[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults

To: "Roger Pau Monne" <roger.pau@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Fri, 23 Nov 2018 02:10:33 -0700
Cc: Andrei LUTAS <vlutas@xxxxxxxxxxxxxxx>, Tamas K Lengyel <tamas@xxxxxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Mihai Dontu <mdontu@xxxxxxxxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Jun Nakajima <jun.nakajima@xxxxxxxxx>, aisaila@xxxxxxxxxxxxxxx, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Fri, 23 Nov 2018 09:10:41 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

>>> On 23.11.18 at 09:54, <roger.pau@xxxxxxxxxx> wrote:
> On Thu, Nov 22, 2018 at 08:24:52PM +0200, Razvan Cojocaru wrote:
>> What this patch attempts to do is to mark P1 rwx (so allow the write),
>> then put the faulting VCPU into singlestep mode, then restore the
>> restrictions after it has finished single stepping. By now it's obvious
>> why all the other VCPUs need to be paused: one of them might do a
>> malicious write into P1 that silently succeeds (since the EPT is shared
>> among all VCPUs - putting altp2m aside for a moment). We don't want that.
> 
> Can't you just change the p2m of a single vCPU? Either using altp2m or
> some other mechanism.

I guess as a very basic limitation there are not enough distinct
altp2m-s available to use one per vCPU.

> Also keep in mind that this pause approach might work for guests with
> a relatively small number of vCPUs, but I'm unsure this is going to
> work for guests with high number of vCPUs, pausing all vCPUs for each
> trapped instruction is likely going to stall the guest.

Indeed. Yet for smaller guests a per-vCPU-altp2m approach would
seem to be feasible at least from an abstract pov.

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
  - From: Razvan Cojocaru
- Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
  - From: Roger Pau Monné

Prev by Date: Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
Next by Date: [Xen-devel] [xen-unstable-smoke test] 130712: regressions - trouble: blocked/broken/fail/pass
Previous by thread: Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
Next by thread: Re: [Xen-devel] [PATCH v1] x86/hvm: Generic instruction re-execution mechanism for execute faults
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.