* [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem
@ 2015-01-29 21:46 Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures Tamas K Lengyel
` (12 more replies)
0 siblings, 13 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
This patch series aims to clean up the mem_event subsystem within Xen. The
original use-case for this system was to allow external helper applications
running in privileged domains to control various memory operations performed
by Xen. Amongs these were paging, sharing and access control. The subsystem
has since been extended to also deliver non-memory related events, namely
various HVM debugging events (INT3, MTF, MOV-TO-CR, MOV-TO-MSR). The structures
and naming of related functions however has not caught up to these new
use-cases, thus leaving many ambiguities in the code. Furthermore, future
use-cases envisioned for this subsystem include PV domains and ARM domains,
thus there is a need to establish a common base to build on.
In this series we convert the mem_event system to vm_event in which we clearly
define the scope of information that is transmitted via the event
delivery mechanism. Afterwards, we clean up the naming of the structures and
related functions to more clearly be in line with their actual operations.
Finally, the control of monitor events is moved to a new domctl, monitor_op.
This RFC PATCH series is also available at:
https://github.com/tklengyel/xen/tree/mem_event_cleanup3
Razvan Cojocaru (1):
xen/mem_event: Cleanup of mem_event structures
Tamas K Lengyel (11):
xen/mem_event: Rename the mem_event ring from 'access' to 'monitor'
xen/mem_paging: Convert mem_event_op to mem_paging_op
xen/mem_access: Merge mem_event sanity check into mem_access check
xen: Introduce vm_event
xen: migrate mem_event to vm_event
xen: Remove mem_event
tools/tests: Clean-up tools/tests/xen-access
x86/hvm: factor out and rename vm_event related functions into
separate file
xen: Introduce monitor_op domctl
xen/vm_event: Decouple vm_event and mem_access.
xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds
MAINTAINERS | 5 +-
docs/misc/xsm-flask.txt | 2 +-
tools/libxc/Makefile | 3 +-
tools/libxc/include/xenctrl.h | 19 +
tools/libxc/xc_domain_restore.c | 14 +-
tools/libxc/xc_domain_save.c | 4 +-
tools/libxc/xc_hvm_build_x86.c | 2 +-
tools/libxc/xc_mem_access.c | 19 +-
tools/libxc/xc_mem_event.c | 178 ---------
tools/libxc/xc_mem_paging.c | 44 ++-
tools/libxc/xc_memshr.c | 18 +-
tools/libxc/xc_monitor.c | 118 ++++++
tools/libxc/xc_private.h | 15 +-
tools/libxc/xc_vm_event.c | 159 ++++++++
tools/libxc/xg_save_restore.h | 2 +-
tools/tests/xen-access/xen-access.c | 222 ++++-------
tools/xenpaging/pagein.c | 2 +-
tools/xenpaging/xenpaging.c | 150 ++++----
tools/xenpaging/xenpaging.h | 8 +-
xen/arch/x86/Makefile | 1 +
xen/arch/x86/domain.c | 2 +-
xen/arch/x86/domctl.c | 4 +-
xen/arch/x86/hvm/Makefile | 3 +-
xen/arch/x86/hvm/emulate.c | 6 +-
xen/arch/x86/hvm/event.c | 184 +++++++++
xen/arch/x86/hvm/hvm.c | 192 +---------
xen/arch/x86/hvm/vmx/vmcs.c | 8 +-
xen/arch/x86/hvm/vmx/vmx.c | 9 +-
xen/arch/x86/mm/hap/nested_ept.c | 4 +-
xen/arch/x86/mm/hap/nested_hap.c | 4 +-
xen/arch/x86/mm/mem_paging.c | 18 +-
xen/arch/x86/mm/mem_sharing.c | 36 +-
xen/arch/x86/mm/p2m-pod.c | 4 +-
xen/arch/x86/mm/p2m-pt.c | 4 +-
xen/arch/x86/mm/p2m.c | 225 +++++------
xen/arch/x86/monitor.c | 197 ++++++++++
xen/arch/x86/x86_64/compat/mm.c | 12 +-
xen/arch/x86/x86_64/mm.c | 12 +-
xen/common/Makefile | 3 +-
xen/common/domain.c | 12 +-
xen/common/domctl.c | 19 +-
xen/common/mem_access.c | 32 +-
xen/common/mem_event.c | 742 ------------------------------------
xen/common/monitor.c | 64 ++++
xen/common/vm_event.c | 726 +++++++++++++++++++++++++++++++++++
xen/drivers/passthrough/pci.c | 2 +-
xen/include/asm-arm/monitor.h | 13 +
xen/include/asm-arm/p2m.h | 6 +-
xen/include/asm-x86/domain.h | 49 ++-
xen/include/asm-x86/hvm/emulate.h | 2 +-
xen/include/asm-x86/hvm/event.h | 40 ++
xen/include/asm-x86/hvm/hvm.h | 11 -
xen/include/asm-x86/mem_paging.h | 2 +-
xen/include/asm-x86/monitor.h | 9 +
xen/include/asm-x86/p2m.h | 16 +-
xen/include/public/domctl.h | 119 ++++--
xen/include/public/hvm/params.h | 17 +-
xen/include/public/mem_event.h | 134 -------
xen/include/public/memory.h | 9 +-
xen/include/public/vm_event.h | 193 ++++++++++
xen/include/xen/mem_access.h | 14 +-
xen/include/xen/mem_event.h | 143 -------
xen/include/xen/monitor.h | 38 ++
xen/include/xen/p2m-common.h | 4 +-
xen/include/xen/sched.h | 28 +-
xen/include/xen/vm_event.h | 87 +++++
xen/include/xsm/dummy.h | 6 +-
xen/include/xsm/xsm.h | 16 +-
xen/xsm/dummy.c | 6 +-
xen/xsm/flask/hooks.c | 36 +-
xen/xsm/flask/policy/access_vectors | 1 +
71 files changed, 2512 insertions(+), 1996 deletions(-)
delete mode 100644 tools/libxc/xc_mem_event.c
create mode 100644 tools/libxc/xc_monitor.c
create mode 100644 tools/libxc/xc_vm_event.c
create mode 100644 xen/arch/x86/hvm/event.c
create mode 100644 xen/arch/x86/monitor.c
delete mode 100644 xen/common/mem_event.c
create mode 100644 xen/common/monitor.c
create mode 100644 xen/common/vm_event.c
create mode 100644 xen/include/asm-arm/monitor.h
create mode 100644 xen/include/asm-x86/hvm/event.h
create mode 100644 xen/include/asm-x86/monitor.h
delete mode 100644 xen/include/public/mem_event.h
create mode 100644 xen/include/public/vm_event.h
delete mode 100644 xen/include/xen/mem_event.h
create mode 100644 xen/include/xen/monitor.h
create mode 100644 xen/include/xen/vm_event.h
--
2.1.4
^ permalink raw reply [flat|nested] 66+ messages in thread
* [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-02-02 17:19 ` Ian Campbell
2015-02-03 15:32 ` Jan Beulich
2015-01-29 21:46 ` [RFC PATCH V3 02/12] xen/mem_event: Rename the mem_event ring from 'access' to 'monitor' Tamas K Lengyel
` (11 subsequent siblings)
12 siblings, 2 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
From: Razvan Cojocaru <rcojocaru@bitdefender.com>
The public mem_event structures used to communicate with helper applications via
shared rings have been used in different settings. However, the variable names
within this structure have not reflected this fact, resulting in the reuse of
variables to mean different things under different scenarios.
This patch remedies the issue by clearly defining the structure members based on
the actual context within which the structure is used.
Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
v3: Add padding to mem_event structures.
Add version field to mem_event structures and checks for it.
---
tools/tests/xen-access/xen-access.c | 43 +++++----
tools/xenpaging/xenpaging.c | 34 +++----
xen/arch/x86/hvm/hvm.c | 183 ++++++++++++++++++++----------------
xen/arch/x86/mm/mem_sharing.c | 10 +-
xen/arch/x86/mm/p2m.c | 132 ++++++++++++++------------
xen/common/mem_access.c | 3 +
xen/include/public/mem_event.h | 106 ++++++++++++++++-----
7 files changed, 308 insertions(+), 203 deletions(-)
diff --git a/tools/tests/xen-access/xen-access.c b/tools/tests/xen-access/xen-access.c
index 6cb382d..002dc3e 100644
--- a/tools/tests/xen-access/xen-access.c
+++ b/tools/tests/xen-access/xen-access.c
@@ -551,13 +551,21 @@ int main(int argc, char *argv[])
continue;
}
+ if ( req.version != MEM_EVENT_INTERFACE_VERSION )
+ {
+ ERROR("Error: mem_event interface version mismatch!\n");
+ interrupted = -1;
+ continue;
+ }
+
memset( &rsp, 0, sizeof (rsp) );
+ rsp.version = MEM_EVENT_INTERFACE_VERSION;
rsp.vcpu_id = req.vcpu_id;
rsp.flags = req.flags;
switch (req.reason) {
- case MEM_EVENT_REASON_VIOLATION:
- rc = xc_get_mem_access(xch, domain_id, req.gfn, &access);
+ case MEM_EVENT_REASON_MEM_ACCESS:
+ rc = xc_get_mem_access(xch, domain_id, req.data.mem_access.gfn, &access);
if (rc < 0)
{
ERROR("Error %d getting mem_access event\n", rc);
@@ -567,21 +575,21 @@ int main(int argc, char *argv[])
printf("PAGE ACCESS: %c%c%c for GFN %"PRIx64" (offset %06"
PRIx64") gla %016"PRIx64" (valid: %c; fault in gpt: %c; fault with gla: %c) (vcpu %u)\n",
- req.access_r ? 'r' : '-',
- req.access_w ? 'w' : '-',
- req.access_x ? 'x' : '-',
- req.gfn,
- req.offset,
- req.gla,
- req.gla_valid ? 'y' : 'n',
- req.fault_in_gpt ? 'y' : 'n',
- req.fault_with_gla ? 'y': 'n',
+ req.data.mem_access.access_r ? 'r' : '-',
+ req.data.mem_access.access_w ? 'w' : '-',
+ req.data.mem_access.access_x ? 'x' : '-',
+ req.data.mem_access.gfn,
+ req.data.mem_access.offset,
+ req.data.mem_access.gla,
+ req.data.mem_access.gla_valid ? 'y' : 'n',
+ req.data.mem_access.fault_in_gpt ? 'y' : 'n',
+ req.data.mem_access.fault_with_gla ? 'y': 'n',
req.vcpu_id);
if ( default_access != after_first_access )
{
rc = xc_set_mem_access(xch, domain_id, after_first_access,
- req.gfn, 1);
+ req.data.mem_access.gfn, 1);
if (rc < 0)
{
ERROR("Error %d setting gfn to access_type %d\n", rc,
@@ -592,13 +600,12 @@ int main(int argc, char *argv[])
}
- rsp.gfn = req.gfn;
- rsp.p2mt = req.p2mt;
+ rsp.data.mem_access.gfn = req.data.mem_access.gfn;
break;
- case MEM_EVENT_REASON_INT3:
- printf("INT3: rip=%016"PRIx64", gfn=%"PRIx64" (vcpu %d)\n",
- req.gla,
- req.gfn,
+ case MEM_EVENT_REASON_SOFTWARE_BREAKPOINT:
+ printf("INT3: rip=%016"PRIx64", gfn=%"PRIx64" (vcpu %d)\n",
+ req.regs.x86.rip,
+ req.data.software_breakpoint.gfn,
req.vcpu_id);
/* Reinject */
diff --git a/tools/xenpaging/xenpaging.c b/tools/xenpaging/xenpaging.c
index 82c1ee4..e5c5c76 100644
--- a/tools/xenpaging/xenpaging.c
+++ b/tools/xenpaging/xenpaging.c
@@ -684,9 +684,9 @@ static int xenpaging_resume_page(struct xenpaging *paging, mem_event_response_t
* This allows page-out of these gfns if the target grows again.
*/
if (paging->num_paged_out > paging->policy_mru_size)
- policy_notify_paged_in(rsp->gfn);
+ policy_notify_paged_in(rsp->data.mem_paging.gfn);
else
- policy_notify_paged_in_nomru(rsp->gfn);
+ policy_notify_paged_in_nomru(rsp->data.mem_paging.gfn);
/* Record number of resumed pages */
paging->num_paged_out--;
@@ -910,49 +910,49 @@ int main(int argc, char *argv[])
get_request(&paging->mem_event, &req);
- if ( req.gfn > paging->max_pages )
+ if ( req.data.mem_paging.gfn > paging->max_pages )
{
- ERROR("Requested gfn %"PRIx64" higher than max_pages %x\n", req.gfn, paging->max_pages);
+ ERROR("Requested gfn %"PRIx64" higher than max_pages %x\n", req.data.mem_paging.gfn, paging->max_pages);
goto out;
}
/* Check if the page has already been paged in */
- if ( test_and_clear_bit(req.gfn, paging->bitmap) )
+ if ( test_and_clear_bit(req.data.mem_paging.gfn, paging->bitmap) )
{
/* Find where in the paging file to read from */
- slot = paging->gfn_to_slot[req.gfn];
+ slot = paging->gfn_to_slot[req.data.mem_paging.gfn];
/* Sanity check */
- if ( paging->slot_to_gfn[slot] != req.gfn )
+ if ( paging->slot_to_gfn[slot] != req.data.mem_paging.gfn )
{
- ERROR("Expected gfn %"PRIx64" in slot %d, but found gfn %lx\n", req.gfn, slot, paging->slot_to_gfn[slot]);
+ ERROR("Expected gfn %"PRIx64" in slot %d, but found gfn %lx\n", req.data.mem_paging.gfn, slot, paging->slot_to_gfn[slot]);
goto out;
}
if ( req.flags & MEM_EVENT_FLAG_DROP_PAGE )
{
- DPRINTF("drop_page ^ gfn %"PRIx64" pageslot %d\n", req.gfn, slot);
+ DPRINTF("drop_page ^ gfn %"PRIx64" pageslot %d\n", req.data.mem_paging.gfn, slot);
/* Notify policy of page being dropped */
- policy_notify_dropped(req.gfn);
+ policy_notify_dropped(req.data.mem_paging.gfn);
}
else
{
/* Populate the page */
- if ( xenpaging_populate_page(paging, req.gfn, slot) < 0 )
+ if ( xenpaging_populate_page(paging, req.data.mem_paging.gfn, slot) < 0 )
{
- ERROR("Error populating page %"PRIx64"", req.gfn);
+ ERROR("Error populating page %"PRIx64"", req.data.mem_paging.gfn);
goto out;
}
}
/* Prepare the response */
- rsp.gfn = req.gfn;
+ rsp.data.mem_paging.gfn = req.data.mem_paging.gfn;
rsp.vcpu_id = req.vcpu_id;
rsp.flags = req.flags;
if ( xenpaging_resume_page(paging, &rsp, 1) < 0 )
{
- PERROR("Error resuming page %"PRIx64"", req.gfn);
+ PERROR("Error resuming page %"PRIx64"", req.data.mem_paging.gfn);
goto out;
}
@@ -967,7 +967,7 @@ int main(int argc, char *argv[])
DPRINTF("page %s populated (domain = %d; vcpu = %d;"
" gfn = %"PRIx64"; paused = %d; evict_fail = %d)\n",
req.flags & MEM_EVENT_FLAG_EVICT_FAIL ? "not" : "already",
- paging->mem_event.domain_id, req.vcpu_id, req.gfn,
+ paging->mem_event.domain_id, req.vcpu_id, req.data.mem_paging.gfn,
!!(req.flags & MEM_EVENT_FLAG_VCPU_PAUSED) ,
!!(req.flags & MEM_EVENT_FLAG_EVICT_FAIL) );
@@ -975,13 +975,13 @@ int main(int argc, char *argv[])
if (( req.flags & MEM_EVENT_FLAG_VCPU_PAUSED ) || ( req.flags & MEM_EVENT_FLAG_EVICT_FAIL ))
{
/* Prepare the response */
- rsp.gfn = req.gfn;
+ rsp.data.mem_paging.gfn = req.data.mem_paging.gfn;
rsp.vcpu_id = req.vcpu_id;
rsp.flags = req.flags;
if ( xenpaging_resume_page(paging, &rsp, 0) < 0 )
{
- PERROR("Error resuming page %"PRIx64"", req.gfn);
+ PERROR("Error resuming page %"PRIx64"", req.data.mem_paging.gfn);
goto out;
}
}
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index c7984d1..e0c6f22 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -6266,48 +6266,42 @@ static void hvm_mem_event_fill_regs(mem_event_request_t *req)
const struct cpu_user_regs *regs = guest_cpu_user_regs();
const struct vcpu *curr = current;
- req->x86_regs.rax = regs->eax;
- req->x86_regs.rcx = regs->ecx;
- req->x86_regs.rdx = regs->edx;
- req->x86_regs.rbx = regs->ebx;
- req->x86_regs.rsp = regs->esp;
- req->x86_regs.rbp = regs->ebp;
- req->x86_regs.rsi = regs->esi;
- req->x86_regs.rdi = regs->edi;
-
- req->x86_regs.r8 = regs->r8;
- req->x86_regs.r9 = regs->r9;
- req->x86_regs.r10 = regs->r10;
- req->x86_regs.r11 = regs->r11;
- req->x86_regs.r12 = regs->r12;
- req->x86_regs.r13 = regs->r13;
- req->x86_regs.r14 = regs->r14;
- req->x86_regs.r15 = regs->r15;
-
- req->x86_regs.rflags = regs->eflags;
- req->x86_regs.rip = regs->eip;
-
- req->x86_regs.msr_efer = curr->arch.hvm_vcpu.guest_efer;
- req->x86_regs.cr0 = curr->arch.hvm_vcpu.guest_cr[0];
- req->x86_regs.cr3 = curr->arch.hvm_vcpu.guest_cr[3];
- req->x86_regs.cr4 = curr->arch.hvm_vcpu.guest_cr[4];
-}
-
-static int hvm_memory_event_traps(long p, uint32_t reason,
- unsigned long value, unsigned long old,
- bool_t gla_valid, unsigned long gla)
-{
- struct vcpu* v = current;
- struct domain *d = v->domain;
- mem_event_request_t req = { .reason = reason };
+ req->regs.x86.rax = regs->eax;
+ req->regs.x86.rcx = regs->ecx;
+ req->regs.x86.rdx = regs->edx;
+ req->regs.x86.rbx = regs->ebx;
+ req->regs.x86.rsp = regs->esp;
+ req->regs.x86.rbp = regs->ebp;
+ req->regs.x86.rsi = regs->esi;
+ req->regs.x86.rdi = regs->edi;
+
+ req->regs.x86.r8 = regs->r8;
+ req->regs.x86.r9 = regs->r9;
+ req->regs.x86.r10 = regs->r10;
+ req->regs.x86.r11 = regs->r11;
+ req->regs.x86.r12 = regs->r12;
+ req->regs.x86.r13 = regs->r13;
+ req->regs.x86.r14 = regs->r14;
+ req->regs.x86.r15 = regs->r15;
+
+ req->regs.x86.rflags = regs->eflags;
+ req->regs.x86.rip = regs->eip;
+
+ req->regs.x86.msr_efer = curr->arch.hvm_vcpu.guest_efer;
+ req->regs.x86.cr0 = curr->arch.hvm_vcpu.guest_cr[0];
+ req->regs.x86.cr3 = curr->arch.hvm_vcpu.guest_cr[3];
+ req->regs.x86.cr4 = curr->arch.hvm_vcpu.guest_cr[4];
+}
+
+static int hvm_memory_event_traps(long parameters, mem_event_request_t *req)
+{
int rc;
+ struct vcpu *v = current;
+ struct domain *d = v->domain;
- if ( !(p & HVMPME_MODE_MASK) )
+ if ( !(parameters & HVMPME_MODE_MASK) )
return 0;
- if ( (p & HVMPME_onchangeonly) && (value == old) )
- return 1;
-
rc = mem_event_claim_slot(d, &d->mem_event->access);
if ( rc == -ENOSYS )
{
@@ -6318,85 +6312,112 @@ static int hvm_memory_event_traps(long p, uint32_t reason,
else if ( rc < 0 )
return rc;
- if ( (p & HVMPME_MODE_MASK) == HVMPME_mode_sync )
+ if ( (parameters & HVMPME_MODE_MASK) == HVMPME_mode_sync )
{
- req.flags |= MEM_EVENT_FLAG_VCPU_PAUSED;
+ req->flags |= MEM_EVENT_FLAG_VCPU_PAUSED;
mem_event_vcpu_pause(v);
}
- req.gfn = value;
- req.vcpu_id = v->vcpu_id;
- if ( gla_valid )
- {
- req.offset = gla & ((1 << PAGE_SHIFT) - 1);
- req.gla = gla;
- req.gla_valid = 1;
- }
- else
- {
- req.gla = old;
- }
-
- hvm_mem_event_fill_regs(&req);
- mem_event_put_request(d, &d->mem_event->access, &req);
-
+ hvm_mem_event_fill_regs(req);
+ mem_event_put_request(d, &d->mem_event->access, req);
+
return 1;
}
void hvm_memory_event_cr0(unsigned long value, unsigned long old)
{
- hvm_memory_event_traps(current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_CR0],
- MEM_EVENT_REASON_CR0,
- value, old, 0, 0);
+ mem_event_request_t req = {
+ .reason = MEM_EVENT_REASON_MOV_TO_CR0,
+ .vcpu_id = current->vcpu_id,
+ .data.mov_to_cr.new_value = value,
+ .data.mov_to_cr.old_value = old
+ };
+
+ long parameters = current->domain->arch.hvm_domain
+ .params[HVM_PARAM_MEMORY_EVENT_CR0];
+
+ if ( (parameters & HVMPME_onchangeonly) && (value == old) )
+ return;
+
+ hvm_memory_event_traps(parameters, &req);
}
void hvm_memory_event_cr3(unsigned long value, unsigned long old)
{
- hvm_memory_event_traps(current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_CR3],
- MEM_EVENT_REASON_CR3,
- value, old, 0, 0);
+ mem_event_request_t req = {
+ .reason = MEM_EVENT_REASON_MOV_TO_CR3,
+ .vcpu_id = current->vcpu_id,
+ .data.mov_to_cr.new_value = value,
+ .data.mov_to_cr.old_value = old
+ };
+
+ long parameters = current->domain->arch.hvm_domain
+ .params[HVM_PARAM_MEMORY_EVENT_CR3];
+
+ if ( (parameters & HVMPME_onchangeonly) && (value == old) )
+ return;
+
+ hvm_memory_event_traps(parameters, &req);
}
void hvm_memory_event_cr4(unsigned long value, unsigned long old)
{
- hvm_memory_event_traps(current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_CR4],
- MEM_EVENT_REASON_CR4,
- value, old, 0, 0);
+ mem_event_request_t req = {
+ .reason = MEM_EVENT_REASON_MOV_TO_CR4,
+ .vcpu_id = current->vcpu_id,
+ .data.mov_to_cr.new_value = value,
+ .data.mov_to_cr.old_value = old
+ };
+
+ long parameters = current->domain->arch.hvm_domain
+ .params[HVM_PARAM_MEMORY_EVENT_CR4];
+
+ if ( (parameters & HVMPME_onchangeonly) && (value == old) )
+ return;
+
+ hvm_memory_event_traps(parameters, &req);
}
void hvm_memory_event_msr(unsigned long msr, unsigned long value)
{
+ mem_event_request_t req = {
+ .reason = MEM_EVENT_REASON_MOV_TO_MSR,
+ .vcpu_id = current->vcpu_id,
+ .data.mov_to_msr.msr = msr,
+ .data.mov_to_msr.value = value,
+ };
+
hvm_memory_event_traps(current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_MSR],
- MEM_EVENT_REASON_MSR,
- value, ~value, 1, msr);
+ .params[HVM_PARAM_MEMORY_EVENT_MSR],
+ &req);
}
int hvm_memory_event_int3(unsigned long gla)
{
uint32_t pfec = PFEC_page_present;
- unsigned long gfn;
- gfn = paging_gva_to_gfn(current, gla, &pfec);
+ mem_event_request_t req = {
+ .reason = MEM_EVENT_REASON_SOFTWARE_BREAKPOINT,
+ .vcpu_id = current->vcpu_id,
+ .data.software_breakpoint.gfn = paging_gva_to_gfn(current, gla, &pfec)
+ };
return hvm_memory_event_traps(current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_INT3],
- MEM_EVENT_REASON_INT3,
- gfn, 0, 1, gla);
+ .params[HVM_PARAM_MEMORY_EVENT_INT3],
+ &req);
}
int hvm_memory_event_single_step(unsigned long gla)
{
uint32_t pfec = PFEC_page_present;
- unsigned long gfn;
- gfn = paging_gva_to_gfn(current, gla, &pfec);
+ mem_event_request_t req = {
+ .reason = MEM_EVENT_REASON_SINGLESTEP,
+ .vcpu_id = current->vcpu_id,
+ .data.singlestep.gfn = paging_gva_to_gfn(current, gla, &pfec)
+ };
return hvm_memory_event_traps(current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_SINGLE_STEP],
- MEM_EVENT_REASON_SINGLESTEP,
- gfn, 0, 1, gla);
+ .params[HVM_PARAM_MEMORY_EVENT_SINGLE_STEP],
+ &req);
}
int nhvm_vcpu_hostrestore(struct vcpu *v, struct cpu_user_regs *regs)
diff --git a/xen/arch/x86/mm/mem_sharing.c b/xen/arch/x86/mm/mem_sharing.c
index 7c0fc7d..b5149f7 100644
--- a/xen/arch/x86/mm/mem_sharing.c
+++ b/xen/arch/x86/mm/mem_sharing.c
@@ -559,7 +559,10 @@ int mem_sharing_notify_enomem(struct domain *d, unsigned long gfn,
{
struct vcpu *v = current;
int rc;
- mem_event_request_t req = { .gfn = gfn };
+ mem_event_request_t req = {
+ .reason = MEM_EVENT_REASON_MEM_SHARING,
+ .data.mem_sharing.gfn = gfn
+ };
if ( (rc = __mem_event_claim_slot(d,
&d->mem_event->share, allow_sleep)) < 0 )
@@ -571,7 +574,7 @@ int mem_sharing_notify_enomem(struct domain *d, unsigned long gfn,
mem_event_vcpu_pause(v);
}
- req.p2mt = p2m_ram_shared;
+ req.data.mem_sharing.p2mt = p2m_ram_shared;
req.vcpu_id = v->vcpu_id;
mem_event_put_request(d, &d->mem_event->share, &req);
@@ -598,6 +601,9 @@ int mem_sharing_sharing_resume(struct domain *d)
{
struct vcpu *v;
+ if ( rsp.version != MEM_EVENT_INTERFACE_VERSION )
+ continue;
+
if ( rsp.flags & MEM_EVENT_FLAG_DUMMY )
continue;
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index efa49dd..4b5eade 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -1077,7 +1077,10 @@ int p2m_mem_paging_evict(struct domain *d, unsigned long gfn)
void p2m_mem_paging_drop_page(struct domain *d, unsigned long gfn,
p2m_type_t p2mt)
{
- mem_event_request_t req = { .gfn = gfn };
+ mem_event_request_t req = {
+ .reason = MEM_EVENT_REASON_MEM_PAGING,
+ .data.mem_paging.gfn = gfn
+ };
/* We allow no ring in this unique case, because it won't affect
* correctness of the guest execution at this point. If this is the only
@@ -1124,7 +1127,10 @@ void p2m_mem_paging_drop_page(struct domain *d, unsigned long gfn,
void p2m_mem_paging_populate(struct domain *d, unsigned long gfn)
{
struct vcpu *v = current;
- mem_event_request_t req = { .gfn = gfn };
+ mem_event_request_t req = {
+ .reason = MEM_EVENT_REASON_MEM_PAGING,
+ .data.mem_paging.gfn = gfn
+ };
p2m_type_t p2mt;
p2m_access_t a;
mfn_t mfn;
@@ -1174,7 +1180,7 @@ void p2m_mem_paging_populate(struct domain *d, unsigned long gfn)
}
/* Send request to pager */
- req.p2mt = p2mt;
+ req.data.mem_paging.p2mt = p2mt;
req.vcpu_id = v->vcpu_id;
mem_event_put_request(d, &d->mem_event->paging, &req);
@@ -1296,6 +1302,9 @@ void p2m_mem_paging_resume(struct domain *d)
{
struct vcpu *v;
+ if ( rsp.version != MEM_EVENT_INTERFACE_VERSION )
+ continue;
+
if ( rsp.flags & MEM_EVENT_FLAG_DUMMY )
continue;
@@ -1309,15 +1318,15 @@ void p2m_mem_paging_resume(struct domain *d)
if ( !(rsp.flags & MEM_EVENT_FLAG_DROP_PAGE) )
{
gfn_lock(p2m, rsp.gfn, 0);
- mfn = p2m->get_entry(p2m, rsp.gfn, &p2mt, &a, 0, NULL);
+ mfn = p2m->get_entry(p2m, rsp.data.mem_access.gfn, &p2mt, &a, 0, NULL);
/* Allow only pages which were prepared properly, or pages which
* were nominated but not evicted */
if ( mfn_valid(mfn) && (p2mt == p2m_ram_paging_in) )
{
- p2m_set_entry(p2m, rsp.gfn, mfn, PAGE_ORDER_4K,
+ p2m_set_entry(p2m, rsp.data.mem_access.gfn, mfn, PAGE_ORDER_4K,
paging_mode_log_dirty(d) ? p2m_ram_logdirty :
p2m_ram_rw, a);
- set_gpfn_from_mfn(mfn_x(mfn), rsp.gfn);
+ set_gpfn_from_mfn(mfn_x(mfn), rsp.data.mem_access.gfn);
}
gfn_unlock(p2m, rsp.gfn, 0);
}
@@ -1337,49 +1346,49 @@ static void p2m_mem_event_fill_regs(mem_event_request_t *req)
/* Architecture-specific vmcs/vmcb bits */
hvm_funcs.save_cpu_ctxt(curr, &ctxt);
- req->x86_regs.rax = regs->eax;
- req->x86_regs.rcx = regs->ecx;
- req->x86_regs.rdx = regs->edx;
- req->x86_regs.rbx = regs->ebx;
- req->x86_regs.rsp = regs->esp;
- req->x86_regs.rbp = regs->ebp;
- req->x86_regs.rsi = regs->esi;
- req->x86_regs.rdi = regs->edi;
-
- req->x86_regs.r8 = regs->r8;
- req->x86_regs.r9 = regs->r9;
- req->x86_regs.r10 = regs->r10;
- req->x86_regs.r11 = regs->r11;
- req->x86_regs.r12 = regs->r12;
- req->x86_regs.r13 = regs->r13;
- req->x86_regs.r14 = regs->r14;
- req->x86_regs.r15 = regs->r15;
-
- req->x86_regs.rflags = regs->eflags;
- req->x86_regs.rip = regs->eip;
-
- req->x86_regs.dr7 = curr->arch.debugreg[7];
- req->x86_regs.cr0 = ctxt.cr0;
- req->x86_regs.cr2 = ctxt.cr2;
- req->x86_regs.cr3 = ctxt.cr3;
- req->x86_regs.cr4 = ctxt.cr4;
-
- req->x86_regs.sysenter_cs = ctxt.sysenter_cs;
- req->x86_regs.sysenter_esp = ctxt.sysenter_esp;
- req->x86_regs.sysenter_eip = ctxt.sysenter_eip;
-
- req->x86_regs.msr_efer = ctxt.msr_efer;
- req->x86_regs.msr_star = ctxt.msr_star;
- req->x86_regs.msr_lstar = ctxt.msr_lstar;
+ req->regs.x86.rax = regs->eax;
+ req->regs.x86.rcx = regs->ecx;
+ req->regs.x86.rdx = regs->edx;
+ req->regs.x86.rbx = regs->ebx;
+ req->regs.x86.rsp = regs->esp;
+ req->regs.x86.rbp = regs->ebp;
+ req->regs.x86.rsi = regs->esi;
+ req->regs.x86.rdi = regs->edi;
+
+ req->regs.x86.r8 = regs->r8;
+ req->regs.x86.r9 = regs->r9;
+ req->regs.x86.r10 = regs->r10;
+ req->regs.x86.r11 = regs->r11;
+ req->regs.x86.r12 = regs->r12;
+ req->regs.x86.r13 = regs->r13;
+ req->regs.x86.r14 = regs->r14;
+ req->regs.x86.r15 = regs->r15;
+
+ req->regs.x86.rflags = regs->eflags;
+ req->regs.x86.rip = regs->eip;
+
+ req->regs.x86.dr7 = curr->arch.debugreg[7];
+ req->regs.x86.cr0 = ctxt.cr0;
+ req->regs.x86.cr2 = ctxt.cr2;
+ req->regs.x86.cr3 = ctxt.cr3;
+ req->regs.x86.cr4 = ctxt.cr4;
+
+ req->regs.x86.sysenter_cs = ctxt.sysenter_cs;
+ req->regs.x86.sysenter_esp = ctxt.sysenter_esp;
+ req->regs.x86.sysenter_eip = ctxt.sysenter_eip;
+
+ req->regs.x86.msr_efer = ctxt.msr_efer;
+ req->regs.x86.msr_star = ctxt.msr_star;
+ req->regs.x86.msr_lstar = ctxt.msr_lstar;
hvm_get_segment_register(curr, x86_seg_fs, &seg);
- req->x86_regs.fs_base = seg.base;
+ req->regs.x86.fs_base = seg.base;
hvm_get_segment_register(curr, x86_seg_gs, &seg);
- req->x86_regs.gs_base = seg.base;
+ req->regs.x86.gs_base = seg.base;
hvm_get_segment_register(curr, x86_seg_cs, &seg);
- req->x86_regs.cs_arbytes = seg.attr.bytes;
+ req->regs.x86.cs_arbytes = seg.attr.bytes;
}
void p2m_mem_event_emulate_check(struct vcpu *v, const mem_event_response_t *rsp)
@@ -1390,39 +1399,40 @@ void p2m_mem_event_emulate_check(struct vcpu *v, const mem_event_response_t *rsp
xenmem_access_t access;
bool_t violation = 1;
- if ( p2m_get_mem_access(v->domain, rsp->gfn, &access) == 0 )
+ if ( p2m_get_mem_access(v->domain, rsp->data.mem_access.gfn, &access) == 0 )
{
switch ( access )
{
case XENMEM_access_n:
case XENMEM_access_n2rwx:
default:
- violation = rsp->access_r || rsp->access_w || rsp->access_x;
+ violation = rsp->data.mem_access.access_r || rsp->data.mem_access.access_w ||
+ rsp->data.mem_access.access_x;
break;
case XENMEM_access_r:
- violation = rsp->access_w || rsp->access_x;
+ violation = rsp->data.mem_access.access_w || rsp->data.mem_access.access_x;
break;
case XENMEM_access_w:
- violation = rsp->access_r || rsp->access_x;
+ violation = rsp->data.mem_access.access_r || rsp->data.mem_access.access_x;
break;
case XENMEM_access_x:
- violation = rsp->access_r || rsp->access_w;
+ violation = rsp->data.mem_access.access_r || rsp->data.mem_access.access_w;
break;
case XENMEM_access_rx:
case XENMEM_access_rx2rw:
- violation = rsp->access_w;
+ violation = rsp->data.mem_access.access_w;
break;
case XENMEM_access_wx:
- violation = rsp->access_r;
+ violation = rsp->data.mem_access.access_r;
break;
case XENMEM_access_rw:
- violation = rsp->access_x;
+ violation = rsp->data.mem_access.access_x;
break;
case XENMEM_access_rwx:
@@ -1540,24 +1550,24 @@ bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
if ( req )
{
*req_ptr = req;
- req->reason = MEM_EVENT_REASON_VIOLATION;
+ req->reason = MEM_EVENT_REASON_MEM_ACCESS;
/* Pause the current VCPU */
if ( p2ma != p2m_access_n2rwx )
req->flags |= MEM_EVENT_FLAG_VCPU_PAUSED;
/* Send request to mem event */
- req->gfn = gfn;
- req->offset = gpa & ((1 << PAGE_SHIFT) - 1);
- req->gla_valid = npfec.gla_valid;
- req->gla = gla;
+ req->data.mem_access.gfn = gfn;
+ req->data.mem_access.offset = gpa & ((1 << PAGE_SHIFT) - 1);
+ req->data.mem_access.gla_valid = npfec.gla_valid;
+ req->data.mem_access.gla = gla;
if ( npfec.kind == npfec_kind_with_gla )
- req->fault_with_gla = 1;
+ req->data.mem_access.fault_with_gla = 1;
else if ( npfec.kind == npfec_kind_in_gpt )
- req->fault_in_gpt = 1;
- req->access_r = npfec.read_access;
- req->access_w = npfec.write_access;
- req->access_x = npfec.insn_fetch;
+ req->data.mem_access.fault_in_gpt = 1;
+ req->data.mem_access.access_r = npfec.read_access;
+ req->data.mem_access.access_w = npfec.write_access;
+ req->data.mem_access.access_x = npfec.insn_fetch;
req->vcpu_id = v->vcpu_id;
p2m_mem_event_fill_regs(req);
diff --git a/xen/common/mem_access.c b/xen/common/mem_access.c
index d8aac5f..656dd8e 100644
--- a/xen/common/mem_access.c
+++ b/xen/common/mem_access.c
@@ -38,6 +38,9 @@ void mem_access_resume(struct domain *d)
{
struct vcpu *v;
+ if ( rsp.version != MEM_EVENT_INTERFACE_VERSION )
+ continue;
+
if ( rsp.flags & MEM_EVENT_FLAG_DUMMY )
continue;
diff --git a/xen/include/public/mem_event.h b/xen/include/public/mem_event.h
index 599f9e8..0f36b33 100644
--- a/xen/include/public/mem_event.h
+++ b/xen/include/public/mem_event.h
@@ -27,9 +27,13 @@
#ifndef _XEN_PUBLIC_MEM_EVENT_H
#define _XEN_PUBLIC_MEM_EVENT_H
+#if defined(__XEN__) || defined(__XEN_TOOLS__)
+
#include "xen.h"
#include "io/ring.h"
+#define MEM_EVENT_INTERFACE_VERSION 0x00000001
+
/* Memory event flags */
#define MEM_EVENT_FLAG_VCPU_PAUSED (1 << 0)
#define MEM_EVENT_FLAG_DROP_PAGE (1 << 1)
@@ -48,16 +52,27 @@
*/
#define MEM_EVENT_FLAG_EMULATE_NOWRITE (1 << 6)
-/* Reasons for the memory event request */
-#define MEM_EVENT_REASON_UNKNOWN 0 /* typical reason */
-#define MEM_EVENT_REASON_VIOLATION 1 /* access violation, GFN is address */
-#define MEM_EVENT_REASON_CR0 2 /* CR0 was hit: gfn is new CR0 value, gla is previous */
-#define MEM_EVENT_REASON_CR3 3 /* CR3 was hit: gfn is new CR3 value, gla is previous */
-#define MEM_EVENT_REASON_CR4 4 /* CR4 was hit: gfn is new CR4 value, gla is previous */
-#define MEM_EVENT_REASON_INT3 5 /* int3 was hit: gla/gfn are RIP */
-#define MEM_EVENT_REASON_SINGLESTEP 6 /* single step was invoked: gla/gfn are RIP */
-#define MEM_EVENT_REASON_MSR 7 /* MSR was hit: gfn is MSR value, gla is MSR address;
- does NOT honour HVMPME_onchangeonly */
+/* Reasons for the vm event request */
+/* Default case */
+#define MEM_EVENT_REASON_UNKNOWN 0
+/* Memory access violation */
+#define MEM_EVENT_REASON_MEM_ACCESS 1
+/* Memory sharing event */
+#define MEM_EVENT_REASON_MEM_SHARING 2
+/* Memory paging event */
+#define MEM_EVENT_REASON_MEM_PAGING 3
+/* CR0 was updated */
+#define MEM_EVENT_REASON_MOV_TO_CR0 4
+/* CR3 was updated */
+#define MEM_EVENT_REASON_MOV_TO_CR3 5
+/* CR4 was updated */
+#define MEM_EVENT_REASON_MOV_TO_CR4 6
+/* An MSR was updated. Does NOT honour HVMPME_onchangeonly */
+#define MEM_EVENT_REASON_MOV_TO_MSR 9
+/* Debug operation executed (int3) */
+#define MEM_EVENT_REASON_SOFTWARE_BREAKPOINT 7
+/* Single-step (MTF) */
+#define MEM_EVENT_REASON_SINGLESTEP 8
/* Using a custom struct (not hvm_hw_cpu) so as to not fill
* the mem_event ring buffer too quickly. */
@@ -97,31 +112,74 @@ struct mem_event_regs_x86 {
uint32_t _pad;
};
-typedef struct mem_event_st {
- uint32_t flags;
- uint32_t vcpu_id;
-
+struct mem_event_mem_access_data {
uint64_t gfn;
uint64_t offset;
uint64_t gla; /* if gla_valid */
+ uint8_t access_r;
+ uint8_t access_w;
+ uint8_t access_x;
+ uint8_t gla_valid;
+ uint8_t fault_with_gla;
+ uint8_t fault_in_gpt;
+ uint16_t _pad;
+};
+
+struct mem_event_mov_to_cr_data {
+ uint64_t new_value;
+ uint64_t old_value;
+};
+
+struct mem_event_software_breakpoint_data {
+ uint64_t gfn;
+};
+
+struct mem_event_singlestep_data {
+ uint64_t gfn;
+};
+struct mem_event_mov_to_msr_data {
+ uint64_t msr;
+ uint64_t value;
+};
+
+struct mem_event_paging_data {
+ uint64_t gfn;
+ uint32_t p2mt;
+ uint32_t _pad;
+};
+
+struct mem_event_sharing_data {
+ uint64_t gfn;
uint32_t p2mt;
+ uint32_t _pad;
+};
+
+typedef struct mem_event_st {
+ uint32_t version; /* MEM_EVENT_INTERFACE_VERSION */
+ uint32_t flags;
+ uint32_t vcpu_id;
+ uint32_t reason; /* MEM_EVENT_REASON_* */
- uint16_t access_r:1;
- uint16_t access_w:1;
- uint16_t access_x:1;
- uint16_t gla_valid:1;
- uint16_t fault_with_gla:1;
- uint16_t fault_in_gpt:1;
- uint16_t available:10;
+ union {
+ struct mem_event_paging_data mem_paging;
+ struct mem_event_sharing_data mem_sharing;
+ struct mem_event_mem_access_data mem_access;
+ struct mem_event_mov_to_cr_data mov_to_cr;
+ struct mem_event_mov_to_msr_data mov_to_msr;
+ struct mem_event_software_breakpoint_data software_breakpoint;
+ struct mem_event_singlestep_data singlestep;
+ } data;
- uint16_t reason;
- struct mem_event_regs_x86 x86_regs;
+ union {
+ struct mem_event_regs_x86 x86;
+ } regs;
} mem_event_request_t, mem_event_response_t;
DEFINE_RING_TYPES(mem_event, mem_event_request_t, mem_event_response_t);
-#endif
+#endif /* defined(__XEN__) || defined(__XEN_TOOLS__) */
+#endif /* _XEN_PUBLIC_MEM_EVENT_H */
/*
* Local variables:
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 02/12] xen/mem_event: Rename the mem_event ring from 'access' to 'monitor'
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-02-02 17:22 ` Ian Campbell
2015-02-03 15:37 ` Jan Beulich
2015-01-29 21:46 ` [RFC PATCH V3 03/12] xen/mem_paging: Convert mem_event_op to mem_paging_op Tamas K Lengyel
` (10 subsequent siblings)
12 siblings, 2 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
The name of the ring still implies it is used only for memory accesses,
which is no longer the case. It is also used to deliver variuos HVM events,
thus the name "monitor" is more appropriate in this setting.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
v3: Style and comment fixes.
---
tools/libxc/xc_domain_restore.c | 14 +++++++-------
tools/libxc/xc_domain_save.c | 4 ++--
tools/libxc/xc_hvm_build_x86.c | 2 +-
tools/libxc/xc_mem_access.c | 8 ++++----
tools/libxc/xc_mem_event.c | 8 ++++----
tools/libxc/xg_save_restore.h | 2 +-
xen/arch/x86/hvm/hvm.c | 4 ++--
xen/arch/x86/hvm/vmx/vmcs.c | 2 +-
xen/arch/x86/mm/p2m.c | 2 +-
xen/common/mem_access.c | 8 ++++----
xen/common/mem_event.c | 22 +++++++++++-----------
xen/include/public/domctl.h | 31 +++++++++++++++++++------------
xen/include/public/hvm/params.h | 2 +-
xen/include/xen/sched.h | 4 ++--
14 files changed, 60 insertions(+), 53 deletions(-)
diff --git a/tools/libxc/xc_domain_restore.c b/tools/libxc/xc_domain_restore.c
index a382701..2ab9f46 100644
--- a/tools/libxc/xc_domain_restore.c
+++ b/tools/libxc/xc_domain_restore.c
@@ -734,7 +734,7 @@ typedef struct {
uint64_t vcpumap[XC_SR_MAX_VCPUS/64];
uint64_t identpt;
uint64_t paging_ring_pfn;
- uint64_t access_ring_pfn;
+ uint64_t monitor_ring_pfn;
uint64_t sharing_ring_pfn;
uint64_t vm86_tss;
uint64_t console_pfn;
@@ -828,15 +828,15 @@ static int pagebuf_get_one(xc_interface *xch, struct restore_ctx *ctx,
// DPRINTF("paging ring pfn address: %llx\n", buf->paging_ring_pfn);
return pagebuf_get_one(xch, ctx, buf, fd, dom);
- case XC_SAVE_ID_HVM_ACCESS_RING_PFN:
+ case XC_SAVE_ID_HVM_MONITOR_RING_PFN:
/* Skip padding 4 bytes then read the mem access ring location. */
- if ( RDEXACT(fd, &buf->access_ring_pfn, sizeof(uint32_t)) ||
- RDEXACT(fd, &buf->access_ring_pfn, sizeof(uint64_t)) )
+ if ( RDEXACT(fd, &buf->monitor_ring_pfn, sizeof(uint32_t)) ||
+ RDEXACT(fd, &buf->monitor_ring_pfn, sizeof(uint64_t)) )
{
PERROR("error read the access ring pfn");
return -1;
}
- // DPRINTF("access ring pfn address: %llx\n", buf->access_ring_pfn);
+ // DPRINTF("monitor ring pfn address: %llx\n", buf->monitor_ring_pfn);
return pagebuf_get_one(xch, ctx, buf, fd, dom);
case XC_SAVE_ID_HVM_SHARING_RING_PFN:
@@ -1660,8 +1660,8 @@ int xc_domain_restore(xc_interface *xch, int io_fd, uint32_t dom,
xc_hvm_param_set(xch, dom, HVM_PARAM_IDENT_PT, pagebuf.identpt);
if ( pagebuf.paging_ring_pfn )
xc_hvm_param_set(xch, dom, HVM_PARAM_PAGING_RING_PFN, pagebuf.paging_ring_pfn);
- if ( pagebuf.access_ring_pfn )
- xc_hvm_param_set(xch, dom, HVM_PARAM_ACCESS_RING_PFN, pagebuf.access_ring_pfn);
+ if ( pagebuf.monitor_ring_pfn )
+ xc_hvm_param_set(xch, dom, HVM_PARAM_MONITOR_RING_PFN, pagebuf.monitor_ring_pfn);
if ( pagebuf.sharing_ring_pfn )
xc_hvm_param_set(xch, dom, HVM_PARAM_SHARING_RING_PFN, pagebuf.sharing_ring_pfn);
if ( pagebuf.vm86_tss )
diff --git a/tools/libxc/xc_domain_save.c b/tools/libxc/xc_domain_save.c
index 254fdb3..949ef64 100644
--- a/tools/libxc/xc_domain_save.c
+++ b/tools/libxc/xc_domain_save.c
@@ -1664,9 +1664,9 @@ int xc_domain_save(xc_interface *xch, int io_fd, uint32_t dom, uint32_t max_iter
goto out;
}
- chunk.id = XC_SAVE_ID_HVM_ACCESS_RING_PFN;
+ chunk.id = XC_SAVE_ID_HVM_MONITOR_RING_PFN;
chunk.data = 0;
- xc_hvm_param_get(xch, dom, HVM_PARAM_ACCESS_RING_PFN, &chunk.data);
+ xc_hvm_param_get(xch, dom, HVM_PARAM_MONITOR_RING_PFN, &chunk.data);
if ( (chunk.data != 0) &&
wrexact(io_fd, &chunk, sizeof(chunk)) )
diff --git a/tools/libxc/xc_hvm_build_x86.c b/tools/libxc/xc_hvm_build_x86.c
index c81a25b..30a929d 100644
--- a/tools/libxc/xc_hvm_build_x86.c
+++ b/tools/libxc/xc_hvm_build_x86.c
@@ -497,7 +497,7 @@ static int setup_guest(xc_interface *xch,
special_pfn(SPECIALPAGE_CONSOLE));
xc_hvm_param_set(xch, dom, HVM_PARAM_PAGING_RING_PFN,
special_pfn(SPECIALPAGE_PAGING));
- xc_hvm_param_set(xch, dom, HVM_PARAM_ACCESS_RING_PFN,
+ xc_hvm_param_set(xch, dom, HVM_PARAM_MONITOR_RING_PFN,
special_pfn(SPECIALPAGE_ACCESS));
xc_hvm_param_set(xch, dom, HVM_PARAM_SHARING_RING_PFN,
special_pfn(SPECIALPAGE_SHARING));
diff --git a/tools/libxc/xc_mem_access.c b/tools/libxc/xc_mem_access.c
index 55d0e9f..1c979ed 100644
--- a/tools/libxc/xc_mem_access.c
+++ b/tools/libxc/xc_mem_access.c
@@ -26,22 +26,22 @@
void *xc_mem_access_enable(xc_interface *xch, domid_t domain_id, uint32_t *port)
{
- return xc_mem_event_enable(xch, domain_id, HVM_PARAM_ACCESS_RING_PFN,
+ return xc_mem_event_enable(xch, domain_id, HVM_PARAM_MONITOR_RING_PFN,
port, 0);
}
void *xc_mem_access_enable_introspection(xc_interface *xch, domid_t domain_id,
uint32_t *port)
{
- return xc_mem_event_enable(xch, domain_id, HVM_PARAM_ACCESS_RING_PFN,
+ return xc_mem_event_enable(xch, domain_id, HVM_PARAM_MONITOR_RING_PFN,
port, 1);
}
int xc_mem_access_disable(xc_interface *xch, domid_t domain_id)
{
return xc_mem_event_control(xch, domain_id,
- XEN_DOMCTL_MEM_EVENT_OP_ACCESS_DISABLE,
- XEN_DOMCTL_MEM_EVENT_OP_ACCESS,
+ XEN_DOMCTL_MEM_EVENT_OP_MONITOR_DISABLE,
+ XEN_DOMCTL_MEM_EVENT_OP_MONITOR,
NULL);
}
diff --git a/tools/libxc/xc_mem_event.c b/tools/libxc/xc_mem_event.c
index 8c0be4e..20db2ed 100644
--- a/tools/libxc/xc_mem_event.c
+++ b/tools/libxc/xc_mem_event.c
@@ -119,12 +119,12 @@ void *xc_mem_event_enable(xc_interface *xch, domid_t domain_id, int param,
mode = XEN_DOMCTL_MEM_EVENT_OP_PAGING;
break;
- case HVM_PARAM_ACCESS_RING_PFN:
+ case HVM_PARAM_MONITOR_RING_PFN:
if ( enable_introspection )
- op = XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE_INTROSPECTION;
+ op = XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION;
else
- op = XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE;
- mode = XEN_DOMCTL_MEM_EVENT_OP_ACCESS;
+ op = XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE;
+ mode = XEN_DOMCTL_MEM_EVENT_OP_MONITOR;
break;
case HVM_PARAM_SHARING_RING_PFN:
diff --git a/tools/libxc/xg_save_restore.h b/tools/libxc/xg_save_restore.h
index bdd9009..10348aa 100644
--- a/tools/libxc/xg_save_restore.h
+++ b/tools/libxc/xg_save_restore.h
@@ -256,7 +256,7 @@
#define XC_SAVE_ID_HVM_GENERATION_ID_ADDR -14
/* Markers for the pfn's hosting these mem event rings */
#define XC_SAVE_ID_HVM_PAGING_RING_PFN -15
-#define XC_SAVE_ID_HVM_ACCESS_RING_PFN -16
+#define XC_SAVE_ID_HVM_MONITOR_RING_PFN -16
#define XC_SAVE_ID_HVM_SHARING_RING_PFN -17
#define XC_SAVE_ID_TOOLSTACK -18 /* Optional toolstack specific info */
/* These are a pair; it is an error for one to exist without the other */
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index e0c6f22..692b7d9 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -6302,7 +6302,7 @@ static int hvm_memory_event_traps(long parameters, mem_event_request_t *req)
if ( !(parameters & HVMPME_MODE_MASK) )
return 0;
- rc = mem_event_claim_slot(d, &d->mem_event->access);
+ rc = mem_event_claim_slot(d, &d->mem_event->monitor);
if ( rc == -ENOSYS )
{
/* If there was no ring to handle the event, then
@@ -6319,7 +6319,7 @@ static int hvm_memory_event_traps(long parameters, mem_event_request_t *req)
}
hvm_mem_event_fill_regs(req);
- mem_event_put_request(d, &d->mem_event->access, req);
+ mem_event_put_request(d, &d->mem_event->monitor, req);
return 1;
}
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
index 9d8033e..e553fb0 100644
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -715,7 +715,7 @@ void vmx_disable_intercept_for_msr(struct vcpu *v, u32 msr, int type)
return;
if ( unlikely(d->arch.hvm_domain.introspection_enabled) &&
- mem_event_check_ring(&d->mem_event->access) )
+ mem_event_check_ring(&d->mem_event->monitor) )
{
unsigned int i;
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index 4b5eade..ddadf66 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -1492,7 +1492,7 @@ bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
gfn_unlock(p2m, gfn, 0);
/* Otherwise, check if there is a memory event listener, and send the message along */
- if ( !mem_event_check_ring(&d->mem_event->access) || !req_ptr )
+ if ( !mem_event_check_ring(&d->mem_event->monitor) || !req_ptr )
{
/* No listener */
if ( p2m->access_required )
diff --git a/xen/common/mem_access.c b/xen/common/mem_access.c
index 656dd8e..47574b3 100644
--- a/xen/common/mem_access.c
+++ b/xen/common/mem_access.c
@@ -34,7 +34,7 @@ void mem_access_resume(struct domain *d)
mem_event_response_t rsp;
/* Pull all responses off the ring. */
- while ( mem_event_get_response(d, &d->mem_event->access, &rsp) )
+ while ( mem_event_get_response(d, &d->mem_event->monitor, &rsp) )
{
struct vcpu *v;
@@ -82,7 +82,7 @@ int mem_access_memop(unsigned long cmd,
goto out;
rc = -ENODEV;
- if ( unlikely(!d->mem_event->access.ring_page) )
+ if ( unlikely(!d->mem_event->monitor.ring_page) )
goto out;
switch ( mao.op )
@@ -149,11 +149,11 @@ int mem_access_memop(unsigned long cmd,
int mem_access_send_req(struct domain *d, mem_event_request_t *req)
{
- int rc = mem_event_claim_slot(d, &d->mem_event->access);
+ int rc = mem_event_claim_slot(d, &d->mem_event->monitor);
if ( rc < 0 )
return rc;
- mem_event_put_request(d, &d->mem_event->access, req);
+ mem_event_put_request(d, &d->mem_event->monitor, req);
return 0;
}
diff --git a/xen/common/mem_event.c b/xen/common/mem_event.c
index 16ebdb5..37b5558 100644
--- a/xen/common/mem_event.c
+++ b/xen/common/mem_event.c
@@ -443,7 +443,7 @@ static void mem_paging_notification(struct vcpu *v, unsigned int port)
/* Registered with Xen-bound event channel for incoming notifications. */
static void mem_access_notification(struct vcpu *v, unsigned int port)
{
- if ( likely(v->domain->mem_event->access.ring_page != NULL) )
+ if ( likely(v->domain->mem_event->monitor.ring_page != NULL) )
mem_access_resume(v->domain);
}
#endif
@@ -508,9 +508,9 @@ void mem_event_cleanup(struct domain *d)
}
#endif
#ifdef HAS_MEM_ACCESS
- if ( d->mem_event->access.ring_page ) {
- destroy_waitqueue_head(&d->mem_event->access.wq);
- (void)mem_event_disable(d, &d->mem_event->access);
+ if ( d->mem_event->monitor.ring_page ) {
+ destroy_waitqueue_head(&d->mem_event->monitor.wq);
+ (void)mem_event_disable(d, &d->mem_event->monitor);
}
#endif
#ifdef HAS_MEM_SHARING
@@ -609,32 +609,32 @@ int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec,
#endif
#ifdef HAS_MEM_ACCESS
- case XEN_DOMCTL_MEM_EVENT_OP_ACCESS:
+ case XEN_DOMCTL_MEM_EVENT_OP_MONITOR:
{
- struct mem_event_domain *med = &d->mem_event->access;
+ struct mem_event_domain *med = &d->mem_event->monitor;
rc = -EINVAL;
switch( mec->op )
{
- case XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE:
- case XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE_INTROSPECTION:
+ case XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE:
+ case XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
{
rc = -ENODEV;
if ( !p2m_mem_event_sanity_check(d) )
break;
rc = mem_event_enable(d, mec, med, _VPF_mem_access,
- HVM_PARAM_ACCESS_RING_PFN,
+ HVM_PARAM_MONITOR_RING_PFN,
mem_access_notification);
- if ( mec->op == XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE_INTROSPECTION
+ if ( mec->op == XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
&& !rc )
p2m_setup_introspection(d);
}
break;
- case XEN_DOMCTL_MEM_EVENT_OP_ACCESS_DISABLE:
+ case XEN_DOMCTL_MEM_EVENT_OP_MONITOR_DISABLE:
{
if ( med->ring_page )
{
diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h
index 57e2ed7..46c9298 100644
--- a/xen/include/public/domctl.h
+++ b/xen/include/public/domctl.h
@@ -775,29 +775,36 @@ struct xen_domctl_gdbsx_domstatus {
#define XEN_DOMCTL_MEM_EVENT_OP_PAGING_DISABLE 1
/*
- * Access permissions.
+ * Monitor helper.
*
* As with paging, use the domctl for teardown/setup of the
* helper<->hypervisor interface.
*
- * There are HVM hypercalls to set the per-page access permissions of every
- * page in a domain. When one of these permissions--independent, read,
- * write, and execute--is violated, the VCPU is paused and a memory event
- * is sent with what happened. (See public/mem_event.h) .
+ * The monitor interface can be used to register for various VM events. For
+ * example, there are HVM hypercalls to set the per-page access permissions
+ * of every page in a domain. When one of these permissions--independent,
+ * read, write, and execute--is violated, the VCPU is paused and a memory event
+ * is sent with what happened. The memory event handler can then resume the
+ * VCPU and redo the access with a XENMEM_access_op_resume hypercall.
*
- * The memory event handler can then resume the VCPU and redo the access
- * with a XENMEM_access_op_resume hypercall.
+ * See public/mem_event.h for the list of available events that can be
+ * subscribed to via the monitor interface.
*
- * The XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE domctl returns several
+ * To enable MOV-TO-MSR interception on x86, it is necessary to enable this
+ * interface with the XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
+ * operator.
+ *
+ * The XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE* domctls return several
* non-standard error codes to indicate why access could not be enabled:
* ENODEV - host lacks HAP support (EPT/NPT) or HAP is disabled in guest
* EBUSY - guest has or had access enabled, ring buffer still active
+ *
*/
-#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS 2
+#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR 2
-#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE 0
-#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS_DISABLE 1
-#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE_INTROSPECTION 2
+#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE 0
+#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_DISABLE 1
+#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION 2
/*
* Sharing ENOMEM helper.
diff --git a/xen/include/public/hvm/params.h b/xen/include/public/hvm/params.h
index a2d43bc..6efcc0b 100644
--- a/xen/include/public/hvm/params.h
+++ b/xen/include/public/hvm/params.h
@@ -182,7 +182,7 @@
/* Params for the mem event rings */
#define HVM_PARAM_PAGING_RING_PFN 27
-#define HVM_PARAM_ACCESS_RING_PFN 28
+#define HVM_PARAM_MONITOR_RING_PFN 28
#define HVM_PARAM_SHARING_RING_PFN 29
/* SHUTDOWN_* action in case of a triple fault */
diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h
index 814e087..64a2bd3 100644
--- a/xen/include/xen/sched.h
+++ b/xen/include/xen/sched.h
@@ -288,8 +288,8 @@ struct mem_event_per_domain
struct mem_event_domain share;
/* Memory paging support */
struct mem_event_domain paging;
- /* Memory access support */
- struct mem_event_domain access;
+ /* VM event monitor support */
+ struct mem_event_domain monitor;
};
struct evtchn_port_ops;
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 03/12] xen/mem_paging: Convert mem_event_op to mem_paging_op
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 02/12] xen/mem_event: Rename the mem_event ring from 'access' to 'monitor' Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-02-02 17:23 ` Ian Campbell
2015-02-03 15:41 ` Jan Beulich
2015-01-29 21:46 ` [RFC PATCH V3 04/12] xen/mem_access: Merge mem_event sanity check into mem_access check Tamas K Lengyel
` (9 subsequent siblings)
12 siblings, 2 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
The only use-case of the mem_event_op structure had been in mem_paging,
thus renaming the structure mem_paging_op and relocating its associated
functions clarifies its actual usage.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
Acked-by: Tim Deegan <tim@xen.org>
---
v3: Style fixes
---
tools/libxc/xc_mem_event.c | 16 ----------------
tools/libxc/xc_mem_paging.c | 26 ++++++++++++++++++--------
tools/libxc/xc_private.h | 3 ---
xen/arch/x86/mm/mem_paging.c | 14 ++++++--------
xen/arch/x86/x86_64/compat/mm.c | 8 ++++----
xen/arch/x86/x86_64/mm.c | 8 ++++----
xen/common/mem_event.c | 4 ++--
xen/include/asm-x86/mem_paging.h | 2 +-
xen/include/public/memory.h | 9 ++++-----
9 files changed, 39 insertions(+), 51 deletions(-)
diff --git a/tools/libxc/xc_mem_event.c b/tools/libxc/xc_mem_event.c
index 20db2ed..a5e0948 100644
--- a/tools/libxc/xc_mem_event.c
+++ b/tools/libxc/xc_mem_event.c
@@ -40,22 +40,6 @@ int xc_mem_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
return rc;
}
-int xc_mem_event_memop(xc_interface *xch, domid_t domain_id,
- unsigned int op, unsigned int mode,
- uint64_t gfn, void *buffer)
-{
- xen_mem_event_op_t meo;
-
- memset(&meo, 0, sizeof(meo));
-
- meo.op = op;
- meo.domain = domain_id;
- meo.gfn = gfn;
- meo.buffer = (unsigned long) buffer;
-
- return do_memory_op(xch, mode, &meo, sizeof(meo));
-}
-
void *xc_mem_event_enable(xc_interface *xch, domid_t domain_id, int param,
uint32_t *port, int enable_introspection)
{
diff --git a/tools/libxc/xc_mem_paging.c b/tools/libxc/xc_mem_paging.c
index 8aa7d4d..bf3173d 100644
--- a/tools/libxc/xc_mem_paging.c
+++ b/tools/libxc/xc_mem_paging.c
@@ -23,6 +23,20 @@
#include "xc_private.h"
+static int xc_mem_paging_memop(xc_interface *xch, domid_t domain_id,
+ unsigned int op, uint64_t gfn, void *buffer)
+{
+ xen_mem_paging_op_t mpo;
+
+ memset(&mpo, 0, sizeof(mpo));
+
+ mpo.op = op;
+ mpo.domain = domain_id;
+ mpo.gfn = gfn;
+ mpo.buffer = (unsigned long) buffer;
+
+ return do_memory_op(xch, XENMEM_paging_op, &mpo, sizeof(mpo));
+}
int xc_mem_paging_enable(xc_interface *xch, domid_t domain_id,
uint32_t *port)
@@ -49,25 +63,22 @@ int xc_mem_paging_disable(xc_interface *xch, domid_t domain_id)
int xc_mem_paging_nominate(xc_interface *xch, domid_t domain_id, unsigned long gfn)
{
- return xc_mem_event_memop(xch, domain_id,
+ return xc_mem_paging_memop(xch, domain_id,
XENMEM_paging_op_nominate,
- XENMEM_paging_op,
gfn, NULL);
}
int xc_mem_paging_evict(xc_interface *xch, domid_t domain_id, unsigned long gfn)
{
- return xc_mem_event_memop(xch, domain_id,
+ return xc_mem_paging_memop(xch, domain_id,
XENMEM_paging_op_evict,
- XENMEM_paging_op,
gfn, NULL);
}
int xc_mem_paging_prep(xc_interface *xch, domid_t domain_id, unsigned long gfn)
{
- return xc_mem_event_memop(xch, domain_id,
+ return xc_mem_paging_memop(xch, domain_id,
XENMEM_paging_op_prep,
- XENMEM_paging_op,
gfn, NULL);
}
@@ -87,9 +98,8 @@ int xc_mem_paging_load(xc_interface *xch, domid_t domain_id,
if ( mlock(buffer, XC_PAGE_SIZE) )
return -1;
- rc = xc_mem_event_memop(xch, domain_id,
+ rc = xc_mem_paging_memop(xch, domain_id,
XENMEM_paging_op_prep,
- XENMEM_paging_op,
gfn, buffer);
old_errno = errno;
diff --git a/tools/libxc/xc_private.h b/tools/libxc/xc_private.h
index 45b8644..f1f601c 100644
--- a/tools/libxc/xc_private.h
+++ b/tools/libxc/xc_private.h
@@ -425,9 +425,6 @@ int xc_ffs64(uint64_t x);
*/
int xc_mem_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
unsigned int mode, uint32_t *port);
-int xc_mem_event_memop(xc_interface *xch, domid_t domain_id,
- unsigned int op, unsigned int mode,
- uint64_t gfn, void *buffer);
/*
* Enables mem_event and returns the mapped ring page indicated by param.
* param can be HVM_PARAM_PAGING/ACCESS/SHARING_RING_PFN
diff --git a/xen/arch/x86/mm/mem_paging.c b/xen/arch/x86/mm/mem_paging.c
index 65f6a3d..e3d64a6 100644
--- a/xen/arch/x86/mm/mem_paging.c
+++ b/xen/arch/x86/mm/mem_paging.c
@@ -25,31 +25,29 @@
#include <xen/mem_event.h>
-int mem_paging_memop(struct domain *d, xen_mem_event_op_t *mec)
+int mem_paging_memop(struct domain *d, xen_mem_paging_op_t *mpc)
{
if ( unlikely(!d->mem_event->paging.ring_page) )
return -ENODEV;
- switch( mec->op )
+ switch( mpc->op )
{
case XENMEM_paging_op_nominate:
{
- unsigned long gfn = mec->gfn;
- return p2m_mem_paging_nominate(d, gfn);
+ return p2m_mem_paging_nominate(d, mpc->gfn);
}
break;
case XENMEM_paging_op_evict:
{
- unsigned long gfn = mec->gfn;
- return p2m_mem_paging_evict(d, gfn);
+ return p2m_mem_paging_evict(d, mpc->gfn);
}
break;
case XENMEM_paging_op_prep:
{
- unsigned long gfn = mec->gfn;
- return p2m_mem_paging_prep(d, gfn, mec->buffer);
+ unsigned long gfn = mpc->gfn;
+ return p2m_mem_paging_prep(d, gfn, mpc->buffer);
}
break;
diff --git a/xen/arch/x86/x86_64/compat/mm.c b/xen/arch/x86/x86_64/compat/mm.c
index f90f611..c8ea85a 100644
--- a/xen/arch/x86/x86_64/compat/mm.c
+++ b/xen/arch/x86/x86_64/compat/mm.c
@@ -188,11 +188,11 @@ int compat_arch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
case XENMEM_paging_op:
{
- xen_mem_event_op_t meo;
- if ( copy_from_guest(&meo, arg, 1) )
+ xen_mem_paging_op_t mpo;
+ if ( copy_from_guest(&mpo, arg, 1) )
return -EFAULT;
- rc = do_mem_event_op(cmd, meo.domain, &meo);
- if ( !rc && __copy_to_guest(arg, &meo, 1) )
+ rc = do_mem_event_op(cmd, mpo.domain, &mpo);
+ if ( !rc && __copy_to_guest(arg, &mpo, 1) )
return -EFAULT;
break;
}
diff --git a/xen/arch/x86/x86_64/mm.c b/xen/arch/x86/x86_64/mm.c
index d631aee..2fa1f67 100644
--- a/xen/arch/x86/x86_64/mm.c
+++ b/xen/arch/x86/x86_64/mm.c
@@ -985,11 +985,11 @@ long subarch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
case XENMEM_paging_op:
{
- xen_mem_event_op_t meo;
- if ( copy_from_guest(&meo, arg, 1) )
+ xen_mem_paging_op_t mpo;
+ if ( copy_from_guest(&mpo, arg, 1) )
return -EFAULT;
- rc = do_mem_event_op(cmd, meo.domain, &meo);
- if ( !rc && __copy_to_guest(arg, &meo, 1) )
+ rc = do_mem_event_op(cmd, mpo.domain, &mpo);
+ if ( !rc && __copy_to_guest(arg, &mpo, 1) )
return -EFAULT;
break;
}
diff --git a/xen/common/mem_event.c b/xen/common/mem_event.c
index 37b5558..1501d59 100644
--- a/xen/common/mem_event.c
+++ b/xen/common/mem_event.c
@@ -474,12 +474,12 @@ int do_mem_event_op(int op, uint32_t domain, void *arg)
{
#ifdef HAS_MEM_PAGING
case XENMEM_paging_op:
- ret = mem_paging_memop(d, (xen_mem_event_op_t *) arg);
+ ret = mem_paging_memop(d, arg);
break;
#endif
#ifdef HAS_MEM_SHARING
case XENMEM_sharing_op:
- ret = mem_sharing_memop(d, (xen_mem_sharing_op_t *) arg);
+ ret = mem_sharing_memop(d, arg);
break;
#endif
default:
diff --git a/xen/include/asm-x86/mem_paging.h b/xen/include/asm-x86/mem_paging.h
index 6b7a1fe..92ed2fa 100644
--- a/xen/include/asm-x86/mem_paging.h
+++ b/xen/include/asm-x86/mem_paging.h
@@ -21,7 +21,7 @@
*/
-int mem_paging_memop(struct domain *d, xen_mem_event_op_t *meo);
+int mem_paging_memop(struct domain *d, xen_mem_paging_op_t *meo);
/*
diff --git a/xen/include/public/memory.h b/xen/include/public/memory.h
index 595f953..e0cca46 100644
--- a/xen/include/public/memory.h
+++ b/xen/include/public/memory.h
@@ -372,18 +372,17 @@ typedef struct xen_pod_target xen_pod_target_t;
#define XENMEM_paging_op_evict 1
#define XENMEM_paging_op_prep 2
-struct xen_mem_event_op {
- uint8_t op; /* XENMEM_*_op_* */
+struct xen_mem_paging_op {
+ uint8_t op; /* XENMEM_paging_op_* */
domid_t domain;
-
/* PAGING_PREP IN: buffer to immediately fill page in */
uint64_aligned_t buffer;
/* Other OPs */
uint64_aligned_t gfn; /* IN: gfn of page being operated on */
};
-typedef struct xen_mem_event_op xen_mem_event_op_t;
-DEFINE_XEN_GUEST_HANDLE(xen_mem_event_op_t);
+typedef struct xen_mem_paging_op xen_mem_paging_op_t;
+DEFINE_XEN_GUEST_HANDLE(xen_mem_paging_op_t);
#define XENMEM_access_op 21
#define XENMEM_access_op_resume 0
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 04/12] xen/mem_access: Merge mem_event sanity check into mem_access check
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
` (2 preceding siblings ...)
2015-01-29 21:46 ` [RFC PATCH V3 03/12] xen/mem_paging: Convert mem_event_op to mem_paging_op Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 05/12] xen: Introduce vm_event Tamas K Lengyel
` (8 subsequent siblings)
12 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
The current sanity check when enabling mem_event is only applicable
to mem_access.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
xen/common/mem_event.c | 4 ----
xen/include/asm-x86/p2m.h | 8 +-------
xen/include/public/domctl.h | 1 -
3 files changed, 1 insertion(+), 12 deletions(-)
diff --git a/xen/common/mem_event.c b/xen/common/mem_event.c
index 1501d59..c6ee505 100644
--- a/xen/common/mem_event.c
+++ b/xen/common/mem_event.c
@@ -619,10 +619,6 @@ int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec,
case XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE:
case XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
{
- rc = -ENODEV;
- if ( !p2m_mem_event_sanity_check(d) )
- break;
-
rc = mem_event_enable(d, mec, med, _VPF_mem_access,
HVM_PARAM_MONITOR_RING_PFN,
mem_access_notification);
diff --git a/xen/include/asm-x86/p2m.h b/xen/include/asm-x86/p2m.h
index 2cf73ca..b96f24c 100644
--- a/xen/include/asm-x86/p2m.h
+++ b/xen/include/asm-x86/p2m.h
@@ -599,16 +599,10 @@ void p2m_mem_event_emulate_check(struct vcpu *v,
/* Enable arch specific introspection options (such as MSR interception). */
void p2m_setup_introspection(struct domain *d);
-/* Sanity check for mem_event hardware support */
-static inline bool_t p2m_mem_event_sanity_check(struct domain *d)
-{
- return hap_enabled(d) && cpu_has_vmx;
-}
-
/* Sanity check for mem_access hardware support */
static inline bool_t p2m_mem_access_sanity_check(struct domain *d)
{
- return is_hvm_domain(d);
+ return is_hvm_domain(d) && hap_enabled(d) && cpu_has_vmx;
}
/*
diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h
index 46c9298..596a624 100644
--- a/xen/include/public/domctl.h
+++ b/xen/include/public/domctl.h
@@ -796,7 +796,6 @@ struct xen_domctl_gdbsx_domstatus {
*
* The XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE* domctls return several
* non-standard error codes to indicate why access could not be enabled:
- * ENODEV - host lacks HAP support (EPT/NPT) or HAP is disabled in guest
* EBUSY - guest has or had access enabled, ring buffer still active
*
*/
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 05/12] xen: Introduce vm_event
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
` (3 preceding siblings ...)
2015-01-29 21:46 ` [RFC PATCH V3 04/12] xen/mem_access: Merge mem_event sanity check into mem_access check Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-01-30 17:25 ` Daniel De Graaf
` (2 more replies)
2015-01-29 21:46 ` [RFC PATCH V3 06/12] xen: migrate mem_event to vm_event Tamas K Lengyel
` (7 subsequent siblings)
12 siblings, 3 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
To make it easier to review the renaming process of mem_event -> vm_event,
the process is broken into three pieces, of which this patch is the first.
In this patch the vm_event subsystem is introduced and hooked into the build
process, but it is not yet used anywhere.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
MAINTAINERS | 1 +
docs/misc/xsm-flask.txt | 1 +
tools/libxc/Makefile | 1 +
tools/libxc/xc_private.h | 12 +
tools/libxc/xc_vm_event.c | 162 ++++++++
xen/common/Makefile | 1 +
xen/common/vm_event.c | 739 ++++++++++++++++++++++++++++++++++++
xen/include/public/domctl.h | 79 ++++
xen/include/public/vm_event.h | 193 ++++++++++
xen/include/xen/sched.h | 41 ++
xen/include/xen/vm_event.h | 143 +++++++
xen/include/xsm/dummy.h | 12 +
xen/include/xsm/xsm.h | 12 +
xen/xsm/dummy.c | 2 +
xen/xsm/flask/hooks.c | 12 +
xen/xsm/flask/policy/access_vectors | 1 +
16 files changed, 1412 insertions(+)
create mode 100644 tools/libxc/xc_vm_event.c
create mode 100644 xen/common/vm_event.c
create mode 100644 xen/include/public/vm_event.h
create mode 100644 xen/include/xen/vm_event.h
diff --git a/MAINTAINERS b/MAINTAINERS
index 3bbac9e..cff3e5f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -364,6 +364,7 @@ F: tools/memshr
MEMORY EVENT AND ACCESS
M: Tim Deegan <tim@xen.org>
S: Supported
+F: xen/common/vm_event.c
F: xen/common/mem_event.c
F: xen/common/mem_access.c
diff --git a/docs/misc/xsm-flask.txt b/docs/misc/xsm-flask.txt
index 9559028..9eead61 100644
--- a/docs/misc/xsm-flask.txt
+++ b/docs/misc/xsm-flask.txt
@@ -87,6 +87,7 @@ __HYPERVISOR_domctl (xen/include/public/domctl.h)
* XEN_DOMCTL_set_machine_address_size
* XEN_DOMCTL_debug_op
* XEN_DOMCTL_gethvmcontext_partial
+ * XEN_DOMCTL_vm_event_op
* XEN_DOMCTL_mem_event_op
* XEN_DOMCTL_mem_sharing_op
* XEN_DOMCTL_setvcpuextstate
diff --git a/tools/libxc/Makefile b/tools/libxc/Makefile
index bd2ca6c..b97e535 100644
--- a/tools/libxc/Makefile
+++ b/tools/libxc/Makefile
@@ -26,6 +26,7 @@ CTRL_SRCS-y += xc_pm.c
CTRL_SRCS-y += xc_cpu_hotplug.c
CTRL_SRCS-y += xc_resume.c
CTRL_SRCS-y += xc_tmem.c
+CTRL_SRCS-y += xc_vm_event.c
CTRL_SRCS-y += xc_mem_event.c
CTRL_SRCS-y += xc_mem_paging.c
CTRL_SRCS-y += xc_mem_access.c
diff --git a/tools/libxc/xc_private.h b/tools/libxc/xc_private.h
index f1f601c..58db86d 100644
--- a/tools/libxc/xc_private.h
+++ b/tools/libxc/xc_private.h
@@ -432,4 +432,16 @@ int xc_mem_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
void *xc_mem_event_enable(xc_interface *xch, domid_t domain_id, int param,
uint32_t *port, int enable_introspection);
+/**
+ * vm_event operations. Internal use only.
+ */
+int xc_vm_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
+ unsigned int mode, uint32_t *port);
+/*
+ * Enables vm_event and returns the mapped ring page indicated by param.
+ * param can be HVM_PARAM_PAGING/ACCESS/SHARING_RING_PFN
+ */
+void *xc_vm_event_enable(xc_interface *xch, domid_t domain_id, int param,
+ uint32_t *port, int enable_introspection);
+
#endif /* __XC_PRIVATE_H__ */
diff --git a/tools/libxc/xc_vm_event.c b/tools/libxc/xc_vm_event.c
new file mode 100644
index 0000000..dda766e
--- /dev/null
+++ b/tools/libxc/xc_vm_event.c
@@ -0,0 +1,162 @@
+/******************************************************************************
+ *
+ * xc_vm_event.c
+ *
+ * Interface to low-level VM event functionality.
+ *
+ * Copyright (c) 2009 Citrix Systems, Inc. (Patrick Colp)
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include "xc_private.h"
+
+int xc_vm_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
+ unsigned int mode, uint32_t *port)
+{
+ DECLARE_DOMCTL;
+ int rc;
+
+ domctl.cmd = XEN_DOMCTL_mem_event_op;
+ domctl.domain = domain_id;
+ domctl.u.vm_event_op.op = op;
+ domctl.u.vm_event_op.mode = mode;
+
+ rc = do_domctl(xch, &domctl);
+ if ( !rc && port )
+ *port = domctl.u.vm_event_op.port;
+ return rc;
+}
+
+void *xc_vm_event_enable(xc_interface *xch, domid_t domain_id, int param,
+ uint32_t *port, int enable_introspection)
+{
+ void *ring_page = NULL;
+ uint64_t pfn;
+ xen_pfn_t ring_pfn, mmap_pfn;
+ unsigned int op, mode;
+ int rc1, rc2, saved_errno;
+
+ if ( !port )
+ {
+ errno = EINVAL;
+ return NULL;
+ }
+
+ /* Pause the domain for ring page setup */
+ rc1 = xc_domain_pause(xch, domain_id);
+ if ( rc1 != 0 )
+ {
+ PERROR("Unable to pause domain\n");
+ return NULL;
+ }
+
+ /* Get the pfn of the ring page */
+ rc1 = xc_hvm_param_get(xch, domain_id, param, &pfn);
+ if ( rc1 != 0 )
+ {
+ PERROR("Failed to get pfn of ring page\n");
+ goto out;
+ }
+
+ ring_pfn = pfn;
+ mmap_pfn = pfn;
+ ring_page = xc_map_foreign_batch(xch, domain_id, PROT_READ | PROT_WRITE,
+ &mmap_pfn, 1);
+ if ( mmap_pfn & XEN_DOMCTL_PFINFO_XTAB )
+ {
+ /* Map failed, populate ring page */
+ rc1 = xc_domain_populate_physmap_exact(xch, domain_id, 1, 0, 0,
+ &ring_pfn);
+ if ( rc1 != 0 )
+ {
+ PERROR("Failed to populate ring pfn\n");
+ goto out;
+ }
+
+ mmap_pfn = ring_pfn;
+ ring_page = xc_map_foreign_batch(xch, domain_id, PROT_READ | PROT_WRITE,
+ &mmap_pfn, 1);
+ if ( mmap_pfn & XEN_DOMCTL_PFINFO_XTAB )
+ {
+ PERROR("Could not map the ring page\n");
+ goto out;
+ }
+ }
+
+ switch ( param )
+ {
+ case HVM_PARAM_PAGING_RING_PFN:
+ op = XEN_DOMCTL_VM_EVENT_OP_PAGING_ENABLE;
+ mode = XEN_DOMCTL_VM_EVENT_OP_PAGING;
+ break;
+
+ case HVM_PARAM_MONITOR_RING_PFN:
+ if ( enable_introspection )
+ op = XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION;
+ else
+ op = XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE;
+ mode = XEN_DOMCTL_VM_EVENT_OP_MONITOR;
+ break;
+
+ case HVM_PARAM_SHARING_RING_PFN:
+ op = XEN_DOMCTL_VM_EVENT_OP_SHARING_ENABLE;
+ mode = XEN_DOMCTL_VM_EVENT_OP_SHARING;
+ break;
+
+ /*
+ * This is for the outside chance that the HVM_PARAM is valid but is invalid
+ * as far as vm_event goes.
+ */
+ default:
+ errno = EINVAL;
+ rc1 = -1;
+ goto out;
+ }
+
+ rc1 = xc_vm_event_control(xch, domain_id, op, mode, port);
+ if ( rc1 != 0 )
+ {
+ PERROR("Failed to enable vm_event\n");
+ goto out;
+ }
+
+ /* Remove the ring_pfn from the guest's physmap */
+ rc1 = xc_domain_decrease_reservation_exact(xch, domain_id, 1, 0, &ring_pfn);
+ if ( rc1 != 0 )
+ PERROR("Failed to remove ring page from guest physmap");
+
+ out:
+ saved_errno = errno;
+
+ rc2 = xc_domain_unpause(xch, domain_id);
+ if ( rc1 != 0 || rc2 != 0 )
+ {
+ if ( rc2 != 0 )
+ {
+ if ( rc1 == 0 )
+ saved_errno = errno;
+ PERROR("Unable to unpause domain");
+ }
+
+ if ( ring_page )
+ munmap(ring_page, XC_PAGE_SIZE);
+ ring_page = NULL;
+
+ errno = saved_errno;
+ }
+
+ return ring_page;
+}
diff --git a/xen/common/Makefile b/xen/common/Makefile
index 1956091..0db6967 100644
--- a/xen/common/Makefile
+++ b/xen/common/Makefile
@@ -55,6 +55,7 @@ obj-y += lzo.o
obj-$(HAS_PDX) += pdx.o
obj-$(HAS_MEM_ACCESS) += mem_access.o
obj-$(HAS_MEM_ACCESS) += mem_event.o
+obj-$(HAS_MEM_ACCESS) += vm_event.o
obj-bin-$(CONFIG_X86) += $(foreach n,decompress bunzip2 unxz unlzma unlzo unlz4 earlycpio,$(n).init.o)
diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c
new file mode 100644
index 0000000..0db899e
--- /dev/null
+++ b/xen/common/vm_event.c
@@ -0,0 +1,739 @@
+/******************************************************************************
+ * vm_event.c
+ *
+ * VM event support.
+ *
+ * Copyright (c) 2009 Citrix Systems, Inc. (Patrick Colp)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#include <xen/sched.h>
+#include <xen/event.h>
+#include <xen/wait.h>
+#include <xen/vm_event.h>
+#include <xen/mem_access.h>
+#include <asm/p2m.h>
+
+#ifdef HAS_MEM_PAGING
+#include <asm/mem_paging.h>
+#endif
+
+#ifdef HAS_MEM_SHARING
+#include <asm/mem_sharing.h>
+#endif
+
+#include <xsm/xsm.h>
+
+/* for public/io/ring.h macros */
+#define xen_mb() mb()
+#define xen_rmb() rmb()
+#define xen_wmb() wmb()
+
+#define vm_event_ring_lock_init(_ved) spin_lock_init(&(_ved)->ring_lock)
+#define vm_event_ring_lock(_ved) spin_lock(&(_ved)->ring_lock)
+#define vm_event_ring_unlock(_ved) spin_unlock(&(_ved)->ring_lock)
+
+static int vm_event_enable(
+ struct domain *d,
+ xen_domctl_vm_event_op_t *vec,
+ struct vm_event_domain *ved,
+ int pause_flag,
+ int param,
+ xen_event_channel_notification_t notification_fn)
+{
+ int rc;
+ unsigned long ring_gfn = d->arch.hvm_domain.params[param];
+
+ /* Only one helper at a time. If the helper crashed,
+ * the ring is in an undefined state and so is the guest.
+ */
+ if ( ved->ring_page )
+ return -EBUSY;
+
+ /* The parameter defaults to zero, and it should be
+ * set to something */
+ if ( ring_gfn == 0 )
+ return -ENOSYS;
+
+ vm_event_ring_lock_init(ved);
+ vm_event_ring_lock(ved);
+
+ rc = prepare_ring_for_helper(d, ring_gfn, &ved->ring_pg_struct,
+ &ved->ring_page);
+ if ( rc < 0 )
+ goto err;
+
+ /* Set the number of currently blocked vCPUs to 0. */
+ ved->blocked = 0;
+
+ /* Allocate event channel */
+ rc = alloc_unbound_xen_event_channel(d->vcpu[0],
+ current->domain->domain_id,
+ notification_fn);
+ if ( rc < 0 )
+ goto err;
+
+ ved->xen_port = vec->port = rc;
+
+ /* Prepare ring buffer */
+ FRONT_RING_INIT(&ved->front_ring,
+ (vm_event_sring_t *)ved->ring_page,
+ PAGE_SIZE);
+
+ /* Save the pause flag for this particular ring. */
+ ved->pause_flag = pause_flag;
+
+ /* Initialize the last-chance wait queue. */
+ init_waitqueue_head(&ved->wq);
+
+ vm_event_ring_unlock(ved);
+ return 0;
+
+ err:
+ destroy_ring_for_helper(&ved->ring_page,
+ ved->ring_pg_struct);
+ vm_event_ring_unlock(ved);
+
+ return rc;
+}
+
+static unsigned int vm_event_ring_available(struct vm_event_domain *ved)
+{
+ int avail_req = RING_FREE_REQUESTS(&ved->front_ring);
+ avail_req -= ved->target_producers;
+ avail_req -= ved->foreign_producers;
+
+ BUG_ON(avail_req < 0);
+
+ return avail_req;
+}
+
+/*
+ * vm_event_wake_blocked() will wakeup vcpus waiting for room in the
+ * ring. These vCPUs were paused on their way out after placing an event,
+ * but need to be resumed where the ring is capable of processing at least
+ * one event from them.
+ */
+static void vm_event_wake_blocked(struct domain *d, struct vm_event_domain *ved)
+{
+ struct vcpu *v;
+ int online = d->max_vcpus;
+ unsigned int avail_req = vm_event_ring_available(ved);
+
+ if ( avail_req == 0 || ved->blocked == 0 )
+ return;
+
+ /*
+ * We ensure that we only have vCPUs online if there are enough free slots
+ * for their memory events to be processed. This will ensure that no
+ * memory events are lost (due to the fact that certain types of events
+ * cannot be replayed, we need to ensure that there is space in the ring
+ * for when they are hit).
+ * See comment below in vm_event_put_request().
+ */
+ for_each_vcpu ( d, v )
+ if ( test_bit(ved->pause_flag, &v->pause_flags) )
+ online--;
+
+ ASSERT(online == (d->max_vcpus - ved->blocked));
+
+ /* We remember which vcpu last woke up to avoid scanning always linearly
+ * from zero and starving higher-numbered vcpus under high load */
+ if ( d->vcpu )
+ {
+ int i, j, k;
+
+ for (i = ved->last_vcpu_wake_up + 1, j = 0; j < d->max_vcpus; i++, j++)
+ {
+ k = i % d->max_vcpus;
+ v = d->vcpu[k];
+ if ( !v )
+ continue;
+
+ if ( !(ved->blocked) || online >= avail_req )
+ break;
+
+ if ( test_and_clear_bit(ved->pause_flag, &v->pause_flags) )
+ {
+ vcpu_unpause(v);
+ online++;
+ ved->blocked--;
+ ved->last_vcpu_wake_up = k;
+ }
+ }
+ }
+}
+
+/*
+ * In the event that a vCPU attempted to place an event in the ring and
+ * was unable to do so, it is queued on a wait queue. These are woken as
+ * needed, and take precedence over the blocked vCPUs.
+ */
+static void vm_event_wake_queued(struct domain *d, struct vm_event_domain *ved)
+{
+ unsigned int avail_req = vm_event_ring_available(ved);
+
+ if ( avail_req > 0 )
+ wake_up_nr(&ved->wq, avail_req);
+}
+
+/*
+ * vm_event_wake() will wakeup all vcpus waiting for the ring to
+ * become available. If we have queued vCPUs, they get top priority. We
+ * are guaranteed that they will go through code paths that will eventually
+ * call vm_event_wake() again, ensuring that any blocked vCPUs will get
+ * unpaused once all the queued vCPUs have made it through.
+ */
+void vm_event_wake(struct domain *d, struct vm_event_domain *ved)
+{
+ if (!list_empty(&ved->wq.list))
+ vm_event_wake_queued(d, ved);
+ else
+ vm_event_wake_blocked(d, ved);
+}
+
+static int vm_event_disable(struct domain *d, struct vm_event_domain *ved)
+{
+ if ( ved->ring_page )
+ {
+ struct vcpu *v;
+
+ vm_event_ring_lock(ved);
+
+ if ( !list_empty(&ved->wq.list) )
+ {
+ vm_event_ring_unlock(ved);
+ return -EBUSY;
+ }
+
+ /* Free domU's event channel and leave the other one unbound */
+ free_xen_event_channel(d->vcpu[0], ved->xen_port);
+
+ /* Unblock all vCPUs */
+ for_each_vcpu ( d, v )
+ {
+ if ( test_and_clear_bit(ved->pause_flag, &v->pause_flags) )
+ {
+ vcpu_unpause(v);
+ ved->blocked--;
+ }
+ }
+
+ destroy_ring_for_helper(&ved->ring_page,
+ ved->ring_pg_struct);
+ vm_event_ring_unlock(ved);
+ }
+
+ return 0;
+}
+
+static inline void vm_event_release_slot(struct domain *d,
+ struct vm_event_domain *ved)
+{
+ /* Update the accounting */
+ if ( current->domain == d )
+ ved->target_producers--;
+ else
+ ved->foreign_producers--;
+
+ /* Kick any waiters */
+ vm_event_wake(d, ved);
+}
+
+/*
+ * vm_event_mark_and_pause() tags vcpu and put it to sleep.
+ * The vcpu will resume execution in vm_event_wake_waiters().
+ */
+void vm_event_mark_and_pause(struct vcpu *v, struct vm_event_domain *ved)
+{
+ if ( !test_and_set_bit(ved->pause_flag, &v->pause_flags) )
+ {
+ vcpu_pause_nosync(v);
+ ved->blocked++;
+ }
+}
+
+/*
+ * This must be preceded by a call to claim_slot(), and is guaranteed to
+ * succeed. As a side-effect however, the vCPU may be paused if the ring is
+ * overly full and its continued execution would cause stalling and excessive
+ * waiting. The vCPU will be automatically unpaused when the ring clears.
+ */
+void vm_event_put_request(struct domain *d,
+ struct vm_event_domain *ved,
+ vm_event_request_t *req)
+{
+ vm_event_front_ring_t *front_ring;
+ int free_req;
+ unsigned int avail_req;
+ RING_IDX req_prod;
+
+ if ( current->domain != d )
+ {
+ req->flags |= VM_EVENT_FLAG_FOREIGN;
+#ifndef NDEBUG
+ if ( !(req->flags & VM_EVENT_FLAG_VCPU_PAUSED) )
+ gdprintk(XENLOG_G_WARNING, "d%dv%d was not paused.\n",
+ d->domain_id, req->vcpu_id);
+#endif
+ }
+
+ vm_event_ring_lock(ved);
+
+ /* Due to the reservations, this step must succeed. */
+ front_ring = &ved->front_ring;
+ free_req = RING_FREE_REQUESTS(front_ring);
+ ASSERT(free_req > 0);
+
+ /* Copy request */
+ req_prod = front_ring->req_prod_pvt;
+ memcpy(RING_GET_REQUEST(front_ring, req_prod), req, sizeof(*req));
+ req_prod++;
+
+ /* Update ring */
+ front_ring->req_prod_pvt = req_prod;
+ RING_PUSH_REQUESTS(front_ring);
+
+ /* We've actually *used* our reservation, so release the slot. */
+ vm_event_release_slot(d, ved);
+
+ /* Give this vCPU a black eye if necessary, on the way out.
+ * See the comments above wake_blocked() for more information
+ * on how this vechanism works to avoid waiting. */
+ avail_req = vm_event_ring_available(ved);
+ if( current->domain == d && avail_req < d->max_vcpus )
+ vm_event_mark_and_pause(current, ved);
+
+ vm_event_ring_unlock(ved);
+
+ notify_via_xen_event_channel(d, ved->xen_port);
+}
+
+int vm_event_get_response(struct domain *d, struct vm_event_domain *ved, vm_event_response_t *rsp)
+{
+ vm_event_front_ring_t *front_ring;
+ RING_IDX rsp_cons;
+
+ vm_event_ring_lock(ved);
+
+ front_ring = &ved->front_ring;
+ rsp_cons = front_ring->rsp_cons;
+
+ if ( !RING_HAS_UNCONSUMED_RESPONSES(front_ring) )
+ {
+ vm_event_ring_unlock(ved);
+ return 0;
+ }
+
+ /* Copy response */
+ memcpy(rsp, RING_GET_RESPONSE(front_ring, rsp_cons), sizeof(*rsp));
+ rsp_cons++;
+
+ /* Update ring */
+ front_ring->rsp_cons = rsp_cons;
+ front_ring->sring->rsp_event = rsp_cons + 1;
+
+ /* Kick any waiters -- since we've just consumed an event,
+ * there may be additional space available in the ring. */
+ vm_event_wake(d, ved);
+
+ vm_event_ring_unlock(ved);
+
+ return 1;
+}
+
+void vm_event_cancel_slot(struct domain *d, struct vm_event_domain *ved)
+{
+ vm_event_ring_lock(ved);
+ vm_event_release_slot(d, ved);
+ vm_event_ring_unlock(ved);
+}
+
+static int vm_event_grab_slot(struct vm_event_domain *ved, int foreign)
+{
+ unsigned int avail_req;
+
+ if ( !ved->ring_page )
+ return -ENOSYS;
+
+ vm_event_ring_lock(ved);
+
+ avail_req = vm_event_ring_available(ved);
+ if ( avail_req == 0 )
+ {
+ vm_event_ring_unlock(ved);
+ return -EBUSY;
+ }
+
+ if ( !foreign )
+ ved->target_producers++;
+ else
+ ved->foreign_producers++;
+
+ vm_event_ring_unlock(ved);
+
+ return 0;
+}
+
+/* Simple try_grab wrapper for use in the wait_event() macro. */
+static int vm_event_wait_try_grab(struct vm_event_domain *ved, int *rc)
+{
+ *rc = vm_event_grab_slot(ved, 0);
+ return *rc;
+}
+
+/* Call vm_event_grab_slot() until the ring doesn't exist, or is available. */
+static int vm_event_wait_slot(struct vm_event_domain *ved)
+{
+ int rc = -EBUSY;
+ wait_event(ved->wq, vm_event_wait_try_grab(ved, &rc) != -EBUSY);
+ return rc;
+}
+
+bool_t vm_event_check_ring(struct vm_event_domain *ved)
+{
+ return (ved->ring_page != NULL);
+}
+
+/*
+ * Determines whether or not the current vCPU belongs to the target domain,
+ * and calls the appropriate wait function. If it is a guest vCPU, then we
+ * use vm_event_wait_slot() to reserve a slot. As long as there is a ring,
+ * this function will always return 0 for a guest. For a non-guest, we check
+ * for space and return -EBUSY if the ring is not available.
+ *
+ * Return codes: -ENOSYS: the ring is not yet configured
+ * -EBUSY: the ring is busy
+ * 0: a spot has been reserved
+ *
+ */
+int __vm_event_claim_slot(struct domain *d, struct vm_event_domain *ved,
+ bool_t allow_sleep)
+{
+ if ( (current->domain == d) && allow_sleep )
+ return vm_event_wait_slot(ved);
+ else
+ return vm_event_grab_slot(ved, (current->domain != d));
+}
+
+#ifdef HAS_MEM_PAGING
+/* Registered with Xen-bound event channel for incoming notifications. */
+static void mem_paging_notification(struct vcpu *v, unsigned int port)
+{
+ if ( likely(v->domain->vm_event->paging.ring_page != NULL) )
+ p2m_mem_paging_resume(v->domain);
+}
+#endif
+
+#ifdef HAS_MEM_ACCESS
+/* Registered with Xen-bound event channel for incoming notifications. */
+static void mem_access_notification(struct vcpu *v, unsigned int port)
+{
+ if ( likely(v->domain->vm_event->monitor.ring_page != NULL) )
+ mem_access_resume(v->domain);
+}
+#endif
+
+#ifdef HAS_MEM_SHARING
+/* Registered with Xen-bound event channel for incoming notifications. */
+static void mem_sharing_notification(struct vcpu *v, unsigned int port)
+{
+ if ( likely(v->domain->vm_event->share.ring_page != NULL) )
+ mem_sharing_sharing_resume(v->domain);
+}
+#endif
+
+int do_vm_event_op(int op, uint32_t domain, void *arg)
+{
+ int ret;
+ struct domain *d;
+
+ ret = rcu_lock_live_remote_domain_by_id(domain, &d);
+ if ( ret )
+ return ret;
+
+ ret = xsm_vm_event_op(XSM_DM_PRIV, d, op);
+ if ( ret )
+ goto out;
+
+ switch (op)
+ {
+#ifdef HAS_MEM_PAGING
+ case XENMEM_paging_op:
+ ret = mem_paging_memop(d, arg);
+ break;
+#endif
+#ifdef HAS_MEM_SHARING
+ case XENMEM_sharing_op:
+ ret = mem_sharing_memop(d, arg);
+ break;
+#endif
+ default:
+ ret = -ENOSYS;
+ }
+
+ out:
+ rcu_unlock_domain(d);
+ return ret;
+}
+
+/* Clean up on domain destruction */
+void vm_event_cleanup(struct domain *d)
+{
+#ifdef HAS_MEM_PAGING
+ if ( d->vm_event->paging.ring_page ) {
+ /* Destroying the wait queue head means waking up all
+ * queued vcpus. This will drain the list, allowing
+ * the disable routine to complete. It will also drop
+ * all domain refs the wait-queued vcpus are holding.
+ * Finally, because this code path involves previously
+ * pausing the domain (domain_kill), unpausing the
+ * vcpus causes no harm. */
+ destroy_waitqueue_head(&d->vm_event->paging.wq);
+ (void)vm_event_disable(d, &d->vm_event->paging);
+ }
+#endif
+#ifdef HAS_MEM_ACCESS
+ if ( d->vm_event->monitor.ring_page ) {
+ destroy_waitqueue_head(&d->vm_event->monitor.wq);
+ (void)vm_event_disable(d, &d->vm_event->monitor);
+ }
+#endif
+#ifdef HAS_MEM_SHARING
+ if ( d->vm_event->share.ring_page ) {
+ destroy_waitqueue_head(&d->vm_event->share.wq);
+ (void)vm_event_disable(d, &d->vm_event->share);
+ }
+#endif
+}
+
+int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
+ XEN_GUEST_HANDLE_PARAM(void) u_domctl)
+{
+ int rc;
+
+ rc = xsm_vm_event_control(XSM_PRIV, d, vec->mode, vec->op);
+ if ( rc )
+ return rc;
+
+ if ( unlikely(d == current->domain) )
+ {
+ gdprintk(XENLOG_INFO, "Tried to do a memory event op on itself.\n");
+ return -EINVAL;
+ }
+
+ if ( unlikely(d->is_dying) )
+ {
+ gdprintk(XENLOG_INFO, "Ignoring memory event op on dying domain %u\n",
+ d->domain_id);
+ return 0;
+ }
+
+ if ( unlikely(d->vcpu == NULL) || unlikely(d->vcpu[0] == NULL) )
+ {
+ gdprintk(XENLOG_INFO,
+ "Memory event op on a domain (%u) with no vcpus\n",
+ d->domain_id);
+ return -EINVAL;
+ }
+
+ rc = -ENOSYS;
+
+ switch ( vec->mode )
+ {
+#ifdef HAS_MEM_PAGING
+ case XEN_DOMCTL_VM_EVENT_OP_PAGING:
+ {
+ struct vm_event_domain *ved = &d->vm_event->paging;
+ rc = -EINVAL;
+
+ switch( vec->op )
+ {
+ case XEN_DOMCTL_VM_EVENT_OP_PAGING_ENABLE:
+ {
+ struct p2m_domain *p2m = p2m_get_hostp2m(d);
+
+ rc = -EOPNOTSUPP;
+ /* pvh fixme: p2m_is_foreign types need addressing */
+ if ( is_pvh_vcpu(current) || is_pvh_domain(hardware_domain) )
+ break;
+
+ rc = -ENODEV;
+ /* Only HAP is supported */
+ if ( !hap_enabled(d) )
+ break;
+
+ /* No paging if iommu is used */
+ rc = -EMLINK;
+ if ( unlikely(need_iommu(d)) )
+ break;
+
+ rc = -EXDEV;
+ /* Disallow paging in a PoD guest */
+ if ( p2m->pod.entry_count )
+ break;
+
+ rc = vm_event_enable(d, vec, ved, _VPF_mem_paging,
+ HVM_PARAM_PAGING_RING_PFN,
+ mem_paging_notification);
+ }
+ break;
+
+ case XEN_DOMCTL_VM_EVENT_OP_PAGING_DISABLE:
+ {
+ if ( ved->ring_page )
+ rc = vm_event_disable(d, ved);
+ }
+ break;
+
+ default:
+ rc = -ENOSYS;
+ break;
+ }
+ }
+ break;
+#endif
+
+#ifdef HAS_MEM_ACCESS
+ case XEN_DOMCTL_VM_EVENT_OP_MONITOR:
+ {
+ struct vm_event_domain *ved = &d->vm_event->monitor;
+ rc = -EINVAL;
+
+ switch( vec->op )
+ {
+ case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE:
+ case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
+ {
+ rc = vm_event_enable(d, vec, ved, _VPF_mem_access,
+ HVM_PARAM_MONITOR_RING_PFN,
+ mem_access_notification);
+
+ if ( vec->op == XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
+ && !rc )
+ p2m_setup_introspection(d);
+
+ }
+ break;
+
+ case XEN_DOMCTL_VM_EVENT_OP_MONITOR_DISABLE:
+ {
+ if ( ved->ring_page )
+ {
+ rc = vm_event_disable(d, ved);
+ d->arch.hvm_domain.introspection_enabled = 0;
+ }
+ }
+ break;
+
+ default:
+ rc = -ENOSYS;
+ break;
+ }
+ }
+ break;
+#endif
+
+#ifdef HAS_MEM_SHARING
+ case XEN_DOMCTL_VM_EVENT_OP_SHARING:
+ {
+ struct vm_event_domain *ved = &d->vm_event->share;
+ rc = -EINVAL;
+
+ switch( vec->op )
+ {
+ case XEN_DOMCTL_VM_EVENT_OP_SHARING_ENABLE:
+ {
+ rc = -EOPNOTSUPP;
+ /* pvh fixme: p2m_is_foreign types need addressing */
+ if ( is_pvh_vcpu(current) || is_pvh_domain(hardware_domain) )
+ break;
+
+ rc = -ENODEV;
+ /* Only HAP is supported */
+ if ( !hap_enabled(d) )
+ break;
+
+ rc = vm_event_enable(d, vec, ved, _VPF_mem_sharing,
+ HVM_PARAM_SHARING_RING_PFN,
+ mem_sharing_notification);
+ }
+ break;
+
+ case XEN_DOMCTL_VM_EVENT_OP_SHARING_DISABLE:
+ {
+ if ( ved->ring_page )
+ rc = vm_event_disable(d, ved);
+ }
+ break;
+
+ default:
+ rc = -ENOSYS;
+ break;
+ }
+ }
+ break;
+#endif
+
+ default:
+ rc = -ENOSYS;
+ }
+
+ return rc;
+}
+
+void vm_event_vcpu_pause(struct vcpu *v)
+{
+ ASSERT(v == current);
+
+ atomic_inc(&v->vm_event_pause_count);
+ vcpu_pause_nosync(v);
+}
+
+void vm_event_vcpu_unpause(struct vcpu *v)
+{
+ int old, new, prev = v->vm_event_pause_count.counter;
+
+ /* All unpause requests as a result of toolstack responses. Prevent
+ * underflow of the vcpu pause count. */
+ do
+ {
+ old = prev;
+ new = old - 1;
+
+ if ( new < 0 )
+ {
+ printk(XENLOG_G_WARNING
+ "%pv vm_event: Too many unpause attempts\n", v);
+ return;
+ }
+
+ prev = cmpxchg(&v->vm_event_pause_count.counter, old, new);
+ } while ( prev != old );
+
+ vcpu_unpause(v);
+}
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
+
diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h
index 596a624..a7d3e94 100644
--- a/xen/include/public/domctl.h
+++ b/xen/include/public/domctl.h
@@ -835,6 +835,84 @@ typedef struct xen_domctl_mem_event_op xen_domctl_mem_event_op_t;
DEFINE_XEN_GUEST_HANDLE(xen_domctl_mem_event_op_t);
/*
+ * VM event operations
+ */
+
+/* XEN_DOMCTL_vm_event_op */
+
+/*
+ * Domain memory paging
+ * Page memory in and out.
+ * Domctl interface to set up and tear down the
+ * pager<->hypervisor interface. Use XENMEM_paging_op*
+ * to perform per-page operations.
+ *
+ * The XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE domctl returns several
+ * non-standard error codes to indicate why paging could not be enabled:
+ * ENODEV - host lacks HAP support (EPT/NPT) or HAP is disabled in guest
+ * EMLINK - guest has iommu passthrough enabled
+ * EXDEV - guest has PoD enabled
+ * EBUSY - guest has or had paging enabled, ring buffer still active
+ */
+#define XEN_DOMCTL_VM_EVENT_OP_PAGING 1
+
+#define XEN_DOMCTL_VM_EVENT_OP_PAGING_ENABLE 0
+#define XEN_DOMCTL_VM_EVENT_OP_PAGING_DISABLE 1
+
+/*
+ * Monitor permissions.
+ *
+ * As with paging, use the domctl for teardown/setup of the
+ * helper<->hypervisor interface.
+ *
+ * There are HVM hypercalls to set the per-page access permissions of every
+ * page in a domain. When one of these permissions--independent, read,
+ * write, and execute--is violated, the VCPU is paused and a memory event
+ * is sent with what happened. (See public/vm_event.h) .
+ *
+ * The memory event handler can then resume the VCPU and redo the access
+ * with a XENMEM_access_op_resume hypercall.
+ *
+ * The XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE domctl returns several
+ * non-standard error codes to indicate why access could not be enabled:
+ * EBUSY - guest has or had access enabled, ring buffer still active
+ */
+#define XEN_DOMCTL_VM_EVENT_OP_MONITOR 2
+
+#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE 0
+#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_DISABLE 1
+#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION 2
+
+/*
+ * Sharing ENOMEM helper.
+ *
+ * As with paging, use the domctl for teardown/setup of the
+ * helper<->hypervisor interface.
+ *
+ * If setup, this ring is used to communicate failed allocations
+ * in the unshare path. XENMEM_sharing_op_resume is used to wake up
+ * vcpus that could not unshare.
+ *
+ * Note that shring can be turned on (as per the domctl below)
+ * *without* this ring being setup.
+ */
+#define XEN_DOMCTL_VM_EVENT_OP_SHARING 3
+
+#define XEN_DOMCTL_VM_EVENT_OP_SHARING_ENABLE 0
+#define XEN_DOMCTL_VM_EVENT_OP_SHARING_DISABLE 1
+
+/* Use for teardown/setup of helper<->hypervisor interface for paging,
+ * access and sharing.*/
+struct xen_domctl_vm_event_op {
+ uint32_t op; /* XEN_DOMCTL_VM_EVENT_OP_*_* */
+ uint32_t mode; /* XEN_DOMCTL_VM_EVENT_OP_* */
+
+ uint32_t port; /* OUT: event channel for ring */
+};
+typedef struct xen_domctl_vm_event_op xen_domctl_vm_event_op_t;
+DEFINE_XEN_GUEST_HANDLE(xen_domctl_vm_event_op_t);
+
+/*
* Memory sharing operations
*/
/* XEN_DOMCTL_mem_sharing_op.
@@ -1123,6 +1201,7 @@ struct xen_domctl {
struct xen_domctl_set_target set_target;
struct xen_domctl_subscribe subscribe;
struct xen_domctl_debug_op debug_op;
+ struct xen_domctl_vm_event_op vm_event_op;
struct xen_domctl_mem_event_op mem_event_op;
struct xen_domctl_mem_sharing_op mem_sharing_op;
#if defined(__i386__) || defined(__x86_64__)
diff --git a/xen/include/public/vm_event.h b/xen/include/public/vm_event.h
new file mode 100644
index 0000000..8fba3d1b
--- /dev/null
+++ b/xen/include/public/vm_event.h
@@ -0,0 +1,193 @@
+/******************************************************************************
+ * vm_event.h
+ *
+ * VM event common structures.
+ *
+ * Copyright (c) 2009 by Citrix Systems, Inc. (Patrick Colp)
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to
+ * deal in the Software without restriction, including without limitation the
+ * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+ * sell copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ */
+
+#ifndef _XEN_PUBLIC_VM_EVENT_H
+#define _XEN_PUBLIC_VM_EVENT_H
+
+#if defined(__XEN__) || defined(__XEN_TOOLS__)
+
+#include "xen.h"
+#include "io/ring.h"
+
+#define VM_EVENT_INTERFACE_VERSION 0x00000001
+
+/* Memory event flags */
+#define VM_EVENT_FLAG_VCPU_PAUSED (1 << 0)
+#define VM_EVENT_FLAG_DROP_PAGE (1 << 1)
+#define VM_EVENT_FLAG_EVICT_FAIL (1 << 2)
+#define VM_EVENT_FLAG_FOREIGN (1 << 3)
+#define VM_EVENT_FLAG_DUMMY (1 << 4)
+/*
+ * Emulate the fault-causing instruction (if set in the event response flags).
+ * This will allow the guest to continue execution without lifting the page
+ * access restrictions.
+ */
+#define VM_EVENT_FLAG_EMULATE (1 << 5)
+/*
+ * Same as VM_EVENT_FLAG_EMULATE, but with write operations or operations
+ * potentially having side effects (like memory mapped or port I/O) disabled.
+ */
+#define VM_EVENT_FLAG_EMULATE_NOWRITE (1 << 6)
+
+/* Reasons for the vm event request */
+/* Default case */
+#define VM_EVENT_REASON_UNKNOWN 0
+/* Memory access violation */
+#define VM_EVENT_REASON_MEM_ACCESS 1
+/* Memory sharing event */
+#define VM_EVENT_REASON_MEM_SHARING 2
+/* Memory paging event */
+#define VM_EVENT_REASON_MEM_PAGING 3
+/* CR0 was updated */
+#define VM_EVENT_REASON_MOV_TO_CR0 4
+/* CR3 was updated */
+#define VM_EVENT_REASON_MOV_TO_CR3 5
+/* CR4 was updated */
+#define VM_EVENT_REASON_MOV_TO_CR4 6
+/* An MSR was updated. Does NOT honour HVMPME_onchangeonly */
+#define VM_EVENT_REASON_MOV_TO_MSR 9
+/* Debug operation executed (int3) */
+#define VM_EVENT_REASON_SOFTWARE_BREAKPOINT 7
+/* Single-step (MTF) */
+#define VM_EVENT_REASON_SINGLESTEP 8
+
+/* Using a custom struct (not hvm_hw_cpu) so as to not fill
+ * the vm_event ring buffer too quickly. */
+struct vm_event_regs_x86 {
+ uint64_t rax;
+ uint64_t rcx;
+ uint64_t rdx;
+ uint64_t rbx;
+ uint64_t rsp;
+ uint64_t rbp;
+ uint64_t rsi;
+ uint64_t rdi;
+ uint64_t r8;
+ uint64_t r9;
+ uint64_t r10;
+ uint64_t r11;
+ uint64_t r12;
+ uint64_t r13;
+ uint64_t r14;
+ uint64_t r15;
+ uint64_t rflags;
+ uint64_t dr7;
+ uint64_t rip;
+ uint64_t cr0;
+ uint64_t cr2;
+ uint64_t cr3;
+ uint64_t cr4;
+ uint64_t sysenter_cs;
+ uint64_t sysenter_esp;
+ uint64_t sysenter_eip;
+ uint64_t msr_efer;
+ uint64_t msr_star;
+ uint64_t msr_lstar;
+ uint64_t fs_base;
+ uint64_t gs_base;
+ uint32_t cs_arbytes;
+ uint32_t _pad;
+};
+
+struct vm_event_mem_access_data {
+ uint64_t gfn;
+ uint64_t offset;
+ uint64_t gla; /* if gla_valid */
+ uint8_t access_r;
+ uint8_t access_w;
+ uint8_t access_x;
+ uint8_t gla_valid;
+ uint8_t fault_with_gla;
+ uint8_t fault_in_gpt;
+ uint16_t _pad;
+};
+
+struct vm_event_mov_to_cr_data {
+ uint64_t new_value;
+ uint64_t old_value;
+};
+
+struct vm_event_software_breakpoint_data {
+ uint64_t gfn;
+};
+
+struct vm_event_singlestep_data {
+ uint64_t gfn;
+};
+
+struct vm_event_mov_to_msr_data {
+ uint64_t msr;
+ uint64_t value;
+};
+
+struct vm_event_paging_data {
+ uint64_t gfn;
+ uint32_t p2mt;
+ uint32_t _pad;
+};
+
+struct vm_event_sharing_data {
+ uint64_t gfn;
+ uint32_t p2mt;
+ uint32_t _pad;
+};
+
+typedef struct vm_event_st {
+ uint32_t version; /* VM_EVENT_INTERFACE_VERSION */
+ uint32_t flags;
+ uint32_t vcpu_id;
+ uint32_t reason; /* VM_EVENT_REASON_* */
+
+ union {
+ struct vm_event_paging_data mem_paging;
+ struct vm_event_sharing_data mem_sharing;
+ struct vm_event_mem_access_data mem_access;
+ struct vm_event_mov_to_cr_data mov_to_cr;
+ struct vm_event_mov_to_msr_data mov_to_msr;
+ struct vm_event_software_breakpoint_data software_breakpoint;
+ struct vm_event_singlestep_data singlestep;
+ } data;
+
+ union {
+ struct vm_event_regs_x86 x86;
+ } regs;
+} vm_event_request_t, vm_event_response_t;
+
+DEFINE_RING_TYPES(vm_event, vm_event_request_t, vm_event_response_t);
+
+#endif /* defined(__XEN__) || defined(__XEN_TOOLS__) */
+#endif /* _XEN_PUBLIC_VM_EVENT_H */
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * tab-width: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
+
diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h
index 64a2bd3..681efa9 100644
--- a/xen/include/xen/sched.h
+++ b/xen/include/xen/sched.h
@@ -24,6 +24,7 @@
#include <public/sysctl.h>
#include <public/vcpu.h>
#include <public/mem_event.h>
+#include <public/vm_event.h>
#include <public/event_channel.h>
#ifdef CONFIG_COMPAT
@@ -216,6 +217,8 @@ struct vcpu
/* VCPU paused for mem_event replies. */
atomic_t mem_event_pause_count;
+ /* VCPU paused for vm_event replies. */
+ atomic_t vm_event_pause_count;
/* VCPU paused by system controller. */
int controller_pause_count;
@@ -292,6 +295,41 @@ struct mem_event_per_domain
struct mem_event_domain monitor;
};
+/* VM event */
+struct vm_event_domain
+{
+ /* ring lock */
+ spinlock_t ring_lock;
+ /* The ring has 64 entries */
+ unsigned char foreign_producers;
+ unsigned char target_producers;
+ /* shared ring page */
+ void *ring_page;
+ struct page_info *ring_pg_struct;
+ /* front-end ring */
+ vm_event_front_ring_t front_ring;
+ /* event channel port (vcpu0 only) */
+ int xen_port;
+ /* vm_event bit for vcpu->pause_flags */
+ int pause_flag;
+ /* list of vcpus waiting for room in the ring */
+ struct waitqueue_head wq;
+ /* the number of vCPUs blocked */
+ unsigned int blocked;
+ /* The last vcpu woken up */
+ unsigned int last_vcpu_wake_up;
+};
+
+struct vm_event_per_domain
+{
+ /* Memory sharing support */
+ struct vm_event_domain share;
+ /* Memory paging support */
+ struct vm_event_domain paging;
+ /* VM event monitor support */
+ struct vm_event_domain monitor;
+};
+
struct evtchn_port_ops;
/*
@@ -445,6 +483,9 @@ struct domain
/* Various mem_events */
struct mem_event_per_domain *mem_event;
+ /* Various vm_events */
+ struct vm_event_per_domain *vm_event;
+
/*
* Can be specified by the user. If that is not the case, it is
* computed from the union of all the vcpu cpu-affinity masks.
diff --git a/xen/include/xen/vm_event.h b/xen/include/xen/vm_event.h
new file mode 100644
index 0000000..988ea42
--- /dev/null
+++ b/xen/include/xen/vm_event.h
@@ -0,0 +1,143 @@
+/******************************************************************************
+ * vm_event.h
+ *
+ * Common interface for memory event support.
+ *
+ * Copyright (c) 2009 Citrix Systems, Inc. (Patrick Colp)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+
+#ifndef __VM_EVENT_H__
+#define __VM_EVENT_H__
+
+#include <xen/sched.h>
+
+#ifdef HAS_MEM_ACCESS
+
+/* Clean up on domain destruction */
+void vm_event_cleanup(struct domain *d);
+
+/* Returns whether a ring has been set up */
+bool_t vm_event_check_ring(struct vm_event_domain *med);
+
+/* Returns 0 on success, -ENOSYS if there is no ring, -EBUSY if there is no
+ * available space and the caller is a foreign domain. If the guest itself
+ * is the caller, -EBUSY is avoided by sleeping on a wait queue to ensure
+ * that the ring does not lose future events.
+ *
+ * However, the allow_sleep flag can be set to false in cases in which it is ok
+ * to lose future events, and thus -EBUSY can be returned to guest vcpus
+ * (handle with care!).
+ *
+ * In general, you must follow a claim_slot() call with either put_request() or
+ * cancel_slot(), both of which are guaranteed to
+ * succeed.
+ */
+int __vm_event_claim_slot(struct domain *d, struct vm_event_domain *med,
+ bool_t allow_sleep);
+static inline int vm_event_claim_slot(struct domain *d,
+ struct vm_event_domain *med)
+{
+ return __vm_event_claim_slot(d, med, 1);
+}
+
+static inline int vm_event_claim_slot_nosleep(struct domain *d,
+ struct vm_event_domain *med)
+{
+ return __vm_event_claim_slot(d, med, 0);
+}
+
+void vm_event_cancel_slot(struct domain *d, struct vm_event_domain *med);
+
+void vm_event_put_request(struct domain *d, struct vm_event_domain *med,
+ vm_event_request_t *req);
+
+int vm_event_get_response(struct domain *d, struct vm_event_domain *med,
+ vm_event_response_t *rsp);
+
+int do_vm_event_op(int op, uint32_t domain, void *arg);
+int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *mec,
+ XEN_GUEST_HANDLE_PARAM(void) u_domctl);
+
+void vm_event_vcpu_pause(struct vcpu *v);
+void vm_event_vcpu_unpause(struct vcpu *v);
+
+#else
+
+static inline void vm_event_cleanup(struct domain *d) {}
+
+static inline bool_t vm_event_check_ring(struct vm_event_domain *med)
+{
+ return 0;
+}
+
+static inline int vm_event_claim_slot(struct domain *d,
+ struct vm_event_domain *med)
+{
+ return -ENOSYS;
+}
+
+static inline int vm_event_claim_slot_nosleep(struct domain *d,
+ struct vm_event_domain *med)
+{
+ return -ENOSYS;
+}
+
+static inline
+void vm_event_cancel_slot(struct domain *d, struct vm_event_domain *med)
+{}
+
+static inline
+void vm_event_put_request(struct domain *d, struct vm_event_domain *med,
+ vm_event_request_t *req)
+{}
+
+static inline
+int vm_event_get_response(struct domain *d, struct vm_event_domain *med,
+ vm_event_response_t *rsp)
+{
+ return -ENOSYS;
+}
+
+static inline int do_vm_event_op(int op, uint32_t domain, void *arg)
+{
+ return -ENOSYS;
+}
+
+static inline
+int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *mec,
+ XEN_GUEST_HANDLE_PARAM(void) u_domctl)
+{
+ return -ENOSYS;
+}
+
+static inline void vm_event_vcpu_pause(struct vcpu *v) {}
+static inline void vm_event_vcpu_unpause(struct vcpu *v) {}
+
+#endif /* HAS_MEM_ACCESS */
+
+#endif /* __VM_EVENT_H__ */
+
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index f20e89c..d6d403a 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -525,6 +525,18 @@ static XSM_INLINE int xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op)
XSM_ASSERT_ACTION(XSM_DM_PRIV);
return xsm_default_action(action, current->domain, d);
}
+
+static XSM_INLINE int xsm_vm_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op)
+{
+ XSM_ASSERT_ACTION(XSM_PRIV);
+ return xsm_default_action(action, current->domain, d);
+}
+
+static XSM_INLINE int xsm_vm_event_op(XSM_DEFAULT_ARG struct domain *d, int op)
+{
+ XSM_ASSERT_ACTION(XSM_DM_PRIV);
+ return xsm_default_action(action, current->domain, d);
+}
#endif
#ifdef CONFIG_X86
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 4ce089f..581e712 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -144,6 +144,8 @@ struct xsm_operations {
#ifdef HAS_MEM_ACCESS
int (*mem_event_control) (struct domain *d, int mode, int op);
int (*mem_event_op) (struct domain *d, int op);
+ int (*vm_event_control) (struct domain *d, int mode, int op);
+ int (*vm_event_op) (struct domain *d, int op);
#endif
#ifdef CONFIG_X86
@@ -553,6 +555,16 @@ static inline int xsm_mem_event_op (xsm_default_t def, struct domain *d, int op)
{
return xsm_ops->mem_event_op(d, op);
}
+
+static inline int xsm_vm_event_control (xsm_default_t def, struct domain *d, int mode, int op)
+{
+ return xsm_ops->vm_event_control(d, mode, op);
+}
+
+static inline int xsm_vm_event_op (xsm_default_t def, struct domain *d, int op)
+{
+ return xsm_ops->vm_event_op(d, op);
+}
#endif
#ifdef CONFIG_X86
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 8eb3050..3cf5126 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -121,6 +121,8 @@ void xsm_fixup_ops (struct xsm_operations *ops)
#ifdef HAS_MEM_ACCESS
set_to_dummy_if_null(ops, mem_event_control);
set_to_dummy_if_null(ops, mem_event_op);
+ set_to_dummy_if_null(ops, vm_event_control);
+ set_to_dummy_if_null(ops, vm_event_op);
#endif
#ifdef CONFIG_X86
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index d48463f..05ebf03 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1212,6 +1212,16 @@ static int flask_mem_event_op(struct domain *d, int op)
{
return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT);
}
+
+static int flask_vm_event_control(struct domain *d, int mode, int op)
+{
+ return current_has_perm(d, SECCLASS_HVM, HVM__VM_EVENT);
+}
+
+static int flask_vm_event_op(struct domain *d, int op)
+{
+ return current_has_perm(d, SECCLASS_HVM, HVM__VM_EVENT);
+}
#endif /* HAS_MEM_ACCESS */
#ifdef CONFIG_X86
@@ -1599,6 +1609,8 @@ static struct xsm_operations flask_ops = {
#ifdef HAS_MEM_ACCESS
.mem_event_control = flask_mem_event_control,
.mem_event_op = flask_mem_event_op,
+ .vm_event_control = flask_vm_event_control,
+ .vm_event_op = flask_vm_event_op,
#endif
#ifdef CONFIG_X86
diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors
index 1da9f63..a4241b5 100644
--- a/xen/xsm/flask/policy/access_vectors
+++ b/xen/xsm/flask/policy/access_vectors
@@ -250,6 +250,7 @@ class hvm
hvmctl
# XEN_DOMCTL_set_access_required
mem_event
+ vm_event
# XEN_DOMCTL_mem_sharing_op and XENMEM_sharing_op_{share,add_physmap} with:
# source = the domain making the hypercall
# target = domain whose memory is being shared
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 06/12] xen: migrate mem_event to vm_event
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
` (4 preceding siblings ...)
2015-01-29 21:46 ` [RFC PATCH V3 05/12] xen: Introduce vm_event Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-02-02 17:27 ` Ian Campbell
2015-02-03 16:22 ` Jan Beulich
2015-01-29 21:46 ` [RFC PATCH V3 07/12] xen: Remove mem_event Tamas K Lengyel
` (6 subsequent siblings)
12 siblings, 2 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
This is the second patch in the mem_event -> vm_event migration.
This patch migrates all previous use-cases of mem_event to use the
new vm_event system.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
MAINTAINERS | 2 +-
tools/libxc/xc_mem_event.c | 8 +--
tools/libxc/xc_mem_paging.c | 18 +++---
tools/libxc/xc_memshr.c | 18 +++---
tools/libxc/xc_vm_event.c | 2 +-
tools/tests/xen-access/xen-access.c | 108 ++++++++++++++++-----------------
tools/xenpaging/pagein.c | 2 +-
tools/xenpaging/xenpaging.c | 118 ++++++++++++++++++------------------
tools/xenpaging/xenpaging.h | 8 +--
xen/arch/x86/domain.c | 2 +-
xen/arch/x86/domctl.c | 4 +-
xen/arch/x86/hvm/emulate.c | 6 +-
xen/arch/x86/hvm/hvm.c | 44 +++++++-------
xen/arch/x86/hvm/vmx/vmcs.c | 4 +-
xen/arch/x86/mm/hap/nested_ept.c | 4 +-
xen/arch/x86/mm/hap/nested_hap.c | 4 +-
xen/arch/x86/mm/mem_paging.c | 4 +-
xen/arch/x86/mm/mem_sharing.c | 30 ++++-----
xen/arch/x86/mm/p2m-pod.c | 4 +-
xen/arch/x86/mm/p2m-pt.c | 4 +-
xen/arch/x86/mm/p2m.c | 94 ++++++++++++++--------------
xen/arch/x86/x86_64/compat/mm.c | 6 +-
xen/arch/x86/x86_64/mm.c | 6 +-
xen/common/domain.c | 12 ++--
xen/common/domctl.c | 8 +--
xen/common/mem_access.c | 26 ++++----
xen/drivers/passthrough/pci.c | 2 +-
xen/include/asm-arm/p2m.h | 6 +-
xen/include/asm-x86/domain.h | 4 +-
xen/include/asm-x86/hvm/emulate.h | 2 +-
xen/include/asm-x86/p2m.h | 8 +--
xen/include/public/domctl.h | 3 +-
xen/include/xen/mem_access.h | 4 +-
xen/include/xen/p2m-common.h | 4 +-
xen/xsm/flask/hooks.c | 4 +-
35 files changed, 291 insertions(+), 292 deletions(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index cff3e5f..b86ab83 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -361,7 +361,7 @@ F: xen/arch/x86/mm/mem_sharing.c
F: xen/arch/x86/mm/mem_paging.c
F: tools/memshr
-MEMORY EVENT AND ACCESS
+VM EVENT AND ACCESS
M: Tim Deegan <tim@xen.org>
S: Supported
F: xen/common/vm_event.c
diff --git a/tools/libxc/xc_mem_event.c b/tools/libxc/xc_mem_event.c
index a5e0948..319cc00 100644
--- a/tools/libxc/xc_mem_event.c
+++ b/tools/libxc/xc_mem_event.c
@@ -29,14 +29,14 @@ int xc_mem_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
DECLARE_DOMCTL;
int rc;
- domctl.cmd = XEN_DOMCTL_mem_event_op;
+ domctl.cmd = XEN_DOMCTL_vm_event_op;
domctl.domain = domain_id;
- domctl.u.mem_event_op.op = op;
- domctl.u.mem_event_op.mode = mode;
+ domctl.u.vm_event_op.op = op;
+ domctl.u.vm_event_op.mode = mode;
rc = do_domctl(xch, &domctl);
if ( !rc && port )
- *port = domctl.u.mem_event_op.port;
+ *port = domctl.u.vm_event_op.port;
return rc;
}
diff --git a/tools/libxc/xc_mem_paging.c b/tools/libxc/xc_mem_paging.c
index bf3173d..24cbbeb 100644
--- a/tools/libxc/xc_mem_paging.c
+++ b/tools/libxc/xc_mem_paging.c
@@ -46,19 +46,19 @@ int xc_mem_paging_enable(xc_interface *xch, domid_t domain_id,
errno = EINVAL;
return -1;
}
-
- return xc_mem_event_control(xch, domain_id,
- XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE,
- XEN_DOMCTL_MEM_EVENT_OP_PAGING,
- port);
+
+ return xc_vm_event_control(xch, domain_id,
+ XEN_DOMCTL_VM_EVENT_OP_PAGING_ENABLE,
+ XEN_DOMCTL_VM_EVENT_OP_PAGING,
+ port);
}
int xc_mem_paging_disable(xc_interface *xch, domid_t domain_id)
{
- return xc_mem_event_control(xch, domain_id,
- XEN_DOMCTL_MEM_EVENT_OP_PAGING_DISABLE,
- XEN_DOMCTL_MEM_EVENT_OP_PAGING,
- NULL);
+ return xc_vm_event_control(xch, domain_id,
+ XEN_DOMCTL_VM_EVENT_OP_PAGING_DISABLE,
+ XEN_DOMCTL_VM_EVENT_OP_PAGING,
+ NULL);
}
int xc_mem_paging_nominate(xc_interface *xch, domid_t domain_id, unsigned long gfn)
diff --git a/tools/libxc/xc_memshr.c b/tools/libxc/xc_memshr.c
index d6a9539..a7ec92e 100644
--- a/tools/libxc/xc_memshr.c
+++ b/tools/libxc/xc_memshr.c
@@ -51,20 +51,20 @@ int xc_memshr_ring_enable(xc_interface *xch,
errno = EINVAL;
return -1;
}
-
- return xc_mem_event_control(xch, domid,
- XEN_DOMCTL_MEM_EVENT_OP_SHARING_ENABLE,
- XEN_DOMCTL_MEM_EVENT_OP_SHARING,
- port);
+
+ return xc_vm_event_control(xch, domid,
+ XEN_DOMCTL_VM_EVENT_OP_SHARING_ENABLE,
+ XEN_DOMCTL_VM_EVENT_OP_SHARING,
+ port);
}
int xc_memshr_ring_disable(xc_interface *xch,
domid_t domid)
{
- return xc_mem_event_control(xch, domid,
- XEN_DOMCTL_MEM_EVENT_OP_SHARING_DISABLE,
- XEN_DOMCTL_MEM_EVENT_OP_SHARING,
- NULL);
+ return xc_vm_event_control(xch, domid,
+ XEN_DOMCTL_VM_EVENT_OP_SHARING_DISABLE,
+ XEN_DOMCTL_VM_EVENT_OP_SHARING,
+ NULL);
}
static int xc_memshr_memop(xc_interface *xch, domid_t domid,
diff --git a/tools/libxc/xc_vm_event.c b/tools/libxc/xc_vm_event.c
index dda766e..bd14c9d 100644
--- a/tools/libxc/xc_vm_event.c
+++ b/tools/libxc/xc_vm_event.c
@@ -29,7 +29,7 @@ int xc_vm_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
DECLARE_DOMCTL;
int rc;
- domctl.cmd = XEN_DOMCTL_mem_event_op;
+ domctl.cmd = XEN_DOMCTL_vm_event_op;
domctl.domain = domain_id;
domctl.u.vm_event_op.op = op;
domctl.u.vm_event_op.mode = mode;
diff --git a/tools/tests/xen-access/xen-access.c b/tools/tests/xen-access/xen-access.c
index 002dc3e..93b3ec3 100644
--- a/tools/tests/xen-access/xen-access.c
+++ b/tools/tests/xen-access/xen-access.c
@@ -39,7 +39,7 @@
#include <sys/poll.h>
#include <xenctrl.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#define DPRINTF(a, b...) fprintf(stderr, a, ## b)
#define ERROR(a, b...) fprintf(stderr, a "\n", ## b)
@@ -91,26 +91,26 @@ static inline int spin_trylock(spinlock_t *lock)
return !test_and_set_bit(1, lock);
}
-#define mem_event_ring_lock_init(_m) spin_lock_init(&(_m)->ring_lock)
-#define mem_event_ring_lock(_m) spin_lock(&(_m)->ring_lock)
-#define mem_event_ring_unlock(_m) spin_unlock(&(_m)->ring_lock)
+#define vm_event_ring_lock_init(_m) spin_lock_init(&(_m)->ring_lock)
+#define vm_event_ring_lock(_m) spin_lock(&(_m)->ring_lock)
+#define vm_event_ring_unlock(_m) spin_unlock(&(_m)->ring_lock)
-typedef struct mem_event {
+typedef struct vm_event {
domid_t domain_id;
xc_evtchn *xce_handle;
int port;
- mem_event_back_ring_t back_ring;
+ vm_event_back_ring_t back_ring;
uint32_t evtchn_port;
void *ring_page;
spinlock_t ring_lock;
-} mem_event_t;
+} vm_event_t;
typedef struct xenaccess {
xc_interface *xc_handle;
xc_domaininfo_t *domain_info;
- mem_event_t mem_event;
+ vm_event_t vm_event;
} xenaccess_t;
static int interrupted;
@@ -170,13 +170,13 @@ int xenaccess_teardown(xc_interface *xch, xenaccess_t *xenaccess)
return 0;
/* Tear down domain xenaccess in Xen */
- if ( xenaccess->mem_event.ring_page )
- munmap(xenaccess->mem_event.ring_page, XC_PAGE_SIZE);
+ if ( xenaccess->vm_event.ring_page )
+ munmap(xenaccess->vm_event.ring_page, XC_PAGE_SIZE);
if ( mem_access_enable )
{
rc = xc_mem_access_disable(xenaccess->xc_handle,
- xenaccess->mem_event.domain_id);
+ xenaccess->vm_event.domain_id);
if ( rc != 0 )
{
ERROR("Error tearing down domain xenaccess in xen");
@@ -186,8 +186,8 @@ int xenaccess_teardown(xc_interface *xch, xenaccess_t *xenaccess)
/* Unbind VIRQ */
if ( evtchn_bind )
{
- rc = xc_evtchn_unbind(xenaccess->mem_event.xce_handle,
- xenaccess->mem_event.port);
+ rc = xc_evtchn_unbind(xenaccess->vm_event.xce_handle,
+ xenaccess->vm_event.port);
if ( rc != 0 )
{
ERROR("Error unbinding event port");
@@ -197,7 +197,7 @@ int xenaccess_teardown(xc_interface *xch, xenaccess_t *xenaccess)
/* Close event channel */
if ( evtchn_open )
{
- rc = xc_evtchn_close(xenaccess->mem_event.xce_handle);
+ rc = xc_evtchn_close(xenaccess->vm_event.xce_handle);
if ( rc != 0 )
{
ERROR("Error closing event channel");
@@ -239,17 +239,17 @@ xenaccess_t *xenaccess_init(xc_interface **xch_r, domid_t domain_id)
xenaccess->xc_handle = xch;
/* Set domain id */
- xenaccess->mem_event.domain_id = domain_id;
+ xenaccess->vm_event.domain_id = domain_id;
/* Initialise lock */
- mem_event_ring_lock_init(&xenaccess->mem_event);
+ vm_event_ring_lock_init(&xenaccess->vm_event);
/* Enable mem_access */
- xenaccess->mem_event.ring_page =
+ xenaccess->vm_event.ring_page =
xc_mem_access_enable(xenaccess->xc_handle,
- xenaccess->mem_event.domain_id,
- &xenaccess->mem_event.evtchn_port);
- if ( xenaccess->mem_event.ring_page == NULL )
+ xenaccess->vm_event.domain_id,
+ &xenaccess->vm_event.evtchn_port);
+ if ( xenaccess->vm_event.ring_page == NULL )
{
switch ( errno ) {
case EBUSY:
@@ -267,8 +267,8 @@ xenaccess_t *xenaccess_init(xc_interface **xch_r, domid_t domain_id)
mem_access_enable = 1;
/* Open event channel */
- xenaccess->mem_event.xce_handle = xc_evtchn_open(NULL, 0);
- if ( xenaccess->mem_event.xce_handle == NULL )
+ xenaccess->vm_event.xce_handle = xc_evtchn_open(NULL, 0);
+ if ( xenaccess->vm_event.xce_handle == NULL )
{
ERROR("Failed to open event channel");
goto err;
@@ -276,21 +276,21 @@ xenaccess_t *xenaccess_init(xc_interface **xch_r, domid_t domain_id)
evtchn_open = 1;
/* Bind event notification */
- rc = xc_evtchn_bind_interdomain(xenaccess->mem_event.xce_handle,
- xenaccess->mem_event.domain_id,
- xenaccess->mem_event.evtchn_port);
+ rc = xc_evtchn_bind_interdomain(xenaccess->vm_event.xce_handle,
+ xenaccess->vm_event.domain_id,
+ xenaccess->vm_event.evtchn_port);
if ( rc < 0 )
{
ERROR("Failed to bind event channel");
goto err;
}
evtchn_bind = 1;
- xenaccess->mem_event.port = rc;
+ xenaccess->vm_event.port = rc;
/* Initialise ring */
- SHARED_RING_INIT((mem_event_sring_t *)xenaccess->mem_event.ring_page);
- BACK_RING_INIT(&xenaccess->mem_event.back_ring,
- (mem_event_sring_t *)xenaccess->mem_event.ring_page,
+ SHARED_RING_INIT((vm_event_sring_t *)xenaccess->vm_event.ring_page);
+ BACK_RING_INIT(&xenaccess->vm_event.back_ring,
+ (vm_event_sring_t *)xenaccess->vm_event.ring_page,
XC_PAGE_SIZE);
/* Get domaininfo */
@@ -320,14 +320,14 @@ xenaccess_t *xenaccess_init(xc_interface **xch_r, domid_t domain_id)
return NULL;
}
-int get_request(mem_event_t *mem_event, mem_event_request_t *req)
+int get_request(vm_event_t *vm_event, vm_event_request_t *req)
{
- mem_event_back_ring_t *back_ring;
+ vm_event_back_ring_t *back_ring;
RING_IDX req_cons;
- mem_event_ring_lock(mem_event);
+ vm_event_ring_lock(vm_event);
- back_ring = &mem_event->back_ring;
+ back_ring = &vm_event->back_ring;
req_cons = back_ring->req_cons;
/* Copy request */
@@ -338,19 +338,19 @@ int get_request(mem_event_t *mem_event, mem_event_request_t *req)
back_ring->req_cons = req_cons;
back_ring->sring->req_event = req_cons + 1;
- mem_event_ring_unlock(mem_event);
+ vm_event_ring_unlock(vm_event);
return 0;
}
-static int put_response(mem_event_t *mem_event, mem_event_response_t *rsp)
+static int put_response(vm_event_t *vm_event, vm_event_response_t *rsp)
{
- mem_event_back_ring_t *back_ring;
+ vm_event_back_ring_t *back_ring;
RING_IDX rsp_prod;
- mem_event_ring_lock(mem_event);
+ vm_event_ring_lock(vm_event);
- back_ring = &mem_event->back_ring;
+ back_ring = &vm_event->back_ring;
rsp_prod = back_ring->rsp_prod_pvt;
/* Copy response */
@@ -361,24 +361,24 @@ static int put_response(mem_event_t *mem_event, mem_event_response_t *rsp)
back_ring->rsp_prod_pvt = rsp_prod;
RING_PUSH_RESPONSES(back_ring);
- mem_event_ring_unlock(mem_event);
