[v2,0/7] x86/pv: #DB vs %dr6 fixes, part 2

Message ID	20230915203628.837732-1-andrew.cooper3@citrix.com (mailing list archive)
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> IronPort-Data: A9a23:zFtGdqh0zv5rZufLDF5Yi4mEX161VhAKZh0ujC45NGQN5FlHY01je htvUTqGO/7YYmTxKdEkYYnipEgDupbWmoA2HQVqqX89Fisb9cadCdqndUqhZCn6wu8v7q5Ex 55HNoSfdpBcolv0/ErF3m3J9CEkvU2wbuOhTraCYmYoHVMMpB4J0XpLg/Q+jpNjne+3CgaMv cKai8DEMRqu1iUc3lg8sspvkzsx+qyo0N8klgZmP6sT7QaDzyJ94K83fsldEVOpGuG4IcbiL wrz5OnR1n/U+R4rFuSknt7TGqHdauePVeQmoiM+t5mK2nCulARrukoIHKN0hXNsoyeIh7hMJ OBl7vRcf+uL0prkw4zxWzEAe8130DYvFLXveRBTuuTLp6HKnueFL1yDwyjaMKVBktubD12i+ tQbAT0TSjqDutmrzZWbQPgvvuMMIsXCadZ3VnFIlVk1DN4jSJHHBa7L+cVZzHE7gcUm8fT2P pRDL2A1NVKZPkMJYw1MYH49tL7Aan3XWjtUsl+K44Ew5HDe1ldZ27nxKtvFPNeNQK25m27B/ D+bpDSoU0Fy2Nq37Ry/7X6BgrP0lhzeVakIGKK57fgtqQjGroAUIEJPDgbqyRWjsWauVtQaJ 0EK9y4Gqakp6FftXtT7Rwe/onOPolgbQdU4O88Q5RyJy6HUyx2EHWVCRTlEAPQ5sOcmSDps0 UWG9/vrBDposPuWQHSSsLSOhTy3MCkRa2QFYEc5oRAtuoe55ttp11SWE4glSfTu5jHoJd3u6 zOjoTYarbUuttMG8IWx7BP/pB2iqrGcG2bZ+T7rdm6i6wp4YqusaIqp9UXX4J58EWqJcrWSl CNawpbDtYjiGbnIzXXQG7tVQNlF8t7faFXhbUhT847NHthH01qqZshu7T53Py+F2e5UKGayM Cc/Ve68jaK/3UdGj4ctM+pd6Oxwl8AM8OgJsdiNNLJzjmBZLlPvwc2XTRf4M5rRuEYti7ojH pyQbNyhC30XYYw+kmvqF79Hju92ln1nrY82eXwd507/uVZ5TCTOIYrpzXPUNrxphE96iFq9H ylj2zuilEwEDbyWjtj/+o8PN1EaRUXX9rivw/G7gtWre1I8cEl4Uq+5/F/UU9A990ijvruSr y7Vt44x4AaXuEAr3i3RMyk5MO6+DMonxZ/5VAR1VWuVN7EYSd7HxM8im1EfI9HLKMQLISZIc sQ4 IronPort-HdrOrdr: A9a23:ps+9m6CySadCT8blHemg55DYdb4zR+YMi2TC1yhKJyC9Ffbo8P xG/c5rsSMc5wxwZJhNo7y90cq7MBbhHPxOkOos1N6ZNWGM0gaVxelZnO3fKlbbehEWmNQz6U 4ZSdkdNOHN From: Andrew Cooper <andrew.cooper3@citrix.com> To: Xen-devel <xen-devel@lists.xenproject.org> CC: Andrew Cooper <andrew.cooper3@citrix.com>, Jan Beulich <JBeulich@suse.com>, =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>, Wei Liu <wl@xen.org>, Jinoh Kang <jinoh.kang.kr@gmail.com> Subject: [PATCH v2 0/7] x86/pv: #DB vs %dr6 fixes, part 2 Date: Fri, 15 Sep 2023 21:36:21 +0100 Message-ID: <20230915203628.837732-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit
Series	x86/pv: #DB vs %dr6 fixes, part 2 \| expand [v2,0/7] x86/pv: #DB vs %dr6 fixes, part 2 [1/7] x86/emul: ASSERT that X86EMUL_DONE doesn't escape to callers [2/7] x86/emul: Fix and extend #DB trap handling [3/7] x86/pv: Fix the determiniation of whether to inject #DB [4/7] x86/pv: Drop priv_op_ctxt.bpmatch and use pending_dbg instead [5/7] x86: Introduce x86_merge_dr6() [6/7] x86: Extend x86_event with a pending_dbg field [7/7] x86/pv: Rewrite %dr6 handling

