WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] Re: [Patch 1/3] Refining Xsave/Xrestore support - Version 3

To: "Tim Deegan" <Tim.Deegan@xxxxxxxxxx>, "Keir Fraser" <keir.fraser@xxxxxxxxxxxxx>, "Haitao Shan" <maillists.shan@xxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] Re: [Patch 1/3] Refining Xsave/Xrestore support - Version 3
From: "Jan Beulich" <JBeulich@xxxxxxxxxx>
Date: Tue, 02 Nov 2010 08:55:01 +0000
Cc:
Delivery-date: Tue, 02 Nov 2010 01:55:52 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <AANLkTikreVzpHfePrj1NhKnph4vo8WvOr6pk0LoOWtda@xxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <AANLkTikreVzpHfePrj1NhKnph4vo8WvOr6pk0LoOWtda@xxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
>>> On 02.11.10 at 04:47, Haitao Shan <maillists.shan@xxxxxxxxx> wrote:
>@@ -1796,7 +1796,10 @@ static int emulate_privileged_op(struct 
> 
>     /* REX prefix. */
>     if ( rex & 8 ) /* REX.W */
>+    {
>+        opsize_prefix = 0; /* 66H is ignored according to SDM 2A */

This I'm sure isn't correct: The 0x66 prefix is being ignored as an
operand size override here, but REX.W has no interaction with
0x66 when the latter is used as an opcode extension selector.

Specifically in the case of xsetbv the manual clearly states

#UD     If CPUID.01H:ECX.XSAVE[bit 26] = 0.
        If CR4.OSXSAVE[bit 18] = 0.
        If the LOCK prefix is used.
        If 66H, F3H or F2H prefix is used.

>@@ -2051,13 +2054,48 @@ static int emulate_privileged_op(struct 
>         goto fail;
>     switch ( opcode )
>     {
>-    case 0x1: /* RDTSCP */
>-        if ( (v->arch.guest_context.ctrlreg[4] & X86_CR4_TSD) &&
>-             !guest_kernel_mode(v, regs) )
>+    case 0x1: /* RDTSCP and XSETBV */
>+        switch ( insn_fetch(u8, code_base, eip, code_limit) )
>+        {
>+        case 0xf9: /* RDTSCP */
>+            if ( (v->arch.guest_context.ctrlreg[4] & X86_CR4_TSD) &&
>+                 !guest_kernel_mode(v, regs) )
>+                goto fail;
>+            pv_soft_rdtsc(v, regs, 1);
>+            break;
>+        case 0xd1: /* XSETBV */
>+        {
>+            u64 new_xfeature = (u32)regs->eax | ((u64)regs->edx << 32);
>+
>+            if ( lock || rep_prefix || opsize_prefix
>+                 || !(v->arch.guest_context.ctrlreg[4] & X86_CR4_OSXSAVE) )
>+            {
>+                do_guest_trap(TRAP_invalid_op, regs, 0);
>+                break;

I think you need to "goto skip" or "return EXCRET_fault_fixed" here,
to avoid executing instruction_done().

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel