Re: [Xen-devel] [PATCH v4 10/11] public: add XENFEAT_ARM_SMCCC_supported feature

On 04/09/17 10:57, Sergej Proskurin wrote:
Hi Julien,

On 09/04/2017 08:07 AM, Julien Grall wrote:

On Thu, 31 Aug 2017, 22:18 Sergej Proskurin <proskurin@xxxxxxxxxxxxx> wrote:


On your first mail, you started with "smc injection doesn't work", then "I
replace instruction" and now you mention about single-stepping.

This doesn't help at all to understand what you are doing and really not
related to this thread.

So can you please details exactly what you are doing rather than giving
bits by bits?

I will provide more information in a separate thread soon so that the
actual issue, hopefully, will become clearer. Thank you.

I use SMC instructions as the guest can register for BRK events. The
guest cannot register for SMC events. So, in order stay stealthy towards
the guest and also not to cope with BRK re-injections, SMC's seemed to
be the right choice :

I have already said that using SMC is a pretty bad idea when Tamas added
the trapping and you guys still seem to think it is a good idea...

I did not know about this conversation with Tamas. Why do you believe
that using SMC instructions is not a good idea? Could you please refer
me to the particular thread? Thank you.

I am not sure on which thread it was discussed. https://lists.gt.net/xen/devel/427459 may contain some details.

By definition SMC is for Secure Monitor Call. It might be possible to have a guest access the secure firmware (e.g imagine an Android guest doing video decoding). Given that you don't identify the immediate of the SMC (which is BTW not easily available on ARMv7), you cannot have both interacting together. And even with that you don't know if the SMC #imm might be used by the firmware...

Furthermore, SMC cannot be executed at EL0 so you can't monitor application. They also won't be available if the platform that does not have EL3.

So yes SMC is a pretty bad choice here if you want to get a generic solution.


Julien Grall

