From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Jan Beulich" Subject: Re: [V1 PATCH] PVH: avoid call to handle_mmio Date: Wed, 04 Jun 2014 08:24:15 +0100 Message-ID: <538EE5BF02000078000179E7@mail.emea.novell.com> References: <1401832802-27118-1-git-send-email-mukesh.rathor@oracle.com> <1401832802-27118-2-git-send-email-mukesh.rathor@oracle.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ws5YZ-00089T-L6 for xen-devel@lists.xenproject.org; Wed, 04 Jun 2014 07:24:19 +0000 In-Reply-To: <1401832802-27118-2-git-send-email-mukesh.rathor@oracle.com> Content-Disposition: inline List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Mukesh Rathor Cc: xen-devel@lists.xenproject.org, keir.xen@gmail.com List-Id: xen-devel@lists.xenproject.org >>> On 04.06.14 at 00:00, wrote: > handle_mmio() is currently unsafe for pvh guests. A call to it would > result in call to vioapic_range that will crash xen since the vioapic > ptr in struct hvm_domain is not initialized for pvh guests. > > However, one path exists for such a call. If a pvh guest, dom0 or domU, > unintentionally touches non-existing memory, an EPT violation would occur. > This would result in unconditional call to hvm_hap_nested_page_fault. In > that function, because get_gfn_type_access returns p2m_mmio_dm for non > existing mfns by default, handle_mmio() will get called. This would result > in xen crash instead of the guest crash. This patch addresses that. Yes, we definitely want this until being properly handled, no matter that crashing the guest here doesn't seem to be the right thing either (normal x86 behavior would be to drop writes and return all ones for reads). Jan