+ vm_event_ring_unlock(vm_event);
return 0;
}
-static int xenaccess_resume_page(xenaccess_t *paging, mem_event_response_t *rsp)
+static int xenaccess_resume_page(xenaccess_t *paging, vm_event_response_t *rsp)
{
int ret;
/* Put the page info on the ring */
- ret = put_response(&paging->mem_event, rsp);
+ ret = put_response(&paging->vm_event, rsp);
if ( ret != 0 )
goto out;
/* Tell Xen page is ready */
- ret = xc_mem_access_resume(paging->xc_handle, paging->mem_event.domain_id);
- ret = xc_evtchn_notify(paging->mem_event.xce_handle,
- paging->mem_event.port);
+ ret = xc_mem_access_resume(paging->xc_handle, paging->vm_event.domain_id);
+ ret = xc_evtchn_notify(paging->vm_event.xce_handle,
+ paging->vm_event.port);
out:
return ret;
@@ -400,8 +400,8 @@ int main(int argc, char *argv[])
struct sigaction act;
domid_t domain_id;
xenaccess_t *xenaccess;
- mem_event_request_t req;
- mem_event_response_t rsp;
+ vm_event_request_t req;
+ vm_event_response_t rsp;
int rc = -1;
int rc1;
xc_interface *xch;
@@ -507,7 +507,7 @@ int main(int argc, char *argv[])
rc = xc_hvm_param_set(xch, domain_id, HVM_PARAM_MEMORY_EVENT_INT3, HVMPME_mode_disabled);
if ( rc < 0 )
{
- ERROR("Error %d setting int3 mem_event\n", rc);
+ ERROR("Error %d setting int3 vm_event\n", rc);
goto exit;
}
@@ -527,7 +527,7 @@ int main(int argc, char *argv[])
shutting_down = 1;
}
- rc = xc_wait_for_event_or_timeout(xch, xenaccess->mem_event.xce_handle, 100);
+ rc = xc_wait_for_event_or_timeout(xch, xenaccess->vm_event.xce_handle, 100);
if ( rc < -1 )
{
ERROR("Error getting event");
@@ -539,11 +539,11 @@ int main(int argc, char *argv[])
DPRINTF("Got event from Xen\n");
}
- while ( RING_HAS_UNCONSUMED_REQUESTS(&xenaccess->mem_event.back_ring) )
+ while ( RING_HAS_UNCONSUMED_REQUESTS(&xenaccess->vm_event.back_ring) )
{
xenmem_access_t access;
- rc = get_request(&xenaccess->mem_event, &req);
+ rc = get_request(&xenaccess->vm_event, &req);
if ( rc != 0 )
{
ERROR("Error getting request");
@@ -551,7 +551,7 @@ int main(int argc, char *argv[])
continue;
}
- if ( req.version != MEM_EVENT_INTERFACE_VERSION )
+ if ( req.version != VM_EVENT_INTERFACE_VERSION )
{
ERROR("Error: mem_event interface version mismatch!\n");
interrupted = -1;
@@ -559,12 +559,12 @@ int main(int argc, char *argv[])
}
memset( &rsp, 0, sizeof (rsp) );
- rsp.version = MEM_EVENT_INTERFACE_VERSION;
+ rsp.version = VM_EVENT_INTERFACE_VERSION;
rsp.vcpu_id = req.vcpu_id;
rsp.flags = req.flags;
switch (req.reason) {
- case MEM_EVENT_REASON_MEM_ACCESS:
+ case VM_EVENT_REASON_MEM_ACCESS:
rc = xc_get_mem_access(xch, domain_id, req.data.mem_access.gfn, &access);
if (rc < 0)
{
@@ -602,7 +602,7 @@ int main(int argc, char *argv[])
rsp.data.mem_access.gfn = req.data.mem_access.gfn;
break;
- case MEM_EVENT_REASON_SOFTWARE_BREAKPOINT:
+ case VM_EVENT_REASON_SOFTWARE_BREAKPOINT:
printf("INT3: rip=%016"PRIx64", gfn=%"PRIx64" (vcpu %d)\n",
req.regs.x86.rip,
req.data.software_breakpoint.gfn,
diff --git a/tools/xenpaging/pagein.c b/tools/xenpaging/pagein.c
index b3bcef7..7cb0f33 100644
--- a/tools/xenpaging/pagein.c
+++ b/tools/xenpaging/pagein.c
@@ -63,7 +63,7 @@ void page_in_trigger(void)
void create_page_in_thread(struct xenpaging *paging)
{
- page_in_args.dom = paging->mem_event.domain_id;
+ page_in_args.dom = paging->vm_event.domain_id;
page_in_args.pagein_queue = paging->pagein_queue;
page_in_args.xch = paging->xc_handle;
if (pthread_create(&page_in_thread, NULL, page_in, &page_in_args) == 0)
diff --git a/tools/xenpaging/xenpaging.c b/tools/xenpaging/xenpaging.c
index e5c5c76..c64ab18 100644
--- a/tools/xenpaging/xenpaging.c
+++ b/tools/xenpaging/xenpaging.c
@@ -63,7 +63,7 @@ static void close_handler(int sig)
static void xenpaging_mem_paging_flush_ioemu_cache(struct xenpaging *paging)
{
struct xs_handle *xsh = paging->xs_handle;
- domid_t domain_id = paging->mem_event.domain_id;
+ domid_t domain_id = paging->vm_event.domain_id;
char path[80];
sprintf(path, "/local/domain/0/device-model/%u/command", domain_id);
@@ -74,7 +74,7 @@ static void xenpaging_mem_paging_flush_ioemu_cache(struct xenpaging *paging)
static int xenpaging_wait_for_event_or_timeout(struct xenpaging *paging)
{
xc_interface *xch = paging->xc_handle;
- xc_evtchn *xce = paging->mem_event.xce_handle;
+ xc_evtchn *xce = paging->vm_event.xce_handle;
char **vec, *val;
unsigned int num;
struct pollfd fd[2];
@@ -111,7 +111,7 @@ static int xenpaging_wait_for_event_or_timeout(struct xenpaging *paging)
if ( strcmp(vec[XS_WATCH_TOKEN], watch_token) == 0 )
{
/* If our guest disappeared, set interrupt flag and fall through */
- if ( xs_is_domain_introduced(paging->xs_handle, paging->mem_event.domain_id) == false )
+ if ( xs_is_domain_introduced(paging->xs_handle, paging->vm_event.domain_id) == false )
{
xs_unwatch(paging->xs_handle, "@releaseDomain", watch_token);
interrupted = SIGQUIT;
@@ -171,7 +171,7 @@ static int xenpaging_get_tot_pages(struct xenpaging *paging)
xc_domaininfo_t domain_info;
int rc;
- rc = xc_domain_getinfolist(xch, paging->mem_event.domain_id, 1, &domain_info);
+ rc = xc_domain_getinfolist(xch, paging->vm_event.domain_id, 1, &domain_info);
if ( rc != 1 )
{
PERROR("Error getting domain info");
@@ -231,7 +231,7 @@ static int xenpaging_getopts(struct xenpaging *paging, int argc, char *argv[])
{
switch(ch) {
case 'd':
- paging->mem_event.domain_id = atoi(optarg);
+ paging->vm_event.domain_id = atoi(optarg);
break;
case 'f':
filename = strdup(optarg);
@@ -264,7 +264,7 @@ static int xenpaging_getopts(struct xenpaging *paging, int argc, char *argv[])
}
/* Set domain id */
- if ( !paging->mem_event.domain_id )
+ if ( !paging->vm_event.domain_id )
{
printf("Numerical <domain_id> missing!\n");
return 1;
@@ -312,7 +312,7 @@ static struct xenpaging *xenpaging_init(int argc, char *argv[])
}
/* write domain ID to watch so we can ignore other domain shutdowns */
- snprintf(watch_token, sizeof(watch_token), "%u", paging->mem_event.domain_id);
+ snprintf(watch_token, sizeof(watch_token), "%u", paging->vm_event.domain_id);
if ( xs_watch(paging->xs_handle, "@releaseDomain", watch_token) == false )
{
PERROR("Could not bind to shutdown watch\n");
@@ -320,7 +320,7 @@ static struct xenpaging *xenpaging_init(int argc, char *argv[])
}
/* Watch xenpagings working target */
- dom_path = xs_get_domain_path(paging->xs_handle, paging->mem_event.domain_id);
+ dom_path = xs_get_domain_path(paging->xs_handle, paging->vm_event.domain_id);
if ( !dom_path )
{
PERROR("Could not find domain path\n");
@@ -339,17 +339,17 @@ static struct xenpaging *xenpaging_init(int argc, char *argv[])
}
/* Map the ring page */
- xc_get_hvm_param(xch, paging->mem_event.domain_id,
+ xc_get_hvm_param(xch, paging->vm_event.domain_id,
HVM_PARAM_PAGING_RING_PFN, &ring_pfn);
mmap_pfn = ring_pfn;
- paging->mem_event.ring_page =
- xc_map_foreign_batch(xch, paging->mem_event.domain_id,
+ paging->vm_event.ring_page =
+ xc_map_foreign_batch(xch, paging->vm_event.domain_id,
PROT_READ | PROT_WRITE, &mmap_pfn, 1);
if ( mmap_pfn & XEN_DOMCTL_PFINFO_XTAB )
{
/* Map failed, populate ring page */
rc = xc_domain_populate_physmap_exact(paging->xc_handle,
- paging->mem_event.domain_id,
+ paging->vm_event.domain_id,
1, 0, 0, &ring_pfn);
if ( rc != 0 )
{
@@ -358,8 +358,8 @@ static struct xenpaging *xenpaging_init(int argc, char *argv[])
}
mmap_pfn = ring_pfn;
- paging->mem_event.ring_page =
- xc_map_foreign_batch(xch, paging->mem_event.domain_id,
+ paging->vm_event.ring_page =
+ xc_map_foreign_batch(xch, paging->vm_event.domain_id,
PROT_READ | PROT_WRITE, &mmap_pfn, 1);
if ( mmap_pfn & XEN_DOMCTL_PFINFO_XTAB )
{
@@ -369,8 +369,8 @@ static struct xenpaging *xenpaging_init(int argc, char *argv[])
}
/* Initialise Xen */
- rc = xc_mem_paging_enable(xch, paging->mem_event.domain_id,
- &paging->mem_event.evtchn_port);
+ rc = xc_mem_paging_enable(xch, paging->vm_event.domain_id,
+ &paging->vm_event.evtchn_port);
if ( rc != 0 )
{
switch ( errno ) {
@@ -394,40 +394,40 @@ static struct xenpaging *xenpaging_init(int argc, char *argv[])
}
/* Open event channel */
- paging->mem_event.xce_handle = xc_evtchn_open(NULL, 0);
- if ( paging->mem_event.xce_handle == NULL )
+ paging->vm_event.xce_handle = xc_evtchn_open(NULL, 0);
+ if ( paging->vm_event.xce_handle == NULL )
{
PERROR("Failed to open event channel");
goto err;
}
/* Bind event notification */
- rc = xc_evtchn_bind_interdomain(paging->mem_event.xce_handle,
- paging->mem_event.domain_id,
- paging->mem_event.evtchn_port);
+ rc = xc_evtchn_bind_interdomain(paging->vm_event.xce_handle,
+ paging->vm_event.domain_id,
+ paging->vm_event.evtchn_port);
if ( rc < 0 )
{
PERROR("Failed to bind event channel");
goto err;
}
- paging->mem_event.port = rc;
+ paging->vm_event.port = rc;
/* Initialise ring */
- SHARED_RING_INIT((mem_event_sring_t *)paging->mem_event.ring_page);
- BACK_RING_INIT(&paging->mem_event.back_ring,
- (mem_event_sring_t *)paging->mem_event.ring_page,
+ SHARED_RING_INIT((vm_event_sring_t *)paging->vm_event.ring_page);
+ BACK_RING_INIT(&paging->vm_event.back_ring,
+ (vm_event_sring_t *)paging->vm_event.ring_page,
PAGE_SIZE);
/* Now that the ring is set, remove it from the guest's physmap */
if ( xc_domain_decrease_reservation_exact(xch,
- paging->mem_event.domain_id, 1, 0, &ring_pfn) )
+ paging->vm_event.domain_id, 1, 0, &ring_pfn) )
PERROR("Failed to remove ring from guest physmap");
/* Get max_pages from guest if not provided via cmdline */
if ( !paging->max_pages )
{
- rc = xc_domain_getinfolist(xch, paging->mem_event.domain_id, 1,
+ rc = xc_domain_getinfolist(xch, paging->vm_event.domain_id, 1,
&domain_info);
if ( rc != 1 )
{
@@ -497,9 +497,9 @@ static struct xenpaging *xenpaging_init(int argc, char *argv[])
free(paging->paging_buffer);
}
- if ( paging->mem_event.ring_page )
+ if ( paging->vm_event.ring_page )
{
- munmap(paging->mem_event.ring_page, PAGE_SIZE);
+ munmap(paging->vm_event.ring_page, PAGE_SIZE);
}
free(dom_path);
@@ -524,28 +524,28 @@ static void xenpaging_teardown(struct xenpaging *paging)
paging->xc_handle = NULL;
/* Tear down domain paging in Xen */
- munmap(paging->mem_event.ring_page, PAGE_SIZE);
- rc = xc_mem_paging_disable(xch, paging->mem_event.domain_id);
+ munmap(paging->vm_event.ring_page, PAGE_SIZE);
+ rc = xc_mem_paging_disable(xch, paging->vm_event.domain_id);
if ( rc != 0 )
{
PERROR("Error tearing down domain paging in xen");
}
/* Unbind VIRQ */
- rc = xc_evtchn_unbind(paging->mem_event.xce_handle, paging->mem_event.port);
+ rc = xc_evtchn_unbind(paging->vm_event.xce_handle, paging->vm_event.port);
if ( rc != 0 )
{
PERROR("Error unbinding event port");
}
- paging->mem_event.port = -1;
+ paging->vm_event.port = -1;
/* Close event channel */
- rc = xc_evtchn_close(paging->mem_event.xce_handle);
+ rc = xc_evtchn_close(paging->vm_event.xce_handle);
if ( rc != 0 )
{
PERROR("Error closing event channel");
}
- paging->mem_event.xce_handle = NULL;
+ paging->vm_event.xce_handle = NULL;
/* Close connection to xenstore */
xs_close(paging->xs_handle);
@@ -558,12 +558,12 @@ static void xenpaging_teardown(struct xenpaging *paging)
}
}
-static void get_request(struct mem_event *mem_event, mem_event_request_t *req)
+static void get_request(struct vm_event *vm_event, vm_event_request_t *req)
{
- mem_event_back_ring_t *back_ring;
+ vm_event_back_ring_t *back_ring;
RING_IDX req_cons;
- back_ring = &mem_event->back_ring;
+ back_ring = &vm_event->back_ring;
req_cons = back_ring->req_cons;
/* Copy request */
@@ -575,12 +575,12 @@ static void get_request(struct mem_event *mem_event, mem_event_request_t *req)
back_ring->sring->req_event = req_cons + 1;
}
-static void put_response(struct mem_event *mem_event, mem_event_response_t *rsp)
+static void put_response(struct vm_event *vm_event, vm_event_response_t *rsp)
{
- mem_event_back_ring_t *back_ring;
+ vm_event_back_ring_t *back_ring;
RING_IDX rsp_prod;
- back_ring = &mem_event->back_ring;
+ back_ring = &vm_event->back_ring;
rsp_prod = back_ring->rsp_prod_pvt;
/* Copy response */
@@ -607,7 +607,7 @@ static int xenpaging_evict_page(struct xenpaging *paging, unsigned long gfn, int
DECLARE_DOMCTL;
/* Nominate page */
- ret = xc_mem_paging_nominate(xch, paging->mem_event.domain_id, gfn);
+ ret = xc_mem_paging_nominate(xch, paging->vm_event.domain_id, gfn);
if ( ret < 0 )
{
/* unpageable gfn is indicated by EBUSY */
@@ -619,7 +619,7 @@ static int xenpaging_evict_page(struct xenpaging *paging, unsigned long gfn, int
}
/* Map page */
- page = xc_map_foreign_pages(xch, paging->mem_event.domain_id, PROT_READ, &victim, 1);
+ page = xc_map_foreign_pages(xch, paging->vm_event.domain_id, PROT_READ, &victim, 1);
if ( page == NULL )
{
PERROR("Error mapping page %lx", gfn);
@@ -641,7 +641,7 @@ static int xenpaging_evict_page(struct xenpaging *paging, unsigned long gfn, int
munmap(page, PAGE_SIZE);
/* Tell Xen to evict page */
- ret = xc_mem_paging_evict(xch, paging->mem_event.domain_id, gfn);
+ ret = xc_mem_paging_evict(xch, paging->vm_event.domain_id, gfn);
if ( ret < 0 )
{
/* A gfn in use is indicated by EBUSY */
@@ -671,10 +671,10 @@ static int xenpaging_evict_page(struct xenpaging *paging, unsigned long gfn, int
return ret;
}
-static int xenpaging_resume_page(struct xenpaging *paging, mem_event_response_t *rsp, int notify_policy)
+static int xenpaging_resume_page(struct xenpaging *paging, vm_event_response_t *rsp, int notify_policy)
{
/* Put the page info on the ring */
- put_response(&paging->mem_event, rsp);
+ put_response(&paging->vm_event, rsp);
/* Notify policy of page being paged in */
if ( notify_policy )
@@ -693,7 +693,7 @@ static int xenpaging_resume_page(struct xenpaging *paging, mem_event_response_t
}
/* Tell Xen page is ready */
- return xc_evtchn_notify(paging->mem_event.xce_handle, paging->mem_event.port);
+ return xc_evtchn_notify(paging->vm_event.xce_handle, paging->vm_event.port);
}
static int xenpaging_populate_page(struct xenpaging *paging, unsigned long gfn, int i)
@@ -715,7 +715,7 @@ static int xenpaging_populate_page(struct xenpaging *paging, unsigned long gfn,
do
{
/* Tell Xen to allocate a page for the domain */
- ret = xc_mem_paging_load(xch, paging->mem_event.domain_id, gfn, paging->paging_buffer);
+ ret = xc_mem_paging_load(xch, paging->vm_event.domain_id, gfn, paging->paging_buffer);
if ( ret < 0 )
{
if ( errno == ENOMEM )
@@ -857,8 +857,8 @@ int main(int argc, char *argv[])
{
struct sigaction act;
struct xenpaging *paging;
- mem_event_request_t req;
- mem_event_response_t rsp;
+ vm_event_request_t req;
+ vm_event_response_t rsp;
int num, prev_num = 0;
int slot;
int tot_pages;
@@ -874,7 +874,7 @@ int main(int argc, char *argv[])
}
xch = paging->xc_handle;
- DPRINTF("starting %s for domain_id %u with pagefile %s\n", argv[0], paging->mem_event.domain_id, filename);
+ DPRINTF("starting %s for domain_id %u with pagefile %s\n", argv[0], paging->vm_event.domain_id, filename);
/* ensure that if we get a signal, we'll do cleanup, then exit */
act.sa_handler = close_handler;
@@ -903,12 +903,12 @@ int main(int argc, char *argv[])
DPRINTF("Got event from Xen\n");
}
- while ( RING_HAS_UNCONSUMED_REQUESTS(&paging->mem_event.back_ring) )
+ while ( RING_HAS_UNCONSUMED_REQUESTS(&paging->vm_event.back_ring) )
{
/* Indicate possible error */
rc = 1;
- get_request(&paging->mem_event, &req);
+ get_request(&paging->vm_event, &req);
if ( req.data.mem_paging.gfn > paging->max_pages )
{
@@ -929,7 +929,7 @@ int main(int argc, char *argv[])
goto out;
}
- if ( req.flags & MEM_EVENT_FLAG_DROP_PAGE )
+ if ( req.flags & VM_EVENT_FLAG_DROP_PAGE )
{
DPRINTF("drop_page ^ gfn %"PRIx64" pageslot %d\n", req.data.mem_paging.gfn, slot);
/* Notify policy of page being dropped */
@@ -966,13 +966,13 @@ int main(int argc, char *argv[])
{
DPRINTF("page %s populated (domain = %d; vcpu = %d;"
" gfn = %"PRIx64"; paused = %d; evict_fail = %d)\n",
- req.flags & MEM_EVENT_FLAG_EVICT_FAIL ? "not" : "already",
- paging->mem_event.domain_id, req.vcpu_id, req.data.mem_paging.gfn,
- !!(req.flags & MEM_EVENT_FLAG_VCPU_PAUSED) ,
- !!(req.flags & MEM_EVENT_FLAG_EVICT_FAIL) );
+ req.flags & VM_EVENT_FLAG_EVICT_FAIL ? "not" : "already",
+ paging->vm_event.domain_id, req.vcpu_id, req.data.mem_paging.gfn,
+ !!(req.flags & VM_EVENT_FLAG_VCPU_PAUSED) ,
+ !!(req.flags & VM_EVENT_FLAG_EVICT_FAIL) );
/* Tell Xen to resume the vcpu */
- if (( req.flags & MEM_EVENT_FLAG_VCPU_PAUSED ) || ( req.flags & MEM_EVENT_FLAG_EVICT_FAIL ))
+ if (( req.flags & VM_EVENT_FLAG_VCPU_PAUSED ) || ( req.flags & VM_EVENT_FLAG_EVICT_FAIL ))
{
/* Prepare the response */
rsp.data.mem_paging.gfn = req.data.mem_paging.gfn;
diff --git a/tools/xenpaging/xenpaging.h b/tools/xenpaging/xenpaging.h
index 877db2f..25d511d 100644
--- a/tools/xenpaging/xenpaging.h
+++ b/tools/xenpaging/xenpaging.h
@@ -27,15 +27,15 @@
#include <xc_private.h>
#include <xen/event_channel.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#define XENPAGING_PAGEIN_QUEUE_SIZE 64
-struct mem_event {
+struct vm_event {
domid_t domain_id;
xc_evtchn *xce_handle;
int port;
- mem_event_back_ring_t back_ring;
+ vm_event_back_ring_t back_ring;
uint32_t evtchn_port;
void *ring_page;
};
@@ -51,7 +51,7 @@ struct xenpaging {
void *paging_buffer;
- struct mem_event mem_event;
+ struct vm_event vm_event;
int fd;
/* number of pages for which data structures were allocated */
int max_pages;
diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c
index c8832c6..9dc689d 100644
--- a/xen/arch/x86/domain.c
+++ b/xen/arch/x86/domain.c
@@ -432,7 +432,7 @@ int vcpu_initialise(struct vcpu *v)
v->arch.flags = TF_kernel_mode;
/* By default, do not emulate */
- v->arch.mem_event.emulate_flags = 0;
+ v->arch.vm_event.emulate_flags = 0;
rc = mapcache_vcpu_init(v);
if ( rc )
diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c
index 82365a4..3951ed3 100644
--- a/xen/arch/x86/domctl.c
+++ b/xen/arch/x86/domctl.c
@@ -30,8 +30,8 @@
#include <xen/hypercall.h> /* for arch_do_domctl */
#include <xsm/xsm.h>
#include <xen/iommu.h>
-#include <xen/mem_event.h>
-#include <public/mem_event.h>
+#include <xen/vm_event.h>
+#include <public/vm_event.h>
#include <asm/mem_sharing.h>
#include <asm/xstate.h>
#include <asm/debugger.h>
diff --git a/xen/arch/x86/hvm/emulate.c b/xen/arch/x86/hvm/emulate.c
index 2ed4344..fa7175a 100644
--- a/xen/arch/x86/hvm/emulate.c
+++ b/xen/arch/x86/hvm/emulate.c
@@ -407,7 +407,7 @@ static int hvmemul_virtual_to_linear(
* The chosen maximum is very conservative but it's what we use in
* hvmemul_linear_to_phys() so there is no point in using a larger value.
* If introspection has been enabled for this domain, *reps should be
- * at most 1, since optimization might otherwise cause a single mem_event
+ * at most 1, since optimization might otherwise cause a single vm_event
* being triggered for repeated writes to a whole page.
*/
*reps = min_t(unsigned long, *reps,
@@ -1521,7 +1521,7 @@ int hvm_emulate_one_no_write(
return _hvm_emulate_one(hvmemul_ctxt, &hvm_emulate_ops_no_write);
}
-void hvm_mem_event_emulate_one(bool_t nowrite, unsigned int trapnr,
+void hvm_vm_event_emulate_one(bool_t nowrite, unsigned int trapnr,
unsigned int errcode)
{
struct hvm_emulate_ctxt ctx = {{ 0 }};
@@ -1538,7 +1538,7 @@ void hvm_mem_event_emulate_one(bool_t nowrite, unsigned int trapnr,
{
case X86EMUL_RETRY:
/*
- * This function is called when handling an EPT-related mem_event
+ * This function is called when handling an EPT-related vm_event
* reply. As such, nothing else needs to be done here, since simply
* returning makes the current instruction cause a page fault again,
* consistent with X86EMUL_RETRY.
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 692b7d9..ce82447 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -35,7 +35,7 @@
#include <xen/paging.h>
#include <xen/cpu.h>
#include <xen/wait.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <xen/mem_access.h>
#include <xen/rangeset.h>
#include <asm/shadow.h>
@@ -66,7 +66,7 @@
#include <public/hvm/ioreq.h>
#include <public/version.h>
#include <public/memory.h>
-#include <public/mem_event.h>
+#include <public/vm_event.h>
#include <public/arch-x86/cpuid.h>
bool_t __read_mostly hvm_enabled;
@@ -2717,7 +2717,7 @@ int hvm_hap_nested_page_fault(paddr_t gpa, unsigned long gla,
struct p2m_domain *p2m;
int rc, fall_through = 0, paged = 0;
int sharing_enomem = 0;
- mem_event_request_t *req_ptr = NULL;
+ vm_event_request_t *req_ptr = NULL;
/* On Nested Virtualization, walk the guest page table.
* If this succeeds, all is fine.
@@ -2787,7 +2787,7 @@ int hvm_hap_nested_page_fault(paddr_t gpa, unsigned long gla,
{
bool_t violation;
- /* If the access is against the permissions, then send to mem_event */
+ /* If the access is against the permissions, then send to vm_event */
switch (p2ma)
{
case p2m_access_n:
@@ -6261,7 +6261,7 @@ int hvm_debug_op(struct vcpu *v, int32_t op)
return rc;
}
-static void hvm_mem_event_fill_regs(mem_event_request_t *req)
+static void hvm_mem_event_fill_regs(vm_event_request_t *req)
{
const struct cpu_user_regs *regs = guest_cpu_user_regs();
const struct vcpu *curr = current;
@@ -6293,7 +6293,7 @@ static void hvm_mem_event_fill_regs(mem_event_request_t *req)
req->regs.x86.cr4 = curr->arch.hvm_vcpu.guest_cr[4];
}
-static int hvm_memory_event_traps(long parameters, mem_event_request_t *req)
+static int hvm_memory_event_traps(long parameters, vm_event_request_t *req)
{
int rc;
struct vcpu *v = current;
@@ -6302,7 +6302,7 @@ static int hvm_memory_event_traps(long parameters, mem_event_request_t *req)
if ( !(parameters & HVMPME_MODE_MASK) )
return 0;
- rc = mem_event_claim_slot(d, &d->mem_event->monitor);
+ rc = vm_event_claim_slot(d, &d->vm_event->monitor);
if ( rc == -ENOSYS )
{
/* If there was no ring to handle the event, then
@@ -6314,20 +6314,20 @@ static int hvm_memory_event_traps(long parameters, mem_event_request_t *req)
if ( (parameters & HVMPME_MODE_MASK) == HVMPME_mode_sync )
{
- req->flags |= MEM_EVENT_FLAG_VCPU_PAUSED;
- mem_event_vcpu_pause(v);
+ req->flags |= VM_EVENT_FLAG_VCPU_PAUSED;
+ vm_event_vcpu_pause(v);
}
hvm_mem_event_fill_regs(req);
- mem_event_put_request(d, &d->mem_event->monitor, req);
+ vm_event_put_request(d, &d->vm_event->monitor, req);
return 1;
}
void hvm_memory_event_cr0(unsigned long value, unsigned long old)
{
- mem_event_request_t req = {
- .reason = MEM_EVENT_REASON_MOV_TO_CR0,
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MOV_TO_CR0,
.vcpu_id = current->vcpu_id,
.data.mov_to_cr.new_value = value,
.data.mov_to_cr.old_value = old
@@ -6344,8 +6344,8 @@ void hvm_memory_event_cr0(unsigned long value, unsigned long old)
void hvm_memory_event_cr3(unsigned long value, unsigned long old)
{
- mem_event_request_t req = {
- .reason = MEM_EVENT_REASON_MOV_TO_CR3,
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MOV_TO_CR3,
.vcpu_id = current->vcpu_id,
.data.mov_to_cr.new_value = value,
.data.mov_to_cr.old_value = old
@@ -6362,8 +6362,8 @@ void hvm_memory_event_cr3(unsigned long value, unsigned long old)
void hvm_memory_event_cr4(unsigned long value, unsigned long old)
{
- mem_event_request_t req = {
- .reason = MEM_EVENT_REASON_MOV_TO_CR4,
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MOV_TO_CR4,
.vcpu_id = current->vcpu_id,
.data.mov_to_cr.new_value = value,
.data.mov_to_cr.old_value = old
@@ -6380,8 +6380,8 @@ void hvm_memory_event_cr4(unsigned long value, unsigned long old)
void hvm_memory_event_msr(unsigned long msr, unsigned long value)
{
- mem_event_request_t req = {
- .reason = MEM_EVENT_REASON_MOV_TO_MSR,
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MOV_TO_MSR,
.vcpu_id = current->vcpu_id,
.data.mov_to_msr.msr = msr,
.data.mov_to_msr.value = value,
@@ -6395,8 +6395,8 @@ void hvm_memory_event_msr(unsigned long msr, unsigned long value)
int hvm_memory_event_int3(unsigned long gla)
{
uint32_t pfec = PFEC_page_present;
- mem_event_request_t req = {
- .reason = MEM_EVENT_REASON_SOFTWARE_BREAKPOINT,
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_SOFTWARE_BREAKPOINT,
.vcpu_id = current->vcpu_id,
.data.software_breakpoint.gfn = paging_gva_to_gfn(current, gla, &pfec)
};
@@ -6409,8 +6409,8 @@ int hvm_memory_event_int3(unsigned long gla)
int hvm_memory_event_single_step(unsigned long gla)
{
uint32_t pfec = PFEC_page_present;
- mem_event_request_t req = {
- .reason = MEM_EVENT_REASON_SINGLESTEP,
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_SINGLESTEP,
.vcpu_id = current->vcpu_id,
.data.singlestep.gfn = paging_gva_to_gfn(current, gla, &pfec)
};
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
index e553fb0..0f2b2e6 100644
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -25,7 +25,7 @@
#include <xen/event.h>
#include <xen/kernel.h>
#include <xen/keyhandler.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <asm/current.h>
#include <asm/cpufeature.h>
#include <asm/processor.h>
@@ -715,7 +715,7 @@ void vmx_disable_intercept_for_msr(struct vcpu *v, u32 msr, int type)
return;
if ( unlikely(d->arch.hvm_domain.introspection_enabled) &&
- mem_event_check_ring(&d->mem_event->monitor) )
+ vm_event_check_ring(&d->vm_event->monitor) )
{
unsigned int i;
diff --git a/xen/arch/x86/mm/hap/nested_ept.c b/xen/arch/x86/mm/hap/nested_ept.c
index cbbc4e9..40adac3 100644
--- a/xen/arch/x86/mm/hap/nested_ept.c
+++ b/xen/arch/x86/mm/hap/nested_ept.c
@@ -17,9 +17,9 @@
* this program; if not, write to the Free Software Foundation, Inc., 59 Temple
* Place - Suite 330, Boston, MA 02111-1307 USA.
*/
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <xen/event.h>
-#include <public/mem_event.h>
+#include <public/vm_event.h>
#include <asm/domain.h>
#include <asm/page.h>
#include <asm/paging.h>
diff --git a/xen/arch/x86/mm/hap/nested_hap.c b/xen/arch/x86/mm/hap/nested_hap.c
index 9c1ec11..cb28943 100644
--- a/xen/arch/x86/mm/hap/nested_hap.c
+++ b/xen/arch/x86/mm/hap/nested_hap.c
@@ -19,9 +19,9 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <xen/event.h>
-#include <public/mem_event.h>
+#include <public/vm_event.h>
#include <asm/domain.h>
#include <asm/page.h>
#include <asm/paging.h>
diff --git a/xen/arch/x86/mm/mem_paging.c b/xen/arch/x86/mm/mem_paging.c
index e3d64a6..68b7fcc 100644
--- a/xen/arch/x86/mm/mem_paging.c
+++ b/xen/arch/x86/mm/mem_paging.c
@@ -22,12 +22,12 @@
#include <asm/p2m.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
int mem_paging_memop(struct domain *d, xen_mem_paging_op_t *mpc)
{
- if ( unlikely(!d->mem_event->paging.ring_page) )
+ if ( unlikely(!d->vm_event->paging.ring_page) )
return -ENODEV;
switch( mpc->op )
diff --git a/xen/arch/x86/mm/mem_sharing.c b/xen/arch/x86/mm/mem_sharing.c
index b5149f7..c487207 100644
--- a/xen/arch/x86/mm/mem_sharing.c
+++ b/xen/arch/x86/mm/mem_sharing.c
@@ -28,7 +28,7 @@
#include <xen/grant_table.h>
#include <xen/sched.h>
#include <xen/rcupdate.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <asm/page.h>
#include <asm/string.h>
#include <asm/p2m.h>
@@ -559,25 +559,25 @@ int mem_sharing_notify_enomem(struct domain *d, unsigned long gfn,
{
struct vcpu *v = current;
int rc;
- mem_event_request_t req = {
- .reason = MEM_EVENT_REASON_MEM_SHARING,
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MEM_SHARING,
.data.mem_sharing.gfn = gfn
};
- if ( (rc = __mem_event_claim_slot(d,
- &d->mem_event->share, allow_sleep)) < 0 )
+ if ( (rc = __vm_event_claim_slot(d,
+ &d->vm_event->share, allow_sleep)) < 0 )
return rc;
if ( v->domain == d )
{
- req.flags = MEM_EVENT_FLAG_VCPU_PAUSED;
- mem_event_vcpu_pause(v);
+ req.flags = VM_EVENT_FLAG_VCPU_PAUSED;
+ vm_event_vcpu_pause(v);
}
req.data.mem_sharing.p2mt = p2m_ram_shared;
req.vcpu_id = v->vcpu_id;
- mem_event_put_request(d, &d->mem_event->share, &req);
+ vm_event_put_request(d, &d->vm_event->share, &req);
return 0;
}
@@ -594,17 +594,17 @@ unsigned int mem_sharing_get_nr_shared_mfns(void)
int mem_sharing_sharing_resume(struct domain *d)
{
- mem_event_response_t rsp;
+ vm_event_response_t rsp;
/* Get all requests off the ring */
- while ( mem_event_get_response(d, &d->mem_event->share, &rsp) )
+ while ( vm_event_get_response(d, &d->vm_event->share, &rsp) )
{
struct vcpu *v;
- if ( rsp.version != MEM_EVENT_INTERFACE_VERSION )
+ if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
continue;
- if ( rsp.flags & MEM_EVENT_FLAG_DUMMY )
+ if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
continue;
/* Validate the vcpu_id in the response. */
@@ -614,8 +614,8 @@ int mem_sharing_sharing_resume(struct domain *d)
v = d->vcpu[rsp.vcpu_id];
/* Unpause domain/vcpu */
- if ( rsp.flags & MEM_EVENT_FLAG_VCPU_PAUSED )
- mem_event_vcpu_unpause(v);
+ if ( rsp.flags & VM_EVENT_FLAG_VCPU_PAUSED )
+ vm_event_vcpu_unpause(v);
}
return 0;
@@ -1142,7 +1142,7 @@ err_out:
/* A note on the rationale for unshare error handling:
* 1. Unshare can only fail with ENOMEM. Any other error conditions BUG_ON()'s
- * 2. We notify a potential dom0 helper through a mem_event ring. But we
+ * 2. We notify a potential dom0 helper through a vm_event ring. But we
* allow the notification to not go to sleep. If the event ring is full
* of ENOMEM warnings, then it's on the ball.
* 3. We cannot go to sleep until the unshare is resolved, because we might
diff --git a/xen/arch/x86/mm/p2m-pod.c b/xen/arch/x86/mm/p2m-pod.c
index 43f507c..0679f00 100644
--- a/xen/arch/x86/mm/p2m-pod.c
+++ b/xen/arch/x86/mm/p2m-pod.c
@@ -21,9 +21,9 @@
*/
#include <xen/iommu.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <xen/event.h>
-#include <public/mem_event.h>
+#include <public/vm_event.h>
#include <asm/domain.h>
#include <asm/page.h>
#include <asm/paging.h>
diff --git a/xen/arch/x86/mm/p2m-pt.c b/xen/arch/x86/mm/p2m-pt.c
index 26fb18d..e50b6fa 100644
--- a/xen/arch/x86/mm/p2m-pt.c
+++ b/xen/arch/x86/mm/p2m-pt.c
@@ -26,10 +26,10 @@
*/
#include <xen/iommu.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <xen/event.h>
#include <xen/trace.h>
-#include <public/mem_event.h>
+#include <public/vm_event.h>
#include <asm/domain.h>
#include <asm/page.h>
#include <asm/paging.h>
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index ddadf66..c7a0bde 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -25,9 +25,9 @@
*/
#include <xen/iommu.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <xen/event.h>
-#include <public/mem_event.h>
+#include <public/vm_event.h>
#include <asm/domain.h>
#include <asm/page.h>
#include <asm/paging.h>
@@ -1077,8 +1077,8 @@ int p2m_mem_paging_evict(struct domain *d, unsigned long gfn)
void p2m_mem_paging_drop_page(struct domain *d, unsigned long gfn,
p2m_type_t p2mt)
{
- mem_event_request_t req = {
- .reason = MEM_EVENT_REASON_MEM_PAGING,
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MEM_PAGING,
.data.mem_paging.gfn = gfn
};
@@ -1086,21 +1086,21 @@ void p2m_mem_paging_drop_page(struct domain *d, unsigned long gfn,
* correctness of the guest execution at this point. If this is the only
* page that happens to be paged-out, we'll be okay.. but it's likely the
* guest will crash shortly anyways. */
- int rc = mem_event_claim_slot(d, &d->mem_event->paging);
+ int rc = vm_event_claim_slot(d, &d->vm_event->paging);
if ( rc < 0 )
return;
/* Send release notification to pager */
- req.flags = MEM_EVENT_FLAG_DROP_PAGE;
+ req.flags = VM_EVENT_FLAG_DROP_PAGE;
/* Update stats unless the page hasn't yet been evicted */
if ( p2mt != p2m_ram_paging_out )
atomic_dec(&d->paged_pages);
else
/* Evict will fail now, tag this request for pager */
- req.flags |= MEM_EVENT_FLAG_EVICT_FAIL;
+ req.flags |= VM_EVENT_FLAG_EVICT_FAIL;
- mem_event_put_request(d, &d->mem_event->paging, &req);
+ vm_event_put_request(d, &d->vm_event->paging, &req);
}
/**
@@ -1127,8 +1127,8 @@ void p2m_mem_paging_drop_page(struct domain *d, unsigned long gfn,
void p2m_mem_paging_populate(struct domain *d, unsigned long gfn)
{
struct vcpu *v = current;
- mem_event_request_t req = {
- .reason = MEM_EVENT_REASON_MEM_PAGING,
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MEM_PAGING,
.data.mem_paging.gfn = gfn
};
p2m_type_t p2mt;
@@ -1137,7 +1137,7 @@ void p2m_mem_paging_populate(struct domain *d, unsigned long gfn)
struct p2m_domain *p2m = p2m_get_hostp2m(d);
/* We're paging. There should be a ring */
- int rc = mem_event_claim_slot(d, &d->mem_event->paging);
+ int rc = vm_event_claim_slot(d, &d->vm_event->paging);
if ( rc == -ENOSYS )
{
gdprintk(XENLOG_ERR, "Domain %hu paging gfn %lx yet no ring "
@@ -1159,7 +1159,7 @@ void p2m_mem_paging_populate(struct domain *d, unsigned long gfn)
{
/* Evict will fail now, tag this request for pager */
if ( p2mt == p2m_ram_paging_out )
- req.flags |= MEM_EVENT_FLAG_EVICT_FAIL;
+ req.flags |= VM_EVENT_FLAG_EVICT_FAIL;
p2m_set_entry(p2m, gfn, mfn, PAGE_ORDER_4K, p2m_ram_paging_in, a);
}
@@ -1168,14 +1168,14 @@ void p2m_mem_paging_populate(struct domain *d, unsigned long gfn)
/* Pause domain if request came from guest and gfn has paging type */
if ( p2m_is_paging(p2mt) && v->domain == d )
{
- mem_event_vcpu_pause(v);
- req.flags |= MEM_EVENT_FLAG_VCPU_PAUSED;
+ vm_event_vcpu_pause(v);
+ req.flags |= VM_EVENT_FLAG_VCPU_PAUSED;
}
/* No need to inform pager if the gfn is not in the page-out path */
else if ( p2mt != p2m_ram_paging_out && p2mt != p2m_ram_paged )
{
/* gfn is already on its way back and vcpu is not paused */
- mem_event_cancel_slot(d, &d->mem_event->paging);
+ vm_event_cancel_slot(d, &d->vm_event->paging);
return;
}
@@ -1183,7 +1183,7 @@ void p2m_mem_paging_populate(struct domain *d, unsigned long gfn)
req.data.mem_paging.p2mt = p2mt;
req.vcpu_id = v->vcpu_id;
- mem_event_put_request(d, &d->mem_event->paging, &req);
+ vm_event_put_request(d, &d->vm_event->paging, &req);
}
/**
@@ -1292,20 +1292,20 @@ int p2m_mem_paging_prep(struct domain *d, unsigned long gfn, uint64_t buffer)
void p2m_mem_paging_resume(struct domain *d)
{
struct p2m_domain *p2m = p2m_get_hostp2m(d);
- mem_event_response_t rsp;
+ vm_event_response_t rsp;
p2m_type_t p2mt;
p2m_access_t a;
mfn_t mfn;
/* Pull all responses off the ring */
- while( mem_event_get_response(d, &d->mem_event->paging, &rsp) )
+ while( vm_event_get_response(d, &d->vm_event->paging, &rsp) )
{
struct vcpu *v;
- if ( rsp.version != MEM_EVENT_INTERFACE_VERSION )
+ if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
continue;
- if ( rsp.flags & MEM_EVENT_FLAG_DUMMY )
+ if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
continue;
/* Validate the vcpu_id in the response. */
@@ -1315,7 +1315,7 @@ void p2m_mem_paging_resume(struct domain *d)
v = d->vcpu[rsp.vcpu_id];
/* Fix p2m entry if the page was not dropped */
- if ( !(rsp.flags & MEM_EVENT_FLAG_DROP_PAGE) )
+ if ( !(rsp.flags & VM_EVENT_FLAG_DROP_PAGE) )
{
gfn_lock(p2m, rsp.gfn, 0);
mfn = p2m->get_entry(p2m, rsp.data.mem_access.gfn, &p2mt, &a, 0, NULL);
@@ -1331,12 +1331,12 @@ void p2m_mem_paging_resume(struct domain *d)
gfn_unlock(p2m, rsp.gfn, 0);
}
/* Unpause domain */
- if ( rsp.flags & MEM_EVENT_FLAG_VCPU_PAUSED )
- mem_event_vcpu_unpause(v);
+ if ( rsp.flags & VM_EVENT_FLAG_VCPU_PAUSED )
+ vm_event_vcpu_unpause(v);
}
}
-static void p2m_mem_event_fill_regs(mem_event_request_t *req)
+static void p2m_vm_event_fill_regs(vm_event_request_t *req)
{
const struct cpu_user_regs *regs = guest_cpu_user_regs();
struct segment_register seg;
@@ -1391,10 +1391,10 @@ static void p2m_mem_event_fill_regs(mem_event_request_t *req)
req->regs.x86.cs_arbytes = seg.attr.bytes;
}
-void p2m_mem_event_emulate_check(struct vcpu *v, const mem_event_response_t *rsp)
+void p2m_vm_event_emulate_check(struct vcpu *v, const vm_event_response_t *rsp)
{
/* Mark vcpu for skipping one instruction upon rescheduling. */
- if ( rsp->flags & MEM_EVENT_FLAG_EMULATE )
+ if ( rsp->flags & VM_EVENT_FLAG_EMULATE )
{
xenmem_access_t access;
bool_t violation = 1;
@@ -1441,7 +1441,7 @@ void p2m_mem_event_emulate_check(struct vcpu *v, const mem_event_response_t *rsp
}
}
- v->arch.mem_event.emulate_flags = violation ? rsp->flags : 0;
+ v->arch.vm_event.emulate_flags = violation ? rsp->flags : 0;
}
}
@@ -1456,7 +1456,7 @@ void p2m_setup_introspection(struct domain *d)
bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
struct npfec npfec,
- mem_event_request_t **req_ptr)
+ vm_event_request_t **req_ptr)
{
struct vcpu *v = current;
unsigned long gfn = gpa >> PAGE_SHIFT;
@@ -1465,7 +1465,7 @@ bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
mfn_t mfn;
p2m_type_t p2mt;
p2m_access_t p2ma;
- mem_event_request_t *req;
+ vm_event_request_t *req;
int rc;
unsigned long eip = guest_cpu_user_regs()->eip;
@@ -1492,13 +1492,13 @@ bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
gfn_unlock(p2m, gfn, 0);
/* Otherwise, check if there is a memory event listener, and send the message along */
- if ( !mem_event_check_ring(&d->mem_event->monitor) || !req_ptr )
+ if ( !vm_event_check_ring(&d->vm_event->monitor) || !req_ptr )
{
/* No listener */
if ( p2m->access_required )
{
gdprintk(XENLOG_INFO, "Memory access permissions failure, "
- "no mem_event listener VCPU %d, dom %d\n",
+ "no vm_event listener VCPU %d, dom %d\n",
v->vcpu_id, d->domain_id);
domain_crash(v->domain);
return 0;
@@ -1521,40 +1521,40 @@ bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
}
}
- /* The previous mem_event reply does not match the current state. */
- if ( v->arch.mem_event.gpa != gpa || v->arch.mem_event.eip != eip )
+ /* The previous vm_event reply does not match the current state. */
+ if ( v->arch.vm_event.gpa != gpa || v->arch.vm_event.eip != eip )
{
- /* Don't emulate the current instruction, send a new mem_event. */
- v->arch.mem_event.emulate_flags = 0;
+ /* Don't emulate the current instruction, send a new vm_event. */
+ v->arch.vm_event.emulate_flags = 0;
/*
* Make sure to mark the current state to match it again against
- * the new mem_event about to be sent.
+ * the new vm_event about to be sent.
