WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] fxsave, fnsave, ltr hang for guest OS.

To: Keir Fraser <keir@xxxxxxx>
Subject: Re: [Xen-devel] fxsave, fnsave, ltr hang for guest OS.
From: Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Date: Mon, 22 Nov 2010 09:51:01 +0000
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, "alarson@xxxxxxxx" <alarson@xxxxxxxx>
Delivery-date: Mon, 22 Nov 2010 01:51:39 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <C90C6C02.A9A4%keir@xxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <OF3B7E2E1D.D258A01F-ON862577E0.005A6335-862577E0.00605D29@xxxxxxxx> <C90C6C02.A9A4%keir@xxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.20 (2009-06-14)
At 18:01 +0000 on 19 Nov (1290189698), Keir Fraser wrote:
> On 19/11/2010 17:32, "alarson@xxxxxxxx" <alarson@xxxxxxxx> wrote:
> 
> > Just to report final resolution.  The problem turned out to be that
> > the destination of the fnsave was to a page specifying read only
> > access and the OS was depending on CR0.WP=0 to permit write access in
> > kernel mode.  Xen doesn't allow this configuration unless using HAP
> > (Hardware Assisted Paging).
> 
> To be precise, we have a go at emulating the instruction, but our emulator
> is incomplete. Running a whole OS in CR0.WP=0 mode is pretty much doomed if
> running on Xen without HAP. I think there is some supported OS that does do
> some small amount of stuff with CR0.WP=0, and we are complete enough to work
> in that case.

To be precise, the shadow code/emulator can run various flavours of
Windows when anti-virus software briefly turns off CR0.WP in order to
overwrite protected kernel structures (IDT &c).  That only involves
straightforward memory writes in an OS that otherwise obeys its own 
pagetable restrictions.

Cheers,

Tim.

-- 
Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Principal Software Engineer, Xen Platform Team
Citrix Systems UK Ltd.  (Company #02937203, SL9 0BG)

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel