From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: [PATCH 19/24] KVM: x86 emulator: fix in/out emulation. Date: Tue, 09 Mar 2010 16:47:24 +0200 Message-ID: <4B965F7C.5070407@redhat.com> References: <1268143762-4000-1-git-send-email-gleb@redhat.com> <1268143762-4000-20-git-send-email-gleb@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: kvm@vger.kernel.org To: Gleb Natapov Return-path: Received: from mx1.redhat.com ([209.132.183.28]:8920 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751813Ab0CIOr1 (ORCPT ); Tue, 9 Mar 2010 09:47:27 -0500 Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o29ElRHV028133 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Tue, 9 Mar 2010 09:47:27 -0500 Received: from cleopatra.tlv.redhat.com (cleopatra.tlv.redhat.com [10.35.255.11]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id o29ElOUO010346 for ; Tue, 9 Mar 2010 09:47:25 -0500 In-Reply-To: <1268143762-4000-20-git-send-email-gleb@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On 03/09/2010 04:09 PM, Gleb Natapov wrote: > in/out emulation is broken now. The breakage is different depending > on where IO device resides. If it is in userspace emulator reports > emulation failure since it incorrectly interprets kvm_emulate_pio() > return value. If IO device is in the kernel emulation of 'in' will do > nothing since kvm_emulate_pio() stores result directly into vcpu > registers, so emulator will overwrite result of emulation during > commit of shadowed register. > > > index def4877..315e8a8 100644 > --- a/arch/x86/kvm/svm.c > +++ b/arch/x86/kvm/svm.c > @@ -1488,29 +1488,9 @@ static int shutdown_interception(struct vcpu_svm *svm) > > static int io_interception(struct vcpu_svm *svm) > { > - u32 io_info = svm->vmcb->control.exit_info_1; /* address size bug? */ > - int size, in, string; > - unsigned port; > - > ++svm->vcpu.stat.io_exits; > > - svm->next_rip = svm->vmcb->control.exit_info_2; > - > - string = (io_info& SVM_IOIO_STR_MASK) != 0; > - > - if (string) { > - if (emulate_instruction(&svm->vcpu, > - 0, 0, 0) == EMULATE_DO_MMIO) > - return 0; > - return 1; > - } > - > - in = (io_info& SVM_IOIO_TYPE_MASK) != 0; > - port = io_info>> 16; > - size = (io_info& SVM_IOIO_SIZE_MASK)>> SVM_IOIO_SIZE_SHIFT; > - > - skip_emulated_instruction(&svm->vcpu); > - return kvm_emulate_pio(&svm->vcpu, in, size, port); > + return !(emulate_instruction(&svm->vcpu, 0, 0, 0) == EMULATE_DO_MMIO); > } > We don't want to enter the emulator for non-string in/out. Leftover test code? > > static int nmi_interception(struct vcpu_svm *svm) > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index ae3217d..7f33d8e 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -2974,26 +2974,9 @@ static int handle_triple_fault(struct kvm_vcpu *vcpu) > > static int handle_io(struct kvm_vcpu *vcpu) > { > - unsigned long exit_qualification; > - int size, in, string; > - unsigned port; > - > ++vcpu->stat.io_exits; > - exit_qualification = vmcs_readl(EXIT_QUALIFICATION); > - string = (exit_qualification& 16) != 0; > > - if (string) { > - if (emulate_instruction(vcpu, 0, 0, 0) == EMULATE_DO_MMIO) > - return 0; > - return 1; > - } > - > - size = (exit_qualification& 7) + 1; > - in = (exit_qualification& 8) != 0; > - port = exit_qualification>> 16; > - > - skip_emulated_instruction(vcpu); > - return kvm_emulate_pio(vcpu, in, size, port); > + return !(emulate_instruction(vcpu, 0, 0, 0) == EMULATE_DO_MMIO); > } > Ditto. -- error compiling committee.c: too many arguments to function