Re: [Xen-devel] [PATCH 0/1] ARM: Implement support for write-ctrlreg vm-events

Mon, 07 Mar 2016 01:13:59 -0800 

On Mon, Mar 7, 2016 at 9:22 AM, Corneliu ZUZU <cz...@bitdefender.com> wrote:

> On 3/3/2016 4:10 PM, Corneliu ZUZU wrote:
>
>> Then,
>> QUESTIONS (FOR VM-EVENTS & ARM MAINTAINERS ESPECIALLY):
>>
>> Q1) [...]
>>
>> Q2) [...]
>>
>> Q3) [...]
>>
>> Q4) [...]
>>
>
> Hey all,
>
> I have a question relating to this part of code @ vmx_update_guest_cr:
>
>         if ( paging_mode_hap(v->domain) )
>         {
>             /* Manage GUEST_CR3 when CR0.PE=0. */
>             uint32_t cr3_ctls = (CPU_BASED_CR3_LOAD_EXITING |
>                                  CPU_BASED_CR3_STORE_EXITING);
>             v->arch.hvm_vmx.exec_control &= ~cr3_ctls;
>             if ( !hvm_paging_enabled(v) && !vmx_unrestricted_guest(v) )
>                 v->arch.hvm_vmx.exec_control |= cr3_ctls;
>
>             /* Trap CR3 updates if CR3 memory events are enabled. */
>             if ( v->domain->arch.monitor.write_ctrlreg_enabled &
>                  monitor_ctrlreg_bitmask(VM_EVENT_X86_CR3) )
>                 v->arch.hvm_vmx.exec_control |= CPU_BASED_CR3_LOAD_EXITING;
>
>             vmx_update_cpu_exec_control(v);
>         }
>
> While trying to move the check for VM_EVENT_X86_CR3 to the scheduling
> tail, a few questions came to my mind.
>
> 1). Tamas, Razvan, maybe you guys could clarify this. I noticed this part
> of code is only executed if paging_mode_hap(v->domain). Is EPT mandatory to
> monitor CR3 writes or is it just that when shadow paging is enabled, CR3
> r/w are unconditionally trapped?


EPT is not really required for CR3 monitoring, it just has been the case
that vm_events have been only implemented for hap-enabled domains. AFAIK
for non-hap case CR3 needs to be trapped unconditionally, yes.


> If the former is true, shouldn't we do a check like this in
> vm_event_monitor_get_capabilities instead?
>

Yes, it should now, this code was just written before
vm_event_monitor_get_capabilities was introduced and we haven't gotten
around converting this check to it.


>
> 2). I was also wondering why CR3 load/stores are trapped if paging is
> disabled for a domain.
>

Good question, I was wondering about that myself at some point but I
haven't found an answer to it. Maybe some git archaeology can help
determining when that was added and why ;)

Cheers,
Tamas

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Reply via email to