From: Rusty Russell <rusty-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
To: Matias Zabaljauregui
<zabaljauregui-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Cc: lguest-mnsaURCQ41sdnm+yROfE0A@public.gmane.org,
Patrick McHardy <kaber-dcUjhNyLwpNeoWH0uzbU5w@public.gmane.org>,
virtualization-qjLDD68F18O7TbgM5vRIOg@public.gmane.org
Subject: Re: [PATCH 4/5] lguest: use KVM hypercalls
Date: Wed, 15 Apr 2009 18:12:22 +0930 [thread overview]
Message-ID: <200904151812.23318.rusty@rustcorp.com.au> (raw)
In-Reply-To: <1239639939.31741.8.camel@zetabook>
On Tue, 14 Apr 2009 01:55:39 am Matias Zabaljauregui wrote:
> > > BTW, shouldn't this also affect my test boxes if this were the case?
> > >
> > Could be the timing differences between our boxes I guess?
>
> I haven't read COW code, but I cannot figure out how CPU timing
> differences could affect a logic driven by faults. I will investigate
> further and let you know if I can yield any conclusion.
I first thought it was guest image layout, until I reproduced it completely
accidentally here.
Matias, can I have a Signed-off-by for your patch (enhanced with comment
below):
Subject: lguest: fix KVM-style hypercalls with vmlinux images
Date: Wed, 08 Apr 2009 17:58:39 -0300
From: Matias Zabaljauregui <zabaljauregui-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Impact: fix guest crash 'lguest: unhandled trap 6 at 0x418726 (0x0)'
The Launcher mmaps the kernel image. The Guest executes and
immediately faults in the first text page (read-only). Then it hits a
hypercall, and we rewrite that hypercall, causing a copy-on-write.
But the Guest pagetables still refer to the old page: we fault again,
but as Host we see the hypercall already rewritten, and pass the fault
back to the Guest. The Guest hasn't set up an IDT yet, so we kill it.
This doesn't happen with bzImages: they unpack themselves and so the
text pages are already read-write.
Signed-off-by: Rusty Russell <rusty-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
Tested-by: Patrick McHardy <kaber-dcUjhNyLwpNeoWH0uzbU5w@public.gmane.org>
---
drivers/lguest/x86/core.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/lguest/x86/core.c b/drivers/lguest/x86/core.c
index a6b7176..b4747f7 100644
--- a/drivers/lguest/x86/core.c
+++ b/drivers/lguest/x86/core.c
@@ -324,6 +324,11 @@ static void rewrite_hypercall(struct lg_cpu *cpu)
u8 insn[3] = {0xcd, 0x1f, 0x90};
__lgwrite(cpu, guest_pa(cpu, cpu->regs->eip), insn, sizeof(insn));
+ /* The above write might have caused a copy of that page to be made
+ * (if it was read-only). We need to make sure the Guest has
+ * up-to-date pagetables. As this doesn't happen often, we can just
+ * drop them all. */
+ guest_pagetable_clear_all(cpu);
}
static bool is_hypercall(struct lg_cpu *cpu)
next prev parent reply other threads:[~2009-04-15 8:42 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-26 23:52 [PATCH 4/5] lguest: use KVM hypercalls Rusty Russell
2009-04-02 21:55 ` [Lguest] " Simon Holm Thøgersen
[not found] ` <1238709324.5823.8.camel-78RDdhuQolGs1BDpvl8NfQ@public.gmane.org>
2009-04-02 23:37 ` Matias Zabaljauregui
2009-04-03 9:28 ` Simon Holm Thøgersen
2009-04-05 13:04 ` Rusty Russell
[not found] ` <200904052234.48483.rusty-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
2009-04-06 6:56 ` Simon Holm Thøgersen
2009-04-08 16:24 ` [Lguest] " Patrick McHardy
[not found] ` <1239043798.27826.93.camel@zetabook>
[not found] ` <200904081021.39877.rusty@rustcorp.com.au>
[not found] ` <200904081021.39877.rusty-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
2009-04-08 20:58 ` Matias Zabaljauregui
2009-04-09 10:32 ` Simon Holm Thøgersen
[not found] ` <1239273165.5687.10.camel-78RDdhuQolGs1BDpvl8NfQ@public.gmane.org>
