From mboxrd@z Thu Jan  1 00:00:00 1970
From: Keir Fraser <keir.fraser@eu.citrix.com>
Subject: Re: Re: issues with movnti emulation
Date: Thu, 20 Nov 2008 17:43:08 +0000
Message-ID: <C54B522C.1F72A%keir.fraser@eu.citrix.com>
References: <20081120171641.GJ25331@york.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain;
	charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <20081120171641.GJ25331@york.uk.xensource.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Tim Deegan <Tim.Deegan@citrix.com>
Cc: xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org

On 20/11/08 17:16, "Tim Deegan" <Tim.Deegan@citrix.com> wrote:

> At 17:13 +0000 on 20 Nov (1227201181), Keir Fraser wrote:
>> I think the issue is that I did a bad backport to 3.3. The 'case 0xc3'
>> should be under twobyte_special_insn rather than twobyte_insn, right? The
>> two separate paths got merged into one in xen-unstable.
>> 
>> Of course this data corruption ought only to happen in cases where we'd
>> previously have failed an mmio emulation (and hence probably killed the
>> guest kernel?).
> 
> A more likely culprit is that some OSes use movnti to zero pages that
> used to be pagetables; when we couldn't emulate it we just (correctly)
> unshadowed those pages.

Yes, you're probably right. I wonder if we are relying on emulation failures
to inform unshadowing at all often? We might have to revisit constraining
x86_emulate() when called by shadow code, do you think?

 -- Keir