* [PATCH v2] VMX: don't allow PVH to reach handle_mmio()
@ 2014-12-08 9:12 Jan Beulich
2014-12-08 22:12 ` Mukesh Rathor
` (2 more replies)
0 siblings, 3 replies; 8+ messages in thread
From: Jan Beulich @ 2014-12-08 9:12 UTC (permalink / raw
To: xen-devel; +Cc: Kevin Tian, Eddie Dong, Jun Nakajima, Roger Pau Monne
[-- Attachment #1: Type: text/plain, Size: 852 bytes --]
PVH guests accessing I/O ports via string ops is not supported yet.
Reported-by: Roger Pau Monné<roger.pau@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
---
v2: handle_pio() is already safe (pointed out by Mukesh), so only refuse
entering handle_mmio().
Note: Only compile tested so far.
--- unstable.orig/xen/arch/x86/hvm/vmx/vmx.c 2014-11-27 09:37:27.000000000 +0100
+++ unstable/xen/arch/x86/hvm/vmx/vmx.c 2014-12-08 10:04:27.000000000 +0100
@@ -3086,7 +3086,8 @@ void vmx_vmexit_handler(struct cpu_user_
if ( exit_qualification & 0x10 )
{
/* INS, OUTS */
- if ( !handle_mmio() )
+ if ( unlikely(is_pvh_vcpu(v)) /* PVH fixme */ ||
+ !handle_mmio() )
hvm_inject_hw_exception(TRAP_gp_fault, 0);
}
else
[-- Attachment #2: VMX-PVH-no-emulated-IO-string-ops.patch --]
[-- Type: text/plain, Size: 848 bytes --]
PVH guests accessing I/O ports via string ops is not supported yet.
Reported-by: Roger Pau Monné<roger.pau@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
---
v2: handle_pio() is already safe (pointed out by Mukesh), so only refuse
entering handle_mmio().
Note: Only compile tested so far.
--- unstable.orig/xen/arch/x86/hvm/vmx/vmx.c 2014-11-27 09:37:27.000000000 +0100
+++ unstable/xen/arch/x86/hvm/vmx/vmx.c 2014-12-08 10:04:27.000000000 +0100
@@ -3086,7 +3086,8 @@ void vmx_vmexit_handler(struct cpu_user_
if ( exit_qualification & 0x10 )
{
/* INS, OUTS */
- if ( !handle_mmio() )
+ if ( unlikely(is_pvh_vcpu(v)) /* PVH fixme */ ||
+ !handle_mmio() )
hvm_inject_hw_exception(TRAP_gp_fault, 0);
}
else
[-- Attachment #3: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] VMX: don't allow PVH to reach handle_mmio()
2014-12-08 9:12 [PATCH v2] VMX: don't allow PVH to reach handle_mmio() Jan Beulich
@ 2014-12-08 22:12 ` Mukesh Rathor
2014-12-09 17:01 ` Roger Pau Monné
2014-12-10 5:07 ` Tian, Kevin
2 siblings, 0 replies; 8+ messages in thread
From: Mukesh Rathor @ 2014-12-08 22:12 UTC (permalink / raw
To: Jan Beulich
Cc: Kevin Tian, Eddie Dong, Jun Nakajima, xen-devel, Roger Pau Monne
On Mon, 08 Dec 2014 09:12:37 +0000
"Jan Beulich" <JBeulich@suse.com> wrote:
> PVH guests accessing I/O ports via string ops is not supported yet.
>
> Reported-by: Roger Pau Monné<roger.pau@citrix.com>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> ---
> v2: handle_pio() is already safe (pointed out by Mukesh), so only
> refuse entering handle_mmio().
> Note: Only compile tested so far.
>
> --- unstable.orig/xen/arch/x86/hvm/vmx/vmx.c 2014-11-27
> 09:37:27.000000000 +0100 +++
> unstable/xen/arch/x86/hvm/vmx/vmx.c 2014-12-08
> 10:04:27.000000000 +0100 @@ -3086,7 +3086,8 @@ void
> vmx_vmexit_handler(struct cpu_user_ if ( exit_qualification & 0x10 ) {
> /* INS, OUTS */
> - if ( !handle_mmio() )
> + if ( unlikely(is_pvh_vcpu(v)) /* PVH fixme */ ||
> + !handle_mmio() )
> hvm_inject_hw_exception(TRAP_gp_fault, 0);
> }
> else
>
Good idea, and if needed:
Acked-by: Mukesh Rathor <mukesh.rathor@oracle.com>
thanks
Mukesh
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] VMX: don't allow PVH to reach handle_mmio()
2014-12-08 9:12 [PATCH v2] VMX: don't allow PVH to reach handle_mmio() Jan Beulich
2014-12-08 22:12 ` Mukesh Rathor
@ 2014-12-09 17:01 ` Roger Pau Monné
2014-12-09 17:19 ` Jan Beulich
2014-12-10 17:08 ` Konrad Rzeszutek Wilk
2014-12-10 5:07 ` Tian, Kevin
2 siblings, 2 replies; 8+ messages in thread
From: Roger Pau Monné @ 2014-12-09 17:01 UTC (permalink / raw
To: Jan Beulich, xen-devel; +Cc: Kevin Tian, Eddie Dong, Jun Nakajima
El 08/12/14 a les 10.12, Jan Beulich ha escrit:
> PVH guests accessing I/O ports via string ops is not supported yet.
