[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Weekly VMX status report. Xen: #18846 & Xen0: #749

To: Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
From: Gianluca Guida <gianluca.guida@xxxxxxxxxxxxx>
Date: Fri, 12 Dec 2008 20:37:16 +0000
Cc: "Li, Haicheng" <haicheng.li@xxxxxxxxx>, "'xen-devel@xxxxxxxxxxxxxxxxxxx'" <xen-devel@xxxxxxxxxxxxxxxxxxx>, "Li, Xin" <xin.li@xxxxxxxxx>
Delivery-date: Fri, 12 Dec 2008 12:42:17 -0800
List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Hello,

Keir Fraser wrote:

On 07/12/2008 02:23, "Li, Xin" <xin.li@xxxxxxxxx> wrote:

There's a good chance that at least bug #1 is fixed on current tip
(c/s 18881).

OK, we will check it with c/s 18881, thanks.

The root cause of the crash when booting a 64bit Solaris 10u5 guest is that
Xen hypervisor has turned off NX as guest AP has not turned on NX, but shadow
already has NX set...


This is what I think is going on:

BSP has finished its bootstrap phase, has enabled the EFER's NX bit andset the kernel mapping to pages that are going to be used as pagetablenon-executable.

AP enables long mode, but not the EFER's NX. It accesses an addresswhose guest walk has pages still not shadowed, and the shadow codeenters the game trying to remove writable mappings of that given guest page.

And here's -- I think -- the bug: when we update the MSR (in contextswitch) it is my understanding that we update the MSR based on theguest's vcpu state. So, when the shadow code will try to read the shadowmapping of the soon-to-be-promoted page will access a shadow mappingwith NX bit and get a reserved-bit pagefault, because the host's EFERwill have NX feature disabled.


I see two ways to fix this:

- Disable NX support in shadows until all vcpus have EFER's NX enabled.This would means that the guest thinks it has NX bit protection in atleast one vcpus but in reality it doesn't. Also, to properly supportexecute-disable protection, we would need to blow the shadows when wecan finally enable NX bit in shadows.

- Always enable EFER's NX in host mode. We could also avoid changingEFER's status between vmentry and vmexits, but this would cause someissue in reserved bit handling in page faults. This could be easilyfixed in shadow code, but in HAP would make the whole thing morecomplicated.

Do the people that know better than me the actual VMX code have anyopinion about the best way to fix this?


Thanks,
Gianluca


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

Follow-Ups:
- Re: [Xen-devel] Weekly VMX status report. Xen: #18846 & Xen0: #749
  - From: Keir Fraser

References:
- Re: [Xen-devel] Weekly VMX status report. Xen: #18846 & Xen0: #749
  - From: Keir Fraser

Prev by Date: Re: [Xen-devel] Re: pv_ops dom0 USB fixed
Next by Date: Re: [Xen-devel] Re: pv_ops dom0 USB fixed
Previous by thread: RE: [Xen-devel] Weekly VMX status report. Xen: #18846 & Xen0: #749
Next by thread: Re: [Xen-devel] Weekly VMX status report. Xen: #18846 & Xen0: #749
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.