[Question] Where Qemu kvm_run structure is synchronized with the one of KVM

[Question] Where Qemu kvm_run structure is synchronized with the one of KVM

[HEBBAL Yacine]

Hi All,
I added a field to "kvm_run" data structure in both Qemu and KVM to
create a communication interface for a VM security monitoring
application (in user space) in order to avoid heavy modifications in
the hypervisor.
The problem I'm facing is that when this field is updated in KVM after
a VM exit, I don't see the written value in "kvm_run" at Qemu function
"kvm_arch_handle_exit".
My question is how "kvm_run" is synchronized between Qemu and KVM ?
Thank you in advance for your answers.

Yacine

Re: [Question] Where Qemu kvm_run structure is synchronized with the one of KVM

[Paolo Bonzini]

On 03/10/2017 14:59, HEBBAL Yacine wrote:
> Hi All,
> I added a field to "kvm_run" data structure in both Qemu and KVM to
> create a communication interface for a VM security monitoring
> application (in user space) in order to avoid heavy modifications in
> the hypervisor.
> The problem I'm facing is that when this field is updated in KVM after
> a VM exit, I don't see the written value in "kvm_run" at Qemu function
> "kvm_arch_handle_exit".
> My question is how "kvm_run" is synchronized between Qemu and KVM ?
> Thank you in advance for your answers.

There is no need for synchronization.  kvm_run maps to exactly the same
pages in QEMU and KVM.

See Linux commit 460df4c1fc7c00829050c08d6368dc6e6beef307 for an example
of adding a field to struct kvm_run.

Paolo

Re: [Question] Where Qemu kvm_run structure is synchronized with the one of KVM

[HEBBAL Yacine]

Do you have an idea why the value of an integer field I added at the
end of kvm_run (in kvm/include/linux/kvm.h & qemu/linux-headers/kvm.h)
is zeroed once KVM gives back control to Qemu after a VM exit ?

Yacine


> There is no need for synchronization.  kvm_run maps to exactly the same
> pages in QEMU and KVM.
>
> See Linux commit 460df4c1fc7c00829050c08d6368dc6e6beef307 for an example
> of adding a field to struct kvm_run.
>
> Paolo

Re: [Question] Where Qemu kvm_run structure is synchronized with the one of KVM

[Paolo Bonzini]

On 03/10/2017 17:29, HEBBAL Yacine wrote:
> Do you have an idea why the value of an integer field I added at the
> end of kvm_run (in kvm/include/linux/kvm.h & qemu/linux-headers/kvm.h)
> is zeroed once KVM gives back control to Qemu after a VM exit ?

Could it be that your field is placed after the end of the page?

Paolo

> 
>> There is no need for synchronization.  kvm_run maps to exactly the same
>> pages in QEMU and KVM.
>>
>> See Linux commit 460df4c1fc7c00829050c08d6368dc6e6beef307 for an example
>> of adding a field to struct kvm_run.
>>
>> Paolo

Re: [Question] Where Qemu kvm_run structure is synchronized with the one of KVM

[HEBBAL Yacine]

> Could it be that your field is placed after the end of the page?
>
> Paolo

My code works well as expected when I move the added field to the top
of kvm_run structure.
I did some investigation to understand why my code does not work when
I put the added field at the end of kvm_run. Here is what I got:

KVM:
@vcpu->run -> 0x*****e000
size of (struct kvm_run) -> 1360
added field offset in kvm_run -> 1336

Qemu:
@cpu->kvm_run -> 0x****f000
size of (struct kvm_run) -> 2384
added field offset in kvm_run -> 2360

I see that in Qemu and KVM the added field is inside the page but at
different offset from the start of kvm_run.
Do you think that the problem is that the added field is at different
offsets in KVM & Qemu ?

Yacine

Re: [Question] Where Qemu kvm_run structure is synchronized with the one of KVM

[Paolo Bonzini]

On 04/10/2017 13:08, HEBBAL Yacine wrote:
>> Could it be that your field is placed after the end of the page?
>>
>> Paolo
> 
> My code works well as expected when I move the added field to the top
> of kvm_run structure.
> I did some investigation to understand why my code does not work when
> I put the added field at the end of kvm_run. Here is what I got:
> 
> KVM:
> @vcpu->run -> 0x*****e000
> size of (struct kvm_run) -> 1360
> added field offset in kvm_run -> 1336
> 
> Qemu:
> @cpu->kvm_run -> 0x****f000
> size of (struct kvm_run) -> 2384
> added field offset in kvm_run -> 2360
> 
> I see that in Qemu and KVM the added field is inside the page but at
> different offset from the start of kvm_run.
> Do you think that the problem is that the added field is at different
> offsets in KVM & Qemu ?

Yes, definitely.

Paolo