From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Dong, Eddie" <eddie.dong@intel.com>
Subject: RE: [PATCH 06/16] vmx: nest: handling VMX instruction
	exits
Date: Mon, 20 Sep 2010 21:14:54 +0800
Message-ID: <1A42CE6F5F474C41B63392A5F80372B22A95FB60@shsmsx501.ccr.corp.intel.com>
References: <C8BCD4F2.2380F%keir.fraser@eu.citrix.com>
	<201009201141.13325.Christoph.Egger@amd.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <201009201141.13325.Christoph.Egger@amd.com>
Content-Language: en-US
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Christoph Egger <Christoph.Egger@amd.com>, Keir Fraser <keir.fraser@eu.citrix.com>
Cc: Deegan <Tim.Deegan@eu.citrix.com>Tim, "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>, "Dong,
	Eddie" <eddie.dong@intel.com>, "He, Qing" <qing.he@intel.com>
List-Id: xen-devel@lists.xenproject.org

Christoph Egger wrote:
> On Monday 20 September 2010 10:08:02 Keir Fraser wrote:
>> On 20/09/2010 04:13, "Dong, Eddie" <eddie.dong@intel.com> wrote:
>>>>>> Actually it is an issue now. This has nothing to do with VT-d
>>>>>> (ie. IOMMU, irq remapping, etc) but with basic core VMX
>>>>>> functionality -- per I/O port direct execute versus vmexit; per
>>>>>> virtual-address page=20
>>>>>=20
>>>>> I see, for the I/O port, right now we are letting L1 handle it
>>>>> though it doesn't expect to :( How about to remove the capability
>>>>> of CPU_BASED_ACTIVATE_IO_BITMAP in L1 VMM for now to focus on
>>>>> framework?=20
>>>>=20
>>>> Well. It'd be better if just worked really, wouldn't it? :-) How
>>>> hard can it be?
>>>=20
>>> You are right. It is easy to do, but we have dillemma to either
>>> write-protect guest I/O bitmap page, or have to create the shadow
>>> I/O bitmap at each vmresume of L2 guest.
>>=20
>> You need that anyway don't you, regardless of whether you are
>> accurately deciding whether to inject-to-L1 or emulate-L2 on vmexit
>> to L0? Whether you inject or emulate, ports that L1 has disallowed
>> for L2 must be properly represented in the shadow I/O bitmap page.
>=20
> You need to do additional range-checking to determine if the guest
> actually touched the IO bitmap page in case Xen uses a super page.
>=20

We may have many alternatives to this. If we treat this address space as MM=
IO, we can hook handler for MMIO emulation.

Eddie=