Re: [Xen-devel] [PATCH 10/17] PVH xen: introduce vmx_pvh.c and pvh.c

[Mukesh Rathor <mukesh.rathor@xxxxxxxxxx>]

On Wed, 01 May 2013 14:52:27 +0100
"Jan Beulich" <jbeulich@xxxxxxxx> wrote:

> >> > +static int vmxit_io_instr(struct cpu_user_regs *regs)
> >> > +{
> >> > +    int curr_lvl;
> >> > +    int requested = (regs->rflags >> 12) & 3;
> >> > +
> >> > +    read_vmcs_selectors(regs);
> >> > +    curr_lvl = regs->cs & 3;
> >> 
> >> Shouldn't you look at SS'es DPL instead?
> >
> >Ok. It looks like CPL is stored in both CS and SS, so either
> >should be ok. But I changed it to ss. 
> 
> Your response reads as if you're still looking at the low two bits of
> the selector, whereas me using DPL was intended to hint at you
> needing to look at the "hidden" portion of the register.

Hmm... sorry, still don't understand why I need to use DPL here. Ref'ing
the SDM again: Vol1 Basic architecture on IO says:

The following instructions can be executed only if the current privilege 
level (CPL) of the program or task currently executing is less than or 
equal to the IOPL: IN, INS, OUT, OUTS, CLI ..........

It says in Vol 3A in chapter on Protection, that CPL comes
from bit 0 and 1 of the CS seg register. Since the RPL relfects the CPL
when the program is executing, it seems the above code is correct. Moreover,
I don't understand how the desc priv level of stack segement relates 
to the IO instructions.

Here's how the PV check looks btw, in guest_io_okay():

    if ( !vm86_mode(regs) &&
        (v->arch.pv_vcpu.iopl >= (guest_kernel_mode(v, regs) ? 1 : 3)) )

what am i missing?

thanks
mukesh

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel