From: Razvan Cojocaru <rcojocaru@bitdefender.com>
To: "Lengyel, Tamas" <tlengyel@novetta.com>
Cc: Jun Nakajima <jun.nakajima@intel.com>,
Wei Liu <wei.liu2@citrix.com>,
kevin.tian@intel.com, keir@xen.org,
Ian Campbell <ian.campbell@citrix.com>,
Stefano Stabellini <stefano.stabellini@eu.citrix.com>,
George Dunlap <george.dunlap@eu.citrix.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
eddie.dong@intel.com, Xen-devel <xen-devel@lists.xen.org>,
Aravind.Gopalakrishnan@amd.com, Jan Beulich <jbeulich@suse.com>,
suravee.suthikulpanit@amd.com, boris.ostrovsky@oracle.com,
Ian Jackson <ian.jackson@eu.citrix.com>
Subject: Re: [PATCH V3 3/3] xen/vm_event: Deny register writes if refused by vm_event reply
Date: Mon, 6 Jul 2015 20:16:09 +0300 [thread overview]
Message-ID: <559AB7D9.9030303@bitdefender.com> (raw)
In-Reply-To: <CAD33N+64r6D_Aj1e-BDXoAvFR6VeWxpRSRZte-JoLNy9sPLcPg@mail.gmail.com>
On 07/06/2015 08:05 PM, Lengyel, Tamas wrote:
> @@ -410,6 +414,8 @@ void vm_event_resume(struct domain *d, struct
> vm_event_domain *ved)
>
>
> #ifdef HAS_MEM_ACCESS
> case VM_EVENT_REASON_MEM_ACCESS:
> + case VM_EVENT_REASON_MOV_TO_MSR:
> + case VM_EVENT_REASON_WRITE_CTRLREG:
>
>
> This doesn't really make much sense to be associated with MEM_ACCESS.
> I'm adding a separate arch-specific vm_event file in my other singlestep
> patch, I think these should trigger their appropriate handler there, not
> in mem_access_resume.
To be honest I've somewhat anticipated this critique, and it's
definitely valid. I just wasn't sure if somebody would have said that
it's better to process all responses in one place for now, so I've
decided to try it this way first. But yes, that's actually my preference
as well, so no problem.
> mem_access_resume(v, &rsp);
> break;
> #endifdiff --git a/xen/include/public/vm_event.h
> b/xen/include/public/vm_event.h
> index f0da008..bc97334 100644
> --- a/xen/include/public/vm_event.h
> +++ b/xen/include/public/vm_event.h
> @@ -158,6 +158,11 @@ struct vm_event_regs_x86 {
> * MEM_ACCESS_EMULATE_NOWRITE.
> */
> #define MEM_ACCESS_SET_EMUL_READ_DATA (1 << 8)
> + /*
> + * Deny completion of the operation that triggered the event.
> + * Currently only useful for MSR, CR0, CR3 and CR4 write events.
> + */
> +#define MEM_ACCESS_DENY (1 << 9)
>
>
> Same comment here, this feature is not really denying a mem_access, it
> denies register writes. Associating it with mem_access just makes it
> confusing. IMHO defining it as a VM_EVENT_FLAG_DENY_REGISTER_CHANGE or
> something similar instead would make it a lot more descriptive and
> inline with that it is actually doing.
Fair enough, I'll think of a more appropriate name for it.
Thanks,
Razvan
next prev parent reply other threads:[~2015-07-06 17:16 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-06 15:51 [PATCH V3 0/3] Vm_event memory introspection helpers Razvan Cojocaru
2015-07-06 15:51 ` [PATCH V3 1/3] xen/mem_access: Support for memory-content hiding Razvan Cojocaru
2015-07-06 16:50 ` Lengyel, Tamas
2015-07-06 18:27 ` Razvan Cojocaru
2015-07-06 18:30 ` Lengyel, Tamas
2015-07-07 8:10 ` Razvan Cojocaru
2015-07-07 12:04 ` Lengyel, Tamas
2015-07-07 12:33 ` Razvan Cojocaru
2015-07-07 13:09 ` Razvan Cojocaru
2015-07-07 13:15 ` Lengyel, Tamas
2015-07-07 13:21 ` Razvan Cojocaru
2015-07-07 13:27 ` Lengyel, Tamas
2015-07-07 10:51 ` George Dunlap
2015-07-07 13:27 ` Jan Beulich
2015-07-07 15:32 ` Razvan Cojocaru
2015-07-07 15:40 ` Jan Beulich
2015-07-07 16:20 ` Razvan Cojocaru
2015-07-07 16:24 ` Jan Beulich
2015-07-06 15:51 ` [PATCH V3 2/3] xen/vm_event: Support for guest-requested events Razvan Cojocaru
2015-07-06 16:55 ` Lengyel, Tamas
2015-07-06 17:57 ` Wei Liu
2015-07-07 11:01 ` George Dunlap
2015-07-07 11:59 ` Razvan Cojocaru
2015-07-07 13:30 ` Jan Beulich
2015-07-07 14:26 ` Daniel De Graaf
2015-07-06 15:51 ` [PATCH V3 3/3] xen/vm_event: Deny register writes if refused by vm_event reply Razvan Cojocaru
2015-07-06 17:05 ` Lengyel, Tamas
2015-07-06 17:16 ` Razvan Cojocaru [this message]
2015-07-07 9:06 ` Razvan Cojocaru
2015-07-07 12:55 ` Lengyel, Tamas
2015-07-07 13:21 ` Razvan Cojocaru
2015-07-07 13:26 ` Lengyel, Tamas
2015-07-07 11:05 ` George Dunlap
2015-07-07 13:42 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=559AB7D9.9030303@bitdefender.com \
--to=rcojocaru@bitdefender.com \
--cc=Aravind.Gopalakrishnan@amd.com \
--cc=andrew.cooper3@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=eddie.dong@intel.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=jun.nakajima@intel.com \
--cc=keir@xen.org \
--cc=kevin.tian@intel.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=suravee.suthikulpanit@amd.com \
--cc=tlengyel@novetta.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.