All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Jan Beulich" <JBeulich@suse.com>
To: Tim Deegan <tim@xen.org>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
	boris.ostrovsky@oracle.com, xen-devel@lists.xenproject.org,
	Roger Pau Monne <roger.pau@citrix.com>
Subject: Re: [PATCH v5 4/9] xen/x86: populate PVHv2 Dom0 physical memory map
Date: Mon, 30 Jan 2017 03:43:22 -0700	[thread overview]
Message-ID: <588F26DA0200007800134F09@prv-mh.provo.novell.com> (raw)
In-Reply-To: <20170127194355.GA82405@deinos.phlegethon.org>

>>> On 27.01.17 at 20:43, <tim@xen.org> wrote:

>> Despite being owned by the guest, this TSS is actually managed by
> Xen.
>> It should be initialised to defaults each time Xen needs to use it
> on
>> behalf of the guest.
> 
> At 14:35 +0000 on 27 Jan (1485527708), Andrew Cooper wrote:
>> On 27/01/17 14:01, Tim Deegan wrote:
>> > Hi,
>> >
>> > At 13:46 +0000 on 27 Jan (1485524765), Andrew Cooper wrote:
>> >> The actual behaviour can be determined by putting the TSS on a page
>> >> boundary, making the previous frame non-readable via EPT, and seeing
>> >> whether an EPT violation occurs.
>> > Indeed.  Or likewise with normal pagetables. 
>> >
>> >>> Yes, I wonder about the I/O bitmap too.  We don't provide one, or even
>> >>> enough space for a full one, but the current SDM is pretty clear that
>> >>> the CPU will try to check it in virtual 8086 mode.
>> >>>
>> >>> It may be that all the ports actually used happen to fall in the 128
>> >>> bytes of zeros that we provide.
>> >> With an offset of 0, we actually provide 256 bytes of zeros in the
>> >> bitmap within the TSS limit.
>> > Sure, or at least 128 bytes of zeros and another 128 bytes of something.
>> 
>> That is a good point.  Nothing prevents a guest exiting vm86 mode, and
>> using a task switch to move to a new tss, which will cause Xen to write
>> state back into the vm86_tss, making it no longer a zeroed block of memory.
>> 
>> Despite being owned by the guest, this TSS is actually managed by Xen. 
>> It should be initialised to defaults each time Xen needs to use it on
>> behalf of the guest.
> 
> But it's already in an E820 reserved block - if the guest overwrites
> it (with a task switch or otherwise) it will break real-mode support,
> but this is no worse than nobbling any other part of the BIOS state.
> 
> If we're making it non-zero, I can see an argument for having Xen init
> the contents once (maybe when the HVM param is written?) so that it
> matches what Xen expects of it.  But resetting it every time we use it
> would be overkill.

That wasn't the point Andrew was making, I think. A task switch
initiated by the guest would make the hypervisor write into that
TSS (as the outgoing one). Of course any sane guest would do an
LTR first (or else it would risk memory near address zero to get
clobbered on real hardware).

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

  reply	other threads:[~2017-01-30 10:43 UTC|newest]

