Xen project Mailing List

Re: [Xen-devel] [PATCH 0/1] ARM: Implement support for write-ctrlreg vm-events

To: Corneliu ZUZU <czuzu@xxxxxxxxxxxxxxx>

From: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>

Date: Mon, 7 Mar 2016 10:12:45 +0100

Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Keir Fraser <keir@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>

Delivery-date: Mon, 07 Mar 2016 09:13:18 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Mon, Mar 7, 2016 at 9:22 AM, Corneliu ZUZU <czuzu@xxxxxxxxxxxxxxx> wrote:

On 3/3/2016 4:10 PM, Corneliu ZUZU wrote:

Then,
QUESTIONS (FOR VM-EVENTS & ARM MAINTAINERS ESPECIALLY):

Q1) [...]

Q2) [...]

Q3) [...]

Q4) [...]

Hey all,

I have a question relating to this part of code @ vmx_update_guest_cr:

if ( paging_mode_hap(v->domain) )
{
/* Manage GUEST_CR3 when CR0.PE=0. */
uint32_t cr3_ctls = (CPU_BASED_CR3_LOAD_EXITING |
CPU_BASED_CR3_STORE_EXITING);
v->arch.hvm_vmx.exec_control &= ~cr3_ctls;
if ( !hvm_paging_enabled(v) && !vmx_unrestricted_guest(v) )
v->arch.hvm_vmx.exec_control |= cr3_ctls;

/* Trap CR3 updates if CR3 memory events are enabled. */
if ( v->domain->arch.monitor.write_ctrlreg_enabled &
monitor_ctrlreg_bitmask(VM_EVENT_X86_CR3) )
v->arch.hvm_vmx.exec_control |= CPU_BASED_CR3_LOAD_EXITING;

vmx_update_cpu_exec_control(v);
}

While trying to move the check for VM_EVENT_X86_CR3 to the scheduling tail, a few questions came to my mind.

1). Tamas, Razvan, maybe you guys could clarify this. I noticed this part of code is only executed if paging_mode_hap(v->domain). Is EPT mandatory to monitor CR3 writes or is it just that when shadow paging is enabled, CR3 r/w are unconditionally trapped?

EPT is not really required for CR3 monitoring, it just has been the case that vm_events have been only implemented for hap-enabled domains. AFAIK for non-hap case CR3 needs to be trapped unconditionally, yes.

If the former is true, shouldn't we do a check like this in vm_event_monitor_get_capabilities instead?

Yes, it should now, this code was just written before vm_event_monitor_get_capabilities was introduced and we haven't gotten around converting this check to it.

2). I was also wondering why CR3 load/stores are trapped if paging is disabled for a domain.

Good question, I was wondering about that myself at some point but I haven't found an answer to it. Maybe some git archaeology can help determining when that was added and why ;)

Cheers,

Tamas

_______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel