From patchwork Mon Oct 30 10:32:48 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexandru Stefan ISAILA X-Patchwork-Id: 10032301 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id C9FF76039A for ; Mon, 30 Oct 2017 10:35:17 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CACB22861E for ; Mon, 30 Oct 2017 10:35:17 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BA78A20174; Mon, 30 Oct 2017 10:35:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 08C9F2871A for ; Mon, 30 Oct 2017 10:35:16 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e97NI-0006Cl-TN; Mon, 30 Oct 2017 10:32:56 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xenproject.org with esmtp (Exim 4.84_2) (envelope-from ) id 1e97NI-0006Cf-4W for xen-devel@lists.xen.org; Mon, 30 Oct 2017 10:32:56 +0000 Received: from [85.158.137.68] by server-5.bemta-3.messagelabs.com id 89/57-20834-7DFF6F95; Mon, 30 Oct 2017 10:32:55 +0000 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprMIsWRWlGSWpSXmKPExsUSfTyjVffa/2+ RBlcvqVos+biYxYHR4+ju30wBjFGsmXlJ+RUJrBmHOhYxFew3q2jv28rawDhDq4uRk4NZwFqi 918zYxcjFweLQDOLRM/fXUwQzk9miQXr57GAVAkJeEhcXf4Myt7PKLH6pziE7S7Rs7cNrFtIY BmjxIeHH1hBEmwCBhKvvn5jBLFFBKQlrn2+DFbELLCASaJ38QcmkISwgIvE5LZXQDYH0DpViR 1TKkDCvAJuEnsebgErkRCQk7h5rpN5AiPfAkaGVYzqxalFZalFuhZ6SUWZ6RkluYmZObqGBsZ 6uanFxYnpqTmJScV6yfm5mxiBgcIABDsYL7Q7H2KU5GBSEuXlavgWKcSXlJ9SmZFYnBFfVJqT WnyIUYaDQ0mC9+c/oJxgUWp6akVaZg4wZGHSEhw8SiK8X0HSvMUFibnFmekQqVOMlhzHNl3+w 8TRcfMukHw283UDsxBLXn5eqpQ4RIMASENGaR7cOFhcXWKUlRLmZQQ6UIinILUoN7MEVf4Voz gHo5Iw732QKTyZeSVwW18BHcQEdJCG5BeQg0oSEVJSDYybvn/Y+ezQGcNlDT5CszrLuB6az+2 s7v3qePH4XDtz2Uvn5+1eIF9jUijyhPFcS3ro3qKHUUk/32pF3nxvffjCJf8Ncg+ffLf5bXhb ccUyvjoh8/XHLp1R7QthWhxUsUtTWW/Bqpgbsl5hjgEPzzL/vee90DJZUJNLKLHzpACnaKiHq Ob7KEElluKMREMt5qLiRAAE/1uupgIAAA== X-Env-Sender: aisaila@bitdefender.com X-Msg-Ref: server-3.tower-31.messagelabs.com!1509359573!112561042!1 X-Originating-IP: [91.199.104.133] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 9.4.45; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19487 invoked from network); 30 Oct 2017 10:32:54 -0000 Received: from mx02.bbu.dsd.mx.bitdefender.com (HELO mx02.buh.bitdefender.com) (91.199.104.133) by server-3.tower-31.messagelabs.com with DHE-RSA-AES128-GCM-SHA256 encrypted SMTP; 30 Oct 2017 10:32:54 -0000 Comment: DomainKeys? See http://domainkeys.sourceforge.net/ DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=bitdefender.com; b=xb0FRihAQrx8KvScZc5yH4Sh5UEIK9joHSAZgByYdAwjJIpXElxNakKemYCFKINcu11cl/sv0+y1RVRFRwS/r3WvEkdDetcwsd9fWIqbhuKKiwg1Dy1NbnlBURR5nZPS0QxL8aWM/TAED0cdbCBBX96tCCODhdISscC6m9V8QEnp+TGi1amBSeSLsP/be85uoBKoyYMTxRimNrBRs8Dpu2Vp9AN2JH4BqzGZHgWOVpimtQaMvDoYjlHhEzfcPO+cyenl4HQxJkip+PiXyGDKpWN1Vk39HIvJqjYd9oLOl9WoErmoam0gJneV8b1SHCTyONY0CcJd5MwdmytN+4/VXw==; h=Received:Received:Received:Received:From:To:Cc:Subject:Date:Message-Id:X-Mailer; DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=bitdefender.com; h=from:to :cc:subject:date:message-id; s=default; bh=DoBQpinZfyyFYCnLgKAFX 4F9ZJI=; b=MjGP+hQWtoaGTpwmg4W1jn7Er9yVwF5Xb1VkB3Hi+FAPlp4TT9XpB /KfuMvYlc6nzlQ0iZNK44TOtzNYKHnu/BqKBzp/kXgfHJuRiM0nuYDnAtqIHYiyJ TGc5cCgqflyYcKSR77j9crPELly/LFJ528SgOG4FeV5J80uMVU1TFEOYohxlZe3D eMNl3B3OzOO+RCuqTCQCeAIUomr7w9xEPgHjVT7rNV5FFlqUNUagF5hbegzSbPXg /Iv3Tx4erIgl7iL7wvdcfkcqr/JTz0ZjN+Rp0rQGbN/a7dhwU6pJPAXTl31sT1Ac zchZlzUG41GC3BtZDA0z5XJuwMpdarr2w== Received: (qmail 26427 invoked from network); 30 Oct 2017 12:32:52 +0200 Received: from mx-robo.bitdefender.biz (HELO mx01robo.bbu.dsd.mx.bitdefender.com) (10.17.80.60) by mx02.buh.bitdefender.com with AES128-GCM-SHA256 encrypted SMTP; 30 Oct 2017 12:32:52 +0200 Received: (qmail 7299 invoked from network); 30 Oct 2017 12:32:52 +0200 Received: from unknown (HELO aisaila-Latitude-E5570.dsd.bitdefender.biz) (10.10.195.54) by mx01robo.bbu.dsd.mx.bitdefender.com with SMTP; 30 Oct 2017 12:32:52 +0200 From: Alexandru Isaila To: xen-devel@lists.xen.org Date: Mon, 30 Oct 2017 12:32:48 +0200 Message-Id: <1509359568-3349-1-git-send-email-aisaila@bitdefender.com> X-Mailer: git-send-email 2.7.4 Cc: sstabellini@kernel.org, wei.liu2@citrix.com, rcojocaru@bitdefender.com, konrad.wilk@oracle.com, George.Dunlap@eu.citrix.com, andrew.cooper3@citrix.com, ian.jackson@eu.citrix.com, tim@xen.org, tamas@tklengyel.com, jbeulich@suse.com, Alexandru Isaila Subject: [Xen-devel] [PATCH v1] x86/mm: Supresses vm_events caused by page-walks X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP This patch is adding a way to enable/disable nested pagefault events. It introduces the xc_monitor_nested_pagefault function and adds the nested_pagefault_disabled in the monitor structure. This is needed by the introspection so it will only get gla faults and not get spammed with other faults. In p2m_set_ad_bits the v->arch.sse_pg_dirty.eip and v->arch.sse_pg_dirty.gla are used to mark that this is the second time a fault occurs and the dirty bit is set. Signed-off-by: Alexandru Isaila --- tools/libxc/include/xenctrl.h | 2 ++ tools/libxc/xc_monitor.c | 14 ++++++++++++++ xen/arch/x86/mm/mem_access.c | 27 +++++++++++++++++++++++++++ xen/arch/x86/monitor.c | 13 +++++++++++++ xen/include/asm-x86/domain.h | 6 ++++++ xen/include/asm-x86/monitor.h | 3 ++- xen/include/public/domctl.h | 1 + 7 files changed, 65 insertions(+), 1 deletion(-) diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h index 666db0b..8e70714 100644 --- a/tools/libxc/include/xenctrl.h +++ b/tools/libxc/include/xenctrl.h @@ -2056,6 +2056,8 @@ int xc_monitor_descriptor_access(xc_interface *xch, uint32_t domain_id, bool enable); int xc_monitor_guest_request(xc_interface *xch, uint32_t domain_id, bool enable, bool sync, bool allow_userspace); +int xc_monitor_nested_pagefault(xc_interface *xch, uint32_t domain_id, + bool disable); int xc_monitor_debug_exceptions(xc_interface *xch, uint32_t domain_id, bool enable, bool sync); int xc_monitor_cpuid(xc_interface *xch, uint32_t domain_id, bool enable); diff --git a/tools/libxc/xc_monitor.c b/tools/libxc/xc_monitor.c index 2840f14..5aacaa8 100644 --- a/tools/libxc/xc_monitor.c +++ b/tools/libxc/xc_monitor.c @@ -162,6 +162,20 @@ int xc_monitor_guest_request(xc_interface *xch, uint32_t domain_id, bool enable, return do_domctl(xch, &domctl); } +int xc_monitor_nested_pagefault(xc_interface *xch, uint32_t domain_id, + bool disable) +{ + DECLARE_DOMCTL; + + domctl.cmd = XEN_DOMCTL_monitor_op; + domctl.domain = domain_id; + domctl.u.monitor_op.op = disable ? XEN_DOMCTL_MONITOR_OP_ENABLE + : XEN_DOMCTL_MONITOR_OP_DISABLE; + domctl.u.monitor_op.event = XEN_DOMCTL_MONITOR_EVENT_NESTED_PAGEFAULT; + + return do_domctl(xch, &domctl); +} + int xc_monitor_emulate_each_rep(xc_interface *xch, uint32_t domain_id, bool enable) { diff --git a/xen/arch/x86/mm/mem_access.c b/xen/arch/x86/mm/mem_access.c index c0cd017..07a334b 100644 --- a/xen/arch/x86/mm/mem_access.c +++ b/xen/arch/x86/mm/mem_access.c @@ -137,6 +137,23 @@ bool p2m_mem_access_emulate_check(struct