WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] Trap flags, debug and emulation - xen 4.1.1

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] Trap flags, debug and emulation - xen 4.1.1
From: Balbir Singh <balbirsmail@xxxxxxxxx>
Date: Mon, 10 Oct 2011 19:30:22 +0530
Delivery-date: Tue, 11 Oct 2011 02:36:36 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=xriSXS73Xde6ohdrFa4yFDyE8iI/k6I7a3LTNYH6ZaA=; b=AR/MGhOGRjoBLgVGj+H+afRPJGynpcOo9QuaS9W7QQebGdx09fMWzKiil0fjTTrnfa C/weYgDG+448dLELJaU07AGCcScEkr8SgRBcNnAcEmQQGp5iIJe2vCadvMPkvqHv4SKR 0XCvWgmGXj5l3oH4HKr7rHNkKz2tvxG3DuYcI=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Hi,

I've been trying a simple experiment on my intel box (along the lines
of http://web.archiveorange.com/archive/v/tXSRN8SPX0sXRutnvOCu). I
have a system with VMX but no EPT, it falls back on shadow page tables
and I disable super pages. The VM itself is a 32 bit OS. I am using
xen-4.1.1 on ubuntu.

Quoting from the link above

"First, I mark a guest page "not present" inside the shadow page table
so that I could intercept any operation that involves this page. When
the guest tries to access that page, it faults and control goes to Xen
(sh_page_fault function). There, I emulate that operation and return
the control to guest to execute next instruction. I could get my first
part working.

In the second part after emulating the instruction inside Xen, I want
to perform single-step execution from next instruction onwards so that
I could monitor further execution of guest from that point.

To achieve that I did following: After emulating an instruction inside
Xen and before sending the control back to guest OS, I set the
EFLAGS's trap bit set by doing following operation:

regs->eflag |= X86_EFLAGS_TF

And return the control from sh_page_fault function by saying "return
EFAULT_FIXED".

I am doing something very similar. I do get the fault and I can set
the trap, but I don't see any form of single stepping take place as I
do not get the TRAP_debug exception back. My exception_bitmap has
TRAP_no_device, TRAP_page_fault, TRAP_debug and TRAP_int3 set.

I've tried debugging the issue with xentrace and printks, but sadly I
could not track down the issue. The CPU does have
cpu_has_monitor_trap_flag set to true.

Could anyone give me clues on how to track down why I did not get a
TRAP_debug exception via a VMEXIT?

Balbir Singh

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>