.cooper3@citrix.com>, Daniel De Graaf <dgdegra@tycho.nsa.gov>
List-Id: xen-devel@lists.xenproject.org

On 06/24/2015 06:37 AM, Razvan Cojocaru wrote:
> On 06/24/2015 04:32 PM, Lengyel, Tamas wrote:
>>
>>
>> On Wed, Jun 24, 2015 at 1:39 AM, Razvan Cojocaru
>> <rcojocaru@bitdefender.com <mailto:rcojocaru@bitdefender.com>> wrote:
>>
>>     On 06/24/2015 12:27 AM, Lengyel, Tamas wrote:
>>     > I've extended xen-access to exercise this new feature taking into
>>     > account some of the current limitations. Using the altp2m_write|exec
>>     > options we create a duplicate view of the default hostp2m, and instead
>>     > of relaxing the mem_access permissions when we encounter a violation, we
>>     > swap the view on the violating vCPU while also enabling MTF
>>     > singlestepping. When the singlestep event fires, we use the response to
>>     > that event to swap the view back to the restricted altp2m view.
>>
>>     That's certainly very interesting. I wonder what the benefits are in
>>     this case over emulating the fault-causing instruction (other than
>>     obviously not going through the emulator)? The altp2m method would
>>     certainly be slower, since you need more round-trips from userspace to
>>     the hypervisor (the EPT vm_event handling + the singlestep event,
>>     whereas with emulation you just reply to the original vm_event).
>>
>>
>>     Regards,
>>     Razvan
>>
>>
>> Certainly, this is pretty slow right now, especially for the altp2m_exec
>> case. However, sometimes you simply cannot emulate. For example if you
>> write breakpoints into target locations, the original instruction has
>> been overwritten with 0xCC. If you have a duplicate of the page without
>> the breakpoint, this is an easy way to make the guest fetch the original
>> instruction. Of course, if you extend the emulation routine where you
>> can provide the instruction to emulate, instead of it being fetched from
>> guest memory, that would be equally useful ;)
> 
> Makes sense, thanks for the explanation! Sure, sending back the
> instruction to emulate could be something to consider for the future.
> 
> 
> Thanks,
> Razvan
> 

One thing I'd add is that what Tamas has done provides a valuable test that
the cross-domain functionality works, even if it might not be a recommended
design pattern. Our primary use case at Intel is intra-domain, and there
the advantages of avoiding many exits are clear.

Also, even cross-domain usage allows for different views of, and levels of
access to, memory concurrently on different vcpus.

Ed