*/
- v->arch.mem_event.gpa = gpa;
- v->arch.mem_event.eip = eip;
+ v->arch.vm_event.gpa = gpa;
+ v->arch.vm_event.eip = eip;
}
- if ( v->arch.mem_event.emulate_flags )
+ if ( v->arch.vm_event.emulate_flags )
{
- hvm_mem_event_emulate_one((v->arch.mem_event.emulate_flags &
- MEM_EVENT_FLAG_EMULATE_NOWRITE) != 0,
+ hvm_vm_event_emulate_one((v->arch.vm_event.emulate_flags &
+ VM_EVENT_FLAG_EMULATE_NOWRITE) != 0,
TRAP_invalid_op, HVM_DELIVER_NO_ERROR_CODE);
- v->arch.mem_event.emulate_flags = 0;
+ v->arch.vm_event.emulate_flags = 0;
return 1;
}
*req_ptr = NULL;
- req = xzalloc(mem_event_request_t);
+ req = xzalloc(vm_event_request_t);
if ( req )
{
*req_ptr = req;
- req->reason = MEM_EVENT_REASON_MEM_ACCESS;
+ req->reason = VM_EVENT_REASON_MEM_ACCESS;
/* Pause the current VCPU */
if ( p2ma != p2m_access_n2rwx )
- req->flags |= MEM_EVENT_FLAG_VCPU_PAUSED;
+ req->flags |= VM_EVENT_FLAG_VCPU_PAUSED;
/* Send request to mem event */
req->data.mem_access.gfn = gfn;
@@ -1570,12 +1570,12 @@ bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
req->data.mem_access.access_x = npfec.insn_fetch;
req->vcpu_id = v->vcpu_id;
- p2m_mem_event_fill_regs(req);
+ p2m_vm_event_fill_regs(req);
}
/* Pause the current VCPU */
if ( p2ma != p2m_access_n2rwx )
- mem_event_vcpu_pause(v);
+ vm_event_vcpu_pause(v);
/* VCPU may be paused, return whether we promoted automatically */
return (p2ma == p2m_access_n2rwx);
diff --git a/xen/arch/x86/x86_64/compat/mm.c b/xen/arch/x86/x86_64/compat/mm.c
index c8ea85a..959ccf5 100644
--- a/xen/arch/x86/x86_64/compat/mm.c
+++ b/xen/arch/x86/x86_64/compat/mm.c
@@ -1,5 +1,5 @@
#include <xen/event.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <xen/mem_access.h>
#include <xen/multicall.h>
#include <compat/memory.h>
@@ -191,7 +191,7 @@ int compat_arch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
xen_mem_paging_op_t mpo;
if ( copy_from_guest(&mpo, arg, 1) )
return -EFAULT;
- rc = do_mem_event_op(cmd, mpo.domain, &mpo);
+ rc = do_vm_event_op(cmd, mpo.domain, &mpo);
if ( !rc && __copy_to_guest(arg, &mpo, 1) )
return -EFAULT;
break;
@@ -204,7 +204,7 @@ int compat_arch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
return -EFAULT;
if ( mso.op == XENMEM_sharing_op_audit )
return mem_sharing_audit();
- rc = do_mem_event_op(cmd, mso.domain, &mso);
+ rc = do_vm_event_op(cmd, mso.domain, &mso);
if ( !rc && __copy_to_guest(arg, &mso, 1) )
return -EFAULT;
break;
diff --git a/xen/arch/x86/x86_64/mm.c b/xen/arch/x86/x86_64/mm.c
index 2fa1f67..1e2bd1a 100644
--- a/xen/arch/x86/x86_64/mm.c
+++ b/xen/arch/x86/x86_64/mm.c
@@ -26,7 +26,7 @@
#include <xen/nodemask.h>
#include <xen/guest_access.h>
#include <xen/hypercall.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <xen/mem_access.h>
#include <asm/current.h>
#include <asm/asm_defns.h>
@@ -988,7 +988,7 @@ long subarch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
xen_mem_paging_op_t mpo;
if ( copy_from_guest(&mpo, arg, 1) )
return -EFAULT;
- rc = do_mem_event_op(cmd, mpo.domain, &mpo);
+ rc = do_vm_event_op(cmd, mpo.domain, &mpo);
if ( !rc && __copy_to_guest(arg, &mpo, 1) )
return -EFAULT;
break;
@@ -1001,7 +1001,7 @@ long subarch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
return -EFAULT;
if ( mso.op == XENMEM_sharing_op_audit )
return mem_sharing_audit();
- rc = do_mem_event_op(cmd, mso.domain, &mso);
+ rc = do_vm_event_op(cmd, mso.domain, &mso);
if ( !rc && __copy_to_guest(arg, &mso, 1) )
return -EFAULT;
break;
diff --git a/xen/common/domain.c b/xen/common/domain.c
index e02823e..e54ef2d 100644
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -15,7 +15,7 @@
#include <xen/domain.h>
#include <xen/mm.h>
#include <xen/event.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <xen/time.h>
#include <xen/console.h>
#include <xen/softirq.h>
@@ -344,8 +344,8 @@ struct domain *domain_create(
poolid = 0;
err = -ENOMEM;
- d->mem_event = xzalloc(struct mem_event_per_domain);
- if ( !d->mem_event )
+ d->vm_event = xzalloc(struct vm_event_per_domain);
+ if ( !d->vm_event )
goto fail;
d->pbuf = xzalloc_array(char, DOMAIN_PBUF_SIZE);
@@ -387,7 +387,7 @@ struct domain *domain_create(
if ( hardware_domain == d )
hardware_domain = old_hwdom;
atomic_set(&d->refcnt, DOMAIN_DESTROYED);
- xfree(d->mem_event);
+ xfree(d->vm_event);
xfree(d->pbuf);
if ( init_status & INIT_arch )
arch_domain_destroy(d);
@@ -629,7 +629,7 @@ int domain_kill(struct domain *d)
d->is_dying = DOMDYING_dead;
/* Mem event cleanup has to go here because the rings
* have to be put before we call put_domain. */
- mem_event_cleanup(d);
+ vm_event_cleanup(d);
put_domain(d);
send_global_virq(VIRQ_DOM_EXC);
/* fallthrough */
@@ -808,7 +808,7 @@ static void complete_domain_destroy(struct rcu_head *head)
free_xenoprof_pages(d);
#endif
- xfree(d->mem_event);
+ xfree(d->vm_event);
xfree(d->pbuf);
for ( i = d->max_vcpus - 1; i >= 0; i-- )
diff --git a/xen/common/domctl.c b/xen/common/domctl.c
index ee578c0..44d45d1 100644
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -24,7 +24,7 @@
#include <xen/bitmap.h>
#include <xen/paging.h>
#include <xen/hypercall.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <asm/current.h>
#include <asm/irq.h>
#include <asm/page.h>
@@ -1115,9 +1115,9 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
}
break;
- case XEN_DOMCTL_mem_event_op:
- ret = mem_event_domctl(d, &op->u.mem_event_op,
- guest_handle_cast(u_domctl, void));
+ case XEN_DOMCTL_vm_event_op:
+ ret = vm_event_domctl(d, &op->u.vm_event_op,
+ guest_handle_cast(u_domctl, void));
copyback = 1;
break;
diff --git a/xen/common/mem_access.c b/xen/common/mem_access.c
index 47574b3..1f655b0 100644
--- a/xen/common/mem_access.c
+++ b/xen/common/mem_access.c
@@ -24,24 +24,24 @@
#include <xen/sched.h>
#include <xen/guest_access.h>
#include <xen/hypercall.h>
-#include <xen/mem_event.h>
+#include <xen/vm_event.h>
#include <public/memory.h>
#include <asm/p2m.h>
#include <xsm/xsm.h>
void mem_access_resume(struct domain *d)
{
- mem_event_response_t rsp;
+ vm_event_response_t rsp;
/* Pull all responses off the ring. */
- while ( mem_event_get_response(d, &d->mem_event->monitor, &rsp) )
+ while ( vm_event_get_response(d, &d->vm_event->monitor, &rsp) )
{
struct vcpu *v;
- if ( rsp.version != MEM_EVENT_INTERFACE_VERSION )
+ if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
continue;
- if ( rsp.flags & MEM_EVENT_FLAG_DUMMY )
+ if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
continue;
/* Validate the vcpu_id in the response. */
@@ -50,11 +50,11 @@ void mem_access_resume(struct domain *d)
v = d->vcpu[rsp.vcpu_id];
- p2m_mem_event_emulate_check(v, &rsp);
+ p2m_vm_event_emulate_check(v, &rsp);
/* Unpause domain. */
- if ( rsp.flags & MEM_EVENT_FLAG_VCPU_PAUSED )
- mem_event_vcpu_unpause(v);
+ if ( rsp.flags & VM_EVENT_FLAG_VCPU_PAUSED )
+ vm_event_vcpu_unpause(v);
}
}
@@ -77,12 +77,12 @@ int mem_access_memop(unsigned long cmd,
if ( !p2m_mem_access_sanity_check(d) )
goto out;
- rc = xsm_mem_event_op(XSM_DM_PRIV, d, XENMEM_access_op);
+ rc = xsm_vm_event_op(XSM_DM_PRIV, d, XENMEM_access_op);
if ( rc )
goto out;
rc = -ENODEV;
- if ( unlikely(!d->mem_event->monitor.ring_page) )
+ if ( unlikely(!d->vm_event->monitor.ring_page) )
goto out;
switch ( mao.op )
@@ -147,13 +147,13 @@ int mem_access_memop(unsigned long cmd,
return rc;
}
-int mem_access_send_req(struct domain *d, mem_event_request_t *req)
+int mem_access_send_req(struct domain *d, vm_event_request_t *req)
{
- int rc = mem_event_claim_slot(d, &d->mem_event->monitor);
+ int rc = vm_event_claim_slot(d, &d->vm_event->monitor);
if ( rc < 0 )
return rc;
- mem_event_put_request(d, &d->mem_event->monitor, req);
+ vm_event_put_request(d, &d->vm_event->monitor, req);
return 0;
}
diff --git a/xen/drivers/passthrough/pci.c b/xen/drivers/passthrough/pci.c
index 78c6977..964384b 100644
--- a/xen/drivers/passthrough/pci.c
+++ b/xen/drivers/passthrough/pci.c
@@ -1346,7 +1346,7 @@ static int assign_device(struct domain *d, u16 seg, u8 bus, u8 devfn)
* enabled for this domain */
if ( unlikely(!need_iommu(d) &&
(d->arch.hvm_domain.mem_sharing_enabled ||
- d->mem_event->paging.ring_page ||
+ d->vm_event->paging.ring_page ||
p2m_get_hostp2m(d)->global_logdirty)) )
return -EXDEV;
diff --git a/xen/include/asm-arm/p2m.h b/xen/include/asm-arm/p2m.h
index da36504..21a8d71 100644
--- a/xen/include/asm-arm/p2m.h
+++ b/xen/include/asm-arm/p2m.h
@@ -45,7 +45,7 @@ struct p2m_domain {
unsigned long shattered[4];
} stats;
- /* If true, and an access fault comes in and there is no mem_event listener,
+ /* If true, and an access fault comes in and there is no vm_event listener,
* pause domain. Otherwise, remove access restrictions. */
bool_t access_required;
};
@@ -71,8 +71,8 @@ typedef enum {
} p2m_type_t;
static inline
-void p2m_mem_event_emulate_check(struct vcpu *v,
- const mem_event_response_t *rsp)
+void p2m_vm_event_emulate_check(struct vcpu *v,
+ const vm_event_response_t *rsp)
{
/* Not supported on ARM. */
};
diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h
index 6a77a93..20ede1e 100644
--- a/xen/include/asm-x86/domain.h
+++ b/xen/include/asm-x86/domain.h
@@ -478,13 +478,13 @@ struct arch_vcpu
/*
* Should we emulate the next matching instruction on VCPU resume
- * after a mem_event?
+ * after a vm_event?
*/
struct {
uint32_t emulate_flags;
unsigned long gpa;
unsigned long eip;
- } mem_event;
+ } vm_event;
} __cacheline_aligned;
diff --git a/xen/include/asm-x86/hvm/emulate.h b/xen/include/asm-x86/hvm/emulate.h
index 5411302..b726654 100644
--- a/xen/include/asm-x86/hvm/emulate.h
+++ b/xen/include/asm-x86/hvm/emulate.h
@@ -38,7 +38,7 @@ int hvm_emulate_one(
struct hvm_emulate_ctxt *hvmemul_ctxt);
int hvm_emulate_one_no_write(
struct hvm_emulate_ctxt *hvmemul_ctxt);
-void hvm_mem_event_emulate_one(bool_t nowrite,
+void hvm_vm_event_emulate_one(bool_t nowrite,
unsigned int trapnr,
unsigned int errcode);
void hvm_emulate_prepare(
diff --git a/xen/include/asm-x86/p2m.h b/xen/include/asm-x86/p2m.h
index b96f24c..b40890a 100644
--- a/xen/include/asm-x86/p2m.h
+++ b/xen/include/asm-x86/p2m.h
@@ -245,7 +245,7 @@ struct p2m_domain {
* retyped get this access type. See definition of p2m_access_t. */
p2m_access_t default_access;
- /* If true, and an access fault comes in and there is no mem_event listener,
+ /* If true, and an access fault comes in and there is no vm_event listener,
* pause domain. Otherwise, remove access restrictions. */
bool_t access_required;
@@ -579,7 +579,7 @@ void p2m_mem_paging_resume(struct domain *d);
* locks -- caller must also xfree the request. */
bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
struct npfec npfec,
- mem_event_request_t **req_ptr);
+ vm_event_request_t **req_ptr);
/* Set access type for a region of pfns.
* If start_pfn == -1ul, sets the default access type */
@@ -593,8 +593,8 @@ int p2m_get_mem_access(struct domain *d, unsigned long pfn,
/* Check for emulation and mark vcpu for skipping one instruction
* upon rescheduling if required. */
-void p2m_mem_event_emulate_check(struct vcpu *v,
- const mem_event_response_t *rsp);
+void p2m_vm_event_emulate_check(struct vcpu *v,
+ const vm_event_response_t *rsp);
/* Enable arch specific introspection options (such as MSR interception). */
void p2m_setup_introspection(struct domain *d);
diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h
index a7d3e94..6396f4c 100644
--- a/xen/include/public/domctl.h
+++ b/xen/include/public/domctl.h
@@ -1133,7 +1133,7 @@ struct xen_domctl {
#define XEN_DOMCTL_suppress_spurious_page_faults 53
#define XEN_DOMCTL_debug_op 54
#define XEN_DOMCTL_gethvmcontext_partial 55
-#define XEN_DOMCTL_mem_event_op 56
+#define XEN_DOMCTL_vm_event_op 56
#define XEN_DOMCTL_mem_sharing_op 57
#define XEN_DOMCTL_disable_migrate 58
#define XEN_DOMCTL_gettscinfo 59
@@ -1202,7 +1202,6 @@ struct xen_domctl {
struct xen_domctl_subscribe subscribe;
struct xen_domctl_debug_op debug_op;
struct xen_domctl_vm_event_op vm_event_op;
- struct xen_domctl_mem_event_op mem_event_op;
struct xen_domctl_mem_sharing_op mem_sharing_op;
#if defined(__i386__) || defined(__x86_64__)
struct xen_domctl_cpuid cpuid;
diff --git a/xen/include/xen/mem_access.h b/xen/include/xen/mem_access.h
index 6ceb2a4..1d01221 100644
--- a/xen/include/xen/mem_access.h
+++ b/xen/include/xen/mem_access.h
@@ -29,7 +29,7 @@
int mem_access_memop(unsigned long cmd,
XEN_GUEST_HANDLE_PARAM(xen_mem_access_op_t) arg);
-int mem_access_send_req(struct domain *d, mem_event_request_t *req);
+int mem_access_send_req(struct domain *d, vm_event_request_t *req);
/* Resumes the running of the VCPU, restarting the last instruction */
void mem_access_resume(struct domain *d);
@@ -44,7 +44,7 @@ int mem_access_memop(unsigned long cmd,
}
static inline
-int mem_access_send_req(struct domain *d, mem_event_request_t *req)
+int mem_access_send_req(struct domain *d, vm_event_request_t *req)
{
return -ENOSYS;
}
diff --git a/xen/include/xen/p2m-common.h b/xen/include/xen/p2m-common.h
index 29f3628..5da8a2d 100644
--- a/xen/include/xen/p2m-common.h
+++ b/xen/include/xen/p2m-common.h
@@ -1,12 +1,12 @@
#ifndef _XEN_P2M_COMMON_H
#define _XEN_P2M_COMMON_H
-#include <public/mem_event.h>
+#include <public/vm_event.h>
/*
* Additional access types, which are used to further restrict
* the permissions given my the p2m_type_t memory type. Violations
- * caused by p2m_access_t restrictions are sent to the mem_event
+ * caused by p2m_access_t restrictions are sent to the vm_event
* interface.
*
* The access permissions are soft state: when any ambiguous change of page
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 05ebf03..1debd31 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -578,7 +578,7 @@ static int flask_domctl(struct domain *d, int cmd)
case XEN_DOMCTL_memory_mapping:
case XEN_DOMCTL_set_target:
#ifdef HAS_MEM_ACCESS
- case XEN_DOMCTL_mem_event_op:
+ case XEN_DOMCTL_vm_event_op:
#endif
#ifdef CONFIG_X86
/* These have individual XSM hooks (arch/x86/domctl.c) */
@@ -689,7 +689,7 @@ static int flask_domctl(struct domain *d, int cmd)
return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__TRIGGER);
case XEN_DOMCTL_set_access_required:
- return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT);
+ return current_has_perm(d, SECCLASS_HVM, HVM__VM_EVENT);
case XEN_DOMCTL_debug_op:
case XEN_DOMCTL_gdbsx_guestmemio:
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 07/12] xen: Remove mem_event
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
` (5 preceding siblings ...)
2015-01-29 21:46 ` [RFC PATCH V3 06/12] xen: migrate mem_event to vm_event Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-01-30 17:25 ` Daniel De Graaf
` (2 more replies)
2015-01-29 21:46 ` [RFC PATCH V3 08/12] tools/tests: Clean-up tools/tests/xen-access Tamas K Lengyel
` (5 subsequent siblings)
12 siblings, 3 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
This is the third and final patch in the mem_event -> vm_event renaming process
which removes all references and remaining code of mem_event from the Xen
source.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
MAINTAINERS | 1 -
docs/misc/xsm-flask.txt | 1 -
tools/libxc/Makefile | 1 -
tools/libxc/xc_mem_access.c | 16 +-
tools/libxc/xc_mem_event.c | 162 ---------
tools/libxc/xc_private.h | 12 -
xen/common/Makefile | 1 -
xen/common/mem_event.c | 738 -----------------------------------------
xen/include/public/domctl.h | 90 +----
xen/include/public/mem_event.h | 192 -----------
xen/include/xen/mem_event.h | 143 --------
xen/include/xen/sched.h | 41 ---
xen/include/xsm/dummy.h | 12 -
xen/include/xsm/xsm.h | 12 -
xen/xsm/dummy.c | 2 -
xen/xsm/flask/hooks.c | 12 -
16 files changed, 14 insertions(+), 1422 deletions(-)
delete mode 100644 tools/libxc/xc_mem_event.c
delete mode 100644 xen/common/mem_event.c
delete mode 100644 xen/include/public/mem_event.h
delete mode 100644 xen/include/xen/mem_event.h
diff --git a/MAINTAINERS b/MAINTAINERS
index b86ab83..4c445bb 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -365,7 +365,6 @@ VM EVENT AND ACCESS
M: Tim Deegan <tim@xen.org>
S: Supported
F: xen/common/vm_event.c
-F: xen/common/mem_event.c
F: xen/common/mem_access.c
XENTRACE
diff --git a/docs/misc/xsm-flask.txt b/docs/misc/xsm-flask.txt
index 9eead61..13ce498 100644
--- a/docs/misc/xsm-flask.txt
+++ b/docs/misc/xsm-flask.txt
@@ -88,7 +88,6 @@ __HYPERVISOR_domctl (xen/include/public/domctl.h)
* XEN_DOMCTL_debug_op
* XEN_DOMCTL_gethvmcontext_partial
* XEN_DOMCTL_vm_event_op
- * XEN_DOMCTL_mem_event_op
* XEN_DOMCTL_mem_sharing_op
* XEN_DOMCTL_setvcpuextstate
* XEN_DOMCTL_getvcpuextstate
diff --git a/tools/libxc/Makefile b/tools/libxc/Makefile
index b97e535..6ef17ec 100644
--- a/tools/libxc/Makefile
+++ b/tools/libxc/Makefile
@@ -27,7 +27,6 @@ CTRL_SRCS-y += xc_cpu_hotplug.c
CTRL_SRCS-y += xc_resume.c
CTRL_SRCS-y += xc_tmem.c
CTRL_SRCS-y += xc_vm_event.c
-CTRL_SRCS-y += xc_mem_event.c
CTRL_SRCS-y += xc_mem_paging.c
CTRL_SRCS-y += xc_mem_access.c
CTRL_SRCS-y += xc_memshr.c
diff --git a/tools/libxc/xc_mem_access.c b/tools/libxc/xc_mem_access.c
index 1c979ed..aa6e777 100644
--- a/tools/libxc/xc_mem_access.c
+++ b/tools/libxc/xc_mem_access.c
@@ -26,23 +26,23 @@
void *xc_mem_access_enable(xc_interface *xch, domid_t domain_id, uint32_t *port)
{
- return xc_mem_event_enable(xch, domain_id, HVM_PARAM_MONITOR_RING_PFN,
- port, 0);
+ return xc_vm_event_enable(xch, domain_id, HVM_PARAM_MONITOR_RING_PFN,
+ port, 0);
}
void *xc_mem_access_enable_introspection(xc_interface *xch, domid_t domain_id,
uint32_t *port)
{
- return xc_mem_event_enable(xch, domain_id, HVM_PARAM_MONITOR_RING_PFN,
- port, 1);
+ return xc_vm_event_enable(xch, domain_id, HVM_PARAM_MONITOR_RING_PFN,
+ port, 1);
}
int xc_mem_access_disable(xc_interface *xch, domid_t domain_id)
{
- return xc_mem_event_control(xch, domain_id,
- XEN_DOMCTL_MEM_EVENT_OP_MONITOR_DISABLE,
- XEN_DOMCTL_MEM_EVENT_OP_MONITOR,
- NULL);
+ return xc_vm_event_control(xch, domain_id,
+ XEN_DOMCTL_VM_EVENT_OP_MONITOR_DISABLE,
+ XEN_DOMCTL_VM_EVENT_OP_MONITOR,
+ NULL);
}
int xc_mem_access_resume(xc_interface *xch, domid_t domain_id)
diff --git a/tools/libxc/xc_mem_event.c b/tools/libxc/xc_mem_event.c
deleted file mode 100644
index 319cc00..0000000
--- a/tools/libxc/xc_mem_event.c
+++ /dev/null
@@ -1,162 +0,0 @@
-/******************************************************************************
- *
- * xc_mem_event.c
- *
- * Interface to low-level memory event functionality.
- *
- * Copyright (c) 2009 Citrix Systems, Inc. (Patrick Colp)
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- */
-
-#include "xc_private.h"
-
-int xc_mem_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
- unsigned int mode, uint32_t *port)
-{
- DECLARE_DOMCTL;
- int rc;
-
- domctl.cmd = XEN_DOMCTL_vm_event_op;
- domctl.domain = domain_id;
- domctl.u.vm_event_op.op = op;
- domctl.u.vm_event_op.mode = mode;
-
- rc = do_domctl(xch, &domctl);
- if ( !rc && port )
- *port = domctl.u.vm_event_op.port;
- return rc;
-}
-
-void *xc_mem_event_enable(xc_interface *xch, domid_t domain_id, int param,
- uint32_t *port, int enable_introspection)
-{
- void *ring_page = NULL;
- uint64_t pfn;
- xen_pfn_t ring_pfn, mmap_pfn;
- unsigned int op, mode;
- int rc1, rc2, saved_errno;
-
- if ( !port )
- {
- errno = EINVAL;
- return NULL;
- }
-
- /* Pause the domain for ring page setup */
- rc1 = xc_domain_pause(xch, domain_id);
- if ( rc1 != 0 )
- {
- PERROR("Unable to pause domain\n");
- return NULL;
- }
-
- /* Get the pfn of the ring page */
- rc1 = xc_hvm_param_get(xch, domain_id, param, &pfn);
- if ( rc1 != 0 )
- {
- PERROR("Failed to get pfn of ring page\n");
- goto out;
- }
-
- ring_pfn = pfn;
- mmap_pfn = pfn;
- ring_page = xc_map_foreign_batch(xch, domain_id, PROT_READ | PROT_WRITE,
- &mmap_pfn, 1);
- if ( mmap_pfn & XEN_DOMCTL_PFINFO_XTAB )
- {
- /* Map failed, populate ring page */
- rc1 = xc_domain_populate_physmap_exact(xch, domain_id, 1, 0, 0,
- &ring_pfn);
- if ( rc1 != 0 )
- {
- PERROR("Failed to populate ring pfn\n");
- goto out;
- }
-
- mmap_pfn = ring_pfn;
- ring_page = xc_map_foreign_batch(xch, domain_id, PROT_READ | PROT_WRITE,
- &mmap_pfn, 1);
- if ( mmap_pfn & XEN_DOMCTL_PFINFO_XTAB )
- {
- PERROR("Could not map the ring page\n");
- goto out;
- }
- }
-
- switch ( param )
- {
- case HVM_PARAM_PAGING_RING_PFN:
- op = XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE;
- mode = XEN_DOMCTL_MEM_EVENT_OP_PAGING;
- break;
-
- case HVM_PARAM_MONITOR_RING_PFN:
- if ( enable_introspection )
- op = XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION;
- else
- op = XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE;
- mode = XEN_DOMCTL_MEM_EVENT_OP_MONITOR;
- break;
-
- case HVM_PARAM_SHARING_RING_PFN:
- op = XEN_DOMCTL_MEM_EVENT_OP_SHARING_ENABLE;
- mode = XEN_DOMCTL_MEM_EVENT_OP_SHARING;
- break;
-
- /*
- * This is for the outside chance that the HVM_PARAM is valid but is invalid
- * as far as mem_event goes.
- */
- default:
- errno = EINVAL;
- rc1 = -1;
- goto out;
- }
-
- rc1 = xc_mem_event_control(xch, domain_id, op, mode, port);
- if ( rc1 != 0 )
- {
- PERROR("Failed to enable mem_event\n");
- goto out;
- }
-
- /* Remove the ring_pfn from the guest's physmap */
- rc1 = xc_domain_decrease_reservation_exact(xch, domain_id, 1, 0, &ring_pfn);
- if ( rc1 != 0 )
- PERROR("Failed to remove ring page from guest physmap");
-
- out:
- saved_errno = errno;
-
- rc2 = xc_domain_unpause(xch, domain_id);
- if ( rc1 != 0 || rc2 != 0 )
- {
- if ( rc2 != 0 )
- {
- if ( rc1 == 0 )
- saved_errno = errno;
- PERROR("Unable to unpause domain");
- }
-
- if ( ring_page )
- munmap(ring_page, XC_PAGE_SIZE);
- ring_page = NULL;
-
- errno = saved_errno;
- }
-
- return ring_page;
-}
diff --git a/tools/libxc/xc_private.h b/tools/libxc/xc_private.h
index 58db86d..843540c 100644
--- a/tools/libxc/xc_private.h
+++ b/tools/libxc/xc_private.h
@@ -421,18 +421,6 @@ int xc_ffs64(uint64_t x);
#define DOMPRINTF_CALLED(xch) xc_dom_printf((xch), "%s: called", __FUNCTION__)
/**
- * mem_event operations. Internal use only.
- */
-int xc_mem_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
- unsigned int mode, uint32_t *port);
-/*
- * Enables mem_event and returns the mapped ring page indicated by param.
- * param can be HVM_PARAM_PAGING/ACCESS/SHARING_RING_PFN
- */
-void *xc_mem_event_enable(xc_interface *xch, domid_t domain_id, int param,
- uint32_t *port, int enable_introspection);
-
-/**
* vm_event operations. Internal use only.
*/
int xc_vm_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
diff --git a/xen/common/Makefile b/xen/common/Makefile
index 0db6967..e5bd75b 100644
--- a/xen/common/Makefile
+++ b/xen/common/Makefile
@@ -54,7 +54,6 @@ obj-y += rbtree.o
obj-y += lzo.o
obj-$(HAS_PDX) += pdx.o
obj-$(HAS_MEM_ACCESS) += mem_access.o
-obj-$(HAS_MEM_ACCESS) += mem_event.o
obj-$(HAS_MEM_ACCESS) += vm_event.o
obj-bin-$(CONFIG_X86) += $(foreach n,decompress bunzip2 unxz unlzma unlzo unlz4 earlycpio,$(n).init.o)
diff --git a/xen/common/mem_event.c b/xen/common/mem_event.c
deleted file mode 100644
index c6ee505..0000000
--- a/xen/common/mem_event.c
+++ /dev/null
@@ -1,738 +0,0 @@
-/******************************************************************************
- * mem_event.c
- *
- * Memory event support.
- *
- * Copyright (c) 2009 Citrix Systems, Inc. (Patrick Colp)
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-
-#include <xen/sched.h>
-#include <xen/event.h>
-#include <xen/wait.h>
-#include <xen/mem_event.h>
-#include <xen/mem_access.h>
-#include <asm/p2m.h>
-
-#ifdef HAS_MEM_PAGING
-#include <asm/mem_paging.h>
-#endif
-
-#ifdef HAS_MEM_SHARING
-#include <asm/mem_sharing.h>
-#endif
-
-#include <xsm/xsm.h>
-
-/* for public/io/ring.h macros */
-#define xen_mb() mb()
-#define xen_rmb() rmb()
-#define xen_wmb() wmb()
-
-#define mem_event_ring_lock_init(_med) spin_lock_init(&(_med)->ring_lock)
-#define mem_event_ring_lock(_med) spin_lock(&(_med)->ring_lock)
-#define mem_event_ring_unlock(_med) spin_unlock(&(_med)->ring_lock)
-
-static int mem_event_enable(
- struct domain *d,
- xen_domctl_mem_event_op_t *mec,
- struct mem_event_domain *med,
- int pause_flag,
- int param,
- xen_event_channel_notification_t notification_fn)
-{
- int rc;
- unsigned long ring_gfn = d->arch.hvm_domain.params[param];
-
- /* Only one helper at a time. If the helper crashed,
- * the ring is in an undefined state and so is the guest.
- */
- if ( med->ring_page )
- return -EBUSY;
-
- /* The parameter defaults to zero, and it should be
- * set to something */
- if ( ring_gfn == 0 )
- return -ENOSYS;
-
- mem_event_ring_lock_init(med);
- mem_event_ring_lock(med);
-
- rc = prepare_ring_for_helper(d, ring_gfn, &med->ring_pg_struct,
- &med->ring_page);
- if ( rc < 0 )
- goto err;
-
- /* Set the number of currently blocked vCPUs to 0. */
- med->blocked = 0;
-
- /* Allocate event channel */
- rc = alloc_unbound_xen_event_channel(d->vcpu[0],
- current->domain->domain_id,
- notification_fn);
- if ( rc < 0 )
- goto err;
-
- med->xen_port = mec->port = rc;
-
- /* Prepare ring buffer */
- FRONT_RING_INIT(&med->front_ring,
- (mem_event_sring_t *)med->ring_page,
- PAGE_SIZE);
-
- /* Save the pause flag for this particular ring. */
- med->pause_flag = pause_flag;
-
- /* Initialize the last-chance wait queue. */
- init_waitqueue_head(&med->wq);
-
- mem_event_ring_unlock(med);
- return 0;
-
- err:
- destroy_ring_for_helper(&med->ring_page,
- med->ring_pg_struct);
- mem_event_ring_unlock(med);
-
- return rc;
-}
-
-static unsigned int mem_event_ring_available(struct mem_event_domain *med)
-{
- int avail_req = RING_FREE_REQUESTS(&med->front_ring);
- avail_req -= med->target_producers;
- avail_req -= med->foreign_producers;
-
- BUG_ON(avail_req < 0);
-
- return avail_req;
-}
-
-/*
- * mem_event_wake_blocked() will wakeup vcpus waiting for room in the
- * ring. These vCPUs were paused on their way out after placing an event,
- * but need to be resumed where the ring is capable of processing at least
- * one event from them.
- */
-static void mem_event_wake_blocked(struct domain *d, struct mem_event_domain *med)
-{
- struct vcpu *v;
- int online = d->max_vcpus;
- unsigned int avail_req = mem_event_ring_available(med);
-
- if ( avail_req == 0 || med->blocked == 0 )
- return;
-
- /*
- * We ensure that we only have vCPUs online if there are enough free slots
- * for their memory events to be processed. This will ensure that no
- * memory events are lost (due to the fact that certain types of events
- * cannot be replayed, we need to ensure that there is space in the ring
- * for when they are hit).
- * See comment below in mem_event_put_request().
- */
- for_each_vcpu ( d, v )
- if ( test_bit(med->pause_flag, &v->pause_flags) )
- online--;
-
- ASSERT(online == (d->max_vcpus - med->blocked));
-
- /* We remember which vcpu last woke up to avoid scanning always linearly
- * from zero and starving higher-numbered vcpus under high load */
- if ( d->vcpu )
- {
- int i, j, k;
-
- for (i = med->last_vcpu_wake_up + 1, j = 0; j < d->max_vcpus; i++, j++)
- {
- k = i % d->max_vcpus;
- v = d->vcpu[k];
- if ( !v )
- continue;
-
- if ( !(med->blocked) || online >= avail_req )
- break;
-
- if ( test_and_clear_bit(med->pause_flag, &v->pause_flags) )
- {
- vcpu_unpause(v);
- online++;
- med->blocked--;
- med->last_vcpu_wake_up = k;
- }
- }
- }
-}
-
-/*
- * In the event that a vCPU attempted to place an event in the ring and
- * was unable to do so, it is queued on a wait queue. These are woken as
- * needed, and take precedence over the blocked vCPUs.
- */
-static void mem_event_wake_queued(struct domain *d, struct mem_event_domain *med)
-{
- unsigned int avail_req = mem_event_ring_available(med);
-
- if ( avail_req > 0 )
- wake_up_nr(&med->wq, avail_req);
-}
-
-/*
- * mem_event_wake() will wakeup all vcpus waiting for the ring to
- * become available. If we have queued vCPUs, they get top priority. We
- * are guaranteed that they will go through code paths that will eventually
- * call mem_event_wake() again, ensuring that any blocked vCPUs will get
- * unpaused once all the queued vCPUs have made it through.
- */
-void mem_event_wake(struct domain *d, struct mem_event_domain *med)
-{
- if (!list_empty(&med->wq.list))
- mem_event_wake_queued(d, med);
- else
- mem_event_wake_blocked(d, med);
-}
-
-static int mem_event_disable(struct domain *d, struct mem_event_domain *med)
-{
- if ( med->ring_page )
- {
- struct vcpu *v;
-
- mem_event_ring_lock(med);
-
- if ( !list_empty(&med->wq.list) )
- {
- mem_event_ring_unlock(med);
- return -EBUSY;
- }
-
- /* Free domU's event channel and leave the other one unbound */
- free_xen_event_channel(d->vcpu[0], med->xen_port);
-
- /* Unblock all vCPUs */
- for_each_vcpu ( d, v )
- {
- if ( test_and_clear_bit(med->pause_flag, &v->pause_flags) )
- {
- vcpu_unpause(v);
- med->blocked--;
- }
- }
-
- destroy_ring_for_helper(&med->ring_page,
- med->ring_pg_struct);
- mem_event_ring_unlock(med);
- }
-
- return 0;
-}
-
-static inline void mem_event_release_slot(struct domain *d,
- struct mem_event_domain *med)
-{
- /* Update the accounting */
- if ( current->domain == d )
- med->target_producers--;
- else
- med->foreign_producers--;
-
- /* Kick any waiters */
- mem_event_wake(d, med);
-}
-
-/*
- * mem_event_mark_and_pause() tags vcpu and put it to sleep.
- * The vcpu will resume execution in mem_event_wake_waiters().
- */
-void mem_event_mark_and_pause(struct vcpu *v, struct mem_event_domain *med)
-{
- if ( !test_and_set_bit(med->pause_flag, &v->pause_flags) )
- {
- vcpu_pause_nosync(v);
- med->blocked++;
- }
-}
-
-/*
- * This must be preceded by a call to claim_slot(), and is guaranteed to
- * succeed. As a side-effect however, the vCPU may be paused if the ring is
- * overly full and its continued execution would cause stalling and excessive
- * waiting. The vCPU will be automatically unpaused when the ring clears.
- */
-void mem_event_put_request(struct domain *d,
- struct mem_event_domain *med,
- mem_event_request_t *req)
-{
- mem_event_front_ring_t *front_ring;
- int free_req;
- unsigned int avail_req;
- RING_IDX req_prod;
-
- if ( current->domain != d )
- {
- req->flags |= MEM_EVENT_FLAG_FOREIGN;
-#ifndef NDEBUG
- if ( !(req->flags & MEM_EVENT_FLAG_VCPU_PAUSED) )
- gdprintk(XENLOG_G_WARNING, "d%dv%d was not paused.\n",
- d->domain_id, req->vcpu_id);
-#endif
- }
-
- mem_event_ring_lock(med);
-
- /* Due to the reservations, this step must succeed. */
- front_ring = &med->front_ring;
- free_req = RING_FREE_REQUESTS(front_ring);
- ASSERT(free_req > 0);
-
- /* Copy request */
- req_prod = front_ring->req_prod_pvt;
- memcpy(RING_GET_REQUEST(front_ring, req_prod), req, sizeof(*req));
- req_prod++;
-
- /* Update ring */
- front_ring->req_prod_pvt = req_prod;
- RING_PUSH_REQUESTS(front_ring);
-
- /* We've actually *used* our reservation, so release the slot. */
- mem_event_release_slot(d, med);
-
- /* Give this vCPU a black eye if necessary, on the way out.
- * See the comments above wake_blocked() for more information
- * on how this mechanism works to avoid waiting. */
- avail_req = mem_event_ring_available(med);
- if( current->domain == d && avail_req < d->max_vcpus )
- mem_event_mark_and_pause(current, med);
-
- mem_event_ring_unlock(med);
-
- notify_via_xen_event_channel(d, med->xen_port);
-}
-
-int mem_event_get_response(struct domain *d, struct mem_event_domain *med, mem_event_response_t *rsp)
-{
- mem_event_front_ring_t *front_ring;
- RING_IDX rsp_cons;
-
- mem_event_ring_lock(med);
-
- front_ring = &med->front_ring;
- rsp_cons = front_ring->rsp_cons;
-
- if ( !RING_HAS_UNCONSUMED_RESPONSES(front_ring) )
- {
- mem_event_ring_unlock(med);
- return 0;
- }
-
- /* Copy response */
- memcpy(rsp, RING_GET_RESPONSE(front_ring, rsp_cons), sizeof(*rsp));
- rsp_cons++;
-
- /* Update ring */
- front_ring->rsp_cons = rsp_cons;
- front_ring->sring->rsp_event = rsp_cons + 1;
-
- /* Kick any waiters -- since we've just consumed an event,
- * there may be additional space available in the ring. */
- mem_event_wake(d, med);
-
- mem_event_ring_unlock(med);
-
- return 1;
-}
-
-void mem_event_cancel_slot(struct domain *d, struct mem_event_domain *med)
-{
- mem_event_ring_lock(med);
- mem_event_release_slot(d, med);
- mem_event_ring_unlock(med);
-}
-
-static int mem_event_grab_slot(struct mem_event_domain *med, int foreign)
-{
- unsigned int avail_req;
-
- if ( !med->ring_page )
- return -ENOSYS;
-
- mem_event_ring_lock(med);
-
- avail_req = mem_event_ring_available(med);
- if ( avail_req == 0 )
- {
- mem_event_ring_unlock(med);
- return -EBUSY;
- }
-
- if ( !foreign )
- med->target_producers++;
- else
- med->foreign_producers++;
-
- mem_event_ring_unlock(med);
-
- return 0;
-}
-
-/* Simple try_grab wrapper for use in the wait_event() macro. */
-static int mem_event_wait_try_grab(struct mem_event_domain *med, int *rc)
-{
- *rc = mem_event_grab_slot(med, 0);
- return *rc;
-}
-
-/* Call mem_event_grab_slot() until the ring doesn't exist, or is available. */
-static int mem_event_wait_slot(struct mem_event_domain *med)
-{
- int rc = -EBUSY;
- wait_event(med->wq, mem_event_wait_try_grab(med, &rc) != -EBUSY);
- return rc;
-}
-
-bool_t mem_event_check_ring(struct mem_event_domain *med)
-{
- return (med->ring_page != NULL);
-}
-
-/*
- * Determines whether or not the current vCPU belongs to the target domain,
- * and calls the appropriate wait function. If it is a guest vCPU, then we
- * use mem_event_wait_slot() to reserve a slot. As long as there is a ring,
- * this function will always return 0 for a guest. For a non-guest, we check
- * for space and return -EBUSY if the ring is not available.
- *
- * Return codes: -ENOSYS: the ring is not yet configured
- * -EBUSY: the ring is busy
- * 0: a spot has been reserved
- *
- */
-int __mem_event_claim_slot(struct domain *d, struct mem_event_domain *med,
- bool_t allow_sleep)
-{
- if ( (current->domain == d) && allow_sleep )
- return mem_event_wait_slot(med);
- else
- return mem_event_grab_slot(med, (current->domain != d));
-}
-
-#ifdef HAS_MEM_PAGING
-/* Registered with Xen-bound event channel for incoming notifications. */
-static void mem_paging_notification(struct vcpu *v, unsigned int port)
-{
- if ( likely(v->domain->mem_event->paging.ring_page != NULL) )
- p2m_mem_paging_resume(v->domain);
-}
-#endif
-
-#ifdef HAS_MEM_ACCESS
-/* Registered with Xen-bound event channel for incoming notifications. */
-static void mem_access_notification(struct vcpu *v, unsigned int port)
-{
- if ( likely(v->domain->mem_event->monitor.ring_page != NULL) )
- mem_access_resume(v->domain);
-}
-#endif
-
-#ifdef HAS_MEM_SHARING
-/* Registered with Xen-bound event channel for incoming notifications. */
-static void mem_sharing_notification(struct vcpu *v, unsigned int port)
-{
- if ( likely(v->domain->mem_event->share.ring_page != NULL) )
- mem_sharing_sharing_resume(v->domain);
-}
-#endif
-
-int do_mem_event_op(int op, uint32_t domain, void *arg)
-{
- int ret;
- struct domain *d;
-
- ret = rcu_lock_live_remote_domain_by_id(domain, &d);
- if ( ret )
- return ret;
-
- ret = xsm_mem_event_op(XSM_DM_PRIV, d, op);
- if ( ret )
- goto out;
-
- switch (op)
- {
-#ifdef HAS_MEM_PAGING
- case XENMEM_paging_op:
- ret = mem_paging_memop(d, arg);
- break;
-#endif
-#ifdef HAS_MEM_SHARING
- case XENMEM_sharing_op:
- ret = mem_sharing_memop(d, arg);
- break;
-#endif
- default:
- ret = -ENOSYS;
- }
-
- out:
- rcu_unlock_domain(d);
- return ret;
-}
-
-/* Clean up on domain destruction */
-void mem_event_cleanup(struct domain *d)
-{
-#ifdef HAS_MEM_PAGING
- if ( d->mem_event->paging.ring_page ) {
- /* Destroying the wait queue head means waking up all
- * queued vcpus. This will drain the list, allowing
- * the disable routine to complete. It will also drop
- * all domain refs the wait-queued vcpus are holding.
- * Finally, because this code path involves previously
- * pausing the domain (domain_kill), unpausing the
- * vcpus causes no harm. */
- destroy_waitqueue_head(&d->mem_event->paging.wq);
- (void)mem_event_disable(d, &d->mem_event->paging);
- }
-#endif
-#ifdef HAS_MEM_ACCESS
- if ( d->mem_event->monitor.ring_page ) {
- destroy_waitqueue_head(&d->mem_event->monitor.wq);
- (void)mem_event_disable(d, &d->mem_event->monitor);
- }
-#endif
-#ifdef HAS_MEM_SHARING
- if ( d->mem_event->share.ring_page ) {
- destroy_waitqueue_head(&d->mem_event->share.wq);
- (void)mem_event_disable(d, &d->mem_event->share);
- }
-#endif
-}
-
-int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec,
- XEN_GUEST_HANDLE_PARAM(void) u_domctl)
-{
- int rc;
-
- rc = xsm_mem_event_control(XSM_PRIV, d, mec->mode, mec->op);
- if ( rc )
- return rc;
-
- if ( unlikely(d == current->domain) )
- {
- gdprintk(XENLOG_INFO, "Tried to do a memory event op on itself.\n");
- return -EINVAL;
- }
-
- if ( unlikely(d->is_dying) )
- {
- gdprintk(XENLOG_INFO, "Ignoring memory event op on dying domain %u\n",
- d->domain_id);
- return 0;
- }
-
- if ( unlikely(d->vcpu == NULL) || unlikely(d->vcpu[0] == NULL) )
- {
- gdprintk(XENLOG_INFO,
- "Memory event op on a domain (%u) with no vcpus\n",
- d->domain_id);
- return -EINVAL;
- }
-
- rc = -ENOSYS;
-
- switch ( mec->mode )
- {
-#ifdef HAS_MEM_PAGING
- case XEN_DOMCTL_MEM_EVENT_OP_PAGING:
- {
- struct mem_event_domain *med = &d->mem_event->paging;
- rc = -EINVAL;
-
- switch( mec->op )
- {
- case XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE:
- {
- struct p2m_domain *p2m = p2m_get_hostp2m(d);
-
- rc = -EOPNOTSUPP;
- /* pvh fixme: p2m_is_foreign types need addressing */
- if ( is_pvh_vcpu(current) || is_pvh_domain(hardware_domain) )
- break;
-
- rc = -ENODEV;
- /* Only HAP is supported */
- if ( !hap_enabled(d) )
- break;
-
- /* No paging if iommu is used */
- rc = -EMLINK;
- if ( unlikely(need_iommu(d)) )
- break;
-
- rc = -EXDEV;
- /* Disallow paging in a PoD guest */
- if ( p2m->pod.entry_count )
- break;
-
- rc = mem_event_enable(d, mec, med, _VPF_mem_paging,
- HVM_PARAM_PAGING_RING_PFN,
- mem_paging_notification);
- }
- break;
-
- case XEN_DOMCTL_MEM_EVENT_OP_PAGING_DISABLE:
- {
- if ( med->ring_page )
- rc = mem_event_disable(d, med);
- }
- break;
-
- default:
- rc = -ENOSYS;
- break;
- }
- }
- break;
-#endif
-
-#ifdef HAS_MEM_ACCESS
- case XEN_DOMCTL_MEM_EVENT_OP_MONITOR:
- {
- struct mem_event_domain *med = &d->mem_event->monitor;
- rc = -EINVAL;
-
- switch( mec->op )
- {
- case XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE:
- case XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
- {
- rc = mem_event_enable(d, mec, med, _VPF_mem_access,
- HVM_PARAM_MONITOR_RING_PFN,
- mem_access_notification);
-
- if ( mec->op == XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
- && !rc )
- p2m_setup_introspection(d);
-
- }
- break;
-
- case XEN_DOMCTL_MEM_EVENT_OP_MONITOR_DISABLE:
- {
- if ( med->ring_page )
- {
- rc = mem_event_disable(d, med);
- d->arch.hvm_domain.introspection_enabled = 0;
- }
- }
- break;
-
- default:
- rc = -ENOSYS;
- break;
- }
- }
- break;
-#endif
-
-#ifdef HAS_MEM_SHARING
- case XEN_DOMCTL_MEM_EVENT_OP_SHARING:
- {
- struct mem_event_domain *med = &d->mem_event->share;
- rc = -EINVAL;
-
- switch( mec->op )
- {
- case XEN_DOMCTL_MEM_EVENT_OP_SHARING_ENABLE:
- {
- rc = -EOPNOTSUPP;
- /* pvh fixme: p2m_is_foreign types need addressing */
- if ( is_pvh_vcpu(current) || is_pvh_domain(hardware_domain) )
- break;
-
- rc = -ENODEV;
- /* Only HAP is supported */
- if ( !hap_enabled(d) )
- break;
-
- rc = mem_event_enable(d, mec, med, _VPF_mem_sharing,
- HVM_PARAM_SHARING_RING_PFN,
- mem_sharing_notification);
- }
- break;
-
- case XEN_DOMCTL_MEM_EVENT_OP_SHARING_DISABLE:
- {
- if ( med->ring_page )
- rc = mem_event_disable(d, med);
- }
- break;
-
- default:
- rc = -ENOSYS;
- break;
- }
- }
- break;
-#endif
-
- default:
- rc = -ENOSYS;
- }
-
- return rc;
-}
-
-void mem_event_vcpu_pause(struct vcpu *v)
-{
- ASSERT(v == current);
-
- atomic_inc(&v->mem_event_pause_count);
- vcpu_pause_nosync(v);
-}
-
-void mem_event_vcpu_unpause(struct vcpu *v)
-{
- int old, new, prev = v->mem_event_pause_count.counter;
-
- /* All unpause requests as a result of toolstack responses. Prevent
- * underflow of the vcpu pause count. */
- do
- {
- old = prev;
- new = old - 1;
-
- if ( new < 0 )
- {
- printk(XENLOG_G_WARNING
- "%pv mem_event: Too many unpause attempts\n", v);
- return;
- }
-
- prev = cmpxchg(&v->mem_event_pause_count.counter, old, new);
- } while ( prev != old );
-
- vcpu_unpause(v);
-}
-
-/*
- * Local variables:
- * mode: C
- * c-file-style: "BSD"
- * c-basic-offset: 4
- * indent-tabs-mode: nil
- * End:
- */
diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h
index 6396f4c..5d48a4d 100644
--- a/xen/include/public/domctl.h
+++ b/xen/include/public/domctl.h
@@ -750,15 +750,15 @@ struct xen_domctl_gdbsx_domstatus {
};
/*
- * Memory event operations
+ * VM event operations
*/
-/* XEN_DOMCTL_mem_event_op */
+/* XEN_DOMCTL_vm_event_op */
/*
* Domain memory paging
* Page memory in and out.
