Xen project Mailing List

Re: [PATCH 3/3] x86/treewide: Drop the TRAP_* legacy names

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Wed, 5 Apr 2023 20:51:27 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xqaxVbZHPGQdakwydD81MgkRk/5WO4ZaS7WH5LX8MG4=; b=EKqKLwHcMJ8J+Lq2yvlYQ8R7NIy7nHizAZUFf1DPMVga+pA6tgZeGDYOqTisbW7zir7Ie4J5YaWY12XTF01xAPOAt4/5tbxcpw36zhaUKrDScD4mFJkb2b6LEMC5qSPhBZ0V/TvRmG0o7NfnK9N204LisWbywvZdvhtkPt2qdB5KazFdKOOUsuAJW3+EybPEnwz7DU4Y53tYbX1YSKAW+5u4RRy0eaRmdjtj3udlnppbfadgCska8FPkFi5CBEP00bV10F5NYvMAt9OrYhwpUn65JbLRj76ZQ2zjAT/F5AiXIan/ooBwi7lRlZNXkSQpJHOI4tXV+y4UnbP3rLzcvw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gqRYTh4Wm3OF383lfTbU6dHQfPP/bE6RWVJBEXvamITSNb8vHBvp0yFK73MRbYLEw4CfYG8Wsn1s/ImNFYXLz28PHlikwtnVHXHsOxJbIrjxTgDYKJtWBqgJDDTnYoTRjNwjLXnw2jiWbQJJv1opDCljSy3zUqyhORNoUC3gRaTSFKNeu6OiSAmaN5lMYL/4sMvOhPArIOXY7HPInf9WINrXcehncqy/75RcqUPl7xpqyl8bRlpw0LujkqJ+VmRsc65sS7ucRW+s+drVSJL+cRKhEKZdnYDxuax4LYH6NLo+3gZ6WngW51sQym9A+id1kgLc8dsqrb7AkNkFl6c5bg==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;

Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 05 Apr 2023 19:52:06 +0000

Ironport-data: A9a23:LEqC5aLUq8ykc4N2FE+R/JQlxSXFcZb7ZxGr2PjKsXjdYENS0TAAy zMeCGuAMquKZ2ehft53PY/joxlVvcKDn9VlTQJlqX01Q3x08seUXt7xwmUcnc+xBpaaEB84t ZV2hv3odp1coqr0/0/1WlTZhSAgk/rOHvykU7Ss1hlZHWdMUD0mhQ9oh9k3i4tphcnRKw6Ws Jb5rta31GWNglaYCUpJrfPTwP9TlK6q4mhA4gRjPaojUGL2zBH5MrpOfcldEFOgKmVkNrbSb /rOyri/4lTY838FYj9yuu+mGqGiaue60Tmm0hK6aYD76vRxjnVaPpIAHOgdcS9qZwChxLid/ jnvWauYEm/FNoWU8AgUvoIx/ytWZcWq85efSZSzXFD6I+QrvBIAzt03ZHzaM7H09c5SDEBu7 PgpcAwVUQyZpseI4rbrT8dz05FLwMnDZOvzu1lG5BSAV7MKZM6GRK/Ho9hFwD03m8ZCW+7EY NYUYiZuaxKGZABTPlAQC9Q1m+LAanvXKmUE7g7K4/dmpTGMk2Sd05C0WDbRUvWMSd9YgQCzo WXe8n6iKhobKMae2XyO9XfEaurnxHugAtxKRezmnhJsqEWNhVwpUVowbgKcntu5iU6uWOJtI kNBr0LCqoB3riRHVOLVXRe1vXqFtR40QMdLHqsx7wTl4rXQyxaUAC4DVDEpQMwrsoo6SCIn0 neNnsj1Hnp/vbuNU3Wf+7yI6zSoNkAowXQqYCYFSU4J5oflqYRq1BbXFI88T+iyk8H/Hiz2z 3aSti8iir4PjMkNkaKm4VTAhDHqrZ/MJuIo2jjqsquexlsRTOaYi0aAsDA3Md4owF6lc2S8

Ironport-hdrordr: A9a23:BcwX1qtbORdCxu2Wj+vNn/NK7skDstV00zEX/kB9WHVpm6yj+v xG/c5rsCMc7Qx6ZJhOo7+90cW7L080lqQFg7X5X43DYOCOggLBQL2KhbGI/9SKIVycygcy78 Zdm6gVMqyLMbB55/yKnTVRxbwbsaW6GKPDv5ag8590JzsaD52Jd21Ce36m+ksdfnggObMJUK Cyy+BgvDSadXEefq2AdwI4t7iqnaysqHr+CyR2fiIa1A==

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 21/02/2023 1:10 pm, Jan Beulich wrote: > On 20.02.2023 12:59, Andrew Cooper wrote: >> We have two naming schemes for exceptions - X86_EXC_?? which use the >> archtiectural abbreviations, and TRAP_* which is a mix of terminology and >> nonstandard abbrevations. Switch to X86_EXC_* uniformly. >> >> No funcational change, confirmed by diffing the disassembly. Only 7 binary >> changes, and they're all __LINE__ being passed into printk(). >> >> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> Thanks. Given that this is proving a pain to rebase, I've pulled it out on its own and committed it. I'll rebase patches 1 and 2 over this at some other point. >> --- a/xen/arch/x86/mm/shadow/multi.c >> +++ b/xen/arch/x86/mm/shadow/multi.c >> @@ -2745,9 +2745,9 @@ static int cf_check sh_page_fault( >> * stream under Xen's feet. >> */ >> if ( emul_ctxt.ctxt.event.type == X86_EVENTTYPE_HW_EXCEPTION && >> - ((emul_ctxt.ctxt.event.vector == TRAP_page_fault) || >> - (((emul_ctxt.ctxt.event.vector == TRAP_gp_fault) || >> - (emul_ctxt.ctxt.event.vector == TRAP_stack_error)) && >> + ((emul_ctxt.ctxt.event.vector == X86_EXC_PF) || >> + (((emul_ctxt.ctxt.event.vector == X86_EXC_GP) || >> + (emul_ctxt.ctxt.event.vector == X86_EXC_SS)) && >> emul_ctxt.ctxt.event.error_code == 0)) ) >> hvm_inject_event(&emul_ctxt.ctxt.event); >> else > Entirely unrelated to your change, but seeing that this piece of code is > being touched: Aren't we too lax here with #PF? Shouldn't we refuse > propagation also for e.g. reserved bit faults and insn fetch ones? Maybe > even for anything that isn't a supervisor write? Imagine a guest does a CMPXCHG16B which straddles a page boundary, with the lower part hitting a shadow page table, and the higher half hitting a mapping that the guest has mapped with RSVD bits in the PTE. In this scenario, there would be a VMExit type PF (write to a page which is actually read-only because it's a shadowed pagetable), and during the course of emulation we'd permit the lower half, then encounter PF[Rsvd] for the second half. And the correct action here is genuinely to pass PF[Rsvd] back to the guest. So no, filtering on Rsvd is not the appropriate course of action. Similarly for a fetch fault, the guest could genuinely have paged out the frame we're interested in in the time we've been spending in the sh_fault() handler. Whether the else path, choosing UNHANDLEABLE and unshadowing the frame is really the right course of action, is a different question... I think the current behaviour is safe, and its not as if it's a codepath worth optimising these days. ~Andrew

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.