>
> Reported-by: Roger Pau Monné<roger.pau@citrix.com>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
This looks fine to me (at least it doesn't break the existing IN/OUT
users), and seems the best solution 4.5 wise:
Acked-by: Roger Pau Monné <roger.pau@citrix.com>
For 4.6 I think we need to start using a different hvm_io_bitmap for PVH
Dom0 that allows direct access to the IO ports, bypassing the vmexit and
simplifying the code in Xen (this would also fix INS/OUTS). Still not
sure what should be done for PVH DomUs, specially when PVH gains support
for pci-passthrough.
Roger.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] VMX: don't allow PVH to reach handle_mmio()
2014-12-09 17:01 ` Roger Pau Monné
@ 2014-12-09 17:19 ` Jan Beulich
2014-12-09 17:49 ` Roger Pau Monné
2014-12-10 17:08 ` Konrad Rzeszutek Wilk
1 sibling, 1 reply; 8+ messages in thread
From: Jan Beulich @ 2014-12-09 17:19 UTC (permalink / raw
To: Roger Pau Monné; +Cc: Kevin Tian, Eddie Dong, Jun Nakajima, xen-devel
>>> On 09.12.14 at 18:01, <roger.pau@citrix.com> wrote:
> For 4.6 I think we need to start using a different hvm_io_bitmap for PVH
> Dom0 that allows direct access to the IO ports, bypassing the vmexit and
> simplifying the code in Xen (this would also fix INS/OUTS). Still not
> sure what should be done for PVH DomUs, specially when PVH gains support
> for pci-passthrough.
With the difficulty being that for PV the hypervisor intentionally
intercepts accesses to some of the ports, so we can't blindly
allow PVH access to all the ports its allowed access to.
Jan
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] VMX: don't allow PVH to reach handle_mmio()
2014-12-09 17:19 ` Jan Beulich
@ 2014-12-09 17:49 ` Roger Pau Monné
2014-12-10 9:07 ` Jan Beulich
0 siblings, 1 reply; 8+ messages in thread
From: Roger Pau Monné @ 2014-12-09 17:49 UTC (permalink / raw
To: Jan Beulich; +Cc: xen-devel, Kevin Tian, Eddie Dong, Jun Nakajima
El 09/12/14 a les 18.19, Jan Beulich ha escrit:
>>>> On 09.12.14 at 18:01, <roger.pau@citrix.com> wrote:
>> For 4.6 I think we need to start using a different hvm_io_bitmap for PVH
>> Dom0 that allows direct access to the IO ports, bypassing the vmexit and
>> simplifying the code in Xen (this would also fix INS/OUTS). Still not
>> sure what should be done for PVH DomUs, specially when PVH gains support
>> for pci-passthrough.
>
> With the difficulty being that for PV the hypervisor intentionally
> intercepts accesses to some of the ports, so we can't blindly
> allow PVH access to all the ports its allowed access to.
I assume this is mainly for DomUs but not for Dom0? Or should PVH Dom0
access to the IO space also be filtered and emulated for some ports?
Roger.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] VMX: don't allow PVH to reach handle_mmio()
2014-12-08 9:12 [PATCH v2] VMX: don't allow PVH to reach handle_mmio() Jan Beulich
2014-12-08 22:12 ` Mukesh Rathor
2014-12-09 17:01 ` Roger Pau Monné
@ 2014-12-10 5:07 ` Tian, Kevin
2 siblings, 0 replies; 8+ messages in thread
From: Tian, Kevin @ 2014-12-10 5:07 UTC (permalink / raw
To: Jan Beulich, xen-devel; +Cc: Dong, Eddie, Nakajima, Jun, Roger Pau Monne
> From: Jan Beulich [mailto:JBeulich@suse.com]
> Sent: Monday, December 08, 2014 5:13 PM
>
> PVH guests accessing I/O ports via string ops is not supported yet.
