Re: [PATCH 2/2] KVM: SVM: Make stepping out of NMI handlers more robust

public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed

From: Gleb Natapov <gleb@redhat.com>
To: Jan Kiszka <jan.kiszka@siemens.com>
Cc: Avi Kivity <avi@redhat.com>,
	Marcelo Tosatti <mtosatti@redhat.com>, kvm <kvm@vger.kernel.org>
Subject: Re: [PATCH 2/2] KVM: SVM: Make stepping out of NMI handlers more robust
Date: Thu, 18 Feb 2010 09:52:36 +0200	[thread overview]
Message-ID: <20100218075236.GK14767@redhat.com> (raw)
In-Reply-To: <4B7C409D.1090703@siemens.com>

On Wed, Feb 17, 2010 at 08:16:45PM +0100, Jan Kiszka wrote:
> Gleb Natapov wrote:
> > On Tue, Feb 16, 2010 at 12:08:58PM +0200, Gleb Natapov wrote:
> >>>>> Besides this, proper #DB forwarding to the guest was missing.
> >>>> During NMI injection? How to reproduce?
> >>> Inject, e.g., an NMI over code with TF set. A bit harder is placing a
> >>> guest HW breakpoint at the spot the NMI handler returns to.
> >>>
> >> Will try to reproduce.
> >>
> > How can I make gdb to run debugged process with TF set? Is this patch
> > fixes it:
> > 
> > 
> > diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
> > index 52f78dd..b85b200 100644
> > --- a/arch/x86/kvm/svm.c
> > +++ b/arch/x86/kvm/svm.c
> > @@ -109,6 +109,7 @@ struct vcpu_svm {
> >  	struct nested_state nested;
> >  
> >  	bool nmi_singlestep;
> > +	bool nmi_singlestep_tf;
> >  };
> >  
> >  /* enable NPT for AMD64 and X86 with PAE */
> > @@ -1221,9 +1222,14 @@ static int db_interception(struct vcpu_svm *svm)
> >  
> >  	if (svm->nmi_singlestep) {
> >  		svm->nmi_singlestep = false;
> > -		if (!(svm->vcpu.guest_debug & KVM_GUESTDBG_SINGLESTEP))
> > +		if (!(svm->vcpu.guest_debug & KVM_GUESTDBG_SINGLESTEP)) {
> >  			svm->vmcb->save.rflags &=
> >  				~(X86_EFLAGS_TF | X86_EFLAGS_RF);
> > +			if (svm->nmi_singlestep_tf) {
> > +				svm->vmcb->save.rflags |= X86_EFLAGS_TF;
> > +				kvm_queue_exception(&svm->vcpu, DB_VECTOR);
> > +			}
> > +		}
> >  		update_db_intercept(&svm->vcpu);
> >  	}
> >  
> > @@ -2586,6 +2592,7 @@ static void enable_nmi_window(struct kvm_vcpu *vcpu)
> >  	   possible problem (IRET or exception injection or interrupt
> >  	   shadow) */
> >  	svm->nmi_singlestep = true;
> > +	svm->nmi_singlestep_tf = (svm->vmcb->save.rflags | X86_EFLAGS_TF);
> >  	svm->vmcb->save.rflags |= (X86_EFLAGS_TF | X86_EFLAGS_RF);
> >  	update_db_intercept(vcpu);
> >  }
> 
> That's closer. However, I've a version here that restores TF&RF only if
> you did not execute an IRET but stepped over the shadow (which is still
> not correct either, e.g. when stepping popf). I will break up my patch
> into parts that fix the issues separately so that we can decide what to
> merge.
> 
I am not sure what do you mean here. Why should we restore RF? It is
cleared after each instruction execution and popf is not special in this
regards and SDM explicitly says so.

--
			Gleb.

     prev parent reply	other threads:[~2010-02-18  7:52 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-02-15 18:17 [PATCH 0/2] KVM: SVM improvements around INT3 and NMI Jan Kiszka
2010-02-15 18:17 ` [PATCH 1/2] KVM: SVM: Emulate nRIP feature when reinjecting INT3 Jan Kiszka
2010-02-16  7:52   ` Gleb Natapov
2010-02-16  8:02     ` Jan Kiszka
2010-02-16  9:50   ` [PATCH v2 " Jan Kiszka
2010-02-15 18:17 ` [PATCH 2/2] KVM: SVM: Make stepping out of NMI handlers more robust Jan Kiszka
2010-02-16  8:04   ` Gleb Natapov
2010-02-16  9:14     ` Jan Kiszka
2010-02-16  9:34       ` Gleb Natapov
2010-02-16  9:45         ` Jan Kiszka
2010-02-16  9:49           ` Gleb Natapov
2010-02-16 10:05             ` Jan Kiszka
2010-02-16 10:08               ` Gleb Natapov
2010-02-17 13:49                 ` Gleb Natapov
2010-02-17 19:16                   ` Jan Kiszka
2010-02-18  7:52                     ` Gleb Natapov [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20100218075236.GK14767@redhat.com \
    --to=gleb@redhat.com \
    --cc=avi@redhat.com \
    --cc=jan.kiszka@siemens.com \
    --cc=kvm@vger.kernel.org \
    --cc=mtosatti@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox