Xen project Mailing List

Re: [Xen-devel] [PATCH v1] x86/mm: Suppresses vm_events caused by page-walks

From: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>

Date: Mon, 27 Aug 2018 14:24:20 +0300

Cc: Andrei LUTAS <vlutas@xxxxxxxxxxxxxxx>, Tamas K Lengyel <tamas@xxxxxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, xen-devel@xxxxxxxxxxxxx, aisaila@xxxxxxxxxxxxxxx

Delivery-date: Mon, 27 Aug 2018 11:24:54 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 8/27/18 12:11 PM, Jan Beulich wrote: >>>> On 24.08.18 at 20:47, <rcojocaru@xxxxxxxxxxxxxxx> wrote: >> 619 /* EPT violation qualifications definitions */ >> 620 typedef union ept_qual { >> 621 unsigned long raw; >> 622 struct { >> 623 bool read:1, write:1, fetch:1, >> 624 eff_read:1, eff_write:1, eff_exec:1, /* eff_user_exec */:1, >> 625 gla_valid:1, >> 626 gla_fault:1; /* Valid iff gla_valid. */ >> 627 unsigned long /* pad */:55; >> 628 }; >> 629 } __transparent__ ept_qual_t; >> >> Unfortunately, I've been told that that's not the way to go since those >> fields will be relevant only on newer architectures, and we'd like to be >> able to support even older ones. And, of course, the other thing is that >> they're VMX / EPT specific, and we were hoping to be able to get SVM >> support for free like that. > > If this was the case (I didn't check, and you didn't provide a > pointer along with the "I've been told"), at the very least on > newer hardware correct behavior should be implemented. Sorry for being unclear. If the question is who told me, it's been decided internally that the product should support older processors. If the question is what does "older" mean, we've checked a random Skylake CPU with the "if bit 22 is read as 1, the processor reports advanced VM-exit information for EPT violations (see Section 27.2.1). This reporting is done only if this bit is read as 1" method, and the respective bit was not set. The information is in Table 27-6 of the Intel SDM. > For NPT, isn't there an error code bit telling you whether the > request was a user or "system" one? If not, some cheating > would be needed (derive from CPL, accepting that e.g. > descriptor table accesses would get mis-attributed), but > that's still not going to involve looking at the PTE flags. The alternative would be to simply walk (without enforcing any flags, and so making the pfec walk parameter unnecessary) to the respective address, and query for _PAGE_ACCESSED and _PAGE_DIRTY only. If _PAGE_ACCESSED is not set, set it and exit. If _PAGE_ACCESSED is set, set _PAGE_DIRTY also and exit. The idea here being that (1) "no TLB entry or paging-structure cache entry is created with information from a paging-structure entry in which the accessed flag is 0" and (2) "a page-fault exception resulting from an attempt to use a linear address will invalidate any TLB entries that are for a page number corresponding to that linear address and that are associated with the current PCID" mean that the only way we would end up in the codepath is if we need to set the A/D bits - which we can, if we use modified version of the code walker that simply does not care about the pfec parameter. This would presumably also work well for NPT, and also on CPUs that do not support the newer EPT qualification bits. Is this upstreamable? Thanks, Razvan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.