Re: [Xen-devel] [PATCH] ignore guest writes to read only memory

To:	Jan Beulich <JBeulich@xxxxxxxxxx>, Xin Li <xin.li@xxxxxxxxx>
Subject:	Re: [Xen-devel] [PATCH] ignore guest writes to read only memory regions or memory holes in EPT
From:	Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
Date:	Mon, 26 Oct 2009 09:05:25 +0000
Cc:	"xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date:	Mon, 26 Oct 2009 02:05:55 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<4AE56B85020000780001BBBE@xxxxxxxxxxxxxxxxxx>
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index:	AcpWFkIhm8487DyiTZ6DehIijsknnwABTI8r
Thread-topic:	[Xen-devel] [PATCH] ignore guest writes to read only memory regions or memory holes in EPT
User-agent:	Microsoft-Entourage/12.20.0.090605

Also, shouldn't writes to memory holes be already caught by the
handle_mmio() case, as we identify memory holes as having type p2m_mmio_dm?

I would think something like:

 if ( (gla_validity == EPT_GLA_VALIDITY_MATCH) ||
      (gla_validity == EPT_GLA_VALIDITY_GPT_WALK) )
 {
    if ( p2m_is_mmio(t) || (t == p2m_ram_ro) )
    {
        /* MMIO and writes to read-only areas. */
        /* We can be quite generous in what we catch with this case. */
        if ( !handle_mmio() )
            vmx_inject_exception(TRAP_gp_fault, 0);
    }
    else if ( p2m_is_ram(t) && paging_mode_log_dirty(d) )
    {
        /* Faster non-emulation handling for log-dirty and PoD. */
        paging_mark_dirty(), ...
    }    
    return;
 }

...would be a suitably wide-ranging catch-all, without catching genuine EPT
implementation bugs that you want to print an error message for. It's also
less complicated than the existing ept_handle_violation() implementation, so
I would like to switch to it.

 -- Keir

On 26/10/2009 08:27, "Jan Beulich" <JBeulich@xxxxxxxxxx> wrote:

> After looking at the documentation I don't think using
> __get_instruction_length() here is valid, i.e. you need to decode the
> instruction in order to be able to skip it. Otherwise, could you have
> your doc folks update the documentation (24.2.4) accordingly?
> 
> Jan
> 
>>>> "Li, Xin" <xin.li@xxxxxxxxx> 23.10.09 09:26 >>>
> ignore guest writes to read only memory regions or memory holes in EPT.
> 
> This patch prevents domain crash when running memtest86 with EPT.
> 
> Signed-off-by: Xin Li <xin.li@xxxxxxxxx>
> 
> diff -r 37829fd7c1e3 xen/arch/x86/hvm/vmx/vmx.c
> --- a/xen/arch/x86/hvm/vmx/vmx.c        Wed Oct 21 16:08:28 2009 +0100
> +++ b/xen/arch/x86/hvm/vmx/vmx.c        Fri Oct 23 23:21:27 2009 +0800
> @@ -2184,6 +2184,17 @@
>          return;
>      }
> 
> +    /* Ignore writes to:
> +     *     1. read only memory regions;
> +     *     2. memory holes. */
> +    if ( (qualification & EPT_WRITE_VIOLATION)
> +         && (((gla_validity == EPT_GLA_VALIDITY_MATCH) && (t == p2m_ram_ro))
> +             || (mfn_x(mfn) == INVALID_MFN)) ) {
> +        int inst_len = __get_instruction_length();
> +        __update_guest_eip(inst_len);
> +        return;
> +    }
> +
>      /* Everything else is an error. */
>      gla = __vmread(GUEST_LINEAR_ADDRESS);
>      gdprintk(XENLOG_ERR, "EPT violation %#lx (%c%c%c/%c%c%c), "
> 
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

WARNING - OLD ARCHIVES

xen-devel

Re: [Xen-devel] [PATCH] ignore guest writes to read only memory regions