|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v1] x86/mm: Supresses vm_events caused by page-walks
On 10/30/2017 07:38 PM, Tamas K Lengyel wrote: > On Mon, Oct 30, 2017 at 11:19 AM, Razvan Cojocaru > <rcojocaru@xxxxxxxxxxxxxxx> wrote: >> On 10/30/2017 07:07 PM, Tamas K Lengyel wrote: >>> On Mon, Oct 30, 2017 at 11:01 AM, Razvan Cojocaru >>> <rcojocaru@xxxxxxxxxxxxxxx> wrote: >>>> On 10/30/2017 06:39 PM, Tamas K Lengyel wrote: >>>>> On Mon, Oct 30, 2017 at 10:24 AM, Razvan Cojocaru >>>>> <rcojocaru@xxxxxxxxxxxxxxx> wrote: >>>>>> On 30.10.2017 18:01, Tamas K Lengyel wrote: >>>>>>> On Mon, Oct 30, 2017 at 4:32 AM, Alexandru Isaila >>>>>>> <aisaila@xxxxxxxxxxxxxxx> wrote: >>>>>>>> This patch is adding a way to enable/disable nested pagefault >>>>>>>> events. It introduces the xc_monitor_nested_pagefault function >>>>>>>> and adds the nested_pagefault_disabled in the monitor structure. >>>>>>>> This is needed by the introspection so it will only get gla >>>>>>>> faults and not get spammed with other faults. >>>>>>>> In p2m_set_ad_bits the v->arch.sse_pg_dirty.eip and >>>>>>>> v->arch.sse_pg_dirty.gla are used to mark that this is the >>>>>>>> second time a fault occurs and the dirty bit is set. >>>>>>> >>>>>>> Could you describe under what conditions do you get these other faults? >>>>>> >>>>>> Hey Tamas, the whole story is at page 8 of this document: >>>>>> >>>>>> https://www.researchgate.net/publication/281835515_Proposed_Processor_Extensions_for_Significant_Speedup_of_Hypervisor_Memory_Introspection >>>>> >>>>> Hi Razvan, >>>>> thanks but I'm not sure that doc addresses my question. You >>>>> effectively filter out npfec_kind_in_gpt and npfec_kind_unknown in >>>>> this patch. The first, npfec_kind_in_gpt should only happen if you >>>>> have restricted access to the gpt with ept and the processor couldn't >>>>> walk the table. But if you don't want to get events of these types >>>>> then why not simply not restrict access the gpt to begin with? And as >>>>> for npfec_kind_unknown, I don't think that gets generated under any >>>>> situation. So hence my question, what is your setup that makes this >>>>> patch necessary? >>>> >>>> On the npfec_kind_unknown case, indeed, we were wondering when that >>>> might possibly occur when discussing this patch - it's probably reserved >>>> for the future? >>>> >>>> On why our introspection engine decides to restrict access to those >>>> specific pages, I am not intimate with its inner workings, and not sure >>>> how much could be disclosed here in any case. Is it not a worthwhile >>>> (and otherwise harmless) tool to be able to switch A/D bits-triggered >>>> EPT faults anyway, for introspection purposes? >>> >>> It changes the default behavior of mem_access events so I just wanted >>> to get some background on when that is really required. Technically >>> there is no reason why we couldn't do that filtering in Xen. I think >>> it might be better to flip the filter the other way though so the >>> default behavior remains as is (ie. change the option to enable >>> filtering instead of enabling monitoring). >> >> Wait, it shouldn't change the default behaviour at all. If nobody calls >> that function, all the EPT event kinds should be sent out - the new >> monitor flag is a "disable" flag for non-GLA event (the so-called >> "nested page fault" events). > > Oh yea you are right, I completely overlooked that it is named > "nested_pagefault_disabled" =) Maybe a comment in the domctl header > would be warranted to note that this is enabled by default when > mem_access is used. Other than adding the above mentioned comment, does anyone require other changes we should make in V2? Thanks, Razvan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |