* Should hvm_hw_cpu's sysenter_eip always be zero after xc_domain_hvm_getcontext_partial()?
@ 2015-07-31 15:00 Razvan Cojocaru
2015-07-31 15:13 ` Andrew Cooper
0 siblings, 1 reply; 5+ messages in thread
From: Razvan Cojocaru @ 2015-07-31 15:00 UTC (permalink / raw)
To: xen-devel
Hello,
It has become apparent that after a succesful
xc_domain_hvm_getcontext_partial( ..., HVM_SAVE_CODE(CPU), ...) call,
the sysenter_eip member of struct hvm_hw_cpu is always zero.
Looking in the code, the only two __vmwrite(GUEST_SYSENTER_EIP, ...)
calls occur in xen/arch/x86/hvm/vmx/vmx.c. One is in
vmx_msr_write_intercept(), but adding a printk() just after produces no
output after starting and stopping a guest.
The other is in vmx_vmcs_restore(), which seems to dutifully restore the
never-set value of zero after a save.
So this doesn't seem to be actually initialized anywhere. Could somebody
please recommend the best place to initialize it, and the best value to
initialize it with? Or maybe you could point out what I'm missing, if
that's the case?
Thanks,
Razvan
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Should hvm_hw_cpu's sysenter_eip always be zero after xc_domain_hvm_getcontext_partial()?
2015-07-31 15:00 Should hvm_hw_cpu's sysenter_eip always be zero after xc_domain_hvm_getcontext_partial()? Razvan Cojocaru
@ 2015-07-31 15:13 ` Andrew Cooper
2015-07-31 15:30 ` Razvan Cojocaru
0 siblings, 1 reply; 5+ messages in thread
From: Andrew Cooper @ 2015-07-31 15:13 UTC (permalink / raw)
To: Razvan Cojocaru, xen-devel
On 31/07/15 16:00, Razvan Cojocaru wrote:
> Hello,
>
> It has become apparent that after a succesful
> xc_domain_hvm_getcontext_partial( ..., HVM_SAVE_CODE(CPU), ...) call,
> the sysenter_eip member of struct hvm_hw_cpu is always zero.
How odd.
>
> Looking in the code, the only two __vmwrite(GUEST_SYSENTER_EIP, ...)
> calls occur in xen/arch/x86/hvm/vmx/vmx.c. One is in
> vmx_msr_write_intercept(), but adding a printk() just after produces no
> output after starting and stopping a guest.
Write interception for that MSR is disabled (if the hardware supports
disabling interception) because it is not interesting.
You can re-enable interception by commenting out the appropriate
vmx_disable_intercept_for_msr() line in construct_vmcs()
>
> The other is in vmx_vmcs_restore(), which seems to dutifully restore the
> never-set value of zero after a save.
>
> So this doesn't seem to be actually initialized anywhere. Could somebody
> please recommend the best place to initialize it, and the best value to
> initialize it with? Or maybe you could point out what I'm missing, if
> that's the case?
Are you certain that the guest is actually setting it? If the guest
never sets it in the first place, 0 will be the expected value.
~Andrew
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Should hvm_hw_cpu's sysenter_eip always be zero after xc_domain_hvm_getcontext_partial()?
2015-07-31 15:13 ` Andrew Cooper
@ 2015-07-31 15:30 ` Razvan Cojocaru
2015-07-31 15:36 ` Andrew Cooper
0 siblings, 1 reply; 5+ messages in thread
From: Razvan Cojocaru @ 2015-07-31 15:30 UTC (permalink / raw)
To: Andrew Cooper, xen-devel
Thanks for the quick reply!
On 07/31/2015 06:13 PM, Andrew Cooper wrote:
>> Looking in the code, the only two __vmwrite(GUEST_SYSENTER_EIP, ...)
>> calls occur in xen/arch/x86/hvm/vmx/vmx.c. One is in
>> vmx_msr_write_intercept(), but adding a printk() just after produces no
>> output after starting and stopping a guest.
>
> Write interception for that MSR is disabled (if the hardware supports
> disabling interception) because it is not interesting.
>
> You can re-enable interception by commenting out the appropriate
> vmx_disable_intercept_for_msr() line in construct_vmcs()
It shouldn't be disabled, it's in the
vmx_introspection_force_enabled_msrs[] list and I'm testing it with
memory introspection.
