Xen project Mailing List

Re: [XEN PATCH] tools/misc: xen-hvmcrash: Inject #DF instead of overwriting RIP

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

From: Matthew Barnes <matthew.barnes@xxxxxxxxx>

Date: Wed, 26 Jun 2024 15:12:20 +0100

Cc: Anthony PERARD <anthony@xxxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 26 Jun 2024 14:12:47 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Tue, Jun 25, 2024 at 10:02:42PM +0100, Andrew Cooper wrote: > On 03/06/2024 3:59 pm, Matthew Barnes wrote: > > xen-hvmcrash would previously save records, overwrite the instruction > > pointer with a bogus value, and then restore them to crash a domain > > just enough to cause the guest OS to memdump. > > > > This approach is found to be unreliable when tested on a guest running > > Windows 10 x64, with some executions doing nothing at all. > > > > Another approach would be to trigger NMIs. This approach is found to be > > unreliable when tested on Linux (Ubuntu 22.04), as Linux will ignore > > NMIs if it is not configured to handle such. > > > > Injecting a double fault abort to all vCPUs is found to be more > > reliable at crashing and invoking memdumps from Windows and Linux > > domains. > > Why every CPU? > > We never did that before, and I don't see any it ought to be necessary > now either. We do: at the moment, xen-hvmcrash iterates through hvm_save_descriptors after pausing the domain, overwriting the EIP/RIP of each cpu it finds. Is there a reason not to inject #DF into each domain vCPU? Wouldn't that crash the domain more reliably? > > diff --git a/tools/misc/xen-hvmcrash.c b/tools/misc/xen-hvmcrash.c > > index 1d058fa40a47..8ef1beb388f8 100644 > > --- a/tools/misc/xen-hvmcrash.c > > +++ b/tools/misc/xen-hvmcrash.c > > @@ -38,22 +38,21 @@ > > #include <sys/stat.h> > > #include <arpa/inet.h> > > > > +#define XC_WANT_COMPAT_DEVICEMODEL_API > > Please don't introduce this. We want to purge it from the codebase, not > propagate it. > > You want to open and use a libxendevicemodel handle. (Sadly you also > need a xenctrl handle too, until we sort out the userspace ABIs). > > > #include <xenctrl.h> > > #include <xen/xen.h> > > #include <xen/domctl.h> > > #include <xen/hvm/save.h> > > > > +#define X86_ABORT_DF 8 > > #include <xen/asm/x86-defns.h> > > and use X86_EXC_DF. Understood: this will be reflected in patch v2. Matt

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.