From: Gleb Natapov <gleb@redhat.com>
To: Avi Kivity <avi@redhat.com>
Cc: kvm@vger.kernel.org
Subject: Re: [PATCH 19/24] KVM: x86 emulator: fix in/out emulation.
Date: Tue, 9 Mar 2010 20:09:38 +0200 [thread overview]
Message-ID: <20100309180938.GE9066@redhat.com> (raw)
In-Reply-To: <4B965F7C.5070407@redhat.com>
On Tue, Mar 09, 2010 at 04:47:24PM +0200, Avi Kivity wrote:
> On 03/09/2010 04:09 PM, Gleb Natapov wrote:
> >in/out emulation is broken now. The breakage is different depending
> >on where IO device resides. If it is in userspace emulator reports
> >emulation failure since it incorrectly interprets kvm_emulate_pio()
> >return value. If IO device is in the kernel emulation of 'in' will do
> >nothing since kvm_emulate_pio() stores result directly into vcpu
> >registers, so emulator will overwrite result of emulation during
> >commit of shadowed register.
> >
> >
> >index def4877..315e8a8 100644
> >--- a/arch/x86/kvm/svm.c
> >+++ b/arch/x86/kvm/svm.c
> >@@ -1488,29 +1488,9 @@ static int shutdown_interception(struct vcpu_svm *svm)
> >
> > static int io_interception(struct vcpu_svm *svm)
> > {
> >- u32 io_info = svm->vmcb->control.exit_info_1; /* address size bug? */
> >- int size, in, string;
> >- unsigned port;
> >-
> > ++svm->vcpu.stat.io_exits;
> >
> >- svm->next_rip = svm->vmcb->control.exit_info_2;
> >-
> >- string = (io_info& SVM_IOIO_STR_MASK) != 0;
> >-
> >- if (string) {
> >- if (emulate_instruction(&svm->vcpu,
> >- 0, 0, 0) == EMULATE_DO_MMIO)
> >- return 0;
> >- return 1;
> >- }
> >-
> >- in = (io_info& SVM_IOIO_TYPE_MASK) != 0;
> >- port = io_info>> 16;
> >- size = (io_info& SVM_IOIO_SIZE_MASK)>> SVM_IOIO_SIZE_SHIFT;
> >-
> >- skip_emulated_instruction(&svm->vcpu);
> >- return kvm_emulate_pio(&svm->vcpu, in, size, port);
> >+ return !(emulate_instruction(&svm->vcpu, 0, 0, 0) == EMULATE_DO_MMIO);
> > }
>
> We don't want to enter the emulator for non-string in/out. Leftover
> test code?
>
No, unfortunately this is not leftover. I just don't see a way how we
can bypass emulator and still have emulator be able to emulate in/out
(for big real mode for instance). The problem is basically described in
the commit message. If we have function outside of emulator that does
in/out emulation on vcpu directly, then emulator can't use it since
committing shadowed registers will overwrite the result of emulation.
Having two different emulations (one outside of emulator and another in
emulator) is also problematic since when userspace returns after IO exit
we don't know which emulation to continue. If we want to avoid
instruction decoding we can fill in emulation context from exit info as
if instruction was already decoded and call emulator.
--
Gleb.
