WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] Xen EPT modifications and interceptions

To: Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Subject: Re: [Xen-devel] Xen EPT modifications and interceptions
From: ken mark <ken.mingyuan@xxxxxxxxx>
Date: Wed, 3 Feb 2010 21:08:53 +0800
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 03 Feb 2010 05:09:24 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=HrjwbcMZ3Zij23PzVTiR+C/VV5KL8rxVKYJzf7laRhw=; b=n3fI3atFXTZMw1o80xqICeFJkJNl7pdbFgyqABhKKcD+DYf5wI4RlrSv4OFbxTCfyB tZGBNqRVOwBiKbiSscIrm0jM6o8lR6q1j0tCKBJEtgGrNG4/tNLwQfA/n1oJwaK88I4M QI+ogQc55Evr42I9YkHHs4iSgCkQCh5ErVx+o=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=ta01ZQTWQBr4MBQjFiOzEQTD+p4CxohBIbwtdZLh8HignfGtWcSzaQiud8qvk3Wylz V46lJS+tSLwMOACtAYmjciQzJGsQ5XOp9R+rBc+IjH5eiGUvD/rhziv80t8EEuZ9vtPH PzM5CkZsjwl/IuJoIva9AksCc+9Lo1vT8FaQg=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20100203104959.GE7099@xxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <eba560691002021900l4f1bec7by98d2916d5989500f@xxxxxxxxxxxxxx> <20100203104959.GE7099@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thanks for your inspiring explanation.
We've searched the source code for the map/unmap implementation on 32-bit and 64-bit Xen and get a better understanding.
Based on the map/unmap usage, we've guessed that the problem has much to do our ways of finding and updating the entry, though it turns out to be the same each time.
And thank you for your reminding me of those important facts that may lead to the problem.
We'll try to fix it in a few days and come back for more useful advice from you.


2010/2/3 Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Hi,

At 03:00 +0000 on 03 Feb (1265166046), ken mark wrote:
> We use map_domain_page to map the ept table that contains the target
> entry. After changing the access bits in that entry, we use
> unmap_domain_page to activate the modification.

unmap_domain_page() won't "activate" anything; it just indicates that
you're done with the mapping.  On 64-bit Xen it's a no-op.

> But it seems that when we again map the ept table and fetch the exact
> entry we've modified just before, our modifications haven't taken
> effect.

Sorry to ask the obvious questions, but:
 - Are you sure you're mapping the right entry?  Is it the same MFN
  both times?
 - Have you tried tracking all other mappings of the same page to see if
  it's put back in between?
 - Are you running a multiprocessor system?  Do you hve sufficient locking
  around the operation to stop confusion from simultaneous changes on
  other CPUs?  The EPT code has historically been lacking in this area.

> Any sometimes the modification will cause interception while in some
> cases it doesn'. Is there anything to do which our using of map/unmap
> functions? Or do we need to flush something when we have made the
> modifications?

Yes, you need to flush the EPT entries from TLBs before changes will
take place.  You need to call hvm_flush_guest_tlbs() on every CPU in the
guest's domain_dirty_cpumask.  Xen's normal flush_tlb_mask() operation
does this as a side-effect.

Cheers,

Tim.

--
Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Principal Software Engineer, Citrix Systems (R&D) Ltd.
[Company #02300071, SL9 0DZ, UK.]



--
Kenmark
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
<Prev in Thread] Current Thread [Next in Thread>