Re: [Xen-devel] [PATCH v2 for-4.9 5/6] x86/emul: Drop swint_emulate infrastructure

2017-04-06 Thread Andrew Cooper 
On 06/04/17 08:30, Jan Beulich wrote:
 On 05.04.17 at 19:33,  wrote:
>> With the SVM injection logic capable of doing its own emulation, there is no
>> need for this hardware-specific assistance in the common emulator.
>>
>> Signed-off-by: Andrew Cooper 
>> Reviewed-by: Paul Durrant 
>> Reviewed-by: Jan Beulich 
>> ---
>> CC: Tim Deegan 
>> CC: Julien Grall 
>>
>> v2:
>>  * imm8 -> imm1
> This went wrong:
>
>>  case 0xce: /* into */
>>  if ( !(_regs.eflags & X86_EFLAGS_OF) )
>>  break;
>> -src.val = EXC_OF;
>> -swint_type = x86_swint_into;
>> -goto swint;
>> +/* Fallthrough */
>> +case 0xcc: /* int3 */
>> +case 0xcd: /* int imm1 */
> This needs to remain imm8.
>
>> +case 0xf1: /* int1 (icebp) */
>> +ASSERT(!ctxt->event_pending);
>> +switch ( ctxt->opcode )
>> +{
>> +case 0xcc: /* int3 */
>> +ctxt->event.vector = EXC_BP;
>> +ctxt->event.type = X86_EVENTTYPE_SW_EXCEPTION;
>> +break;
>> +case 0xcd: /* int imm1 */
> As does this one.
>
>> +ctxt->event.vector = src.val;
> This is what I would prefer to become imm1.

Ah - I see what you mean now.  Fixed.

~Andrew

___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Re: [Xen-devel] [PATCH v2 for-4.9 5/6] x86/emul: Drop swint_emulate infrastructure

2017-04-06 Thread Jan Beulich 
>>> On 05.04.17 at 19:33,  wrote:
> With the SVM injection logic capable of doing its own emulation, there is no
> need for this hardware-specific assistance in the common emulator.
> 
> Signed-off-by: Andrew Cooper 
> Reviewed-by: Paul Durrant 
> Reviewed-by: Jan Beulich 
> ---
> CC: Tim Deegan 
> CC: Julien Grall 
> 
> v2:
>  * imm8 -> imm1

This went wrong:

>  case 0xce: /* into */
>  if ( !(_regs.eflags & X86_EFLAGS_OF) )
>  break;
> -src.val = EXC_OF;
> -swint_type = x86_swint_into;
> -goto swint;
> +/* Fallthrough */
> +case 0xcc: /* int3 */
> +case 0xcd: /* int imm1 */

This needs to remain imm8.

> +case 0xf1: /* int1 (icebp) */
> +ASSERT(!ctxt->event_pending);
> +switch ( ctxt->opcode )
> +{
> +case 0xcc: /* int3 */
> +ctxt->event.vector = EXC_BP;
> +ctxt->event.type = X86_EVENTTYPE_SW_EXCEPTION;
> +break;
> +case 0xcd: /* int imm1 */

As does this one.

> +ctxt->event.vector = src.val;

This is what I would prefer to become imm1.

Jan


___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

[Xen-devel] [PATCH v2 for-4.9 5/6] x86/emul: Drop swint_emulate infrastructure

2017-04-05 Thread Andrew Cooper 
With the SVM injection logic capable of doing its own emulation, there is no
need for this hardware-specific assistance in the common emulator.

Signed-off-by: Andrew Cooper 
Reviewed-by: Paul Durrant 
Reviewed-by: Jan Beulich 
---
CC: Tim Deegan 
CC: Julien Grall 

v2:
 * imm8 -> imm1
---
 tools/fuzz/x86_instruction_emulator/fuzz-emul.c |  18 +--
 xen/arch/x86/hvm/emulate.c  |   7 -
 xen/arch/x86/mm.c   |   2 -
 xen/arch/x86/mm/shadow/common.c |   1 -
 xen/arch/x86/x86_emulate/x86_emulate.c  | 187 
 xen/arch/x86/x86_emulate/x86_emulate.h  |  53 ---
 6 files changed, 30 insertions(+), 238 deletions(-)

diff --git a/tools/fuzz/x86_instruction_emulator/fuzz-emul.c 
b/tools/fuzz/x86_instruction_emulator/fuzz-emul.c
index 890642c..8488816 100644
--- a/tools/fuzz/x86_instruction_emulator/fuzz-emul.c
+++ b/tools/fuzz/x86_instruction_emulator/fuzz-emul.c
@@ -536,8 +536,7 @@ enum {
 HOOK_put_fpu,
 HOOK_invlpg,
 HOOK_vmfunc,
-OPTION_swint_emulation, /* Two bits */
-CANONICALIZE_rip = OPTION_swint_emulation + 2,
+CANONICALIZE_rip,
 CANONICALIZE_rsp,
 CANONICALIZE_rbp
 };
@@ -577,19 +576,6 @@ static void disable_hooks(void)
 MAYBE_DISABLE_HOOK(invlpg);
 }
 