Thread overview: 68+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-01-19 17:29 [PATCH v5 0/9] Initial PVHv2 Dom0 support Roger Pau Monne
2017-01-19 17:29 ` [PATCH v5 1/9] xen/x86: remove XENFEAT_hvm_pirqs for PVHv2 guests Roger Pau Monne
2017-01-20 18:41   ` Andrew Cooper
2017-01-23 12:28     ` Roger Pau Monne
2017-01-19 17:29 ` [PATCH v5 2/9] x86/iommu: add IOMMU entries for p2m_mmio_direct pages Roger Pau Monne
2017-01-20  6:41   ` Tian, Kevin
2017-01-20 10:28     ` Roger Pau Monne
2017-01-20 18:44   ` Andrew Cooper
2017-01-22  4:45     ` Tian, Kevin
2017-01-19 17:29 ` [PATCH v5 3/9] xen/x86: split Dom0 build into PV and PVHv2 Roger Pau Monne
2017-01-20 19:03   ` Andrew Cooper
2017-01-23 12:58     ` Roger Pau Monne
2017-01-23 12:59       ` Andrew Cooper
2017-01-20 19:13   ` Boris Ostrovsky
2017-01-20 19:27     ` Andrew Cooper
2017-01-26 11:43   ` Jan Beulich
2017-01-26 16:36     ` Roger Pau Monne
2017-01-19 17:29 ` [PATCH v5 4/9] xen/x86: populate PVHv2 Dom0 physical memory map Roger Pau Monne
2017-01-20 19:41   ` Andrew Cooper
2017-01-23 11:23     ` Jan Beulich
2017-01-23 14:11   ` Boris Ostrovsky
2017-01-23 14:43     ` Roger Pau Monne
2017-01-26 12:41   ` Jan Beulich
2017-01-27 11:14     ` Tim Deegan
2017-01-27 12:37       ` Roger Pau Monne
2017-01-27 12:51       ` Andrew Cooper
2017-01-27 13:20         ` Tim Deegan
2017-01-27 13:46           ` Andrew Cooper
2017-01-27 14:01             ` Tim Deegan
2017-01-27 14:35               ` Andrew Cooper
2017-01-27 19:43                 ` Tim Deegan
2017-01-30 10:43                   ` Jan Beulich [this message]
2017-01-30 11:06                     ` Andrew Cooper
2017-01-27 16:40           ` Jan Beulich
2017-01-27 18:06             ` Andrew Cooper
2017-02-03 13:57               ` Jan Beulich
2017-01-27 19:48             ` Tim Deegan
2017-02-02 15:38               ` Jan Beulich
2017-01-27 12:23     ` Roger Pau Monne
2017-01-27 15:11       ` Jan Beulich
2017-01-27 16:04         ` Roger Pau Monne
2017-01-27 16:29           ` Jan Beulich
2017-01-19 17:29 ` [PATCH v5 5/9] x86/hvm: add vcpu parameter to guest memory copy function Roger Pau Monne
2017-01-20 19:45   ` Andrew Cooper
2017-01-23 13:50     ` Roger Pau Monne
2017-01-26 12:51   ` Jan Beulich
2017-01-26 13:33   ` Jan Beulich
2017-01-27 14:55     ` Roger Pau Monne
2017-01-19 17:29 ` [PATCH v5 6/9] xen/x86: parse Dom0 kernel for PVHv2 Roger Pau Monne
2017-01-26 13:37   ` Jan Beulich
2017-01-27 17:22     ` Roger Pau Monne
2017-01-27 17:28       ` Roger Pau Monne
2017-01-30 10:20         ` Jan Beulich
2017-01-27 18:03       ` Roger Pau Monne
2017-01-30 10:14       ` Jan Beulich
2017-01-19 17:29 ` [PATCH v5 7/9] x86/PVHv2: fix dom0_max_vcpus so it's capped to 128 for PVHv2 Dom0 Roger Pau Monne
2017-01-19 17:32   ` Andrew Cooper
2017-01-26 13:39   ` Jan Beulich
2017-01-19 17:29 ` [PATCH v5 8/9] xen/x86: Setup PVHv2 Dom0 CPUs Roger Pau Monne
2017-01-26 13:46   ` Jan Beulich
2017-02-08 12:48     ` Roger Pau Monne
2017-02-08 13:02       ` Jan Beulich
2017-01-19 17:29 ` [PATCH v5 9/9] xen/x86: setup PVHv2 Dom0 ACPI tables Roger Pau Monne
2017-01-26 14:16   ` Jan Beulich
2017-02-08 15:10     ` Roger Pau Monne
2017-02-08 15:50       ` Jan Beulich
2017-02-08 15:58         ` Roger Pau Monne
2017-02-08 16:03           ` Jan Beulich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=588F26DA0200007800134F09@prv-mh.provo.novell.com \
    --to=jbeulich@suse.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=boris.ostrovsky@oracle.com \
    --cc=roger.pau@citrix.com \
    --cc=tim@xen.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.