next prev parent reply other threads:[~2010-03-09 18:09 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-09 14:08 [PATCH 00/24] [RFC] emulator cleanup Gleb Natapov
2010-03-09 14:08 ` [PATCH 01/24] KVM: Remove pointer to rflags from realmode_set_cr parameters Gleb Natapov
2010-03-09 14:09 ` [PATCH 02/24] KVM: Provide callback to get/set control registers in emulator ops Gleb Natapov
2010-03-09 14:18 ` Avi Kivity
2010-03-09 14:24 ` Gleb Natapov
2010-03-09 14:09 ` [PATCH 03/24] KVM: remove realmode_lmsw function Gleb Natapov
2010-03-09 14:09 ` [PATCH 04/24] KVM: Provide current CPL as part of emulator context Gleb Natapov
2010-03-09 14:24 ` Avi Kivity
2010-03-09 14:27 ` Gleb Natapov
2010-03-09 14:09 ` [PATCH 05/24] KVM: Provide current eip " Gleb Natapov
2010-03-09 14:09 ` [PATCH 06/24] KVM: x86 emulator: fix mov r/m, sreg emulation Gleb Natapov
2010-03-09 14:09 ` [PATCH 07/24] KVM: x86 emulator: fix 0f 01 /5 emulation Gleb Natapov
2010-03-09 14:27 ` Avi Kivity
2010-03-09 14:33 ` Gleb Natapov
2010-03-09 14:34 ` Avi Kivity
2010-03-09 14:09 ` [PATCH 08/24] KVM: x86 emulator: 0f (20|21|22|23) ignore mod bits Gleb Natapov
2010-03-09 14:09 ` [PATCH 09/24] KVM: x86 emulator: inject #UD on access to non-existing CR Gleb Natapov
2010-03-09 14:09 ` [PATCH 10/24] KVM: x86 emulator: fix mov dr to inject #UD when needed Gleb Natapov
2010-03-09 14:09 ` [PATCH 11/24] KVM: x86 emulator: fix return values of syscall/sysenter/sysexit emulations Gleb Natapov
2010-03-09 14:09 ` [PATCH 12/24] KVM: x86 emulator: do not call writeback if msr access fails Gleb Natapov
2010-03-09 14:09 ` [PATCH 13/24] KVM: x86 emulator: If LOCK prefix is used dest arg should be memory Gleb Natapov
2010-03-09 14:09 ` [PATCH 14/24] KVM: x86 emulator: cleanup grp3 return value Gleb Natapov
2010-03-09 14:09 ` [PATCH 15/24] KVM: x86 emulator: Provide more callbacks for x86 emulator Gleb Natapov
2010-03-09 14:43 ` Avi Kivity
2010-03-09 16:25 ` Gleb Natapov
2010-03-09 17:22 ` Avi Kivity
2010-03-09 17:57 ` Gleb Natapov
2010-03-10 9:11 ` Avi Kivity
2010-03-09 14:09 ` [PATCH 16/24] KVM: x86 emulator: Emulate task switch in emulator.c Gleb Natapov
2010-03-09 14:09 ` [PATCH 17/24] KVM: x86 emulator: Use load_segment_descriptor() instead of kvm_load_segment_descriptor() Gleb Natapov
2010-03-09 14:09 ` [PATCH 18/24] KVM: Use task switch from emulator.c Gleb Natapov
2010-03-09 14:09 ` [PATCH 19/24] KVM: x86 emulator: fix in/out emulation Gleb Natapov
2010-03-09 14:47 ` Avi Kivity
2010-03-09 18:09 ` Gleb Natapov [this message]
2010-03-10 9:12 ` Avi Kivity
2010-03-10 14:41 ` Gleb Natapov
2010-03-09 14:09 ` [PATCH 20/24] KVM: x86 emulator: Move string pio emulation into emulator.c Gleb Natapov
2010-03-09 14:09 ` [PATCH 21/24] KVM: x86 emulator: remove saved_eip Gleb Natapov
2010-03-09 14:09 ` [PATCH 22/24] KVM: x86 emulator: restart string instruction without going back to a guest Gleb Natapov
2010-03-09 14:50 ` Avi Kivity
2010-03-09 18:11 ` Gleb Natapov
2010-03-10 2:30 ` Takuya Yoshikawa
2010-03-10 9:06 ` Gleb Natapov
2010-03-10 9:12 ` Takuya Yoshikawa
2010-03-10 9:14 ` Avi Kivity
2010-03-10 9:15 ` Gleb Natapov
2010-03-10 10:08 ` Takuya Yoshikawa
2010-03-10 13:48 ` Gleb Natapov
2010-03-11 9:58 ` Takuya Yoshikawa
2010-03-11 10:07 ` Gleb Natapov
2010-03-10 9:13 ` Avi Kivity
2010-03-09 14:09 ` [PATCH 23/24] KVM: x86 emulator: introduce pio in string read ahead Gleb Natapov
2010-03-09 14:09 ` [PATCH 24/24] KVM: small kvm_arch_vcpu_ioctl_run() cleanup Gleb Natapov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100309180938.GE9066@redhat.com \
--to=gleb@redhat.com \
--cc=avi@redhat.com \
--cc=kvm@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox