From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Tim Deegan <tim@xen.org>
Cc: Kevin Tian <kevin.tian@intel.com>, Wei Liu <wei.liu2@citrix.com>,
Jan Beulich <JBeulich@suse.com>,
George Dunlap <george.dunlap@eu.citrix.com>,
Xen-devel <xen-devel@lists.xen.org>,
Paul Durrant <paul.durrant@citrix.com>,
Jun Nakajima <jun.nakajima@intel.com>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
Subject: Re: [PATCH for-4.7 4/4] x86/hvm: Fix invalidation for emulated invlpg instructions
Date: Mon, 9 May 2016 16:29:51 +0100 [thread overview]
Message-ID: <5730ACEF.9060505@citrix.com> (raw)
In-Reply-To: <20160509151439.GE39480@deinos.phlegethon.org>
On 09/05/16 16:14, Tim Deegan wrote:
> Hi,
>
> At 14:15 +0100 on 09 May (1462803342), Andrew Cooper wrote:
>> hap_invlpg() is reachable from the instruction emulator, which means
>> introspection and tests using hvm_fep can end up here. As such, crashing the
>> domain is not an appropriate action to take.
>>
>> Fixing this involves rearranging the callgraph.
>>
>> paging_invlpg() is now the central entry point. It first checks for
>> applicability of invalidation based on virtual address, and optionally calls
>> into the paging invalidation logic. For HVM domains, it also makes ASID/VPID
>> management calls.
> This reshuffle looks fine, but leaves the return value looking pretty
> strange.
I suppose it does. This looks to be better option.
> For HVM guests it's longer correct (since the hardware
> operation has moved inside paging_invlpg() it should always return 0)
> but none of the callers actually check it, so yay?
>
> I think it might be better to make that return value internal to
> paging_invlpg() and have it DTRT for PV guests as it now does for HVM
> ones, e.g.:
>
> void paging_invlpg(struct vcpu *v, unsigned long va)
> {
> if ( !is_canonical_address(va) )
> return;
>
> if ( paging_mode_enabled(v->domain)
> && !paging_get_hostmode(v)->invlpg(v, va) )
> return;
>
> if ( is_pv_vcpu(v) )
> flush_tlb_one_local(va)
> else
> hvm_funcs.invlpg(va);
> }
>
> with appropriate simplifications at the PV callsites.
>
> I simplified the canonical/__addr_ok test there because I don't think
> we care about the speed of guest invlpg of Xen addresses; I suspect we
> could remove it entirely, and turn a fast emulated NOP into a slow one.
A PV guest should not be able to invlpg Xen addresses at all, which is
why the checks were recently added in c/s 828e114f7 "x86/mmuext: tighten
TLB flush address checks". I will see if I can untangle this as well
without avoiding the __addr_ok() check.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
prev parent reply other threads:[~2016-05-09 15:29 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-09 13:15 [PATCH for-4.7 0/4] Fixes for invlpg handling for HVM guests Andrew Cooper
2016-05-09 13:15 ` [PATCH for-4.7 1/4] x86/hvm: Always return the linear address from hvm_virtual_to_linear_addr() Andrew Cooper
2016-05-09 13:35 ` Jan Beulich
2016-05-09 13:15 ` [PATCH for-4.7 2/4] x86/hvm: Raise #SS faults for %ss-based segmentation violations Andrew Cooper
2016-05-09 13:37 ` Jan Beulich
2016-05-09 13:41 ` Wei Liu
2016-05-09 13:41 ` David Vrabel
2016-05-09 13:15 ` [PATCH for-4.7 3/4] x86/hvm: Correct the emulated interaction of invlpg with segments Andrew Cooper
2016-05-09 13:42 ` Jan Beulich
2016-05-09 13:47 ` Andrew Cooper
2016-05-09 13:48 ` Paul Durrant
2016-05-09 13:15 ` [PATCH for-4.7 4/4] x86/hvm: Fix invalidation for emulated invlpg instructions Andrew Cooper
2016-05-09 13:57 ` Jan Beulich
2016-05-09 14:08 ` Andrew Cooper
[not found] ` <20160509151439.GE39480@deinos.phlegethon.org>
2016-05-09 15:29 ` Andrew Cooper [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5730ACEF.9060505@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=JBeulich@suse.com \
--cc=boris.ostrovsky@oracle.com \
--cc=george.dunlap@eu.citrix.com \
--cc=jun.nakajima@intel.com \
--cc=kevin.tian@intel.com \
--cc=paul.durrant@citrix.com \
--cc=suravee.suthikulpanit@amd.com \
--cc=tim@xen.org \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.