>
> Reported-by: Roger Pau Monné<roger.pau@citrix.com>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
> ---
> v2: handle_pio() is already safe (pointed out by Mukesh), so only refuse
> entering handle_mmio().
> Note: Only compile tested so far.
>
> --- unstable.orig/xen/arch/x86/hvm/vmx/vmx.c 2014-11-27
> 09:37:27.000000000 +0100
> +++ unstable/xen/arch/x86/hvm/vmx/vmx.c 2014-12-08
> 10:04:27.000000000 +0100
> @@ -3086,7 +3086,8 @@ void vmx_vmexit_handler(struct cpu_user_
> if ( exit_qualification & 0x10 )
> {
> /* INS, OUTS */
> - if ( !handle_mmio() )
> + if ( unlikely(is_pvh_vcpu(v)) /* PVH fixme */ ||
> + !handle_mmio() )
> hvm_inject_hw_exception(TRAP_gp_fault, 0);
> }
> else
>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] VMX: don't allow PVH to reach handle_mmio()
2014-12-09 17:49 ` Roger Pau Monné
@ 2014-12-10 9:07 ` Jan Beulich
0 siblings, 0 replies; 8+ messages in thread
From: Jan Beulich @ 2014-12-10 9:07 UTC (permalink / raw
To: Roger Pau Monné; +Cc: xen-devel, Kevin Tian, Eddie Dong, JunNakajima
>>> On 09.12.14 at 18:49, <roger.pau@citrix.com> wrote:
> El 09/12/14 a les 18.19, Jan Beulich ha escrit:
>>>>> On 09.12.14 at 18:01, <roger.pau@citrix.com> wrote:
>>> For 4.6 I think we need to start using a different hvm_io_bitmap for PVH
>>> Dom0 that allows direct access to the IO ports, bypassing the vmexit and
>>> simplifying the code in Xen (this would also fix INS/OUTS). Still not
>>> sure what should be done for PVH DomUs, specially when PVH gains support
>>> for pci-passthrough.
>>
>> With the difficulty being that for PV the hypervisor intentionally
>> intercepts accesses to some of the ports, so we can't blindly
>> allow PVH access to all the ports its allowed access to.
>
> I assume this is mainly for DomUs but not for Dom0? Or should PVH Dom0
> access to the IO space also be filtered and emulated for some ports?
It should indeed - just look at guest_io_read() and guest_io_write().
I.e. an eventual PVH specific bitmap would need to be populated
based on what admin_io_okay() returns (instead of
ioports_access_permitted()), carefully taking into consideration the
possible access widths.
Jan
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v2] VMX: don't allow PVH to reach handle_mmio()
2014-12-09 17:01 ` Roger Pau Monné
2014-12-09 17:19 ` Jan Beulich
@ 2014-12-10 17:08 ` Konrad Rzeszutek Wilk
1 sibling, 0 replies; 8+ messages in thread
From: Konrad Rzeszutek Wilk @ 2014-12-10 17:08 UTC (permalink / raw
To: Roger Pau Monné
Cc: Kevin Tian, Jan Beulich, Eddie Dong, Jun Nakajima, xen-devel
On Tue, Dec 09, 2014 at 06:01:54PM +0100, Roger Pau Monné wrote:
> El 08/12/14 a les 10.12, Jan Beulich ha escrit:
> > PVH guests accessing I/O ports via string ops is not supported yet.
> >
> > Reported-by: Roger Pau Monné<roger.pau@citrix.com>
> > Signed-off-by: Jan Beulich <jbeulich@suse.com>
>
> This looks fine to me (at least it doesn't break the existing IN/OUT
> users), and seems the best solution 4.5 wise:
>
> Acked-by: Roger Pau Monné <roger.pau@citrix.com>
Release-Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>
> For 4.6 I think we need to start using a different hvm_io_bitmap for PVH
> Dom0 that allows direct access to the IO ports, bypassing the vmexit and
> simplifying the code in Xen (this would also fix INS/OUTS). Still not
> sure what should be done for PVH DomUs, specially when PVH gains support
> for pci-passthrough.
>
> Roger.
>
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2014-12-10 17:08 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-12-08 9:12 [PATCH v2] VMX: don't allow PVH to reach handle_mmio() Jan Beulich
2014-12-08 22:12 ` Mukesh Rathor
2014-12-09 17:01 ` Roger Pau Monné
2014-12-09 17:19 ` Jan Beulich
2014-12-09 17:49 ` Roger Pau Monné
2014-12-10 9:07 ` Jan Beulich
2014-12-10 17:08 ` Konrad Rzeszutek Wilk
2014-12-10 5:07 ` Tian, Kevin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.