2009-04-13 16:25 ` Matias Zabaljauregui
2009-04-15 8:42 ` Rusty Russell [this message]
[not found] ` <200904151812.23318.rusty-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
2009-04-15 14:55 ` Matias Zabaljauregui
2009-04-09 12:24 ` Patrick McHardy
[not found] ` <49DDE91A.8060603-dcUjhNyLwpNeoWH0uzbU5w@public.gmane.org>
2009-04-09 13:20 ` Patrick McHardy
2009-04-09 13:59 ` [Lguest] " Eric W. Biederman
[not found] ` <m1bpr6hqrm.fsf-+imSwln9KH6u2/kzUuoCbdi2O/JbrIOy@public.gmane.org>
2009-04-14 11:54 ` Patrick McHardy
[not found] ` <49E47976.8020005-dcUjhNyLwpNeoWH0uzbU5w@public.gmane.org>
2009-04-14 17:10 ` Eric W. Biederman
2009-04-15 8:36 ` [Lguest] " Herbert Xu
[not found] ` <20090415083610.GA8579-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2009-04-15 8:47 ` Herbert Xu
2009-04-15 9:07 ` [Lguest] " Christian Borntraeger
2009-04-15 11:07 ` Patrick McHardy
2009-04-15 13:23 ` Eric W. Biederman
[not found] ` <m18wm2rqy6.fsf-+imSwln9KH6u2/kzUuoCbdi2O/JbrIOy@public.gmane.org>
2009-04-15 13:28 ` Herbert Xu
[not found] ` <20090415132802.GA11408-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2009-04-15 13:35 ` Eric W. Biederman
[not found] ` <m1skkaox8h.fsf-+imSwln9KH6u2/kzUuoCbdi2O/JbrIOy@public.gmane.org>
2009-04-15 13:46 ` Herbert Xu
[not found] ` <20090415134610.GA11683-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2009-04-15 13:55 ` Herbert Xu
[not found] ` <20090415135502.GA11827-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2009-04-15 14:10 ` Eric W. Biederman
[not found] ` <m1ocuynh2f.fsf-+imSwln9KH6u2/kzUuoCbdi2O/JbrIOy@public.gmane.org>
2009-04-15 14:12 ` Herbert Xu
2009-04-15 14:06 ` [Lguest] " Eric W. Biederman
[not found] ` <m11vruovu5.fsf-+imSwln9KH6u2/kzUuoCbdi2O/JbrIOy@public.gmane.org>
2009-04-15 14:08 ` Herbert Xu
[not found] ` <20090415140819.GA11991-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2009-04-15 14:18 ` Eric W. Biederman
[not found] ` <m1iql6m24b.fsf-+imSwln9KH6u2/kzUuoCbdi2O/JbrIOy@public.gmane.org>
2009-04-15 14:23 ` Herbert Xu
2009-04-15 14:38 ` Herbert Xu
[not found] ` <20090415143834.GA12384-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2009-04-15 14:56 ` Eric W. Biederman
[not found] ` <m1zleiklsl.fsf-+imSwln9KH6u2/kzUuoCbdi2O/JbrIOy@public.gmane.org>
2009-04-15 22:27 ` Herbert Xu
2009-04-16 11:08 ` [1/2] tun: Only free a netdev when all tun descriptors are closed Herbert Xu
[not found] ` <20090416110818.GA20950-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2009-04-16 11:09 ` [2/2] tun: Fix sk_sleep races when attaching/detaching Herbert Xu
[not found] ` <20090416110952.GB20950-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2009-04-20 8:35 ` Herbert Xu
2009-04-20 9:26 ` David Miller
2009-04-20 9:35 ` Herbert Xu
2009-04-20 10:02 ` David Miller
2009-04-24 8:55 ` [1/2] tun: Only free a netdev when all tun descriptors are closed Christian Borntraeger
[not found] ` <200904241055.49794.borntraeger-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>
2009-04-24 12:11 ` Herbert Xu
[not found] ` <20090424121156.GA28039-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q@public.gmane.org>
2009-04-24 12:40 ` Christian Borntraeger
[not found] ` <49DDF614.1060909-dcUjhNyLwpNeoWH0uzbU5w@public.gmane.org>
2009-04-13 16:29 ` [PATCH 4/5] lguest: use KVM hypercalls Matias Zabaljauregui
2009-04-14 11:55 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200904151812.23318.rusty@rustcorp.com.au \
--to=rusty-8n+1lvoiyb80n/f98k4iww@public.gmane.org \
--cc=kaber-dcUjhNyLwpNeoWH0uzbU5w@public.gmane.org \
--cc=lguest-mnsaURCQ41sdnm+yROfE0A@public.gmane.org \
--cc=virtualization-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=zabaljauregui-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).