Message ID

20230915203628.837732-1-andrew.cooper3@citrix.com (mailing list archive)

Headers

Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
IronPort-Data: A9a23:zFtGdqh0zv5rZufLDF5Yi4mEX161VhAKZh0ujC45NGQN5FlHY01je
 htvUTqGO/7YYmTxKdEkYYnipEgDupbWmoA2HQVqqX89Fisb9cadCdqndUqhZCn6wu8v7q5Ex
 55HNoSfdpBcolv0/ErF3m3J9CEkvU2wbuOhTraCYmYoHVMMpB4J0XpLg/Q+jpNjne+3CgaMv
 cKai8DEMRqu1iUc3lg8sspvkzsx+qyo0N8klgZmP6sT7QaDzyJ94K83fsldEVOpGuG4IcbiL
 wrz5OnR1n/U+R4rFuSknt7TGqHdauePVeQmoiM+t5mK2nCulARrukoIHKN0hXNsoyeIh7hMJ
 OBl7vRcf+uL0prkw4zxWzEAe8130DYvFLXveRBTuuTLp6HKnueFL1yDwyjaMKVBktubD12i+
 tQbAT0TSjqDutmrzZWbQPgvvuMMIsXCadZ3VnFIlVk1DN4jSJHHBa7L+cVZzHE7gcUm8fT2P
 pRDL2A1NVKZPkMJYw1MYH49tL7Aan3XWjtUsl+K44Ew5HDe1ldZ27nxKtvFPNeNQK25m27B/
 D+bpDSoU0Fy2Nq37Ry/7X6BgrP0lhzeVakIGKK57fgtqQjGroAUIEJPDgbqyRWjsWauVtQaJ
 0EK9y4Gqakp6FftXtT7Rwe/onOPolgbQdU4O88Q5RyJy6HUyx2EHWVCRTlEAPQ5sOcmSDps0
 UWG9/vrBDposPuWQHSSsLSOhTy3MCkRa2QFYEc5oRAtuoe55ttp11SWE4glSfTu5jHoJd3u6
 zOjoTYarbUuttMG8IWx7BP/pB2iqrGcG2bZ+T7rdm6i6wp4YqusaIqp9UXX4J58EWqJcrWSl
 CNawpbDtYjiGbnIzXXQG7tVQNlF8t7faFXhbUhT847NHthH01qqZshu7T53Py+F2e5UKGayM
 Cc/Ve68jaK/3UdGj4ctM+pd6Oxwl8AM8OgJsdiNNLJzjmBZLlPvwc2XTRf4M5rRuEYti7ojH
 pyQbNyhC30XYYw+kmvqF79Hju92ln1nrY82eXwd507/uVZ5TCTOIYrpzXPUNrxphE96iFq9H
 ylj2zuilEwEDbyWjtj/+o8PN1EaRUXX9rivw/G7gtWre1I8cEl4Uq+5/F/UU9A990ijvruSr
 y7Vt44x4AaXuEAr3i3RMyk5MO6+DMonxZ/5VAR1VWuVN7EYSd7HxM8im1EfI9HLKMQLISZIc
 sQ4
IronPort-HdrOrdr: A9a23:ps+9m6CySadCT8blHemg55DYdb4zR+YMi2TC1yhKJyC9Ffbo8P
 xG/c5rsSMc5wxwZJhNo7y90cq7MBbhHPxOkOos1N6ZNWGM0gaVxelZnO3fKlbbehEWmNQz6U
 4ZSdkdNOHN
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
CC: Andrew Cooper <andrew.cooper3@citrix.com>,
 Jan Beulich <JBeulich@suse.com>,
 =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>,
 Wei Liu <wl@xen.org>, Jinoh Kang <jinoh.kang.kr@gmail.com>
Subject: [PATCH v2 0/7] x86/pv: #DB vs %dr6 fixes, part 2
Date: Fri, 15 Sep 2023 21:36:21 +0100
Message-ID: <20230915203628.837732-1-andrew.cooper3@citrix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit

