From: Razvan Cojocaru <rcojocaru@bitdefender.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: jun.nakajima@intel.com, kevin.tian@intel.com,
wei.liu2@citrix.com, ian.campbell@citrix.com,
stefano.stabellini@eu.citrix.com, george.dunlap@eu.citrix.com,
andrew.cooper3@citrix.com, ian.jackson@eu.citrix.com,
xen-devel@lists.xen.org, eddie.dong@intel.com,
Aravind.Gopalakrishnan@amd.com, suravee.suthikulpanit@amd.com,
tlengyel@novetta.com, keir@xen.org, boris.ostrovsky@oracle.com
Subject: Re: [PATCH V3 1/3] xen/mem_access: Support for memory-content hiding
Date: Tue, 7 Jul 2015 19:20:20 +0300 [thread overview]
Message-ID: <559BFC44.5020407@bitdefender.com> (raw)
In-Reply-To: <559C0EF1020000780008DA3B@mail.emea.novell.com>
On 07/07/2015 06:40 PM, Jan Beulich wrote:
>>>> On 07.07.15 at 17:32, <rcojocaru@bitdefender.com> wrote:
>> On 07/07/2015 04:27 PM, Jan Beulich wrote:
>>>>>> On 06.07.15 at 17:51, <rcojocaru@bitdefender.com> wrote:
>>>> @@ -1552,9 +1556,15 @@ bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
>>>>
>>>> if ( v->arch.vm_event.emulate_flags )
>>>> {
>>>> - hvm_mem_access_emulate_one((v->arch.vm_event.emulate_flags &
>>>> - MEM_ACCESS_EMULATE_NOWRITE) != 0,
>>>> - TRAP_invalid_op, HVM_DELIVER_NO_ERROR_CODE);
>>>> + enum emul_kind kind = EMUL_KIND_NORMAL;
>>>> +
>>>> + if ( v->arch.vm_event.emulate_flags & MEM_ACCESS_SET_EMUL_READ_DATA )
>>>> + kind = EMUL_KIND_SET_CONTEXT;
>>>> + else if ( v->arch.vm_event.emulate_flags & MEM_ACCESS_EMULATE_NOWRITE )
>>>
>>> Is there code in place rejecting both flags being set at once? I don't
>>> recall having seen any...
>>
>> No, there isn't. Both flags can be set at once, but if so only the
>> SET_EMUL_READ_DATA will be honored.
>
> But to me, purely theoretically setting both flags together makes
> sense, and hence this combination, if it isn't working today,
> shouldn't result in unexpected behavior (perhaps differing from
> what a future Xen version might do).
That's a very good point. I have tried to be as clear about this as
possible in the code by using an enum for the possible emulation kinds,
instead of #defines or something potentially interpretable as bit
setters. But due to the design of the vm_event mechanism it's not
possible to return an error when the response contains OR-ed bits that
don't belong together.
The behaviour now is that NOWRITE outranks the plain EMULATE, and
SET_CONTEXT outranks them both, and there are no plans to change this in
the future. I suppose a comment stating this clearly belongs in vm_event.h?
Thanks,
Razvan
next prev parent reply other threads:[~2015-07-07 16:20 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-06 15:51 [PATCH V3 0/3] Vm_event memory introspection helpers Razvan Cojocaru
2015-07-06 15:51 ` [PATCH V3 1/3] xen/mem_access: Support for memory-content hiding Razvan Cojocaru
2015-07-06 16:50 ` Lengyel, Tamas
2015-07-06 18:27 ` Razvan Cojocaru
2015-07-06 18:30 ` Lengyel, Tamas
2015-07-07 8:10 ` Razvan Cojocaru
2015-07-07 12:04 ` Lengyel, Tamas
2015-07-07 12:33 ` Razvan Cojocaru
2015-07-07 13:09 ` Razvan Cojocaru
2015-07-07 13:15 ` Lengyel, Tamas
2015-07-07 13:21 ` Razvan Cojocaru
2015-07-07 13:27 ` Lengyel, Tamas
2015-07-07 10:51 ` George Dunlap
2015-07-07 13:27 ` Jan Beulich
2015-07-07 15:32 ` Razvan Cojocaru
2015-07-07 15:40 ` Jan Beulich
2015-07-07 16:20 ` Razvan Cojocaru [this message]
2015-07-07 16:24 ` Jan Beulich
2015-07-06 15:51 ` [PATCH V3 2/3] xen/vm_event: Support for guest-requested events Razvan Cojocaru
2015-07-06 16:55 ` Lengyel, Tamas
2015-07-06 17:57 ` Wei Liu
2015-07-07 11:01 ` George Dunlap
2015-07-07 11:59 ` Razvan Cojocaru
2015-07-07 13:30 ` Jan Beulich
2015-07-07 14:26 ` Daniel De Graaf
2015-07-06 15:51 ` [PATCH V3 3/3] xen/vm_event: Deny register writes if refused by vm_event reply Razvan Cojocaru
2015-07-06 17:05 ` Lengyel, Tamas
2015-07-06 17:16 ` Razvan Cojocaru
2015-07-07 9:06 ` Razvan Cojocaru
2015-07-07 12:55 ` Lengyel, Tamas
2015-07-07 13:21 ` Razvan Cojocaru
2015-07-07 13:26 ` Lengyel, Tamas
2015-07-07 11:05 ` George Dunlap
2015-07-07 13:42 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=559BFC44.5020407@bitdefender.com \
--to=rcojocaru@bitdefender.com \
--cc=Aravind.Gopalakrishnan@amd.com \
--cc=JBeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=eddie.dong@intel.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jun.nakajima@intel.com \
--cc=keir@xen.org \
--cc=kevin.tian@intel.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=suravee.suthikulpanit@amd.com \
--cc=tlengyel@novetta.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.