-static void set_swint_support(struct x86_emulate_ctxt *ctxt)
-{
-unsigned int swint_opt = (input.options >> OPTION_swint_emulation) & 3;
-static const enum x86_swint_emulation map[4] = {
-x86_swint_emulate_none,
-x86_swint_emulate_none,
-x86_swint_emulate_icebp,
-x86_swint_emulate_all
-};
-
-ctxt->swint_emulate = map[swint_opt];
-}
-
 /*
  * Constrain input to architecturally-possible states where
  * the emulator relies on these
@@ -693,8 +679,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data_p, size_t 
size)
 
 disable_hooks();
 
-set_swint_support();
-
 do {
 /* FIXME: Until we actually implement SIGFPE handling properly */
 setup_fpu_exception_handler();
diff --git a/xen/arch/x86/hvm/emulate.c b/xen/arch/x86/hvm/emulate.c
index 87ca801..39e4319 100644
--- a/xen/arch/x86/hvm/emulate.c
+++ b/xen/arch/x86/hvm/emulate.c
@@ -2033,13 +2033,6 @@ void hvm_emulate_init_once(
 hvmemul_ctxt->ctxt.regs = regs;
 hvmemul_ctxt->ctxt.vendor = curr->domain->arch.cpuid->x86_vendor;
 hvmemul_ctxt->ctxt.force_writeback = true;
-
-if ( cpu_has_vmx )
-hvmemul_ctxt->ctxt.swint_emulate = x86_swint_emulate_none;
-else if ( cpu_has_svm_nrips )
-hvmemul_ctxt->ctxt.swint_emulate = x86_swint_emulate_icebp;
-else
-hvmemul_ctxt->ctxt.swint_emulate = x86_swint_emulate_all;
 }
 
 void hvm_emulate_init_per_insn(
diff --git a/xen/arch/x86/mm.c b/xen/arch/x86/mm.c
index be4e308..3918a37 100644
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -5412,7 +5412,6 @@ int ptwr_do_page_fault(struct vcpu *v, unsigned long addr,
 .vendor = d->arch.cpuid->x86_vendor,
 .addr_size = is_pv_32bit_domain(d) ? 32 : BITS_PER_LONG,
 .sp_size   = is_pv_32bit_domain(d) ? 32 : BITS_PER_LONG,
-.swint_emulate = x86_swint_emulate_none,
 },
 };
 int rc;
@@ -5567,7 +5566,6 @@ int mmio_ro_do_page_fault(struct vcpu *v, unsigned long 
addr,
 .vendor = v->domain->arch.cpuid->x86_vendor,
 .addr_size = addr_size,
 .sp_size = addr_size,
-.swint_emulate = x86_swint_emulate_none,
 .data = _ro_ctxt
 };
 int rc;
diff --git a/xen/arch/x86/mm/shadow/common.c b/xen/arch/x86/mm/shadow/common.c
index 574337c..736ceaa 100644
--- a/xen/arch/x86/mm/shadow/common.c
+++ b/xen/arch/x86/mm/shadow/common.c
@@ -326,7 +326,6 @@ const struct x86_emulate_ops *shadow_init_emulation(
 
 sh_ctxt->ctxt.regs = regs;
 sh_ctxt->ctxt.vendor = v->domain->arch.cpuid->x86_vendor;
-sh_ctxt->ctxt.swint_emulate = x86_swint_emulate_none;
 
 /* Segment cache initialisation. Primed with CS. */
 creg = hvm_get_seg_reg(x86_seg_cs, sh_ctxt);
diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c 
b/xen/arch/x86/x86_emulate/x86_emulate.c
index 7af8a42..8c4e885 100644
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -1999,142 +1999,6 @@ static bool umip_active(struct x86_emulate_ctxt *ctxt,
(cr4 & X86_CR4_UMIP);
 }
 
-/* Inject a software interrupt/exception, emulating if needed. */
-static int inject_swint(enum x86_swint_type type,
-uint8_t vector, uint8_t insn_len,
-struct x86_emulate_ctxt *ctxt,
-const struct x86_emulate_ops *ops)
-{
-int rc, error_code, fault_type = EXC_GP;
-
-/*
- * Without hardware support, injecting software interrupts/exceptions is
- * problematic.
- *
- * All software methods of generating