Series

x86/pv: #DB vs %dr6 fixes, part 2 | expand

Message

Andrew Cooper Sept. 15, 2023, 8:36 p.m. UTC

This time with a bit of sanity testing.  See patches for details.

Andrew Cooper (7):
  x86/emul: ASSERT that X86EMUL_DONE doesn't escape to callers
  x86/emul: Fix and extend #DB trap handling
  x86/pv: Fix the determiniation of whether to inject #DB
  x86/pv: Drop priv_op_ctxt.bpmatch and use pending_dbg instead
  x86: Introduce x86_merge_dr6()
  x86: Extend x86_event with a pending_dbg field
  x86/pv: Rewrite %dr6 handling

 xen/arch/x86/debug.c                   | 20 +++++++++++++++++
 xen/arch/x86/include/asm/debugreg.h    |  7 ++++++
 xen/arch/x86/include/asm/domain.h      | 18 ++++++++++++++--
 xen/arch/x86/include/asm/hvm/hvm.h     |  3 ++-
 xen/arch/x86/include/asm/x86-defns.h   |  7 ++++++
 xen/arch/x86/pv/emul-priv-op.c         | 30 +++++++++++++-------------
 xen/arch/x86/pv/emulate.c              |  9 ++++++--
 xen/arch/x86/pv/ro-page-fault.c        |  4 ++--
 xen/arch/x86/pv/traps.c                | 17 +++++++++++----
 xen/arch/x86/traps.c                   | 23 ++++++++++----------
 xen/arch/x86/x86_emulate/x86_emulate.c | 26 ++++++++++++++++------
 xen/arch/x86/x86_emulate/x86_emulate.h | 19 ++++++++++++----
 12 files changed, 134 insertions(+), 49 deletions(-)

Comments

Andrew Cooper Sept. 19, 2023, 8:53 p.m. UTC | #1

On 15/09/2023 9:36 pm, Andrew Cooper wrote:
> This time with a bit of sanity testing.  See patches for details.
>
> Andrew Cooper (7):
>   x86/emul: ASSERT that X86EMUL_DONE doesn't escape to callers
>   x86/emul: Fix and extend #DB trap handling
>   x86/pv: Fix the determiniation of whether to inject #DB
>   x86/pv: Drop priv_op_ctxt.bpmatch and use pending_dbg instead
>   x86: Introduce x86_merge_dr6()
>   x86: Extend x86_event with a pending_dbg field
>   x86/pv: Rewrite %dr6 handling

I've found even more PV debug bugs.

1) The MSR leak fix stopped MSR_DEBUGCTL leaking into PV guests, and
even "broke" my XTF test (still not blocking in CI because of bisector
interaction issues).  Really, this was one buggy case swapped for
another, but it needs resolving nevertheless.

2) activate_debugregs() has a misleading dr7 check in it (the caller is
gated on the same condition, making it tautological).  Worse however, it
loads %dr6 which interferes with with the #DB handler trying to get a
clean view of "new bits".  PV guests can't access %dr6 at all, so I'm
reasonably sure it's state we simply don't need to load at all.

3) The comment in paravirt_ctxt_switch_from() about debug regs is
buggy.  The logic is correct, but the reasoning is false.

4) set_debugreg() doesn't account for the dr7 state before loading
dr{0..3} in current context.  This manifests as spuriously loading
breakpoint registers despite not having debugging "active".  I think
it's benign.

5) The order of operations in activate_debugregs() is wrong.  There's a
period of time where we've got the new vCPU's breakpoints active using
the old vCPU's mask registers.  Again, I think it's benign.

~Andrew