- * Domctl interface to set up and tear down the
+ * Domctl interface to set up and tear down the
* pager<->hypervisor interface. Use XENMEM_paging_op*
* to perform per-page operations.
*
@@ -769,10 +769,10 @@ struct xen_domctl_gdbsx_domstatus {
* EXDEV - guest has PoD enabled
* EBUSY - guest has or had paging enabled, ring buffer still active
*/
-#define XEN_DOMCTL_MEM_EVENT_OP_PAGING 1
+#define XEN_DOMCTL_VM_EVENT_OP_PAGING 1
-#define XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE 0
-#define XEN_DOMCTL_MEM_EVENT_OP_PAGING_DISABLE 1
+#define XEN_DOMCTL_VM_EVENT_OP_PAGING_ENABLE 0
+#define XEN_DOMCTL_VM_EVENT_OP_PAGING_DISABLE 1
/*
* Monitor helper.
@@ -799,84 +799,6 @@ struct xen_domctl_gdbsx_domstatus {
* EBUSY - guest has or had access enabled, ring buffer still active
*
*/
-#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR 2
-
-#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE 0
-#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_DISABLE 1
-#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION 2
-
-/*
- * Sharing ENOMEM helper.
- *
- * As with paging, use the domctl for teardown/setup of the
- * helper<->hypervisor interface.
- *
- * If setup, this ring is used to communicate failed allocations
- * in the unshare path. XENMEM_sharing_op_resume is used to wake up
- * vcpus that could not unshare.
- *
- * Note that shring can be turned on (as per the domctl below)
- * *without* this ring being setup.
- */
-#define XEN_DOMCTL_MEM_EVENT_OP_SHARING 3
-
-#define XEN_DOMCTL_MEM_EVENT_OP_SHARING_ENABLE 0
-#define XEN_DOMCTL_MEM_EVENT_OP_SHARING_DISABLE 1
-
-/* Use for teardown/setup of helper<->hypervisor interface for paging,
- * access and sharing.*/
-struct xen_domctl_mem_event_op {
- uint32_t op; /* XEN_DOMCTL_MEM_EVENT_OP_*_* */
- uint32_t mode; /* XEN_DOMCTL_MEM_EVENT_OP_* */
-
- uint32_t port; /* OUT: event channel for ring */
-};
-typedef struct xen_domctl_mem_event_op xen_domctl_mem_event_op_t;
-DEFINE_XEN_GUEST_HANDLE(xen_domctl_mem_event_op_t);
-
-/*
- * VM event operations
- */
-
-/* XEN_DOMCTL_vm_event_op */
-
-/*
- * Domain memory paging
- * Page memory in and out.
- * Domctl interface to set up and tear down the
- * pager<->hypervisor interface. Use XENMEM_paging_op*
- * to perform per-page operations.
- *
- * The XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE domctl returns several
- * non-standard error codes to indicate why paging could not be enabled:
- * ENODEV - host lacks HAP support (EPT/NPT) or HAP is disabled in guest
- * EMLINK - guest has iommu passthrough enabled
- * EXDEV - guest has PoD enabled
- * EBUSY - guest has or had paging enabled, ring buffer still active
- */
-#define XEN_DOMCTL_VM_EVENT_OP_PAGING 1
-
-#define XEN_DOMCTL_VM_EVENT_OP_PAGING_ENABLE 0
-#define XEN_DOMCTL_VM_EVENT_OP_PAGING_DISABLE 1
-
-/*
- * Monitor permissions.
- *
- * As with paging, use the domctl for teardown/setup of the
- * helper<->hypervisor interface.
- *
- * There are HVM hypercalls to set the per-page access permissions of every
- * page in a domain. When one of these permissions--independent, read,
- * write, and execute--is violated, the VCPU is paused and a memory event
- * is sent with what happened. (See public/vm_event.h) .
- *
- * The memory event handler can then resume the VCPU and redo the access
- * with a XENMEM_access_op_resume hypercall.
- *
- * The XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE domctl returns several
- * non-standard error codes to indicate why access could not be enabled:
- * EBUSY - guest has or had access enabled, ring buffer still active
- */
#define XEN_DOMCTL_VM_EVENT_OP_MONITOR 2
#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE 0
diff --git a/xen/include/public/mem_event.h b/xen/include/public/mem_event.h
deleted file mode 100644
index 0f36b33..0000000
--- a/xen/include/public/mem_event.h
+++ /dev/null
@@ -1,192 +0,0 @@
-/******************************************************************************
- * mem_event.h
- *
- * Memory event common structures.
- *
- * Copyright (c) 2009 by Citrix Systems, Inc. (Patrick Colp)
- *
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to
- * deal in the Software without restriction, including without limitation the
- * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
- * sell copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- */
-
-#ifndef _XEN_PUBLIC_MEM_EVENT_H
-#define _XEN_PUBLIC_MEM_EVENT_H
-
-#if defined(__XEN__) || defined(__XEN_TOOLS__)
-
-#include "xen.h"
-#include "io/ring.h"
-
-#define MEM_EVENT_INTERFACE_VERSION 0x00000001
-
-/* Memory event flags */
-#define MEM_EVENT_FLAG_VCPU_PAUSED (1 << 0)
-#define MEM_EVENT_FLAG_DROP_PAGE (1 << 1)
-#define MEM_EVENT_FLAG_EVICT_FAIL (1 << 2)
-#define MEM_EVENT_FLAG_FOREIGN (1 << 3)
-#define MEM_EVENT_FLAG_DUMMY (1 << 4)
-/*
- * Emulate the fault-causing instruction (if set in the event response flags).
- * This will allow the guest to continue execution without lifting the page
- * access restrictions.
- */
-#define MEM_EVENT_FLAG_EMULATE (1 << 5)
-/*
- * Same as MEM_EVENT_FLAG_EMULATE, but with write operations or operations
- * potentially having side effects (like memory mapped or port I/O) disabled.
- */
-#define MEM_EVENT_FLAG_EMULATE_NOWRITE (1 << 6)
-
-/* Reasons for the vm event request */
-/* Default case */
-#define MEM_EVENT_REASON_UNKNOWN 0
-/* Memory access violation */
-#define MEM_EVENT_REASON_MEM_ACCESS 1
-/* Memory sharing event */
-#define MEM_EVENT_REASON_MEM_SHARING 2
-/* Memory paging event */
-#define MEM_EVENT_REASON_MEM_PAGING 3
-/* CR0 was updated */
-#define MEM_EVENT_REASON_MOV_TO_CR0 4
-/* CR3 was updated */
-#define MEM_EVENT_REASON_MOV_TO_CR3 5
-/* CR4 was updated */
-#define MEM_EVENT_REASON_MOV_TO_CR4 6
-/* An MSR was updated. Does NOT honour HVMPME_onchangeonly */
-#define MEM_EVENT_REASON_MOV_TO_MSR 9
-/* Debug operation executed (int3) */
-#define MEM_EVENT_REASON_SOFTWARE_BREAKPOINT 7
-/* Single-step (MTF) */
-#define MEM_EVENT_REASON_SINGLESTEP 8
-
-/* Using a custom struct (not hvm_hw_cpu) so as to not fill
- * the mem_event ring buffer too quickly. */
-struct mem_event_regs_x86 {
- uint64_t rax;
- uint64_t rcx;
- uint64_t rdx;
- uint64_t rbx;
- uint64_t rsp;
- uint64_t rbp;
- uint64_t rsi;
- uint64_t rdi;
- uint64_t r8;
- uint64_t r9;
- uint64_t r10;
- uint64_t r11;
- uint64_t r12;
- uint64_t r13;
- uint64_t r14;
- uint64_t r15;
- uint64_t rflags;
- uint64_t dr7;
- uint64_t rip;
- uint64_t cr0;
- uint64_t cr2;
- uint64_t cr3;
- uint64_t cr4;
- uint64_t sysenter_cs;
- uint64_t sysenter_esp;
- uint64_t sysenter_eip;
- uint64_t msr_efer;
- uint64_t msr_star;
- uint64_t msr_lstar;
- uint64_t fs_base;
- uint64_t gs_base;
- uint32_t cs_arbytes;
- uint32_t _pad;
-};
-
-struct mem_event_mem_access_data {
- uint64_t gfn;
- uint64_t offset;
- uint64_t gla; /* if gla_valid */
- uint8_t access_r;
- uint8_t access_w;
- uint8_t access_x;
- uint8_t gla_valid;
- uint8_t fault_with_gla;
- uint8_t fault_in_gpt;
- uint16_t _pad;
-};
-
-struct mem_event_mov_to_cr_data {
- uint64_t new_value;
- uint64_t old_value;
-};
-
-struct mem_event_software_breakpoint_data {
- uint64_t gfn;
-};
-
-struct mem_event_singlestep_data {
- uint64_t gfn;
-};
-
-struct mem_event_mov_to_msr_data {
- uint64_t msr;
- uint64_t value;
-};
-
-struct mem_event_paging_data {
- uint64_t gfn;
- uint32_t p2mt;
- uint32_t _pad;
-};
-
-struct mem_event_sharing_data {
- uint64_t gfn;
- uint32_t p2mt;
- uint32_t _pad;
-};
-
-typedef struct mem_event_st {
- uint32_t version; /* MEM_EVENT_INTERFACE_VERSION */
- uint32_t flags;
- uint32_t vcpu_id;
- uint32_t reason; /* MEM_EVENT_REASON_* */
-
- union {
- struct mem_event_paging_data mem_paging;
- struct mem_event_sharing_data mem_sharing;
- struct mem_event_mem_access_data mem_access;
- struct mem_event_mov_to_cr_data mov_to_cr;
- struct mem_event_mov_to_msr_data mov_to_msr;
- struct mem_event_software_breakpoint_data software_breakpoint;
- struct mem_event_singlestep_data singlestep;
- } data;
-
- union {
- struct mem_event_regs_x86 x86;
- } regs;
-} mem_event_request_t, mem_event_response_t;
-
-DEFINE_RING_TYPES(mem_event, mem_event_request_t, mem_event_response_t);
-
-#endif /* defined(__XEN__) || defined(__XEN_TOOLS__) */
-#endif /* _XEN_PUBLIC_MEM_EVENT_H */
-
-/*
- * Local variables:
- * mode: C
- * c-file-style: "BSD"
- * c-basic-offset: 4
- * tab-width: 4
- * indent-tabs-mode: nil
- * End:
- */
diff --git a/xen/include/xen/mem_event.h b/xen/include/xen/mem_event.h
deleted file mode 100644
index 4f3ad8e..0000000
--- a/xen/include/xen/mem_event.h
+++ /dev/null
@@ -1,143 +0,0 @@
-/******************************************************************************
- * mem_event.h
- *
- * Common interface for memory event support.
- *
- * Copyright (c) 2009 Citrix Systems, Inc. (Patrick Colp)
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-
-#ifndef __MEM_EVENT_H__
-#define __MEM_EVENT_H__
-
-#include <xen/sched.h>
-
-#ifdef HAS_MEM_ACCESS
-
-/* Clean up on domain destruction */
-void mem_event_cleanup(struct domain *d);
-
-/* Returns whether a ring has been set up */
-bool_t mem_event_check_ring(struct mem_event_domain *med);
-
-/* Returns 0 on success, -ENOSYS if there is no ring, -EBUSY if there is no
- * available space and the caller is a foreign domain. If the guest itself
- * is the caller, -EBUSY is avoided by sleeping on a wait queue to ensure
- * that the ring does not lose future events.
- *
- * However, the allow_sleep flag can be set to false in cases in which it is ok
- * to lose future events, and thus -EBUSY can be returned to guest vcpus
- * (handle with care!).
- *
- * In general, you must follow a claim_slot() call with either put_request() or
- * cancel_slot(), both of which are guaranteed to
- * succeed.
- */
-int __mem_event_claim_slot(struct domain *d, struct mem_event_domain *med,
- bool_t allow_sleep);
-static inline int mem_event_claim_slot(struct domain *d,
- struct mem_event_domain *med)
-{
- return __mem_event_claim_slot(d, med, 1);
-}
-
-static inline int mem_event_claim_slot_nosleep(struct domain *d,
- struct mem_event_domain *med)
-{
- return __mem_event_claim_slot(d, med, 0);
-}
-
-void mem_event_cancel_slot(struct domain *d, struct mem_event_domain *med);
-
-void mem_event_put_request(struct domain *d, struct mem_event_domain *med,
- mem_event_request_t *req);
-
-int mem_event_get_response(struct domain *d, struct mem_event_domain *med,
- mem_event_response_t *rsp);
-
-int do_mem_event_op(int op, uint32_t domain, void *arg);
-int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec,
- XEN_GUEST_HANDLE_PARAM(void) u_domctl);
-
-void mem_event_vcpu_pause(struct vcpu *v);
-void mem_event_vcpu_unpause(struct vcpu *v);
-
-#else
-
-static inline void mem_event_cleanup(struct domain *d) {}
-
-static inline bool_t mem_event_check_ring(struct mem_event_domain *med)
-{
- return 0;
-}
-
-static inline int mem_event_claim_slot(struct domain *d,
- struct mem_event_domain *med)
-{
- return -ENOSYS;
-}
-
-static inline int mem_event_claim_slot_nosleep(struct domain *d,
- struct mem_event_domain *med)
-{
- return -ENOSYS;
-}
-
-static inline
-void mem_event_cancel_slot(struct domain *d, struct mem_event_domain *med)
-{}
-
-static inline
-void mem_event_put_request(struct domain *d, struct mem_event_domain *med,
- mem_event_request_t *req)
-{}
-
-static inline
-int mem_event_get_response(struct domain *d, struct mem_event_domain *med,
- mem_event_response_t *rsp)
-{
- return -ENOSYS;
-}
-
-static inline int do_mem_event_op(int op, uint32_t domain, void *arg)
-{
- return -ENOSYS;
-}
-
-static inline
-int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec,
- XEN_GUEST_HANDLE_PARAM(void) u_domctl)
-{
- return -ENOSYS;
-}
-
-static inline void mem_event_vcpu_pause(struct vcpu *v) {}
-static inline void mem_event_vcpu_unpause(struct vcpu *v) {}
-
-#endif /* HAS_MEM_ACCESS */
-
-#endif /* __MEM_EVENT_H__ */
-
-
-/*
- * Local variables:
- * mode: C
- * c-file-style: "BSD"
- * c-basic-offset: 4
- * indent-tabs-mode: nil
- * End:
- */
diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h
index 681efa9..33283b5 100644
--- a/xen/include/xen/sched.h
+++ b/xen/include/xen/sched.h
@@ -23,7 +23,6 @@
#include <public/domctl.h>
#include <public/sysctl.h>
#include <public/vcpu.h>
-#include <public/mem_event.h>
#include <public/vm_event.h>
#include <public/event_channel.h>
@@ -215,8 +214,6 @@ struct vcpu
unsigned long pause_flags;
atomic_t pause_count;
- /* VCPU paused for mem_event replies. */
- atomic_t mem_event_pause_count;
/* VCPU paused for vm_event replies. */
atomic_t vm_event_pause_count;
/* VCPU paused by system controller. */
@@ -260,41 +257,6 @@ struct vcpu
#define domain_unlock(d) spin_unlock_recursive(&(d)->domain_lock)
#define domain_is_locked(d) spin_is_locked(&(d)->domain_lock)
-/* Memory event */
-struct mem_event_domain
-{
- /* ring lock */
- spinlock_t ring_lock;
- /* The ring has 64 entries */
- unsigned char foreign_producers;
- unsigned char target_producers;
- /* shared ring page */
- void *ring_page;
- struct page_info *ring_pg_struct;
- /* front-end ring */
- mem_event_front_ring_t front_ring;
- /* event channel port (vcpu0 only) */
- int xen_port;
- /* mem_event bit for vcpu->pause_flags */
- int pause_flag;
- /* list of vcpus waiting for room in the ring */
- struct waitqueue_head wq;
- /* the number of vCPUs blocked */
- unsigned int blocked;
- /* The last vcpu woken up */
- unsigned int last_vcpu_wake_up;
-};
-
-struct mem_event_per_domain
-{
- /* Memory sharing support */
- struct mem_event_domain share;
- /* Memory paging support */
- struct mem_event_domain paging;
- /* VM event monitor support */
- struct mem_event_domain monitor;
-};
-
/* VM event */
struct vm_event_domain
{
@@ -480,9 +442,6 @@ struct domain
struct lock_profile_qhead profile_head;
- /* Various mem_events */
- struct mem_event_per_domain *mem_event;
-
/* Various vm_events */
struct vm_event_per_domain *vm_event;
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index d6d403a..4227093 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -514,18 +514,6 @@ static XSM_INLINE int xsm_hvm_param_nested(XSM_DEFAULT_ARG struct domain *d)
}
#ifdef HAS_MEM_ACCESS
-static XSM_INLINE int xsm_mem_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op)
-{
- XSM_ASSERT_ACTION(XSM_PRIV);
- return xsm_default_action(action, current->domain, d);
-}
-
-static XSM_INLINE int xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op)
-{
- XSM_ASSERT_ACTION(XSM_DM_PRIV);
- return xsm_default_action(action, current->domain, d);
-}
-
static XSM_INLINE int xsm_vm_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op)
{
XSM_ASSERT_ACTION(XSM_PRIV);
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index 581e712..cff9d35 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -142,8 +142,6 @@ struct xsm_operations {
int (*get_vnumainfo) (struct domain *d);
#ifdef HAS_MEM_ACCESS
- int (*mem_event_control) (struct domain *d, int mode, int op);
- int (*mem_event_op) (struct domain *d, int op);
int (*vm_event_control) (struct domain *d, int mode, int op);
int (*vm_event_op) (struct domain *d, int op);
#endif
@@ -546,16 +544,6 @@ static inline int xsm_get_vnumainfo (xsm_default_t def, struct domain *d)
}
#ifdef HAS_MEM_ACCESS
-static inline int xsm_mem_event_control (xsm_default_t def, struct domain *d, int mode, int op)
-{
- return xsm_ops->mem_event_control(d, mode, op);
-}
-
-static inline int xsm_mem_event_op (xsm_default_t def, struct domain *d, int op)
-{
- return xsm_ops->mem_event_op(d, op);
-}
-
static inline int xsm_vm_event_control (xsm_default_t def, struct domain *d, int mode, int op)
{
return xsm_ops->vm_event_control(d, mode, op);
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 3cf5126..25fca68 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -119,8 +119,6 @@ void xsm_fixup_ops (struct xsm_operations *ops)
set_to_dummy_if_null(ops, map_gmfn_foreign);
#ifdef HAS_MEM_ACCESS
- set_to_dummy_if_null(ops, mem_event_control);
- set_to_dummy_if_null(ops, mem_event_op);
set_to_dummy_if_null(ops, vm_event_control);
set_to_dummy_if_null(ops, vm_event_op);
#endif
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index 1debd31..c419543 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -1203,16 +1203,6 @@ static int flask_deassign_device(struct domain *d, uint32_t machine_bdf)
#endif /* HAS_PASSTHROUGH && HAS_PCI */
#ifdef HAS_MEM_ACCESS
-static int flask_mem_event_control(struct domain *d, int mode, int op)
-{
- return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT);
-}
-
-static int flask_mem_event_op(struct domain *d, int op)
-{
- return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT);
-}
-
static int flask_vm_event_control(struct domain *d, int mode, int op)
{
return current_has_perm(d, SECCLASS_HVM, HVM__VM_EVENT);
@@ -1607,8 +1597,6 @@ static struct xsm_operations flask_ops = {
#endif
#ifdef HAS_MEM_ACCESS
- .mem_event_control = flask_mem_event_control,
- .mem_event_op = flask_mem_event_op,
.vm_event_control = flask_vm_event_control,
.vm_event_op = flask_vm_event_op,
#endif
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 08/12] tools/tests: Clean-up tools/tests/xen-access
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
` (6 preceding siblings ...)
2015-01-29 21:46 ` [RFC PATCH V3 07/12] xen: Remove mem_event Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-02-02 17:30 ` Ian Campbell
2015-01-29 21:46 ` [RFC PATCH V3 09/12] x86/hvm: factor out and rename vm_event related functions into separate file Tamas K Lengyel
` (4 subsequent siblings)
12 siblings, 1 reply; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
The spin-lock implementation in the xen-access test program is implemented
in a fashion that is actually incomplete. The x86 assembly that guarantees that
the lock is held by only one thread lacks the "lock;" instruction.
However, the spin-lock is not actually necessary in xen-access as it is not
multithreaded. The presence of the faulty implementation of the lock in a non-
mulithreaded environment is unnecessarily complicated for developers who are
trying to follow this code as a guide in implementing their own applications.
Thus, removing it from the code improves the clarity on the behavior of the
system.
Also converting functions that always return 0 to return to void, and making
the teardown function actually return an error code on error.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
tools/tests/xen-access/xen-access.c | 99 +++++++------------------------------
1 file changed, 19 insertions(+), 80 deletions(-)
diff --git a/tools/tests/xen-access/xen-access.c b/tools/tests/xen-access/xen-access.c
index 93b3ec3..c9aaed4 100644
--- a/tools/tests/xen-access/xen-access.c
+++ b/tools/tests/xen-access/xen-access.c
@@ -45,56 +45,6 @@
#define ERROR(a, b...) fprintf(stderr, a "\n", ## b)
#define PERROR(a, b...) fprintf(stderr, a ": %s\n", ## b, strerror(errno))
-/* Spinlock and mem event definitions */
-
-#define SPIN_LOCK_UNLOCKED 0
-
-#define ADDR (*(volatile long *) addr)
-/**
- * test_and_set_bit - Set a bit and return its old value
- * @nr: Bit to set
- * @addr: Address to count from
- *
- * This operation is atomic and cannot be reordered.
- * It also implies a memory barrier.
- */
-static inline int test_and_set_bit(int nr, volatile void *addr)
-{
- int oldbit;
-
- asm volatile (
- "btsl %2,%1\n\tsbbl %0,%0"
- : "=r" (oldbit), "=m" (ADDR)
- : "Ir" (nr), "m" (ADDR) : "memory");
- return oldbit;
-}
-
-typedef int spinlock_t;
-
-static inline void spin_lock(spinlock_t *lock)
-{
- while ( test_and_set_bit(1, lock) );
-}
-
-static inline void spin_lock_init(spinlock_t *lock)
-{
- *lock = SPIN_LOCK_UNLOCKED;
-}
-
-static inline void spin_unlock(spinlock_t *lock)
-{
- *lock = SPIN_LOCK_UNLOCKED;
-}
-
-static inline int spin_trylock(spinlock_t *lock)
-{
- return !test_and_set_bit(1, lock);
-}
-
-#define vm_event_ring_lock_init(_m) spin_lock_init(&(_m)->ring_lock)
-#define vm_event_ring_lock(_m) spin_lock(&(_m)->ring_lock)
-#define vm_event_ring_unlock(_m) spin_unlock(&(_m)->ring_lock)
-
typedef struct vm_event {
domid_t domain_id;
xc_evtchn *xce_handle;
@@ -102,7 +52,6 @@ typedef struct vm_event {
vm_event_back_ring_t back_ring;
uint32_t evtchn_port;
void *ring_page;
- spinlock_t ring_lock;
} vm_event_t;
typedef struct xenaccess {
@@ -180,6 +129,7 @@ int xenaccess_teardown(xc_interface *xch, xenaccess_t *xenaccess)
if ( rc != 0 )
{
ERROR("Error tearing down domain xenaccess in xen");
+ return rc;
}
}
@@ -191,6 +141,7 @@ int xenaccess_teardown(xc_interface *xch, xenaccess_t *xenaccess)
if ( rc != 0 )
{
ERROR("Error unbinding event port");
+ return rc;
}
}
@@ -201,6 +152,7 @@ int xenaccess_teardown(xc_interface *xch, xenaccess_t *xenaccess)
if ( rc != 0 )
{
ERROR("Error closing event channel");
+ return rc;
}
}
@@ -209,6 +161,7 @@ int xenaccess_teardown(xc_interface *xch, xenaccess_t *xenaccess)
if ( rc != 0 )
{
ERROR("Error closing connection to xen");
+ return rc;
}
xenaccess->xc_handle = NULL;
@@ -241,9 +194,6 @@ xenaccess_t *xenaccess_init(xc_interface **xch_r, domid_t domain_id)
/* Set domain id */
xenaccess->vm_event.domain_id = domain_id;
- /* Initialise lock */
- vm_event_ring_lock_init(&xenaccess->vm_event);
-
/* Enable mem_access */
xenaccess->vm_event.ring_page =
xc_mem_access_enable(xenaccess->xc_handle,
@@ -314,19 +264,24 @@ xenaccess_t *xenaccess_init(xc_interface **xch_r, domid_t domain_id)
return xenaccess;
err:
- xenaccess_teardown(xch, xenaccess);
+ rc = xenaccess_teardown(xch, xenaccess);
+ if ( rc )
+ {
+ ERROR("Failed to teardown xenaccess structure!\n");
+ }
err_iface:
return NULL;
}
-int get_request(vm_event_t *vm_event, vm_event_request_t *req)
+/*
+ * Note that this function is not thread safe.
+ */
+static void get_request(vm_event_t *vm_event, vm_event_request_t *req)
{
vm_event_back_ring_t *back_ring;
RING_IDX req_cons;
- vm_event_ring_lock(vm_event);
-
back_ring = &vm_event->back_ring;
req_cons = back_ring->req_cons;
@@ -337,19 +292,16 @@ int get_request(vm_event_t *vm_event, vm_event_request_t *req)
/* Update ring */
back_ring->req_cons = req_cons;
back_ring->sring->req_event = req_cons + 1;
-
- vm_event_ring_unlock(vm_event);
-
- return 0;
}
-static int put_response(vm_event_t *vm_event, vm_event_response_t *rsp)
+/*
+ * Note that this function is not thread safe.
+ */
+static void put_response(vm_event_t *vm_event, vm_event_response_t *rsp)
{
vm_event_back_ring_t *back_ring;
RING_IDX rsp_prod;
- vm_event_ring_lock(vm_event);
-
back_ring = &vm_event->back_ring;
rsp_prod = back_ring->rsp_prod_pvt;
@@ -360,10 +312,6 @@ static int put_response(vm_event_t *vm_event, vm_event_response_t *rsp)
/* Update ring */
back_ring->rsp_prod_pvt = rsp_prod;
RING_PUSH_RESPONSES(back_ring);
-
- vm_event_ring_unlock(vm_event);
-
- return 0;
}
static int xenaccess_resume_page(xenaccess_t *paging, vm_event_response_t *rsp)
@@ -371,16 +319,13 @@ static int xenaccess_resume_page(xenaccess_t *paging, vm_event_response_t *rsp)
int ret;
/* Put the page info on the ring */
- ret = put_response(&paging->vm_event, rsp);
- if ( ret != 0 )
- goto out;
+ put_response(&paging->vm_event, rsp);
/* Tell Xen page is ready */
ret = xc_mem_access_resume(paging->xc_handle, paging->vm_event.domain_id);
ret = xc_evtchn_notify(paging->vm_event.xce_handle,
paging->vm_event.port);
- out:
return ret;
}
@@ -543,13 +488,7 @@ int main(int argc, char *argv[])
{
xenmem_access_t access;
- rc = get_request(&xenaccess->vm_event, &req);
- if ( rc != 0 )
- {
- ERROR("Error getting request");
- interrupted = -1;
- continue;
- }
+ get_request(&xenaccess->vm_event, &req);
if ( req.version != VM_EVENT_INTERFACE_VERSION )
{
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 09/12] x86/hvm: factor out and rename vm_event related functions into separate file
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
` (7 preceding siblings ...)
2015-01-29 21:46 ` [RFC PATCH V3 08/12] tools/tests: Clean-up tools/tests/xen-access Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-02-04 5:54 ` Tian, Kevin
2015-02-04 9:14 ` Jan Beulich
2015-01-29 21:46 ` [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl Tamas K Lengyel
` (3 subsequent siblings)
12 siblings, 2 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
To avoid growing hvm.c these functions can be stored
separately.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
v3: Style fixes and removing unused fields from msr events.
---
xen/arch/x86/hvm/Makefile | 3 +-
xen/arch/x86/hvm/event.c | 203 ++++++++++++++++++++++++++++++++++++++++
xen/arch/x86/hvm/hvm.c | 169 +--------------------------------
xen/arch/x86/hvm/vmx/vmx.c | 7 +-
xen/include/asm-x86/hvm/event.h | 40 ++++++++
xen/include/asm-x86/hvm/hvm.h | 11 ---
6 files changed, 254 insertions(+), 179 deletions(-)
create mode 100644 xen/arch/x86/hvm/event.c
create mode 100644 xen/include/asm-x86/hvm/event.h
diff --git a/xen/arch/x86/hvm/Makefile b/xen/arch/x86/hvm/Makefile
index eea5555..69af47f 100644
--- a/xen/arch/x86/hvm/Makefile
+++ b/xen/arch/x86/hvm/Makefile
@@ -3,6 +3,7 @@ subdir-y += vmx
obj-y += asid.o
obj-y += emulate.o
+obj-y += event.o
obj-y += hpet.o
obj-y += hvm.o
obj-y += i8254.o
@@ -22,4 +23,4 @@ obj-y += vlapic.o
obj-y += vmsi.o
obj-y += vpic.o
obj-y += vpt.o
-obj-y += vpmu.o
\ No newline at end of file
+obj-y += vpmu.o
diff --git a/xen/arch/x86/hvm/event.c b/xen/arch/x86/hvm/event.c
new file mode 100644
index 0000000..65f80a7
--- /dev/null
+++ b/xen/arch/x86/hvm/event.c
@@ -0,0 +1,203 @@
+/*
+* event.c: Common hardware virtual machine event abstractions.
+*
+* Copyright (c) 2004, Intel Corporation.
+* Copyright (c) 2005, International Business Machines Corporation.
+* Copyright (c) 2008, Citrix Systems, Inc.
+*
+* This program is free software; you can redistribute it and/or modify it
+* under the terms and conditions of the GNU General Public License,
+* version 2, as published by the Free Software Foundation.
+*
+* This program is distributed in the hope it will be useful, but WITHOUT
+* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+* more details.
+*
+* You should have received a copy of the GNU General Public License along with
+* this program; if not, write to the Free Software Foundation, Inc., 59 Temple
+* Place - Suite 330, Boston, MA 02111-1307 USA.
+*/
+
+#include <xen/vm_event.h>
+#include <xen/paging.h>
+#include <public/vm_event.h>
+
+static void hvm_event_fill_regs(vm_event_request_t *req)
+{
+ const struct cpu_user_regs *regs = guest_cpu_user_regs();
+ const struct vcpu *curr = current;
+
+ req->regs.x86.rax = regs->eax;
+ req->regs.x86.rcx = regs->ecx;
+ req->regs.x86.rdx = regs->edx;
+ req->regs.x86.rbx = regs->ebx;
+ req->regs.x86.rsp = regs->esp;
+ req->regs.x86.rbp = regs->ebp;
+ req->regs.x86.rsi = regs->esi;
+ req->regs.x86.rdi = regs->edi;
+
+ req->regs.x86.r8 = regs->r8;
+ req->regs.x86.r9 = regs->r9;
+ req->regs.x86.r10 = regs->r10;
+ req->regs.x86.r11 = regs->r11;
+ req->regs.x86.r12 = regs->r12;
+ req->regs.x86.r13 = regs->r13;
+ req->regs.x86.r14 = regs->r14;
+ req->regs.x86.r15 = regs->r15;
+
+ req->regs.x86.rflags = regs->eflags;
+ req->regs.x86.rip = regs->eip;
+
+ req->regs.x86.msr_efer = curr->arch.hvm_vcpu.guest_efer;
+ req->regs.x86.cr0 = curr->arch.hvm_vcpu.guest_cr[0];
+ req->regs.x86.cr3 = curr->arch.hvm_vcpu.guest_cr[3];
+ req->regs.x86.cr4 = curr->arch.hvm_vcpu.guest_cr[4];
+}
+
+static int hvm_event_traps(long parameters, vm_event_request_t *req)
+{
+ int rc;
+ struct vcpu *curr = current;
+ struct domain *currd = curr->domain;
+
+ if ( !(parameters & HVMPME_MODE_MASK) )
+ return 0;
+
+ rc = vm_event_claim_slot(currd, &currd->vm_event->monitor);
+ if ( rc == -ENOSYS )
+ {
+ /* If there was no ring to handle the event, then
+ * simple continue executing normally. */
+ return 1;
+ }
+ else if ( rc < 0 )
+ return rc;
+
+ if ( (parameters & HVMPME_MODE_MASK) == HVMPME_mode_sync )
+ {
+ req->flags |= VM_EVENT_FLAG_VCPU_PAUSED;
+ vm_event_vcpu_pause(curr);
+ }
+
+ hvm_event_fill_regs(req);
+ vm_event_put_request(currd, &currd->vm_event->monitor, req);
+
+ return 1;
+}
+
+void hvm_event_cr0(unsigned long value, unsigned long old)
+{
+ struct vcpu *curr = current;
+ struct domain *currd = curr->domain;
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MOV_TO_CR0,
+ .vcpu_id = curr->vcpu_id,
+ .data.mov_to_cr.new_value = value,
+ .data.mov_to_cr.old_value = old
+ };
+
+ long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR0];
+
+ if ( (params & HVMPME_onchangeonly) && (value == old) )
+ return;
+
+ hvm_event_traps(params, &req);
+}
+
+void hvm_event_cr3(unsigned long value, unsigned long old)
+{
+ struct vcpu *curr = current;
+ struct domain *currd = curr->domain;
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MOV_TO_CR3,
+ .vcpu_id = curr->vcpu_id,
+ .data.mov_to_cr.new_value = value,
+ .data.mov_to_cr.old_value = old
+ };
+
+ long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR3];
+
+ if ( (params & HVMPME_onchangeonly) && (value == old) )
+ return;
+
+ hvm_event_traps(params, &req);
+}
+
+void hvm_event_cr4(unsigned long value, unsigned long old)
+{
+ struct vcpu *curr = current;
+ struct domain *currd = curr->domain;
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MOV_TO_CR4,
+ .vcpu_id = curr->vcpu_id,
+ .data.mov_to_cr.new_value = value,
+ .data.mov_to_cr.old_value = old
+ };
+
+ long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR4];
+
+ if ( (params & HVMPME_onchangeonly) && (value == old) )
+ return;
+
+ hvm_event_traps(params, &req);
+}
+
+void hvm_event_msr(unsigned long msr, unsigned long value)
+{
+ struct vcpu *curr = current;
+ struct domain *currd = curr->domain;
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_MOV_TO_MSR,
+ .vcpu_id = curr->vcpu_id,
+ .data.mov_to_msr.msr = msr,
+ .data.mov_to_msr.value = value,
+ };
+
+ long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_MSR];
+
+ hvm_event_traps(params, &req);
+}
+
+int hvm_event_int3(unsigned long gla)
+{
+ uint32_t pfec = PFEC_page_present;
+ struct vcpu *curr = current;
+ struct domain *currd = curr->domain;
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_SOFTWARE_BREAKPOINT,
+ .vcpu_id = curr->vcpu_id,
+ .data.software_breakpoint.gfn = paging_gva_to_gfn(curr, gla, &pfec)
+ };
+
+ long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_INT3];
+
+ return hvm_event_traps(params, &req);
+}
+
+int hvm_event_single_step(unsigned long gla)
+{
+ uint32_t pfec = PFEC_page_present;
+ struct vcpu *curr = current;
+ struct domain *currd = curr->domain;
+ vm_event_request_t req = {
+ .reason = VM_EVENT_REASON_SINGLESTEP,
+ .vcpu_id = curr->vcpu_id,
+ .data.singlestep.gfn = paging_gva_to_gfn(curr, gla, &pfec)
+ };
+
+ long params = currd->arch.hvm_domain
+ .params[HVM_PARAM_MEMORY_EVENT_SINGLE_STEP];
+
+ return hvm_event_traps(params, &req);
+}
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * tab-width: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index ce82447..97f769a 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -35,7 +35,6 @@
#include <xen/paging.h>
#include <xen/cpu.h>
#include <xen/wait.h>
-#include <xen/vm_event.h>
#include <xen/mem_access.h>
#include <xen/rangeset.h>
#include <asm/shadow.h>
@@ -60,6 +59,7 @@
#include <asm/hvm/cacheattr.h>
#include <asm/hvm/trace.h>
#include <asm/hvm/nestedhvm.h>
+#include <asm/hvm/event.h>
#include <asm/mtrr.h>
#include <asm/apic.h>
#include <public/sched.h>
@@ -3220,7 +3220,7 @@ int hvm_set_cr0(unsigned long value)
hvm_funcs.handle_cd(v, value);
hvm_update_cr(v, 0, value);
- hvm_memory_event_cr0(value, old_value);
+ hvm_event_cr0(value, old_value);
if ( (value ^ old_value) & X86_CR0_PG ) {
if ( !nestedhvm_vmswitch_in_progress(v) && nestedhvm_vcpu_in_guestmode(v) )
@@ -3261,7 +3261,7 @@ int hvm_set_cr3(unsigned long value)
old=v->arch.hvm_vcpu.guest_cr[3];
v->arch.hvm_vcpu.guest_cr[3] = value;
paging_update_cr3(v);
- hvm_memory_event_cr3(value, old);
+ hvm_event_cr3(value, old);
return X86EMUL_OKAY;
bad_cr3:
@@ -3302,7 +3302,7 @@ int hvm_set_cr4(unsigned long value)
}
hvm_update_cr(v, 4, value);
- hvm_memory_event_cr4(value, old_cr);
+ hvm_event_cr4(value, old_cr);
/*
* Modifying CR4.{PSE,PAE,PGE,SMEP}, or clearing CR4.PCIDE
@@ -4452,7 +4452,7 @@ int hvm_msr_write_intercept(unsigned int msr, uint64_t msr_content)
hvm_cpuid(1, NULL, NULL, NULL, &edx);
mtrr = !!(edx & cpufeat_mask(X86_FEATURE_MTRR));
- hvm_memory_event_msr(msr, msr_content);
+ hvm_event_msr(msr, msr_content);
switch ( msr )
{
@@ -6261,165 +6261,6 @@ int hvm_debug_op(struct vcpu *v, int32_t op)
return rc;
}
-static void hvm_mem_event_fill_regs(vm_event_request_t *req)
-{
- const struct cpu_user_regs *regs = guest_cpu_user_regs();
- const struct vcpu *curr = current;
-
- req->regs.x86.rax = regs->eax;
- req->regs.x86.rcx = regs->ecx;
- req->regs.x86.rdx = regs->edx;
- req->regs.x86.rbx = regs->ebx;
- req->regs.x86.rsp = regs->esp;
- req->regs.x86.rbp = regs->ebp;
- req->regs.x86.rsi = regs->esi;
- req->regs.x86.rdi = regs->edi;
-
- req->regs.x86.r8 = regs->r8;
- req->regs.x86.r9 = regs->r9;
- req->regs.x86.r10 = regs->r10;
- req->regs.x86.r11 = regs->r11;
- req->regs.x86.r12 = regs->r12;
- req->regs.x86.r13 = regs->r13;
- req->regs.x86.r14 = regs->r14;
- req->regs.x86.r15 = regs->r15;
-
- req->regs.x86.rflags = regs->eflags;
- req->regs.x86.rip = regs->eip;
-
- req->regs.x86.msr_efer = curr->arch.hvm_vcpu.guest_efer;
- req->regs.x86.cr0 = curr->arch.hvm_vcpu.guest_cr[0];
- req->regs.x86.cr3 = curr->arch.hvm_vcpu.guest_cr[3];
- req->regs.x86.cr4 = curr->arch.hvm_vcpu.guest_cr[4];
-}
-
-static int hvm_memory_event_traps(long parameters, vm_event_request_t *req)
-{
- int rc;
- struct vcpu *v = current;
- struct domain *d = v->domain;
-
- if ( !(parameters & HVMPME_MODE_MASK) )
- return 0;
-
- rc = vm_event_claim_slot(d, &d->vm_event->monitor);
- if ( rc == -ENOSYS )
- {
- /* If there was no ring to handle the event, then
- * simple continue executing normally. */
- return 1;
- }
- else if ( rc < 0 )
- return rc;
-
- if ( (parameters & HVMPME_MODE_MASK) == HVMPME_mode_sync )
- {
- req->flags |= VM_EVENT_FLAG_VCPU_PAUSED;
- vm_event_vcpu_pause(v);
- }
-
- hvm_mem_event_fill_regs(req);
- vm_event_put_request(d, &d->vm_event->monitor, req);
-
- return 1;
-}
-
-void hvm_memory_event_cr0(unsigned long value, unsigned long old)
-{
- vm_event_request_t req = {
- .reason = VM_EVENT_REASON_MOV_TO_CR0,
- .vcpu_id = current->vcpu_id,
- .data.mov_to_cr.new_value = value,
- .data.mov_to_cr.old_value = old
- };
-
- long parameters = current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_CR0];
-
- if ( (parameters & HVMPME_onchangeonly) && (value == old) )
- return;
-
- hvm_memory_event_traps(parameters, &req);
-}
-
-void hvm_memory_event_cr3(unsigned long value, unsigned long old)
-{
- vm_event_request_t req = {
- .reason = VM_EVENT_REASON_MOV_TO_CR3,
- .vcpu_id = current->vcpu_id,
- .data.mov_to_cr.new_value = value,
- .data.mov_to_cr.old_value = old
- };
-
- long parameters = current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_CR3];
-
- if ( (parameters & HVMPME_onchangeonly) && (value == old) )
- return;
-
- hvm_memory_event_traps(parameters, &req);
-}
-
-void hvm_memory_event_cr4(unsigned long value, unsigned long old)
-{
- vm_event_request_t req = {
- .reason = VM_EVENT_REASON_MOV_TO_CR4,
- .vcpu_id = current->vcpu_id,
- .data.mov_to_cr.new_value = value,
- .data.mov_to_cr.old_value = old
- };
-
- long parameters = current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_CR4];
-
- if ( (parameters & HVMPME_onchangeonly) && (value == old) )
- return;
-
- hvm_memory_event_traps(parameters, &req);
-}
-
-void hvm_memory_event_msr(unsigned long msr, unsigned long value)
-{
- vm_event_request_t req = {
- .reason = VM_EVENT_REASON_MOV_TO_MSR,
- .vcpu_id = current->vcpu_id,
- .data.mov_to_msr.msr = msr,
- .data.mov_to_msr.value = value,
- };
-
- hvm_memory_event_traps(current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_MSR],
- &req);
-}
-
-int hvm_memory_event_int3(unsigned long gla)
-{
- uint32_t pfec = PFEC_page_present;
- vm_event_request_t req = {
- .reason = VM_EVENT_REASON_SOFTWARE_BREAKPOINT,
- .vcpu_id = current->vcpu_id,
- .data.software_breakpoint.gfn = paging_gva_to_gfn(current, gla, &pfec)
- };
-
- return hvm_memory_event_traps(current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_INT3],
- &req);
-}
-
-int hvm_memory_event_single_step(unsigned long gla)
-{
- uint32_t pfec = PFEC_page_present;
- vm_event_request_t req = {
- .reason = VM_EVENT_REASON_SINGLESTEP,
- .vcpu_id = current->vcpu_id,
- .data.singlestep.gfn = paging_gva_to_gfn(current, gla, &pfec)
- };
-
- return hvm_memory_event_traps(current->domain->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_SINGLE_STEP],
- &req);
-}
-
int nhvm_vcpu_hostrestore(struct vcpu *v, struct cpu_user_regs *regs)
{
if (hvm_funcs.nhvm_vcpu_hostrestore)
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index 522892f..c5e6771 100644
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -52,6 +52,7 @@
#include <asm/hvm/vpt.h>
#include <public/hvm/save.h>
#include <asm/hvm/trace.h>
+#include <asm/hvm/event.h>
#include <asm/xenoprof.h>
#include <asm/debugger.h>
#include <asm/apic.h>
@@ -1970,7 +1971,7 @@ static int vmx_cr_access(unsigned long exit_qualification)
unsigned long old = curr->arch.hvm_vcpu.guest_cr[0];
curr->arch.hvm_vcpu.guest_cr[0] &= ~X86_CR0_TS;
vmx_update_guest_cr(curr, 0);
- hvm_memory_event_cr0(curr->arch.hvm_vcpu.guest_cr[0], old);
+ hvm_event_cr0(curr->arch.hvm_vcpu.guest_cr[0], old);
HVMTRACE_0D(CLTS);
break;
}
@@ -2819,7 +2820,7 @@ void vmx_vmexit_handler(struct cpu_user_regs *regs)
break;
}
else {
- int handled = hvm_memory_event_int3(regs->eip);
+ int handled = hvm_event_int3(regs->eip);
if ( handled < 0 )
{
@@ -3136,7 +3137,7 @@ void vmx_vmexit_handler(struct cpu_user_regs *regs)
v->arch.hvm_vmx.exec_control &= ~CPU_BASED_MONITOR_TRAP_FLAG;
vmx_update_cpu_exec_control(v);
if ( v->arch.hvm_vcpu.single_step ) {
- hvm_memory_event_single_step(regs->eip);
+ hvm_event_single_step(regs->eip);
if ( v->domain->debugger_attached )
domain_pause_for_debugger();
}
diff --git a/xen/include/asm-x86/hvm/event.h b/xen/include/asm-x86/hvm/event.h
new file mode 100644
index 0000000..5a498a9
--- /dev/null
+++ b/xen/include/asm-x86/hvm/event.h
@@ -0,0 +1,40 @@
+/*
+ * event.h: Hardware virtual machine assist events.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms and conditions of the GNU General Public License,
+ * version 2, as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
+ * Place - Suite 330, Boston, MA 02111-1307 USA.
+ */
+
+#ifndef __ASM_X86_HVM_EVENT_H__
+#define __ASM_X86_HVM_EVENT_H__
+
+/* Called for current VCPU on crX changes by guest */
+void hvm_event_cr0(unsigned long value, unsigned long old);
+void hvm_event_cr3(unsigned long value, unsigned long old);
+void hvm_event_cr4(unsigned long value, unsigned long old);
+void hvm_event_msr(unsigned long msr, unsigned long value);
+/* Called for current VCPU on int3: returns -1 if no listener */
+int hvm_event_int3(unsigned long gla);
+int hvm_event_single_step(unsigned long gla);
+
+#endif /* __ASM_X86_HVM_EVENT_H__ */
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * tab-width: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
diff --git a/xen/include/asm-x86/hvm/hvm.h b/xen/include/asm-x86/hvm/hvm.h
index e3d2d9a..c77076a 100644
--- a/xen/include/asm-x86/hvm/hvm.h
+++ b/xen/include/asm-x86/hvm/hvm.h
@@ -473,17 +473,6 @@ int hvm_hap_nested_page_fault(paddr_t gpa, unsigned long gla,
int hvm_x2apic_msr_read(struct vcpu *v, unsigned int msr, uint64_t *msr_content);
int hvm_x2apic_msr_write(struct vcpu *v, unsigned int msr, uint64_t msr_content);
-/* Called for current VCPU on crX changes by guest */
-void hvm_memory_event_cr0(unsigned long value, unsigned long old);
-void hvm_memory_event_cr3(unsigned long value, unsigned long old);
-void hvm_memory_event_cr4(unsigned long value, unsigned long old);
-void hvm_memory_event_msr(unsigned long msr, unsigned long value);
-/* Called for current VCPU on int3: returns -1 if no listener */
-int hvm_memory_event_int3(unsigned long gla);
-
-/* Called for current VCPU on single step: returns -1 if no listener */
-int hvm_memory_event_single_step(unsigned long gla);
-
/*
* Nested HVM
*/
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
` (8 preceding siblings ...)