vcpu *v, return violation; } +static void p2m_set_ad_bits(struct vcpu *v, paddr_t ga) +{ + struct hvm_hw_cpu ctxt; + uint32_t pfec = 0; + + hvm_funcs.save_cpu_ctxt(v, &ctxt); + + if ( guest_cpu_user_regs()->eip == v->arch.pg_dirty.eip + && ga == v->arch.pg_dirty.gla ) + pfec = PFEC_write_access; + + paging_ga_to_gfn_cr3(v, ctxt.cr3, ga, &pfec, NULL); + + v->arch.pg_dirty.eip = guest_cpu_user_regs()->eip; + v->arch.pg_dirty.gla = ga; +} + bool p2m_mem_access_check(paddr_t gpa, unsigned long gla, struct npfec npfec, vm_event_request_t **req_ptr) @@ -208,6 +225,16 @@ bool p2m_mem_access_check(paddr_t gpa, unsigned long gla, } } + if ( vm_event_check_ring(d->vm_event_monitor) && + d->arch.monitor.nested_pagefault_disabled && + npfec.kind != npfec_kind_with_gla ) /* don't send a mem_event */ + { + v->arch.vm_event->emulate_flags = 0; + p2m_set_ad_bits(v, gla); + + return true; + } + *req_ptr = NULL; req = xzalloc(vm_event_request_t); if ( req ) diff --git a/xen/arch/x86/monitor.c b/xen/arch/x86/monitor.c index e59f1f5..3916e76 100644 --- a/xen/arch/x86/monitor.c +++ b/xen/arch/x86/monitor.c @@ -220,6 +220,19 @@ int arch_monitor_domctl_event(struct domain *d, break; } + case XEN_DOMCTL_MONITOR_EVENT_NESTED_PAGEFAULT: + { + bool old_status = ad->monitor.nested_pagefault_disabled; + + if ( unlikely(old_status == requested_status) ) + return -EEXIST; + + domain_pause(d); + ad->monitor.nested_pagefault_disabled = requested_status; + domain_unpause(d); + break; + } + case XEN_DOMCTL_MONITOR_EVENT_DESC_ACCESS: { bool old_status = ad->monitor.descriptor_access_enabled; diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h index 4d0b77d..40a365f 100644 --- a/xen/include/asm-x86/domain.h +++ b/xen/include/asm-x86/domain.h @@ -408,6 +408,7 @@ struct arch_domain unsigned int descriptor_access_enabled : 1; unsigned int guest_request_userspace_enabled : 1; unsigned int emul_unimplemented_enabled : 1; + unsigned int nested_pagefault_disabled : 1; struct monitor_msr_bitmap *msr_bitmap; uint64_t write_ctrlreg_mask[4]; } monitor; @@ -575,6 +576,11 @@ struct arch_vcpu /* A secondary copy of the vcpu time info. */ XEN_GUEST_HANDLE(vcpu_time_info_t) time_info_guest; + struct { + unsigned long eip; + unsigned long gla; + } pg_dirty; + struct arch_vm_event *vm_event; struct msr_vcpu_policy *msr; diff --git a/xen/include/asm-x86/monitor.h b/xen/include/asm-x86/monitor.h index 0ada970..6b6a146 100644 --- a/xen/include/asm-x86/monitor.h +++ b/xen/include/asm-x86/monitor.h @@ -84,7 +84,8 @@ static inline uint32_t arch_monitor_get_capabilities(struct domain *d) (1U << XEN_DOMCTL_MONITOR_EVENT_DEBUG_EXCEPTION) | (1U << XEN_DOMCTL_MONITOR_EVENT_CPUID) | (1U << XEN_DOMCTL_MONITOR_EVENT_INTERRUPT) | - (1U << XEN_DOMCTL_MONITOR_EVENT_EMUL_UNIMPLEMENTED); + (1U << XEN_DOMCTL_MONITOR_EVENT_EMUL_UNIMPLEMENTED) | + (1U << XEN_DOMCTL_MONITOR_EVENT_NESTED_PAGEFAULT); /* Since we know this is on VMX, we can just call the hvm func */ if ( hvm_is_singlestep_supported() ) diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h index 70027ab..b5cf06c 100644 --- a/xen/include/public/domctl.h +++ b/xen/include/public/domctl.h @@ -1014,6 +1014,7 @@ struct xen_domctl_psr_cmt_op { #define XEN_DOMCTL_MONITOR_EVENT_INTERRUPT 8 #define XEN_DOMCTL_MONITOR_EVENT_DESC_ACCESS 9 #define XEN_DOMCTL_MONITOR_EVENT_EMUL_UNIMPLEMENTED 10 +#define XEN_DOMCTL_MONITOR_EVENT_NESTED_PAGEFAULT 11 struct xen_domctl_monitor_op { uint32_t op; /* XEN_DOMCTL_MONITOR_OP_* */