[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v11] x86/emulate: Send vm_event from emulate

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Alexandru Stefan ISAILA <aisaila@xxxxxxxxxxxxxxx>
  • Date: Fri, 20 Sep 2019 08:35:25 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=bitdefender.com; dmarc=pass action=none header.from=bitdefender.com; dkim=pass header.d=bitdefender.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9bfH3oQwtExve5RnX8Bv0lL4BFDEftpgVZVwnwkU8SQ=; b=m31Ll/yAN7wTObwpfdPaik3DRikXljYAf6V9mRoQ1deu8pMGKjv69evSLffwOIkh4QOo/MYn06uATTMOo1wgTR4GVQNdk3wtDLAbhJw5BnxoxWmlr4VELSbGyGsSWZwBH6dnHcRsf7ISZoCYeesnVoVWh0xtEgnFvsrDbdaTN99wf+Di4yAA12CzuL3Nk8exMaD1ndEFPxxANWrwc02upSwm5h5wvXQ4/o6bKiIc3asj6QhLukVCVAHu+C3h0M2PPoPQ0u62dVtpJExax6XYwJJ89w5k+iKOoUQnNvYoWe3NR3Q7at7sr02wviQCSHTUxwvh6BGaoSxs50SdX+k9NA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ol/6rbYtqBH2AEDMgM3lWvqZZ2SS6FC2bElm5u7Oib7XaJPnLcpwOtESys5f4DZawlpgB+zkTfqCBwAlRHsqJz8x66XlNtHGP1i3PeXrOeVZOl3ejKq75nFc24iHIwhZseiaINBkyrsbM17avFE8xDkGMYMskMoSeYR8NW0kVIMCBTEmfWU9TOTd5IUuHIJo7yZqP9vY2iBujZ/tz5jpBVUx/8K96L5qjrqvBNUtUfOHCBFdXypZuGkQEwlS3RK7AxQK7S4EVYGGVl5dp/jIMHRsHbSZPR7PYs0uxQAVEEzkfPzf4ESYSw3oy0RIyu4q1f0djh6uovMNHJUHugCn4Q==
  • Authentication-results: spf=none (sender IP is ) smtp.mailfrom=aisaila@xxxxxxxxxxxxxxx;
  • Cc: Petre Ovidiu PIRCALABU <ppircalabu@xxxxxxxxxxxxxxx>, "tamas@xxxxxxxxxxxxx" <tamas@xxxxxxxxxxxxx>, "wl@xxxxxxx" <wl@xxxxxxx>, Razvan COJOCARU <rcojocaru@xxxxxxxxxxxxxxx>, "george.dunlap@xxxxxxxxxxxxx" <george.dunlap@xxxxxxxxxxxxx>, "andrew.cooper3@xxxxxxxxxx" <andrew.cooper3@xxxxxxxxxx>, "paul.durrant@xxxxxxxxxx" <paul.durrant@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "roger.pau@xxxxxxxxxx" <roger.pau@xxxxxxxxxx>
  • Delivery-date: Fri, 20 Sep 2019 08:35:34 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHVbuqvObi2c4eeME6qC/Xll4ji7KczByuAgAFh1oD//9LPAIAAAwqA
  • Thread-topic: [PATCH v11] x86/emulate: Send vm_event from emulate

On 20.09.2019 11:24, Jan Beulich wrote:
> On 20.09.2019 10:06, Alexandru Stefan ISAILA wrote:
>> On 19.09.2019 16:59, Jan Beulich wrote:
>>> Furthermore while you now restrict the check to linear address
>>> based accesses, other than the description says (or at least
>>> implies) you do not restrict it to read and exec accesses. It's
>>> not clear to me whether that's intentional, yet it affects which
>>> hvm_copy_*_linear() callers need auditing.
>>
>> The pfec var is checked in hvm_monitor_check_p2m(). If you think it is
>> necessary I can add one more check here for (pfec & (PFEC_insn_fetch |
>> PFEC_write_access)).
> 
> hvm_monitor_check_p2m() gets called from two places, so a check
> there won't help (afaict). The question whether to put an
> additional check here depends on whether, as the description
> says, you really only want to handle read/exec accesses here,
> or whether you also want to cover write ones (in which case the
> description should be adjusted so that it's not misleading).

Indeed covering write access here as well as in 
hvmemul_map_linear_addr() is needed. I will adjust the comment.

> 
>>> Finally, what about ->arch.vm_event->send_event remaining set
>>> after hvm_emulate_one_vm_event(), because hvm_monitor_check_p2m()
>>> (the only place where the flag would get cleared) was never hit
>>> in the process?
>> Thanks for pointing this out, indeed it's a problem here. A solution can
>> be to move send_event = false; after hvm_emulate_one_vm_event() is
>> finished. And state in the comment that the user is in charge of
>> enabling and disabling the flag.
>> Or just have it in both places.
> 
> For this aspect alone I think you want it in both places, but ...
> 
>>> And what about an instruction accessing two (or
>>> more) distinct addresses? The flag would be clear after the first
>>> one was checked afaict.
>>
>> There is no problem here because emulation will stop after the first bad
>> access so there is no need to continue.
> 
> ... for this moving it may indeed be necessary. I have to admit
> that I don't follow your reply here: The flag will also be clear
> after the first good access (afaict), and hence further accesses
> by the same insn won't make it into hvm_monitor_check_p2m() at all.
> 

Ok I will move it from hvm_monitor_check_p2m() and adjust the comment 
accordingly.


Thanks for the review,
Alex
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.