2015-01-29 21:46 ` [RFC PATCH V3 09/12] x86/hvm: factor out and rename vm_event related functions into separate file Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-01-30 7:58 ` Razvan Cojocaru
` (3 more replies)
2015-01-29 21:46 ` [RFC PATCH V3 11/12] xen/vm_event: Decouple vm_event and mem_access Tamas K Lengyel
` (2 subsequent siblings)
12 siblings, 4 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
In preparation for allowing for introspecting ARM and PV domains the old
control interface via the hvm_op hypercall is retired. A new control mechanism
is introduced via the domctl hypercall: monitor_op.
This patch aims to establish a base API on which future applications can build
on.
Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
tools/libxc/Makefile | 1 +
tools/libxc/include/xenctrl.h | 19 ++++
tools/libxc/xc_mem_access.c | 9 +-
tools/libxc/xc_monitor.c | 118 +++++++++++++++++++++
tools/libxc/xc_private.h | 2 +-
tools/libxc/xc_vm_event.c | 7 +-
tools/tests/xen-access/xen-access.c | 14 +--
xen/arch/x86/Makefile | 1 +
xen/arch/x86/hvm/event.c | 41 ++------
xen/arch/x86/hvm/hvm.c | 38 +------
xen/arch/x86/hvm/vmx/vmcs.c | 4 +-
xen/arch/x86/hvm/vmx/vmx.c | 2 +-
xen/arch/x86/mm/p2m.c | 9 --
xen/arch/x86/monitor.c | 197 ++++++++++++++++++++++++++++++++++++
xen/common/domctl.c | 11 ++
xen/common/vm_event.c | 7 --
xen/include/asm-arm/monitor.h | 13 +++
xen/include/asm-x86/domain.h | 45 ++++++++
xen/include/asm-x86/monitor.h | 9 ++
xen/include/public/domctl.h | 55 +++++++++-
xen/include/public/hvm/params.h | 15 ---
xen/include/public/vm_event.h | 2 +-
22 files changed, 495 insertions(+), 124 deletions(-)
create mode 100644 tools/libxc/xc_monitor.c
create mode 100644 xen/arch/x86/monitor.c
create mode 100644 xen/include/asm-arm/monitor.h
create mode 100644 xen/include/asm-x86/monitor.h
diff --git a/tools/libxc/Makefile b/tools/libxc/Makefile
index 6ef17ec..2d79e7c 100644
--- a/tools/libxc/Makefile
+++ b/tools/libxc/Makefile
@@ -27,6 +27,7 @@ CTRL_SRCS-y += xc_cpu_hotplug.c
CTRL_SRCS-y += xc_resume.c
CTRL_SRCS-y += xc_tmem.c
CTRL_SRCS-y += xc_vm_event.c
+CTRL_SRCS-y += xc_monitor.c
CTRL_SRCS-y += xc_mem_paging.c
CTRL_SRCS-y += xc_mem_access.c
CTRL_SRCS-y += xc_memshr.c
diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h
index 0ad8b8d..6428365 100644
--- a/tools/libxc/include/xenctrl.h
+++ b/tools/libxc/include/xenctrl.h
@@ -2308,6 +2308,25 @@ int xc_get_mem_access(xc_interface *xch, domid_t domain_id,
uint64_t pfn, xenmem_access_t *access);
/***
+ * Monitor control operations.
+ */
+int xc_monitor_mov_to_cr0(xc_interface *xch, domid_t domain_id,
+ unsigned int op, unsigned int sync,
+ unsigned int onchangeonly);
+int xc_monitor_mov_to_cr3(xc_interface *xch, domid_t domain_id,
+ unsigned int op, unsigned int sync,
+ unsigned int onchangeonly);
+int xc_monitor_mov_to_cr4(xc_interface *xch, domid_t domain_id,
+ unsigned int op, unsigned int sync,
+ unsigned int onchangeonly);
+int xc_monitor_mov_to_msr(xc_interface *xch, domid_t domain_id,
+ unsigned int op, unsigned int extended_capture);
+int xc_monitor_singlestep(xc_interface *xch, domid_t domain_id,
+ unsigned int op);
+int xc_monitor_software_breakpoint(xc_interface *xch, domid_t domain_id,
+ unsigned int op);
+
+/***
* Memory sharing operations.
*
* Unles otherwise noted, these calls return 0 on succes, -1 and errno on
diff --git a/tools/libxc/xc_mem_access.c b/tools/libxc/xc_mem_access.c
index aa6e777..70cc8d0 100644
--- a/tools/libxc/xc_mem_access.c
+++ b/tools/libxc/xc_mem_access.c
@@ -27,14 +27,7 @@
void *xc_mem_access_enable(xc_interface *xch, domid_t domain_id, uint32_t *port)
{
return xc_vm_event_enable(xch, domain_id, HVM_PARAM_MONITOR_RING_PFN,
- port, 0);
-}
-
-void *xc_mem_access_enable_introspection(xc_interface *xch, domid_t domain_id,
- uint32_t *port)
-{
- return xc_vm_event_enable(xch, domain_id, HVM_PARAM_MONITOR_RING_PFN,
- port, 1);
+ port);
}
int xc_mem_access_disable(xc_interface *xch, domid_t domain_id)
diff --git a/tools/libxc/xc_monitor.c b/tools/libxc/xc_monitor.c
new file mode 100644
index 0000000..ee5a37b
--- /dev/null
+++ b/tools/libxc/xc_monitor.c
@@ -0,0 +1,118 @@
+/******************************************************************************
+ *
+ * xc_monitor.c
+ *
+ * Interface to VM event monitor
+ *
+ * Copyright (c) 2015 Tamas K Lengyel (tamas@tklengyel.com)
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include "xc_private.h"
+
+int xc_monitor_mov_to_cr0(xc_interface *xch, domid_t domain_id,
+ unsigned int op, unsigned int sync,
+ unsigned int onchangeonly)
+{
+ DECLARE_DOMCTL;
+
+ domctl.cmd = XEN_DOMCTL_monitor_op;
+ domctl.domain = domain_id;
+ domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
+ : XEN_DOMCTL_MONITOR_OP_DISABLE;
+ domctl.u.monitor_op.subop = XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR0;
+ domctl.u.monitor_op.options.mov_to_cr0.sync = sync;
+ domctl.u.monitor_op.options.mov_to_cr0.onchangeonly = onchangeonly;
+
+ return do_domctl(xch, &domctl);
+}
+
+int xc_monitor_mov_to_cr3(xc_interface *xch, domid_t domain_id,
+ unsigned int op, unsigned int sync,
+ unsigned int onchangeonly)
+{
+ DECLARE_DOMCTL;
+
+ domctl.cmd = XEN_DOMCTL_monitor_op;
+ domctl.domain = domain_id;
+ domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
+ : XEN_DOMCTL_MONITOR_OP_DISABLE;
+ domctl.u.monitor_op.subop = XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR3;
+ domctl.u.monitor_op.options.mov_to_cr3.sync = sync;
+ domctl.u.monitor_op.options.mov_to_cr3.onchangeonly = onchangeonly;
+
+ return do_domctl(xch, &domctl);
+}
+
+int xc_monitor_mov_to_cr4(xc_interface *xch, domid_t domain_id,
+ unsigned int op, unsigned int sync,
+ unsigned int onchangeonly)
+{
+ DECLARE_DOMCTL;
+
+ domctl.cmd = XEN_DOMCTL_monitor_op;
+ domctl.domain = domain_id;
+ domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
+ : XEN_DOMCTL_MONITOR_OP_DISABLE;
+ domctl.u.monitor_op.subop = XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR4;
+ domctl.u.monitor_op.options.mov_to_cr4.sync = sync;
+ domctl.u.monitor_op.options.mov_to_cr4.onchangeonly = onchangeonly;
+
+ return do_domctl(xch, &domctl);
+}
+
+int xc_monitor_mov_to_msr(xc_interface *xch, domid_t domain_id,
+ unsigned int op, unsigned int extended_capture)
+{
+ DECLARE_DOMCTL;
+
+ domctl.cmd = XEN_DOMCTL_monitor_op;
+ domctl.domain = domain_id;
+ domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
+ : XEN_DOMCTL_MONITOR_OP_DISABLE;
+ domctl.u.monitor_op.subop = XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_MSR;
+ domctl.u.monitor_op.options.mov_to_msr.extended_capture = extended_capture;
+
+ return do_domctl(xch, &domctl);
+}
+
+int xc_monitor_software_breakpoint(xc_interface *xch, domid_t domain_id,
+ unsigned int op)
+{
+ DECLARE_DOMCTL;
+
+ domctl.cmd = XEN_DOMCTL_monitor_op;
+ domctl.domain = domain_id;
+ domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
+ : XEN_DOMCTL_MONITOR_OP_DISABLE;
+ domctl.u.monitor_op.subop = XEN_DOMCTL_MONITOR_SUBOP_SOFTWARE_BREAKPOINT;
+
+ return do_domctl(xch, &domctl);
+}
+
+int xc_monitor_singlestep(xc_interface *xch, domid_t domain_id,
+ unsigned int op)
+{
+ DECLARE_DOMCTL;
+
+ domctl.cmd = XEN_DOMCTL_monitor_op;
+ domctl.domain = domain_id;
+ domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
+ : XEN_DOMCTL_MONITOR_OP_DISABLE;
+ domctl.u.monitor_op.subop = XEN_DOMCTL_MONITOR_SUBOP_SINGLESTEP;
+
+ return do_domctl(xch, &domctl);
+}
diff --git a/tools/libxc/xc_private.h b/tools/libxc/xc_private.h
index 843540c..9f55309 100644
--- a/tools/libxc/xc_private.h
+++ b/tools/libxc/xc_private.h
@@ -430,6 +430,6 @@ int xc_vm_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
* param can be HVM_PARAM_PAGING/ACCESS/SHARING_RING_PFN
*/
void *xc_vm_event_enable(xc_interface *xch, domid_t domain_id, int param,
- uint32_t *port, int enable_introspection);
+ uint32_t *port);
#endif /* __XC_PRIVATE_H__ */
diff --git a/tools/libxc/xc_vm_event.c b/tools/libxc/xc_vm_event.c
index bd14c9d..12d2169 100644
--- a/tools/libxc/xc_vm_event.c
+++ b/tools/libxc/xc_vm_event.c
@@ -41,7 +41,7 @@ int xc_vm_event_control(xc_interface *xch, domid_t domain_id, unsigned int op,
}
void *xc_vm_event_enable(xc_interface *xch, domid_t domain_id, int param,
- uint32_t *port, int enable_introspection)
+ uint32_t *port)
{
void *ring_page = NULL;
uint64_t pfn;
@@ -104,10 +104,7 @@ void *xc_vm_event_enable(xc_interface *xch, domid_t domain_id, int param,
break;
case HVM_PARAM_MONITOR_RING_PFN:
- if ( enable_introspection )
- op = XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION;
- else
- op = XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE;
+ op = XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE;
mode = XEN_DOMCTL_VM_EVENT_OP_MONITOR;
break;
diff --git a/tools/tests/xen-access/xen-access.c b/tools/tests/xen-access/xen-access.c
index c9aaed4..5411eab 100644
--- a/tools/tests/xen-access/xen-access.c
+++ b/tools/tests/xen-access/xen-access.c
@@ -447,13 +447,13 @@ int main(int argc, char *argv[])
}
if ( int3 )
- rc = xc_hvm_param_set(xch, domain_id, HVM_PARAM_MEMORY_EVENT_INT3, HVMPME_mode_sync);
- else
- rc = xc_hvm_param_set(xch, domain_id, HVM_PARAM_MEMORY_EVENT_INT3, HVMPME_mode_disabled);
- if ( rc < 0 )
{
- ERROR("Error %d setting int3 vm_event\n", rc);
- goto exit;
+ rc = xc_monitor_software_breakpoint(xch, domain_id, 1);
+ if ( rc < 0 )
+ {
+ ERROR("Error %d setting int3 vm_event\n", rc);
+ goto exit;
+ }
}
/* Wait for access */
@@ -467,7 +467,7 @@ int main(int argc, char *argv[])
rc = xc_set_mem_access(xch, domain_id, XENMEM_access_rwx, ~0ull, 0);
rc = xc_set_mem_access(xch, domain_id, XENMEM_access_rwx, 0,
xenaccess->domain_info->max_pages);
- rc = xc_hvm_param_set(xch, domain_id, HVM_PARAM_MEMORY_EVENT_INT3, HVMPME_mode_disabled);
+ rc = xc_monitor_software_breakpoint(xch, domain_id, 0);
shutting_down = 1;
}
diff --git a/xen/arch/x86/Makefile b/xen/arch/x86/Makefile
index 86ca5f8..37e547c 100644
--- a/xen/arch/x86/Makefile
+++ b/xen/arch/x86/Makefile
@@ -36,6 +36,7 @@ obj-y += microcode_intel.o
# This must come after the vendor specific files.
obj-y += microcode.o
obj-y += mm.o
+obj-y += monitor.o
obj-y += mpparse.o
obj-y += nmi.o
obj-y += numa.o
diff --git a/xen/arch/x86/hvm/event.c b/xen/arch/x86/hvm/event.c
index 65f80a7..34975b4 100644
--- a/xen/arch/x86/hvm/event.c
+++ b/xen/arch/x86/hvm/event.c
@@ -55,15 +55,12 @@ static void hvm_event_fill_regs(vm_event_request_t *req)
req->regs.x86.cr4 = curr->arch.hvm_vcpu.guest_cr[4];
}
-static int hvm_event_traps(long parameters, vm_event_request_t *req)
+static int hvm_event_traps(uint8_t sync, vm_event_request_t *req)
{
int rc;
struct vcpu *curr = current;
struct domain *currd = curr->domain;
- if ( !(parameters & HVMPME_MODE_MASK) )
- return 0;
-
rc = vm_event_claim_slot(currd, &currd->vm_event->monitor);
if ( rc == -ENOSYS )
{
@@ -74,7 +71,7 @@ static int hvm_event_traps(long parameters, vm_event_request_t *req)
else if ( rc < 0 )
return rc;
- if ( (parameters & HVMPME_MODE_MASK) == HVMPME_mode_sync )
+ if ( sync )
{
req->flags |= VM_EVENT_FLAG_VCPU_PAUSED;
vm_event_vcpu_pause(curr);
@@ -97,12 +94,10 @@ void hvm_event_cr0(unsigned long value, unsigned long old)
.data.mov_to_cr.old_value = old
};
- long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR0];
-
- if ( (params & HVMPME_onchangeonly) && (value == old) )
+ if ( currd->arch.monitor_options.mov_to_cr0.onchangeonly && value == old )
return;
- hvm_event_traps(params, &req);
+ hvm_event_traps(currd->arch.monitor_options.mov_to_cr0.sync, &req);
}
void hvm_event_cr3(unsigned long value, unsigned long old)
@@ -116,12 +111,10 @@ void hvm_event_cr3(unsigned long value, unsigned long old)
.data.mov_to_cr.old_value = old
};
- long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR3];
-
- if ( (params & HVMPME_onchangeonly) && (value == old) )
+ if ( currd->arch.monitor_options.mov_to_cr3.onchangeonly && value == old )
return;
- hvm_event_traps(params, &req);
+ hvm_event_traps(currd->arch.monitor_options.mov_to_cr3.sync, &req);
}
void hvm_event_cr4(unsigned long value, unsigned long old)
@@ -135,18 +128,15 @@ void hvm_event_cr4(unsigned long value, unsigned long old)
.data.mov_to_cr.old_value = old
};
- long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR4];
-
- if ( (params & HVMPME_onchangeonly) && (value == old) )
+ if ( currd->arch.monitor_options.mov_to_cr4.onchangeonly && value == old )
return;
- hvm_event_traps(params, &req);
+ hvm_event_traps(currd->arch.monitor_options.mov_to_cr3.sync, &req);
}
void hvm_event_msr(unsigned long msr, unsigned long value)
{
struct vcpu *curr = current;
- struct domain *currd = curr->domain;
vm_event_request_t req = {
.reason = VM_EVENT_REASON_MOV_TO_MSR,
.vcpu_id = curr->vcpu_id,
@@ -154,42 +144,33 @@ void hvm_event_msr(unsigned long msr, unsigned long value)
.data.mov_to_msr.value = value,
};
- long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_MSR];
-
- hvm_event_traps(params, &req);
+ hvm_event_traps(1, &req);
}
int hvm_event_int3(unsigned long gla)
{
uint32_t pfec = PFEC_page_present;
struct vcpu *curr = current;
- struct domain *currd = curr->domain;
vm_event_request_t req = {
.reason = VM_EVENT_REASON_SOFTWARE_BREAKPOINT,
.vcpu_id = curr->vcpu_id,
.data.software_breakpoint.gfn = paging_gva_to_gfn(curr, gla, &pfec)
};
- long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_INT3];
-
- return hvm_event_traps(params, &req);
+ return hvm_event_traps(1, &req);
}
int hvm_event_single_step(unsigned long gla)
{
uint32_t pfec = PFEC_page_present;
struct vcpu *curr = current;
- struct domain *currd = curr->domain;
vm_event_request_t req = {
.reason = VM_EVENT_REASON_SINGLESTEP,
.vcpu_id = curr->vcpu_id,
.data.singlestep.gfn = paging_gva_to_gfn(curr, gla, &pfec)
};
- long params = currd->arch.hvm_domain
- .params[HVM_PARAM_MEMORY_EVENT_SINGLE_STEP];
-
- return hvm_event_traps(params, &req);
+ return hvm_event_traps(1, &req);
}
/*
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 97f769a..0baeee3 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -5727,23 +5727,6 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg)
case HVM_PARAM_ACPI_IOPORTS_LOCATION:
rc = pmtimer_change_ioport(d, a.value);
break;
- case HVM_PARAM_MEMORY_EVENT_CR0:
- case HVM_PARAM_MEMORY_EVENT_CR3:
- case HVM_PARAM_MEMORY_EVENT_CR4:
- if ( d == current->domain )
- rc = -EPERM;
- break;
- case HVM_PARAM_MEMORY_EVENT_INT3:
- case HVM_PARAM_MEMORY_EVENT_SINGLE_STEP:
- case HVM_PARAM_MEMORY_EVENT_MSR:
- if ( d == current->domain )
- {
- rc = -EPERM;
- break;
- }
- if ( a.value & HVMPME_onchangeonly )
- rc = -EINVAL;
- break;
case HVM_PARAM_NESTEDHVM:
rc = xsm_hvm_param_nested(XSM_PRIV, d);
if ( rc )
@@ -5802,29 +5785,10 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg)
}
}
- if ( rc == 0 )
+ if ( rc == 0 )
{
d->arch.hvm_domain.params[a.index] = a.value;
-
- switch( a.index )
- {
- case HVM_PARAM_MEMORY_EVENT_INT3:
- case HVM_PARAM_MEMORY_EVENT_SINGLE_STEP:
- {
- domain_pause(d);
- domain_unpause(d); /* Causes guest to latch new status */
- break;
- }
- case HVM_PARAM_MEMORY_EVENT_CR3:
- {
- for_each_vcpu ( d, v )
- hvm_funcs.update_guest_cr(v, 0); /* Latches new CR3 mask through CR0 code */
- break;
- }
- }
-
}
-
}
else
{
diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
index 0f2b2e6..9787f3f 100644
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -1375,8 +1375,8 @@ void vmx_do_resume(struct vcpu *v)
}
debug_state = v->domain->debugger_attached
- || v->domain->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_INT3]
- || v->domain->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_SINGLE_STEP];
+ || v->domain->arch.monitor_options.software_breakpoint.enabled
+ || v->domain->arch.monitor_options.singlestep.enabled;
if ( unlikely(v->arch.hvm_vcpu.debug_state_latch != debug_state) )
{
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index c5e6771..ce3dcbd 100644
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -1232,7 +1232,7 @@ static void vmx_update_guest_cr(struct vcpu *v, unsigned int cr)
v->arch.hvm_vmx.exec_control |= cr3_ctls;
/* Trap CR3 updates if CR3 memory events are enabled. */
- if ( v->domain->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR3] )
+ if ( v->domain->arch.monitor_options.mov_to_cr3.enabled )
v->arch.hvm_vmx.exec_control |= CPU_BASED_CR3_LOAD_EXITING;
vmx_update_cpu_exec_control(v);
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index c7a0bde..3b58700 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -1445,15 +1445,6 @@ void p2m_vm_event_emulate_check(struct vcpu *v, const vm_event_response_t *rsp)
}
}
-void p2m_setup_introspection(struct domain *d)
-{
- if ( hvm_funcs.enable_msr_exit_interception )
- {
- d->arch.hvm_domain.introspection_enabled = 1;
- hvm_funcs.enable_msr_exit_interception(d);
- }
-}
-
bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
struct npfec npfec,
vm_event_request_t **req_ptr)
diff --git a/xen/arch/x86/monitor.c b/xen/arch/x86/monitor.c
new file mode 100644
index 0000000..c172aaf
--- /dev/null
+++ b/xen/arch/x86/monitor.c
@@ -0,0 +1,197 @@
+/*
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public
+ * License v2 as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public
+ * License along with this program; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ * Boston, MA 021110-1307, USA.
+ */
+
+#include <xen/config.h>
+#include <xen/sched.h>
+#include <xen/mm.h>
+#include <asm/domain.h>
+
+#define DISABLE_OPTION(option) \
+ if ( !option->enabled ) \
+ return -EFAULT; \
+ memset(option, 0, sizeof(*option))
+
+int monitor_domctl(struct xen_domctl_monitor_op *domctl, struct domain *d)
+{
+ /*
+ * At the moment only HVM domains are supported. However, event delivery
+ * could be extended to PV domains. See comments below.
+ */
+ if ( !is_hvm_domain(d) )
+ return -ENOSYS;
+
+ if ( domctl->op != XEN_DOMCTL_MONITOR_OP_ENABLE &&
+ domctl->op != XEN_DOMCTL_MONITOR_OP_DISABLE )
+ return -EFAULT;
+
+ switch ( domctl->subop )
+ {
+ case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR0:
+ {
+ /* Note: could be supported on PV domains. */
+ struct mov_to_cr0 *options = &d->arch.monitor_options.mov_to_cr0;
+
+ if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
+ {
+ if ( options->enabled )
+ return -EBUSY;
+
+ options->enabled = 1;
+ options->sync = domctl->options.mov_to_cr0.sync;
+ options->onchangeonly = domctl->options.mov_to_cr0.onchangeonly;
+ }
+ else
+ {
+ DISABLE_OPTION(options);
+ }
+ break;
+ }
+ case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR3:
+ {
+ /* Note: could be supported on PV domains. */
+ struct vcpu *v;
+ struct mov_to_cr3 *options = &d->arch.monitor_options.mov_to_cr3;
+
+ if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
+ {
+ if ( options->enabled )
+ return -EBUSY;
+
+ options->enabled = 1;
+ options->sync = domctl->options.mov_to_cr3.sync;
+ options->onchangeonly = domctl->options.mov_to_cr3.onchangeonly;
+ }
+ else
+ {
+ DISABLE_OPTION(options);
+ }
+
+ /* Latches new CR3 mask through CR0 code */
+ for_each_vcpu ( d, v )
+ hvm_funcs.update_guest_cr(v, 0);
+ break;
+ }
+
+ case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR4:
+ {
+ /* Note: could be supported on PV domains. */
+ struct mov_to_cr4 *options = &d->arch.monitor_options.mov_to_cr4;
+
+ if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
+ {
+ if ( options->enabled )
+ return -EBUSY;
+
+ options->enabled = 1;
+ options->sync = domctl->options.mov_to_cr4.sync;
+ options->onchangeonly = domctl->options.mov_to_cr4.onchangeonly;
+ }
+ else
+ {
+ DISABLE_OPTION(options);
+ }
+ break;
+ }
+ case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_MSR:
+ {
+ struct mov_to_msr *options = &d->arch.monitor_options.mov_to_msr;
+
+ if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
+ {
+ if ( options->enabled )
+ return -EBUSY;
+
+ options->enabled = 1;
+
+ if ( domctl->options.mov_to_msr.extended_capture )
+ {
+ if ( hvm_funcs.enable_msr_exit_interception )
+ {
+ options->extended_capture = 1;
+ hvm_funcs.enable_msr_exit_interception(d);
+ }
+ else
+ {
+ return -ENOSYS;
+ }
+ }
+ }
+ else
+ {
+ DISABLE_OPTION(options);
+ }
+
+ break;
+ }
+ case XEN_DOMCTL_MONITOR_SUBOP_SINGLESTEP:
+ {
+ struct singlestep *options = &d->arch.monitor_options.singlestep;
+
+ if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
+ {
+ if ( options->enabled )
+ return -EBUSY;
+
+ options->enabled = 1;
+ }
+ else
+ {
+ DISABLE_OPTION(options);
+ }
+
+ /* Causes guest to latch new status */
+ domain_pause(d);
+ domain_unpause(d);
+ break;
+ }
+ case XEN_DOMCTL_MONITOR_SUBOP_SOFTWARE_BREAKPOINT:
+ {
+ struct software_breakpoint *options =
+ &d->arch.monitor_options.software_breakpoint;
+
+ if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
+ {
+ if ( options->enabled )
+ return -EBUSY;
+
+ options->enabled = 1;
+ }
+ else
+ {
+ DISABLE_OPTION(options);
+ }
+
+ domain_pause(d);
+ domain_unpause(d); /* Causes guest to latch new status */
+ break;
+ }
+
+ default:
+ return -EFAULT;
+
+ };
+
+ return 0;
+}
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
diff --git a/xen/common/domctl.c b/xen/common/domctl.c
index 44d45d1..98c2dc6 100644
--- a/xen/common/domctl.c
+++ b/xen/common/domctl.c
@@ -29,6 +29,7 @@
#include <asm/irq.h>
#include <asm/page.h>
#include <asm/p2m.h>
+#include <asm/monitor.h>
#include <public/domctl.h>
#include <xsm/xsm.h>
@@ -1179,6 +1180,16 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
}
break;
+ case XEN_DOMCTL_monitor_op:
+ {
+ ret = -EPERM;
+ if ( current->domain == d )
+ break;
+
+ ret = monitor_domctl(&op->u.monitor_op, d);
+ }
+ break;
+
default:
ret = arch_do_domctl(op, d, u_domctl);
break;
diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c
index 0db899e..0b30750 100644
--- a/xen/common/vm_event.c
+++ b/xen/common/vm_event.c
@@ -617,16 +617,10 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
switch( vec->op )
{
case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE:
- case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
{
rc = vm_event_enable(d, vec, ved, _VPF_mem_access,
HVM_PARAM_MONITOR_RING_PFN,
mem_access_notification);
-
- if ( vec->op == XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
- && !rc )
- p2m_setup_introspection(d);
-
}
break;
@@ -635,7 +629,6 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
if ( ved->ring_page )
{
rc = vm_event_disable(d, ved);
- d->arch.hvm_domain.introspection_enabled = 0;
}
}
break;
diff --git a/xen/include/asm-arm/monitor.h b/xen/include/asm-arm/monitor.h
new file mode 100644
index 0000000..ef8f38a
--- /dev/null
+++ b/xen/include/asm-arm/monitor.h
@@ -0,0 +1,13 @@
+#ifndef __ASM_ARM_MONITOR_H__
+#define __ASM_ARM_MONITOR_H__
+
+#include <xen/config.h>
+#include <public/domctl.h>
+
+static inline
+int monitor_domctl(struct xen_domctl_monitor_op *op, struct domain *d)
+{
+ return -ENOSYS;
+}
+
+#endif /* __ASM_X86_MONITOR_H__ */
diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h
index 20ede1e..99fcd94 100644
--- a/xen/include/asm-x86/domain.h
+++ b/xen/include/asm-x86/domain.h
@@ -236,6 +236,41 @@ struct time_scale {
u32 mul_frac;
};
+/************************************************/
+/* monitor event options */
+/************************************************/
+struct mov_to_cr0 {
+ uint8_t enabled;
+ uint8_t sync;
+ uint8_t onchangeonly;
+};
+
+struct mov_to_cr3 {
+ uint8_t enabled;
+ uint8_t sync;
+ uint8_t onchangeonly;
+};
+
+struct mov_to_cr4 {
+ uint8_t enabled;
+ uint8_t sync;
+ uint8_t onchangeonly;
+};
+
+struct mov_to_msr {
+ uint8_t enabled;
+ uint8_t extended_capture;
+};
+
+struct singlestep {
+ uint8_t enabled;
+};
+
+struct software_breakpoint {
+ uint8_t enabled;
+};
+
+
struct pv_domain
{
l1_pgentry_t **gdt_ldt_l1tab;
@@ -330,6 +365,16 @@ struct arch_domain
unsigned long pirq_eoi_map_mfn;
unsigned int psr_rmid; /* RMID assigned to the domain for CMT */
+
+ /* Monitor options */
+ struct {
+ struct mov_to_cr0 mov_to_cr0;
+ struct mov_to_cr3 mov_to_cr3;
+ struct mov_to_cr4 mov_to_cr4;
+ struct mov_to_msr mov_to_msr;
+ struct singlestep singlestep;
+ struct software_breakpoint software_breakpoint;
+ } monitor_options;
} __cacheline_aligned;
#define has_arch_pdevs(d) (!list_empty(&(d)->arch.pdev_list))
diff --git a/xen/include/asm-x86/monitor.h b/xen/include/asm-x86/monitor.h
new file mode 100644
index 0000000..1d7cdd3
--- /dev/null
+++ b/xen/include/asm-x86/monitor.h
@@ -0,0 +1,9 @@
+#ifndef __ASM_X86_MONITOR_H__
+#define __ASM_X86_MONITOR_H__
+
+#include <xen/config.h>
+#include <public/domctl.h>
+
+int monitor_domctl(struct xen_domctl_monitor_op *op, struct domain *d);
+
+#endif /* __ASM_X86_MONITOR_H__ */
diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h
index 5d48a4d..4f3b685 100644
--- a/xen/include/public/domctl.h
+++ b/xen/include/public/domctl.h
@@ -803,7 +803,6 @@ struct xen_domctl_gdbsx_domstatus {
#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE 0
#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_DISABLE 1
-#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION 2
/*
* Sharing ENOMEM helper.
@@ -1001,6 +1000,58 @@ struct xen_domctl_psr_cmt_op {
typedef struct xen_domctl_psr_cmt_op xen_domctl_psr_cmt_op_t;
DEFINE_XEN_GUEST_HANDLE(xen_domctl_psr_cmt_op_t);
+/* XEN_DOMCTL_MONITOR_*
+ *
+ * Enable/disable monitoring various VM events.
+ * This domctl configures what events will be reported to helper apps
+ * via the ring buffer "MONITOR". The ring has to be first enabled
+ * with the domctl XEN_DOMCTL_VM_EVENT_OP_MONITOR.
+ *
+ * NOTICE: mem_access events are also delivered via the "MONITOR" ring buffer;
+ * however, enabling/disabling those events is performed with the use of
+ * memory_op hypercalls!
+ *
+ */
+#define XEN_DOMCTL_MONITOR_OP_ENABLE 0
+#define XEN_DOMCTL_MONITOR_OP_DISABLE 1
+
+#define XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR0 0
+#define XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR3 1
+#define XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR4 2
+#define XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_MSR 3
+#define XEN_DOMCTL_MONITOR_SUBOP_SINGLESTEP 4
+#define XEN_DOMCTL_MONITOR_SUBOP_SOFTWARE_BREAKPOINT 5
+
+struct xen_domctl_monitor_op {
+ uint32_t op; /* XEN_DOMCTL_MONITOR_OP_* */
+ uint32_t subop; /* XEN_DOMCTL_MONITOR_SUBOP_* */
+
+ /*
+ * Further options when issuing XEN_DOMCTL_MONITOR_OP_ENABLE.
+ */
+ union {
+ struct {
+ uint8_t sync; /* Pause vCPU until response */
+ uint8_t onchangeonly; /* Send event only on a change of value */
+ uint8_t pad[6];
+ } mov_to_cr0, mov_to_cr3, mov_to_cr4;
+
+ /* Enable the capture of msr events on
+ MSR_IA32_SYSENTER_EIP
+ MSR_IA32_SYSENTER_ESP
+ MSR_IA32_SYSENTER_CS
+ MSR_IA32_MC0_CTL
+ MSR_STAR
+ MSR_LSTAR */
+ struct {
+ uint8_t extended_capture;
+ uint8_t pad[7];
+ } mov_to_msr;
+ } options;
+};
+typedef struct xen_domctl__op xen_domctl_monitor_op_t;
+DEFINE_XEN_GUEST_HANDLE(xen_domctl_monitor_op_t);
+
struct xen_domctl {
uint32_t cmd;
#define XEN_DOMCTL_createdomain 1
@@ -1076,6 +1127,7 @@ struct xen_domctl {
#define XEN_DOMCTL_setvnumainfo 74
#define XEN_DOMCTL_psr_cmt_op 75
#define XEN_DOMCTL_arm_configure_domain 76
+#define XEN_DOMCTL_monitor_op 77
#define XEN_DOMCTL_gdbsx_guestmemio 1000
#define XEN_DOMCTL_gdbsx_pausevcpu 1001
#define XEN_DOMCTL_gdbsx_unpausevcpu 1002
@@ -1141,6 +1193,7 @@ struct xen_domctl {
struct xen_domctl_gdbsx_domstatus gdbsx_domstatus;
struct xen_domctl_vnuma vnuma;
struct xen_domctl_psr_cmt_op psr_cmt_op;
+ struct xen_domctl_monitor_op monitor_op;
uint8_t pad[128];
} u;
};
diff --git a/xen/include/public/hvm/params.h b/xen/include/public/hvm/params.h
index 6efcc0b..5de6a4b 100644
--- a/xen/include/public/hvm/params.h
+++ b/xen/include/public/hvm/params.h
@@ -162,21 +162,6 @@
*/
#define HVM_PARAM_ACPI_IOPORTS_LOCATION 19
-/* Enable blocking memory events, async or sync (pause vcpu until response)
- * onchangeonly indicates messages only on a change of value */
-#define HVM_PARAM_MEMORY_EVENT_CR0 20
-#define HVM_PARAM_MEMORY_EVENT_CR3 21
-#define HVM_PARAM_MEMORY_EVENT_CR4 22
-#define HVM_PARAM_MEMORY_EVENT_INT3 23
-#define HVM_PARAM_MEMORY_EVENT_SINGLE_STEP 25
-#define HVM_PARAM_MEMORY_EVENT_MSR 30
-
-#define HVMPME_MODE_MASK (3 << 0)
-#define HVMPME_mode_disabled 0
-#define HVMPME_mode_async 1
-#define HVMPME_mode_sync 2
-#define HVMPME_onchangeonly (1 << 2)
-
/* Boolean: Enable nestedhvm (hvm only) */
#define HVM_PARAM_NESTEDHVM 24
diff --git a/xen/include/public/vm_event.h b/xen/include/public/vm_event.h
index 8fba3d1b..a057608 100644
--- a/xen/include/public/vm_event.h
+++ b/xen/include/public/vm_event.h
@@ -67,7 +67,7 @@
#define VM_EVENT_REASON_MOV_TO_CR3 5
/* CR4 was updated */
#define VM_EVENT_REASON_MOV_TO_CR4 6
-/* An MSR was updated. Does NOT honour HVMPME_onchangeonly */
+/* An MSR was updated. */
#define VM_EVENT_REASON_MOV_TO_MSR 9
/* Debug operation executed (int3) */
#define VM_EVENT_REASON_SOFTWARE_BREAKPOINT 7
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 11/12] xen/vm_event: Decouple vm_event and mem_access.
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
` (9 preceding siblings ...)
2015-01-29 21:46 ` [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-02-04 9:47 ` Jan Beulich
2015-01-29 21:46 ` [RFC PATCH V3 12/12] xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds Tamas K Lengyel
2015-02-02 17:33 ` [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Ian Campbell
12 siblings, 1 reply; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
The vm_event subsystem has been artifically tied to the presence of mem_access.
While mem_access does depend on vm_event, vm_event is an entirely independent
subsystem that can be used for arbitrary function-offloading to helper apps in
domains. This patch removes the dependency that mem_access needs to be supported
in order to enable vm_event.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
v3: Move ring processing out from mem_access.c to monitor.c in common
---
MAINTAINERS | 1 +
xen/common/Makefile | 3 ++-
xen/common/mem_access.c | 32 ++--------------------
xen/common/monitor.c | 64 ++++++++++++++++++++++++++++++++++++++++++++
xen/common/vm_event.c | 14 +++-------
xen/include/xen/mem_access.h | 10 ++++---
xen/include/xen/monitor.h | 38 ++++++++++++++++++++++++++
xen/include/xen/vm_event.h | 56 --------------------------------------
xen/include/xsm/dummy.h | 2 --
xen/include/xsm/xsm.h | 4 ---
xen/xsm/dummy.c | 2 --
xen/xsm/flask/hooks.c | 32 +++++++++-------------
12 files changed, 131 insertions(+), 127 deletions(-)
create mode 100644 xen/common/monitor.c
create mode 100644 xen/include/xen/monitor.h
diff --git a/MAINTAINERS b/MAINTAINERS
index 4c445bb..5d88d85 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -365,6 +365,7 @@ VM EVENT AND ACCESS
M: Tim Deegan <tim@xen.org>
S: Supported
F: xen/common/vm_event.c
+F: xen/common/monitor.c
F: xen/common/mem_access.c
XENTRACE
diff --git a/xen/common/Makefile b/xen/common/Makefile
index e5bd75b..d86c073 100644
--- a/xen/common/Makefile
+++ b/xen/common/Makefile
@@ -52,9 +52,10 @@ obj-y += tmem_xen.o
obj-y += radix-tree.o
obj-y += rbtree.o
obj-y += lzo.o
+obj-y += vm_event.o
+obj-y += monitor.o
obj-$(HAS_PDX) += pdx.o
obj-$(HAS_MEM_ACCESS) += mem_access.o
-obj-$(HAS_MEM_ACCESS) += vm_event.o
obj-bin-$(CONFIG_X86) += $(foreach n,decompress bunzip2 unxz unlzma unlzo unlz4 earlycpio,$(n).init.o)
diff --git a/xen/common/mem_access.c b/xen/common/mem_access.c
index 1f655b0..3655165 100644
--- a/xen/common/mem_access.c
+++ b/xen/common/mem_access.c
@@ -25,39 +25,11 @@
#include <xen/guest_access.h>
#include <xen/hypercall.h>
#include <xen/vm_event.h>
+#include <xen/monitor.h>
#include <public/memory.h>
#include <asm/p2m.h>
#include <xsm/xsm.h>
-void mem_access_resume(struct domain *d)
-{
- vm_event_response_t rsp;
-
- /* Pull all responses off the ring. */
- while ( vm_event_get_response(d, &d->vm_event->monitor, &rsp) )
- {
- struct vcpu *v;
-
- if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
- continue;
-
- if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
- continue;
-
- /* Validate the vcpu_id in the response. */
- if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
- continue;
-
- v = d->vcpu[rsp.vcpu_id];
-
- p2m_vm_event_emulate_check(v, &rsp);
-
- /* Unpause domain. */
- if ( rsp.flags & VM_EVENT_FLAG_VCPU_PAUSED )
- vm_event_vcpu_unpause(v);
- }
-}
-
int mem_access_memop(unsigned long cmd,
XEN_GUEST_HANDLE_PARAM(xen_mem_access_op_t) arg)
{
@@ -92,7 +64,7 @@ int mem_access_memop(unsigned long cmd,
rc = -ENOSYS;
else
{
- mem_access_resume(d);
+ monitor_resume(d);
rc = 0;
}
break;
diff --git a/xen/common/monitor.c b/xen/common/monitor.c
new file mode 100644
index 0000000..172381a
--- /dev/null
+++ b/xen/common/monitor.c
@@ -0,0 +1,64 @@
+/******************************************************************************
+ * monitor.c
+ *
+ * VM event monitor support.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#include <xen/sched.h>
+#include <xen/vm_event.h>
+#include <xen/mem_access.h>
+
+void monitor_resume(struct domain *d)
+{
+ vm_event_response_t rsp;
+
+ /* Pull all responses off the ring. */
+ while ( vm_event_get_response(d, &d->vm_event->monitor, &rsp) )
+ {
+ struct vcpu *v;
+
+ if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
+ continue;
+
+#ifndef NDEBUG
+ if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
+ continue;
+#endif
+
+ /* Validate the vcpu_id in the response. */
+ if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
+ continue;
+
+ v = d->vcpu[rsp.vcpu_id];
+
+ if ( rsp.reason == VM_EVENT_REASON_MEM_ACCESS )
+ mem_access_resume(v, &rsp);
+
+ /* Unpause domain. */
+ if ( rsp.flags & VM_EVENT_FLAG_VCPU_PAUSED )
+ vm_event_vcpu_unpause(v);
+ }
+}
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c
index 0b30750..7eba58c 100644
--- a/xen/common/vm_event.c
+++ b/xen/common/vm_event.c
@@ -25,7 +25,7 @@
#include <xen/event.h>
#include <xen/wait.h>
#include <xen/vm_event.h>
-#include <xen/mem_access.h>
+#include <xen/monitor.h>
#include <asm/p2m.h>
#ifdef HAS_MEM_PAGING
@@ -439,14 +439,12 @@ static void mem_paging_notification(struct vcpu *v, unsigned int port)
}
#endif
-#ifdef HAS_MEM_ACCESS
/* Registered with Xen-bound event channel for incoming notifications. */
-static void mem_access_notification(struct vcpu *v, unsigned int port)
+static void monitor_notification(struct vcpu *v, unsigned int port)
{
if ( likely(v->domain->vm_event->monitor.ring_page != NULL) )
- mem_access_resume(v->domain);
+ monitor_resume(v->domain);
}
-#endif
#ifdef HAS_MEM_SHARING
/* Registered with Xen-bound event channel for incoming notifications. */
@@ -507,12 +505,10 @@ void vm_event_cleanup(struct domain *d)
(void)vm_event_disable(d, &d->vm_event->paging);
}
#endif
-#ifdef HAS_MEM_ACCESS
if ( d->vm_event->monitor.ring_page ) {
destroy_waitqueue_head(&d->vm_event->monitor.wq);
(void)vm_event_disable(d, &d->vm_event->monitor);
}
-#endif
#ifdef HAS_MEM_SHARING
if ( d->vm_event->share.ring_page ) {
destroy_waitqueue_head(&d->vm_event->share.wq);
@@ -608,7 +604,6 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
break;
#endif
-#ifdef HAS_MEM_ACCESS
case XEN_DOMCTL_VM_EVENT_OP_MONITOR:
{
struct vm_event_domain *ved = &d->vm_event->monitor;
@@ -620,7 +615,7 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
{
rc = vm_event_enable(d, vec, ved, _VPF_mem_access,
HVM_PARAM_MONITOR_RING_PFN,
- mem_access_notification);
+ monitor_notification);
}
break;
@@ -639,7 +634,6 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
}
}
break;
-#endif
#ifdef HAS_MEM_SHARING
case XEN_DOMCTL_VM_EVENT_OP_SHARING:
diff --git a/xen/include/xen/mem_access.h b/xen/include/xen/mem_access.h
index 1d01221..aed2e13 100644
--- a/xen/include/xen/mem_access.h
+++ b/xen/include/xen/mem_access.h
@@ -24,6 +24,7 @@
#define _XEN_ASM_MEM_ACCESS_H
#include <public/memory.h>
+#include <asm/p2m.h>
#ifdef HAS_MEM_ACCESS
@@ -31,8 +32,11 @@ int mem_access_memop(unsigned long cmd,
XEN_GUEST_HANDLE_PARAM(xen_mem_access_op_t) arg);
int mem_access_send_req(struct domain *d, vm_event_request_t *req);
-/* Resumes the running of the VCPU, restarting the last instruction */
-void mem_access_resume(struct domain *d);
+static inline
+void mem_access_resume(struct vcpu *v, vm_event_response_t *rsp)
+{
+ p2m_vm_event_emulate_check(v, rsp);
+}
#else
@@ -49,7 +53,7 @@ int mem_access_send_req(struct domain *d, vm_event_request_t *req)
return -ENOSYS;
}
-static inline void mem_access_resume(struct domain *d) {}
+static inline void mem_access_resume(struct vcpu *vcpu, vm_event_response_t *rsp) {}
#endif /* HAS_MEM_ACCESS */
diff --git a/xen/include/xen/monitor.h b/xen/include/xen/monitor.h
new file mode 100644
index 0000000..aad821b
--- /dev/null
+++ b/xen/include/xen/monitor.h
@@ -0,0 +1,38 @@
+/******************************************************************************
+ * monitor.h
+ *
+ * Monitor event support.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#ifndef _XEN_ASM_MONITOR_H
+#define _XEN_ASM_MONITOR_H
+
+#include <public/memory.h>
+
+/* Resumes the running of the VCPU, restarting the last instruction */
+void monitor_resume(struct domain *d);
+
+#endif /* _XEN_ASM_MEM_ACCESS_H */
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
diff --git a/xen/include/xen/vm_event.h b/xen/include/xen/vm_event.h
index 988ea42..477ef7e 100644
--- a/xen/include/xen/vm_event.h
+++ b/xen/include/xen/vm_event.h
@@ -26,8 +26,6 @@
#include <xen/sched.h>
-#ifdef HAS_MEM_ACCESS
-
/* Clean up on domain destruction */
void vm_event_cleanup(struct domain *d);
@@ -76,60 +74,6 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *mec,
void vm_event_vcpu_pause(struct vcpu *v);
void vm_event_vcpu_unpause(struct vcpu *v);
-#else
-
-static inline void vm_event_cleanup(struct domain *d) {}
-
-static inline bool_t vm_event_check_ring(struct vm_event_domain *med)
-{
- return 0;
-}
-
-static inline int vm_event_claim_slot(struct domain *d,
- struct vm_event_domain *med)
-{
- return -ENOSYS;
-}
-
-static inline int vm_event_claim_slot_nosleep(struct domain *d,
- struct vm_event_domain *med)
-{
- return -ENOSYS;
-}
-
-static inline
-void vm_event_cancel_slot(struct domain *d, struct vm_event_domain *med)
-{}
-
-static inline
-void vm_event_put_request(struct domain *d, struct vm_event_domain *med,
- vm_event_request_t *req)
-{}
-
-static inline
-int vm_event_get_response(struct domain *d, struct vm_event_domain *med,
- vm_event_response_t *rsp)
-{
- return -ENOSYS;
-}
-
-static inline int do_vm_event_op(int op, uint32_t domain, void *arg)
-{
- return -ENOSYS;
-}
-
-static inline
-int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *mec,
- XEN_GUEST_HANDLE_PARAM(void) u_domctl)
-{
- return -ENOSYS;
-}
-
-static inline void vm_event_vcpu_pause(struct vcpu *v) {}
-static inline void vm_event_vcpu_unpause(struct vcpu *v) {}
-
-#endif /* HAS_MEM_ACCESS */
-
#endif /* __VM_EVENT_H__ */
diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
index 4227093..50ee929 100644
--- a/xen/include/xsm/dummy.h
+++ b/xen/include/xsm/dummy.h
@@ -513,7 +513,6 @@ static XSM_INLINE int xsm_hvm_param_nested(XSM_DEFAULT_ARG struct domain *d)
return xsm_default_action(action, current->domain, d);
}
-#ifdef HAS_MEM_ACCESS
static XSM_INLINE int xsm_vm_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op)
{
XSM_ASSERT_ACTION(XSM_PRIV);
@@ -525,7 +524,6 @@ static XSM_INLINE int xsm_vm_event_op(XSM_DEFAULT_ARG struct domain *d, int op)
XSM_ASSERT_ACTION(XSM_DM_PRIV);
return xsm_default_action(action, current->domain, d);
}
-#endif
#ifdef CONFIG_X86
static XSM_INLINE int xsm_do_mca(XSM_DEFAULT_VOID)
diff --git a/xen/include/xsm/xsm.h b/xen/include/xsm/xsm.h
index cff9d35..d56a68f 100644
--- a/xen/include/xsm/xsm.h
+++ b/xen/include/xsm/xsm.h
@@ -141,10 +141,8 @@ struct xsm_operations {
int (*hvm_param_nested) (struct domain *d);
int (*get_vnumainfo) (struct domain *d);
-#ifdef HAS_MEM_ACCESS
int (*vm_event_control) (struct domain *d, int mode, int op);
int (*vm_event_op) (struct domain *d, int op);
-#endif
#ifdef CONFIG_X86
int (*do_mca) (void);
@@ -543,7 +541,6 @@ static inline int xsm_get_vnumainfo (xsm_default_t def, struct domain *d)
return xsm_ops->get_vnumainfo(d);
}
-#ifdef HAS_MEM_ACCESS
static inline int xsm_vm_event_control (xsm_default_t def, struct domain *d, int mode, int op)
{
return xsm_ops->vm_event_control(d, mode, op);
@@ -553,7 +550,6 @@ static inline int xsm_vm_event_op (xsm_default_t def, struct domain *d, int op)
{
return xsm_ops->vm_event_op(d, op);
}
-#endif
#ifdef CONFIG_X86
static inline int xsm_do_mca(xsm_default_t def)
diff --git a/xen/xsm/dummy.c b/xen/xsm/dummy.c
index 25fca68..6d12d32 100644
--- a/xen/xsm/dummy.c
+++ b/xen/xsm/dummy.c
@@ -118,10 +118,8 @@ void xsm_fixup_ops (struct xsm_operations *ops)
set_to_dummy_if_null(ops, remove_from_physmap);
set_to_dummy_if_null(ops, map_gmfn_foreign);
-#ifdef HAS_MEM_ACCESS
set_to_dummy_if_null(ops, vm_event_control);
set_to_dummy_if_null(ops, vm_event_op);
-#endif
#ifdef CONFIG_X86
set_to_dummy_if_null(ops, do_mca);
diff --git a/xen/xsm/flask/hooks.c b/xen/xsm/flask/hooks.c
index c419543..5008b79 100644
--- a/xen/xsm/flask/hooks.c
+++ b/xen/xsm/flask/hooks.c
@@ -577,9 +577,7 @@ static int flask_domctl(struct domain *d, int cmd)
case XEN_DOMCTL_iomem_permission:
case XEN_DOMCTL_memory_mapping:
case XEN_DOMCTL_set_target:
-#ifdef HAS_MEM_ACCESS
case XEN_DOMCTL_vm_event_op:
-#endif
#ifdef CONFIG_X86
/* These have individual XSM hooks (arch/x86/domctl.c) */
case XEN_DOMCTL_shadow_op:
@@ -1136,6 +1134,16 @@ static int flask_hvm_param_nested(struct domain *d)
return current_has_perm(d, SECCLASS_HVM, HVM__NESTED);
}
+static int flask_vm_event_control(struct domain *d, int mode, int op)
+{
+ return current_has_perm(d, SECCLASS_HVM, HVM__VM_EVENT);
+}
+
+static int flask_vm_event_op(struct domain *d, int op)
+{
+ return current_has_perm(d, SECCLASS_HVM, HVM__VM_EVENT);
+}
+
#if defined(HAS_PASSTHROUGH) && defined(HAS_PCI)
static int flask_get_device_group(uint32_t machine_bdf)
{
@@ -1202,18 +1210,6 @@ static int flask_deassign_device(struct domain *d, uint32_t machine_bdf)
}
#endif /* HAS_PASSTHROUGH && HAS_PCI */
-#ifdef HAS_MEM_ACCESS
-static int flask_vm_event_control(struct domain *d, int mode, int op)
-{
- return current_has_perm(d, SECCLASS_HVM, HVM__VM_EVENT);
-}
-
-static int flask_vm_event_op(struct domain *d, int op)
-{
- return current_has_perm(d, SECCLASS_HVM, HVM__VM_EVENT);
-}
-#endif /* HAS_MEM_ACCESS */
-
#ifdef CONFIG_X86
static int flask_do_mca(void)
{
@@ -1581,6 +1577,9 @@ static struct xsm_operations flask_ops = {
.do_xsm_op = do_flask_op,
.get_vnumainfo = flask_get_vnumainfo,
+ .vm_event_control = flask_vm_event_control,
+ .vm_event_op = flask_vm_event_op,
+
#ifdef CONFIG_COMPAT
.do_compat_op = compat_flask_op,
#endif
@@ -1596,11 +1595,6 @@ static struct xsm_operations flask_ops = {
.deassign_device = flask_deassign_device,
#endif
-#ifdef HAS_MEM_ACCESS
- .vm_event_control = flask_vm_event_control,
- .vm_event_op = flask_vm_event_op,
-#endif
-
#ifdef CONFIG_X86
.do_mca = flask_do_mca,
.shadow_control = flask_shadow_control,
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* [RFC PATCH V3 12/12] xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
` (10 preceding siblings ...)