>> The other is in vmx_vmcs_restore(), which seems to dutifully restore the
>> never-set value of zero after a save.
>>
>> So this doesn't seem to be actually initialized anywhere. Could somebody
>> please recommend the best place to initialize it, and the best value to
>> initialize it with? Or maybe you could point out what I'm missing, if
>> that's the case?
>
> Are you certain that the guest is actually setting it? If the guest
> never sets it in the first place, 0 will be the expected value.
That might be it, I'll need to look closer.
Thanks,
Razvan
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Should hvm_hw_cpu's sysenter_eip always be zero after xc_domain_hvm_getcontext_partial()?
2015-07-31 15:30 ` Razvan Cojocaru
@ 2015-07-31 15:36 ` Andrew Cooper
2015-08-11 15:26 ` Jan Beulich
0 siblings, 1 reply; 5+ messages in thread
From: Andrew Cooper @ 2015-07-31 15:36 UTC (permalink / raw)
To: Razvan Cojocaru, xen-devel
On 31/07/15 16:30, Razvan Cojocaru wrote:
> Thanks for the quick reply!
>
> On 07/31/2015 06:13 PM, Andrew Cooper wrote:
>>> Looking in the code, the only two __vmwrite(GUEST_SYSENTER_EIP, ...)
>>> calls occur in xen/arch/x86/hvm/vmx/vmx.c. One is in
>>> vmx_msr_write_intercept(), but adding a printk() just after produces no
>>> output after starting and stopping a guest.
>> Write interception for that MSR is disabled (if the hardware supports
>> disabling interception) because it is not interesting.
>>
>> You can re-enable interception by commenting out the appropriate
>> vmx_disable_intercept_for_msr() line in construct_vmcs()
> It shouldn't be disabled, it's in the
> vmx_introspection_force_enabled_msrs[] list and I'm testing it with
> memory introspection.
So it is - I thought it might have been, but couldn't locate it in the code.
>
>>> The other is in vmx_vmcs_restore(), which seems to dutifully restore the
>>> never-set value of zero after a save.
>>>
>>> So this doesn't seem to be actually initialized anywhere. Could somebody
>>> please recommend the best place to initialize it, and the best value to
>>> initialize it with? Or maybe you could point out what I'm missing, if
>>> that's the case?
>> Are you certain that the guest is actually setting it? If the guest
>> never sets it in the first place, 0 will be the expected value.
> That might be it, I'll need to look closer.
Any credible 64bit kernel will not rely on sysenter, as it only
available on Intel, and any kernel trying to reduce its attack surface
will likely not enable it in the first place.
~Andrew
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Should hvm_hw_cpu's sysenter_eip always be zero after xc_domain_hvm_getcontext_partial()?
2015-07-31 15:36 ` Andrew Cooper
@ 2015-08-11 15:26 ` Jan Beulich
0 siblings, 0 replies; 5+ messages in thread
From: Jan Beulich @ 2015-08-11 15:26 UTC (permalink / raw)
To: Andrew Cooper; +Cc: Razvan Cojocaru, xen-devel
>>> On 31.07.15 at 17:36, <andrew.cooper3@citrix.com> wrote:
> On 31/07/15 16:30, Razvan Cojocaru wrote:
>> On 07/31/2015 06:13 PM, Andrew Cooper wrote:
>>> Are you certain that the guest is actually setting it? If the guest
>>> never sets it in the first place, 0 will be the expected value.
>> That might be it, I'll need to look closer.
>
> Any credible 64bit kernel will not rely on sysenter, as it only
> available on Intel, and any kernel trying to reduce its attack surface
> will likely not enable it in the first place.
Iirc Linux still prefers to use SYSENTER for its 32-bit compat mode
syscall entry on Intel systems.
Jan
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-08-11 15:26 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-07-31 15:00 Should hvm_hw_cpu's sysenter_eip always be zero after xc_domain_hvm_getcontext_partial()? Razvan Cojocaru
2015-07-31 15:13 ` Andrew Cooper
2015-07-31 15:30 ` Razvan Cojocaru
2015-07-31 15:36 ` Andrew Cooper
2015-08-11 15:26 ` Jan Beulich
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.