2015-01-29 21:46 ` [RFC PATCH V3 11/12] xen/vm_event: Decouple vm_event and mem_access Tamas K Lengyel
@ 2015-01-29 21:46 ` Tamas K Lengyel
2015-02-04 5:59 ` Tian, Kevin
2015-02-04 9:49 ` Jan Beulich
2015-02-02 17:33 ` [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Ian Campbell
12 siblings, 2 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-29 21:46 UTC (permalink / raw)
To: xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
Tamas K Lengyel, rshriram, keir, dgdegra, yanghy, rcojocaru
The flag is only used for debugging purposes, thus it should be only checked
for in debug builds of Xen.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
---
xen/arch/x86/mm/mem_sharing.c | 2 ++
xen/arch/x86/mm/p2m.c | 2 ++
xen/common/mem_access.c | 31 +++++++++++++++++++++++++++++++
3 files changed, 35 insertions(+)
diff --git a/xen/arch/x86/mm/mem_sharing.c b/xen/arch/x86/mm/mem_sharing.c
index c487207..303c2fb 100644
--- a/xen/arch/x86/mm/mem_sharing.c
+++ b/xen/arch/x86/mm/mem_sharing.c
@@ -604,8 +604,10 @@ int mem_sharing_sharing_resume(struct domain *d)
if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
continue;
+#ifndef NDEBUG
if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
continue;
+#endif
/* Validate the vcpu_id in the response. */
if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index 3b58700..1d91000 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -1305,8 +1305,10 @@ void p2m_mem_paging_resume(struct domain *d)
if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
continue;
+#ifndef NDEBUG
if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
continue;
+#endif
/* Validate the vcpu_id in the response. */
if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
diff --git a/xen/common/mem_access.c b/xen/common/mem_access.c
index 3655165..e0a538f 100644
--- a/xen/common/mem_access.c
+++ b/xen/common/mem_access.c
@@ -30,6 +30,37 @@
#include <asm/p2m.h>
#include <xsm/xsm.h>
+void mem_access_resume(struct domain *d)
+{
+ vm_event_response_t rsp;
+
+ /* Pull all responses off the ring. */
+ while ( vm_event_get_response(d, &d->vm_event->monitor, &rsp) )
+ {
+ struct vcpu *v;
+
+ if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
+ continue;
+
+#ifndef NDEBUG
+ if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
+ continue;
+#endif
+
+ /* Validate the vcpu_id in the response. */
+ if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
+ continue;
+
+ v = d->vcpu[rsp.vcpu_id];
+
+ p2m_vm_event_emulate_check(v, &rsp);
+
+ /* Unpause domain. */
+ if ( rsp.flags & VM_EVENT_FLAG_VCPU_PAUSED )
+ vm_event_vcpu_unpause(v);
+ }
+}
+
int mem_access_memop(unsigned long cmd,
XEN_GUEST_HANDLE_PARAM(xen_mem_access_op_t) arg)
{
--
2.1.4
^ permalink raw reply related [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-29 21:46 ` [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl Tamas K Lengyel
@ 2015-01-30 7:58 ` Razvan Cojocaru
2015-01-30 10:38 ` Tamas K Lengyel
2015-02-02 17:32 ` Ian Campbell
` (2 subsequent siblings)
3 siblings, 1 reply; 66+ messages in thread
From: Razvan Cojocaru @ 2015-01-30 7:58 UTC (permalink / raw)
To: Tamas K Lengyel, xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, stefano.stabellini, tim,
steve, jbeulich, eddie.dong, andres, jun.nakajima, rshriram,
keir, dgdegra, yanghy, ian.jackson
On 01/29/2015 11:46 PM, Tamas K Lengyel wrote:
> diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
> index c7a0bde..3b58700 100644
> --- a/xen/arch/x86/mm/p2m.c
> +++ b/xen/arch/x86/mm/p2m.c
> @@ -1445,15 +1445,6 @@ void p2m_vm_event_emulate_check(struct vcpu *v, const vm_event_response_t *rsp)
> }
> }
>
> -void p2m_setup_introspection(struct domain *d)
> -{
> - if ( hvm_funcs.enable_msr_exit_interception )
> - {
> - d->arch.hvm_domain.introspection_enabled = 1;
> - hvm_funcs.enable_msr_exit_interception(d);
> - }
> -}
> -
> bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
> struct npfec npfec,
> vm_event_request_t **req_ptr)
I see that introspection_enabled is no longer assigned here ...
> diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c
> index 0db899e..0b30750 100644
> --- a/xen/common/vm_event.c
> +++ b/xen/common/vm_event.c
> @@ -617,16 +617,10 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
> switch( vec->op )
> {
> case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE:
> - case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
> {
> rc = vm_event_enable(d, vec, ved, _VPF_mem_access,
> HVM_PARAM_MONITOR_RING_PFN,
> mem_access_notification);
> -
> - if ( vec->op == XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
> - && !rc )
> - p2m_setup_introspection(d);
> -
> }
> break;
>
> @@ -635,7 +629,6 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
> if ( ved->ring_page )
> {
> rc = vm_event_disable(d, ved);
> - d->arch.hvm_domain.introspection_enabled = 0;
> }
> }
> break;
... nor here. Patch 6/12 checks it but doesn't set it. Patch 5/12 sets
it to 0 (which could account for the removal of the assignment in
vm_event.c) but never to 1. A few important things depend on it being
enabled: it becomes impossible to disable interception for a select set
of MSRs, optimization for RET instructions emulation is disabled, and
othere places in p2m.c makes use of the flag as well.
Is there some place in the code, untouched by this series, where
introspection_enabled is being set to 1?
> diff --git a/xen/include/public/vm_event.h b/xen/include/public/vm_event.h
> index 8fba3d1b..a057608 100644
> --- a/xen/include/public/vm_event.h
> +++ b/xen/include/public/vm_event.h
> @@ -67,7 +67,7 @@
> #define VM_EVENT_REASON_MOV_TO_CR3 5
> /* CR4 was updated */
> #define VM_EVENT_REASON_MOV_TO_CR4 6
> -/* An MSR was updated. Does NOT honour HVMPME_onchangeonly */
> +/* An MSR was updated. */
> #define VM_EVENT_REASON_MOV_TO_MSR 9
> /* Debug operation executed (int3) */
> #define VM_EVENT_REASON_SOFTWARE_BREAKPOINT 7
>
Does VM_EVENT_REASON_MOV_TO_MSR now honour HVMPME_onchangeonly?
Thanks,
Razvan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-30 7:58 ` Razvan Cojocaru
@ 2015-01-30 10:38 ` Tamas K Lengyel
2015-01-30 11:07 ` Razvan Cojocaru
0 siblings, 1 reply; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-30 10:38 UTC (permalink / raw)
To: Razvan Cojocaru
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Stefano Stabellini,
Tim Deegan, Steven Maresca, xen-devel, Jan Beulich, Dong, Eddie,
Andres Lagar-Cavilla, Jun Nakajima, rshriram, Keir Fraser,
Daniel De Graaf, yanghy, Ian Jackson
On Fri, Jan 30, 2015 at 8:58 AM, Razvan Cojocaru
<rcojocaru@bitdefender.com> wrote:
> On 01/29/2015 11:46 PM, Tamas K Lengyel wrote:
>> diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
>> index c7a0bde..3b58700 100644
>> --- a/xen/arch/x86/mm/p2m.c
>> +++ b/xen/arch/x86/mm/p2m.c
>> @@ -1445,15 +1445,6 @@ void p2m_vm_event_emulate_check(struct vcpu *v, const vm_event_response_t *rsp)
>> }
>> }
>>
>> -void p2m_setup_introspection(struct domain *d)
>> -{
>> - if ( hvm_funcs.enable_msr_exit_interception )
>> - {
>> - d->arch.hvm_domain.introspection_enabled = 1;
>> - hvm_funcs.enable_msr_exit_interception(d);
>> - }
>> -}
>> -
>> bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
>> struct npfec npfec,
>> vm_event_request_t **req_ptr)
>
> I see that introspection_enabled is no longer assigned here ...
Introspection_enabled is getting deprecated in this patch and is moved
into the monitor_op domctl.
>
>> diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c
>> index 0db899e..0b30750 100644
>> --- a/xen/common/vm_event.c
>> +++ b/xen/common/vm_event.c
>> @@ -617,16 +617,10 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
>> switch( vec->op )
>> {
>> case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE:
>> - case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
>> {
>> rc = vm_event_enable(d, vec, ved, _VPF_mem_access,
>> HVM_PARAM_MONITOR_RING_PFN,
>> mem_access_notification);
>> -
>> - if ( vec->op == XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
>> - && !rc )
>> - p2m_setup_introspection(d);
>> -
>> }
>> break;
>>
>> @@ -635,7 +629,6 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
>> if ( ved->ring_page )
>> {
>> rc = vm_event_disable(d, ved);
>> - d->arch.hvm_domain.introspection_enabled = 0;
>> }
>> }
>> break;
>
> ... nor here. Patch 6/12 checks it but doesn't set it. Patch 5/12 sets
> it to 0 (which could account for the removal of the assignment in
> vm_event.c) but never to 1. A few important things depend on it being
> enabled: it becomes impossible to disable interception for a select set
> of MSRs, optimization for RET instructions emulation is disabled, and
> othere places in p2m.c makes use of the flag as well.
>
> Is there some place in the code, untouched by this series, where
> introspection_enabled is being set to 1?
It is moved into the monitor_op domctl when mov_to_msr trapping is
enabled. The reason of having introspection_enabled AFAIU was to
reenable trapping MSR's that were disabled shortly after boot. Thus,
an option field is present in the monitor_op when enabling mov_to_msr
trapping: extended_capture. Let me know if this still achieves the
same effect as before!
>
>> diff --git a/xen/include/public/vm_event.h b/xen/include/public/vm_event.h
>> index 8fba3d1b..a057608 100644
>> --- a/xen/include/public/vm_event.h
>> +++ b/xen/include/public/vm_event.h
>> @@ -67,7 +67,7 @@
>> #define VM_EVENT_REASON_MOV_TO_CR3 5
>> /* CR4 was updated */
>> #define VM_EVENT_REASON_MOV_TO_CR4 6
>> -/* An MSR was updated. Does NOT honour HVMPME_onchangeonly */
>> +/* An MSR was updated. */
>> #define VM_EVENT_REASON_MOV_TO_MSR 9
>> /* Debug operation executed (int3) */
>> #define VM_EVENT_REASON_SOFTWARE_BREAKPOINT 7
>>
>
> Does VM_EVENT_REASON_MOV_TO_MSR now honour HVMPME_onchangeonly?
It still doesn't but the information on what settings are available
for each event are now better described in public/domclt.h.
>
> Thanks,
> Razvan
Cheers,
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-30 10:38 ` Tamas K Lengyel
@ 2015-01-30 11:07 ` Razvan Cojocaru
2015-01-30 11:15 ` Tamas K Lengyel
0 siblings, 1 reply; 66+ messages in thread
From: Razvan Cojocaru @ 2015-01-30 11:07 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Stefano Stabellini,
Jun Nakajima, Steven Maresca, Tim Deegan, xen-devel, Dong, Eddie,
Andres Lagar-Cavilla, Jan Beulich, rshriram, Keir Fraser,
Daniel De Graaf, yanghy, Ian Jackson
On 01/30/2015 12:38 PM, Tamas K Lengyel wrote:
> On Fri, Jan 30, 2015 at 8:58 AM, Razvan Cojocaru
> <rcojocaru@bitdefender.com> wrote:
>> On 01/29/2015 11:46 PM, Tamas K Lengyel wrote:
>>> diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
>>> index c7a0bde..3b58700 100644
>>> --- a/xen/arch/x86/mm/p2m.c
>>> +++ b/xen/arch/x86/mm/p2m.c
>>> @@ -1445,15 +1445,6 @@ void p2m_vm_event_emulate_check(struct vcpu *v, const vm_event_response_t *rsp)
>>> }
>>> }
>>>
>>> -void p2m_setup_introspection(struct domain *d)
>>> -{
>>> - if ( hvm_funcs.enable_msr_exit_interception )
>>> - {
>>> - d->arch.hvm_domain.introspection_enabled = 1;
>>> - hvm_funcs.enable_msr_exit_interception(d);
>>> - }
>>> -}
>>> -
>>> bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
>>> struct npfec npfec,
>>> vm_event_request_t **req_ptr)
>>
>> I see that introspection_enabled is no longer assigned here ...
>
> Introspection_enabled is getting deprecated in this patch and is moved
> into the monitor_op domctl.
Moved, right, but where?
This patch removes the d->arch.hvm_domain.introspection_enabled = 1
assignment from here but AFAICT it doesn't move it anwyhere else. It
just removes it, so introspection_enabled is always 0.
I couldn't find any place in this series where introspection_enabled =
1. Could you please point it out to me if I've missed it by accident?
>>> diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c
>>> index 0db899e..0b30750 100644
>>> --- a/xen/common/vm_event.c
>>> +++ b/xen/common/vm_event.c
>>> @@ -617,16 +617,10 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
>>> switch( vec->op )
>>> {
>>> case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE:
>>> - case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
>>> {
>>> rc = vm_event_enable(d, vec, ved, _VPF_mem_access,
>>> HVM_PARAM_MONITOR_RING_PFN,
>>> mem_access_notification);
>>> -
>>> - if ( vec->op == XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
>>> - && !rc )
>>> - p2m_setup_introspection(d);
>>> -
>>> }
>>> break;
>>>
>>> @@ -635,7 +629,6 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
>>> if ( ved->ring_page )
>>> {
>>> rc = vm_event_disable(d, ved);
>>> - d->arch.hvm_domain.introspection_enabled = 0;
>>> }
>>> }
>>> break;
>>
>> ... nor here. Patch 6/12 checks it but doesn't set it. Patch 5/12 sets
>> it to 0 (which could account for the removal of the assignment in
>> vm_event.c) but never to 1. A few important things depend on it being
>> enabled: it becomes impossible to disable interception for a select set
>> of MSRs, optimization for RET instructions emulation is disabled, and
>> othere places in p2m.c makes use of the flag as well.
>>
>> Is there some place in the code, untouched by this series, where
>> introspection_enabled is being set to 1?
>
> It is moved into the monitor_op domctl when mov_to_msr trapping is
> enabled. The reason of having introspection_enabled AFAIU was to
> reenable trapping MSR's that were disabled shortly after boot. Thus,
> an option field is present in the monitor_op when enabling mov_to_msr
> trapping: extended_capture. Let me know if this still achieves the
> same effect as before!
No, there are several places where introspection_enabled is needed, as
I've said before. Not just the MSRs.
One important place is in hvmemul_virtual_to_linear(), in
xen/arch/x86/hvm/emulate.c, where we disable optimizations for REP
instructions (in today's version of mainline Xen, at line 413).
There are also places in patches yet to be published I've worked on
where we gate things on introspection_enabled being != 0, so please
don't remove it or have it misbehave.
I'll look into the extended_capture option in case it will allow future
removal of the MSR special case for introspection, but a flag like that
is necessary and can't simply be deprecated and removed.
Thanks,
Razvan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-30 11:07 ` Razvan Cojocaru
@ 2015-01-30 11:15 ` Tamas K Lengyel
2015-01-30 11:24 ` Tamas K Lengyel
2015-01-30 11:33 ` Razvan Cojocaru
0 siblings, 2 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-30 11:15 UTC (permalink / raw)
To: Razvan Cojocaru
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Stefano Stabellini,
Jun Nakajima, Steven Maresca, Tim Deegan, xen-devel, Dong, Eddie,
Andres Lagar-Cavilla, Jan Beulich, rshriram, Keir Fraser,
Daniel De Graaf, yanghy, Ian Jackson
On Fri, Jan 30, 2015 at 12:07 PM, Razvan Cojocaru
<rcojocaru@bitdefender.com> wrote:
> On 01/30/2015 12:38 PM, Tamas K Lengyel wrote:
>> On Fri, Jan 30, 2015 at 8:58 AM, Razvan Cojocaru
>> <rcojocaru@bitdefender.com> wrote:
>>> On 01/29/2015 11:46 PM, Tamas K Lengyel wrote:
>>>> diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
>>>> index c7a0bde..3b58700 100644
>>>> --- a/xen/arch/x86/mm/p2m.c
>>>> +++ b/xen/arch/x86/mm/p2m.c
>>>> @@ -1445,15 +1445,6 @@ void p2m_vm_event_emulate_check(struct vcpu *v, const vm_event_response_t *rsp)
>>>> }
>>>> }
>>>>
>>>> -void p2m_setup_introspection(struct domain *d)
>>>> -{
>>>> - if ( hvm_funcs.enable_msr_exit_interception )
>>>> - {
>>>> - d->arch.hvm_domain.introspection_enabled = 1;
>>>> - hvm_funcs.enable_msr_exit_interception(d);
>>>> - }
>>>> -}
>>>> -
>>>> bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
>>>> struct npfec npfec,
>>>> vm_event_request_t **req_ptr)
>>>
>>> I see that introspection_enabled is no longer assigned here ...
>>
>> Introspection_enabled is getting deprecated in this patch and is moved
>> into the monitor_op domctl
>
> Moved, right, but where?
>
> This patch removes the d->arch.hvm_domain.introspection_enabled = 1
> assignment from here but AFAICT it doesn't move it anwyhere else. It
> just removes it, so introspection_enabled is always 0.
Actually it should have been removed altogether from the HVM domain
definition as the same information should be stored in arch_domain's
monitor_options struct.
>
> I couldn't find any place in this series where introspection_enabled =
> 1. Could you please point it out to me if I've missed it by accident?
>
>>>> diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c
>>>> index 0db899e..0b30750 100644
>>>> --- a/xen/common/vm_event.c
>>>> +++ b/xen/common/vm_event.c
>>>> @@ -617,16 +617,10 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
>>>> switch( vec->op )
>>>> {
>>>> case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE:
>>>> - case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
>>>> {
>>>> rc = vm_event_enable(d, vec, ved, _VPF_mem_access,
>>>> HVM_PARAM_MONITOR_RING_PFN,
>>>> mem_access_notification);
>>>> -
>>>> - if ( vec->op == XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
>>>> - && !rc )
>>>> - p2m_setup_introspection(d);
>>>> -
>>>> }
>>>> break;
>>>>
>>>> @@ -635,7 +629,6 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
>>>> if ( ved->ring_page )
>>>> {
>>>> rc = vm_event_disable(d, ved);
>>>> - d->arch.hvm_domain.introspection_enabled = 0;
>>>> }
>>>> }
>>>> break;
>>>
>>> ... nor here. Patch 6/12 checks it but doesn't set it. Patch 5/12 sets
>>> it to 0 (which could account for the removal of the assignment in
>>> vm_event.c) but never to 1. A few important things depend on it being
>>> enabled: it becomes impossible to disable interception for a select set
>>> of MSRs, optimization for RET instructions emulation is disabled, and
>>> othere places in p2m.c makes use of the flag as well.
>>>
>>> Is there some place in the code, untouched by this series, where
>>> introspection_enabled is being set to 1?
>>
>> It is moved into the monitor_op domctl when mov_to_msr trapping is
>> enabled. The reason of having introspection_enabled AFAIU was to
>> reenable trapping MSR's that were disabled shortly after boot. Thus,
>> an option field is present in the monitor_op when enabling mov_to_msr
>> trapping: extended_capture. Let me know if this still achieves the
>> same effect as before!
>
> No, there are several places where introspection_enabled is needed, as
> I've said before. Not just the MSRs.
>
> One important place is in hvmemul_virtual_to_linear(), in
> xen/arch/x86/hvm/emulate.c, where we disable optimizations for REP
> instructions (in today's version of mainline Xen, at line 413).
>
> There are also places in patches yet to be published I've worked on
> where we gate things on introspection_enabled being != 0, so please
> don't remove it or have it misbehave.
>
> I'll look into the extended_capture option in case it will allow future
> removal of the MSR special case for introspection, but a flag like that
> is necessary and can't simply be deprecated and removed.
Ack, the plan was actually to replace all references to
arch.hvm_domain.introspection_enabled with
arch.monitor_options.mov_to_msr.extended_capture. I see I forgot to
actually fully follow through that plan but that's the intention at
least. So the functionality would remain, it would just be worked into
the coherent settings field with every other type of events.
>
>
> Thanks,
> Razvan
Thanks,
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-30 11:15 ` Tamas K Lengyel
@ 2015-01-30 11:24 ` Tamas K Lengyel
2015-01-30 11:33 ` Razvan Cojocaru
1 sibling, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-30 11:24 UTC (permalink / raw)
To: Razvan Cojocaru
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Stefano Stabellini,
Jun Nakajima, Steven Maresca, Tim Deegan, xen-devel, Dong, Eddie,
Andres Lagar-Cavilla, Jan Beulich, rshriram, Keir Fraser,
Daniel De Graaf, yanghy, Ian Jackson
>>
>> There are also places in patches yet to be published I've worked on
>> where we gate things on introspection_enabled being != 0, so please
>> don't remove it or have it misbehave.
>>
>> I'll look into the extended_capture option in case it will allow future
>> removal of the MSR special case for introspection, but a flag like that
>> is necessary and can't simply be deprecated and removed.
>
> Ack, the plan was actually to replace all references to
> arch.hvm_domain.introspection_enabled with
> arch.monitor_options.mov_to_msr.extended_capture. I see I forgot to
> actually fully follow through that plan but that's the intention at
> least. So the functionality would remain, it would just be worked into
> the coherent settings field with every other type of events.
If you take a look at the next iteration of this series at
https://github.com/tklengyel/xen/compare/mem_event_cleanup4?expand=1 I
updated this patch to implement what I described above.
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-30 11:15 ` Tamas K Lengyel
2015-01-30 11:24 ` Tamas K Lengyel
@ 2015-01-30 11:33 ` Razvan Cojocaru
2015-01-30 11:45 ` Tamas K Lengyel
1 sibling, 1 reply; 66+ messages in thread
From: Razvan Cojocaru @ 2015-01-30 11:33 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Stefano Stabellini,
Tim Deegan, Steven Maresca, xen-devel, Jan Beulich, Dong, Eddie,
Andres Lagar-Cavilla, Jun Nakajima, rshriram, Keir Fraser,
Daniel De Graaf, yanghy, Ian Jackson
On 01/30/2015 01:15 PM, Tamas K Lengyel wrote:
> On Fri, Jan 30, 2015 at 12:07 PM, Razvan Cojocaru
> <rcojocaru@bitdefender.com> wrote:
>> On 01/30/2015 12:38 PM, Tamas K Lengyel wrote:
>>> On Fri, Jan 30, 2015 at 8:58 AM, Razvan Cojocaru
>>> <rcojocaru@bitdefender.com> wrote:
>>>> On 01/29/2015 11:46 PM, Tamas K Lengyel wrote:
>>>>> diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
>>>>> index c7a0bde..3b58700 100644
>>>>> --- a/xen/arch/x86/mm/p2m.c
>>>>> +++ b/xen/arch/x86/mm/p2m.c
>>>>> @@ -1445,15 +1445,6 @@ void p2m_vm_event_emulate_check(struct vcpu *v, const vm_event_response_t *rsp)
>>>>> }
>>>>> }
>>>>>
>>>>> -void p2m_setup_introspection(struct domain *d)
>>>>> -{
>>>>> - if ( hvm_funcs.enable_msr_exit_interception )
>>>>> - {
>>>>> - d->arch.hvm_domain.introspection_enabled = 1;
>>>>> - hvm_funcs.enable_msr_exit_interception(d);
>>>>> - }
>>>>> -}
>>>>> -
>>>>> bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
>>>>> struct npfec npfec,
>>>>> vm_event_request_t **req_ptr)
>>>>
>>>> I see that introspection_enabled is no longer assigned here ...
>>>
>>> Introspection_enabled is getting deprecated in this patch and is moved
>>> into the monitor_op domctl
>>
>> Moved, right, but where?
>>
>> This patch removes the d->arch.hvm_domain.introspection_enabled = 1
>> assignment from here but AFAICT it doesn't move it anwyhere else. It
>> just removes it, so introspection_enabled is always 0.
>
> Actually it should have been removed altogether from the HVM domain
> definition as the same information should be stored in arch_domain's
> monitor_options struct.
>
>>
>> I couldn't find any place in this series where introspection_enabled =
>> 1. Could you please point it out to me if I've missed it by accident?
>>
>>>>> diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c
>>>>> index 0db899e..0b30750 100644
>>>>> --- a/xen/common/vm_event.c
>>>>> +++ b/xen/common/vm_event.c
>>>>> @@ -617,16 +617,10 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
>>>>> switch( vec->op )
>>>>> {
>>>>> case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE:
>>>>> - case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
>>>>> {
>>>>> rc = vm_event_enable(d, vec, ved, _VPF_mem_access,
>>>>> HVM_PARAM_MONITOR_RING_PFN,
>>>>> mem_access_notification);
>>>>> -
>>>>> - if ( vec->op == XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
>>>>> - && !rc )
>>>>> - p2m_setup_introspection(d);
>>>>> -
>>>>> }
>>>>> break;
>>>>>
>>>>> @@ -635,7 +629,6 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
>>>>> if ( ved->ring_page )
>>>>> {
>>>>> rc = vm_event_disable(d, ved);
>>>>> - d->arch.hvm_domain.introspection_enabled = 0;
>>>>> }
>>>>> }
>>>>> break;
>>>>
>>>> ... nor here. Patch 6/12 checks it but doesn't set it. Patch 5/12 sets
>>>> it to 0 (which could account for the removal of the assignment in
>>>> vm_event.c) but never to 1. A few important things depend on it being
>>>> enabled: it becomes impossible to disable interception for a select set
>>>> of MSRs, optimization for RET instructions emulation is disabled, and
>>>> othere places in p2m.c makes use of the flag as well.
>>>>
>>>> Is there some place in the code, untouched by this series, where
>>>> introspection_enabled is being set to 1?
>>>
>>> It is moved into the monitor_op domctl when mov_to_msr trapping is
>>> enabled. The reason of having introspection_enabled AFAIU was to
>>> reenable trapping MSR's that were disabled shortly after boot. Thus,
>>> an option field is present in the monitor_op when enabling mov_to_msr
>>> trapping: extended_capture. Let me know if this still achieves the
>>> same effect as before!
>>
>> No, there are several places where introspection_enabled is needed, as
>> I've said before. Not just the MSRs.
>>
>> One important place is in hvmemul_virtual_to_linear(), in
>> xen/arch/x86/hvm/emulate.c, where we disable optimizations for REP
>> instructions (in today's version of mainline Xen, at line 413).
>>
>> There are also places in patches yet to be published I've worked on
>> where we gate things on introspection_enabled being != 0, so please
>> don't remove it or have it misbehave.
>>
>> I'll look into the extended_capture option in case it will allow future
>> removal of the MSR special case for introspection, but a flag like that
>> is necessary and can't simply be deprecated and removed.
>
> Ack, the plan was actually to replace all references to
> arch.hvm_domain.introspection_enabled with
> arch.monitor_options.mov_to_msr.extended_capture. I see I forgot to
> actually fully follow through that plan but that's the intention at
> least. So the functionality would remain, it would just be worked into
> the coherent settings field with every other type of events.
I see, but is it conceivable that some vm_event consumer does want to
enable arch.monitor_options.mov_to_msr.extended_capture but not be
interested in doing full-blown introspection (for example, is fine with
having the REP optimization enabled)?
What you're proposing here (as far as introspection_enabled is
concerned) is, if I understand correctly, basically renaming
introspection_enabled to mov_to_msr.extended_capture. I can see how that
would seem to simplify some things, but it might not look very intuitive
to future developers, and it will definitely complicate other things
down the road.
An example is havig the guest trigger a vm_event, requested by the
privileged userspace application. In our case, it was VMCALL in the
original series, and the patch has been eventually dropped from the
conversation - to be reworked at a later time. But we do need it, and
our patch now does its thing gated on introspection_enabled. It's hard
to connect that logic to mov_to_msr.extended_capture.
I guess we could keep the flag and move it to arch.monitor_options if
you prefer? And setting it could cause mov_to_msr.extended_capture and
assorted flags to be set also (some sort of umbrella setting)?
Thanks,
Razvan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-30 11:33 ` Razvan Cojocaru
@ 2015-01-30 11:45 ` Tamas K Lengyel
2015-01-30 12:24 ` Razvan Cojocaru
0 siblings, 1 reply; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-30 11:45 UTC (permalink / raw)
To: Razvan Cojocaru
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Stefano Stabellini,
Tim Deegan, Steven Maresca, xen-devel, Jan Beulich, Dong, Eddie,
Andres Lagar-Cavilla, Jun Nakajima, rshriram, Keir Fraser,
Daniel De Graaf, yanghy, Ian Jackson
>>
>> Ack, the plan was actually to replace all references to
>> arch.hvm_domain.introspection_enabled with
>> arch.monitor_options.mov_to_msr.extended_capture. I see I forgot to
>> actually fully follow through that plan but that's the intention at
>> least. So the functionality would remain, it would just be worked into
>> the coherent settings field with every other type of events.
>
> I see, but is it conceivable that some vm_event consumer does want to
> enable arch.monitor_options.mov_to_msr.extended_capture but not be
> interested in doing full-blown introspection (for example, is fine with
> having the REP optimization enabled)?
I'm not sure I follow what the difference here between
mov_to_msr.extended_capture and what you refer to as "full-blown
introspection". My understanding was that without gating some MSR's
via introspection_enabled, they are never trapped into the hypervisor
when they get written to, while other MSR do. Thus the two options:
mov_to_msr.enabled for basic trapping, and mov_to_msr.extended_capture
for gating the extended set of MSRs to be also trappable.
>
> What you're proposing here (as far as introspection_enabled is
> concerned) is, if I understand correctly, basically renaming
> introspection_enabled to mov_to_msr.extended_capture. I can see how that
> would seem to simplify some things, but it might not look very intuitive
> to future developers, and it will definitely complicate other things
> down the road.
No, not just simply renaming it. So far the options for the various VM
events were scattered all over the place, yours defined directly on
hvm_domain, others in hvm parameters. Now there is an assigned spot
for all current - and future - events to store their settings: in
arch_domain monitor_settings. This will work for PV domains as well,
while keeping it on the arch_domain layer will avoid defining options
on ARM that are architecture specific (mov_to_cr0/3/4 etc.).
Furthermore, setting these options was also a mess which I try to
address in this patch: some were enabled via hvm_op hypercalls, yours
via domctl. Now everything is moved into one spot: monitor_op domctl.
>
> An example is havig the guest trigger a vm_event, requested by the
> privileged userspace application. In our case, it was VMCALL in the
> original series, and the patch has been eventually dropped from the
> conversation - to be reworked at a later time. But we do need it, and
> our patch now does its thing gated on introspection_enabled. It's hard
> to connect that logic to mov_to_msr.extended_capture.
>
> I guess we could keep the flag and move it to arch.monitor_options if
> you prefer? And setting it could cause mov_to_msr.extended_capture and
> assorted flags to be set also (some sort of umbrella setting)?
Yes, that would be the logic going forward - all VM event related
options and settings should be stored in this structure. Also, I don't
see a problem with having an event or setting that enables multiple at
the same time.
Thanks,
Tamas
>
>
> Thanks,
> Razvan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-30 11:45 ` Tamas K Lengyel
@ 2015-01-30 12:24 ` Razvan Cojocaru
2015-01-30 12:36 ` Tamas K Lengyel
0 siblings, 1 reply; 66+ messages in thread
From: Razvan Cojocaru @ 2015-01-30 12:24 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Stefano Stabellini,
Jun Nakajima, Steven Maresca, Tim Deegan, xen-devel, Dong, Eddie,
Andres Lagar-Cavilla, Jan Beulich, rshriram, Keir Fraser,
Daniel De Graaf, yanghy, Ian Jackson
On 01/30/2015 01:45 PM, Tamas K Lengyel wrote:
>>>
>>> Ack, the plan was actually to replace all references to
>>> arch.hvm_domain.introspection_enabled with
>>> arch.monitor_options.mov_to_msr.extended_capture. I see I forgot to
>>> actually fully follow through that plan but that's the intention at
>>> least. So the functionality would remain, it would just be worked into
>>> the coherent settings field with every other type of events.
>>
>> I see, but is it conceivable that some vm_event consumer does want to
>> enable arch.monitor_options.mov_to_msr.extended_capture but not be
>> interested in doing full-blown introspection (for example, is fine with
>> having the REP optimization enabled)?
>
> I'm not sure I follow what the difference here between
> mov_to_msr.extended_capture and what you refer to as "full-blown
> introspection". My understanding was that without gating some MSR's
> via introspection_enabled, they are never trapped into the hypervisor
> when they get written to, while other MSR do. Thus the two options:
> mov_to_msr.enabled for basic trapping, and mov_to_msr.extended_capture
> for gating the extended set of MSRs to be also trappable.
Well, write interception for the MSRs we're interested in is enabled
_initally_, but then vmx_disable_intercept_for_msr() gets called and
we're left without these events, so yes, in a nutshell we do want to
keep write events for more MSRs than the default allows around.
The initial, very basic patch:
http://lists.xenproject.org/archives/html/xen-devel/2014-07/msg00310.html
The point was to keep receiving these events even after the HV decides
the corresponding MSR writes have become unnecessarily expensive to
intercept, but only if the vm_event consumer is interested in guest
introspection.
By "full-blown" introspection I mean that, in order to do its job
properly, guest introspection needs a bunch of requirements to be met
(not just the proper MSR write events to be sent), not least of which is
to send an event per each write performed in a REP situation (not just
an event per page touched) - which is why, gated on introspection being
enabled, we disable the REP emulation optimization.
It also needs a number of other things, which will surely become RFCs
here at some point.
Hence my previous comments: full-blown vm_event-based introspection is
more than the MSR trick, so it might be slightly confusing to gate all
of them on mov_to_msr.extended_capture.
>> What you're proposing here (as far as introspection_enabled is
>> concerned) is, if I understand correctly, basically renaming
>> introspection_enabled to mov_to_msr.extended_capture. I can see how that
>> would seem to simplify some things, but it might not look very intuitive
>> to future developers, and it will definitely complicate other things
>> down the road.
>
> No, not just simply renaming it. So far the options for the various VM
> events were scattered all over the place, yours defined directly on
> hvm_domain, others in hvm parameters. Now there is an assigned spot
> for all current - and future - events to store their settings: in
> arch_domain monitor_settings. This will work for PV domains as well,
> while keeping it on the arch_domain layer will avoid defining options
> on ARM that are architecture specific (mov_to_cr0/3/4 etc.).
>
> Furthermore, setting these options was also a mess which I try to
> address in this patch: some were enabled via hvm_op hypercalls, yours
> via domctl. Now everything is moved into one spot: monitor_op domctl.
Yes, and that's great! Your efforts are appreciated, and I'm sorry to
have inadvertently contributed to the mess.
I was simply talking about the way introspection_enabled is being used:
you were taking before about replacing all instances of
"introspection_enabled" with "mov_to_msr.enabled" (which is functionally
speaking, renaming), and my only points
have been that:
A) in this series introspection_enabled has neither been removed nor is
it of any use, since it's always 0, and
B) exclusive use of mov_to_msr.extended_capture where
introspection_enabled has been used before might not logically cover all
the cases needed for proper guest introspection (not sure that gating
the code that disables the REP emulation optimization on
mov_to_msr.extended_capture wouldn't look strange to someone looking at
the code for the first time).
I hope I've been able to explain myself better this time, perhaps my
concerns are not shared by others, I'm certainly open to discussion.
>> An example is havig the guest trigger a vm_event, requested by the
>> privileged userspace application. In our case, it was VMCALL in the
>> original series, and the patch has been eventually dropped from the
>> conversation - to be reworked at a later time. But we do need it, and
>> our patch now does its thing gated on introspection_enabled. It's hard
>> to connect that logic to mov_to_msr.extended_capture.
>>
>> I guess we could keep the flag and move it to arch.monitor_options if
>> you prefer? And setting it could cause mov_to_msr.extended_capture and
>> assorted flags to be set also (some sort of umbrella setting)?
>
> Yes, that would be the logic going forward - all VM event related
> options and settings should be stored in this structure. Also, I don't
> see a problem with having an event or setting that enables multiple at
> the same time.
That's great, thanks! That would pretty much shut me up. :)
Thanks,
Razvan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-30 12:24 ` Razvan Cojocaru
@ 2015-01-30 12:36 ` Tamas K Lengyel
0 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-30 12:36 UTC (permalink / raw)
To: Razvan Cojocaru
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Stefano Stabellini,
Jun Nakajima, Steven Maresca, Tim Deegan, xen-devel, Dong, Eddie,
Andres Lagar-Cavilla, Jan Beulich, rshriram, Keir Fraser,
Daniel De Graaf, yanghy, Ian Jackson
On Fri, Jan 30, 2015 at 1:24 PM, Razvan Cojocaru
<rcojocaru@bitdefender.com> wrote:
> On 01/30/2015 01:45 PM, Tamas K Lengyel wrote:
>>>>
>>>> Ack, the plan was actually to replace all references to
>>>> arch.hvm_domain.introspection_enabled with
>>>> arch.monitor_options.mov_to_msr.extended_capture. I see I forgot to
>>>> actually fully follow through that plan but that's the intention at
>>>> least. So the functionality would remain, it would just be worked into
>>>> the coherent settings field with every other type of events.
>>>
>>> I see, but is it conceivable that some vm_event consumer does want to
>>> enable arch.monitor_options.mov_to_msr.extended_capture but not be
>>> interested in doing full-blown introspection (for example, is fine with
>>> having the REP optimization enabled)?
>>
>> I'm not sure I follow what the difference here between
>> mov_to_msr.extended_capture and what you refer to as "full-blown
>> introspection". My understanding was that without gating some MSR's
>> via introspection_enabled, they are never trapped into the hypervisor
>> when they get written to, while other MSR do. Thus the two options:
>> mov_to_msr.enabled for basic trapping, and mov_to_msr.extended_capture
>> for gating the extended set of MSRs to be also trappable.
>
> Well, write interception for the MSRs we're interested in is enabled
> _initally_, but then vmx_disable_intercept_for_msr() gets called and
> we're left without these events, so yes, in a nutshell we do want to
> keep write events for more MSRs than the default allows around.
>
> The initial, very basic patch:
>
> http://lists.xenproject.org/archives/html/xen-devel/2014-07/msg00310.html
>
> The point was to keep receiving these events even after the HV decides
> the corresponding MSR writes have become unnecessarily expensive to
> intercept, but only if the vm_event consumer is interested in guest
> introspection.
>
> By "full-blown" introspection I mean that, in order to do its job
> properly, guest introspection needs a bunch of requirements to be met
> (not just the proper MSR write events to be sent), not least of which is
> to send an event per each write performed in a REP situation (not just
> an event per page touched) - which is why, gated on introspection being
> enabled, we disable the REP emulation optimization.
>
> It also needs a number of other things, which will surely become RFCs
> here at some point.
>
> Hence my previous comments: full-blown vm_event-based introspection is
> more than the MSR trick, so it might be slightly confusing to gate all
> of them on mov_to_msr.extended_capture.
OK, I see what you mean now.
>
>>> What you're proposing here (as far as introspection_enabled is
>>> concerned) is, if I understand correctly, basically renaming
>>> introspection_enabled to mov_to_msr.extended_capture. I can see how that
>>> would seem to simplify some things, but it might not look very intuitive
>>> to future developers, and it will definitely complicate other things
>>> down the road.
>>
>> No, not just simply renaming it. So far the options for the various VM
>> events were scattered all over the place, yours defined directly on
>> hvm_domain, others in hvm parameters. Now there is an assigned spot
>> for all current - and future - events to store their settings: in
>> arch_domain monitor_settings. This will work for PV domains as well,
>> while keeping it on the arch_domain layer will avoid defining options
>> on ARM that are architecture specific (mov_to_cr0/3/4 etc.).
>>
>> Furthermore, setting these options was also a mess which I try to
>> address in this patch: some were enabled via hvm_op hypercalls, yours
>> via domctl. Now everything is moved into one spot: monitor_op domctl.
>
> Yes, and that's great! Your efforts are appreciated, and I'm sorry to
> have inadvertently contributed to the mess.
>
> I was simply talking about the way introspection_enabled is being used:
> you were taking before about replacing all instances of
> "introspection_enabled" with "mov_to_msr.enabled" (which is functionally
> speaking, renaming), and my only points
> have been that:
>
> A) in this series introspection_enabled has neither been removed nor is
> it of any use, since it's always 0, and
>
> B) exclusive use of mov_to_msr.extended_capture where
> introspection_enabled has been used before might not logically cover all
> the cases needed for proper guest introspection (not sure that gating
> the code that disables the REP emulation optimization on
> mov_to_msr.extended_capture wouldn't look strange to someone looking at
> the code for the first time).
>
> I hope I've been able to explain myself better this time, perhaps my
> concerns are not shared by others, I'm certainly open to discussion.
It's a question whether we need an umbrella option for this, or is it
more appropriate to check for each required event being enabled
individually. At the moment I don't see the need for it but in the
future going forward I can see it being added if it makes the code
easier to read. It would however also add some extra complexity: what
happens if an event is disabled that is covered by the umbrella
option? Would we disable all other events under the umbrella, or just
the umbrella option itself? So yes, it's definitely a discussion we
should have, when the need arrives for it.
>
>>> An example is havig the guest trigger a vm_event, requested by the
>>> privileged userspace application. In our case, it was VMCALL in the
>>> original series, and the patch has been eventually dropped from the
>>> conversation - to be reworked at a later time. But we do need it, and
>>> our patch now does its thing gated on introspection_enabled. It's hard
>>> to connect that logic to mov_to_msr.extended_capture.
>>>
>>> I guess we could keep the flag and move it to arch.monitor_options if
>>> you prefer? And setting it could cause mov_to_msr.extended_capture and
>>> assorted flags to be set also (some sort of umbrella setting)?
>>
>> Yes, that would be the logic going forward - all VM event related
>> options and settings should be stored in this structure. Also, I don't
>> see a problem with having an event or setting that enables multiple at
>> the same time.
>
> That's great, thanks! That would pretty much shut me up. :)
>
>
> Thanks,
> Razvan
Thanks,
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 05/12] xen: Introduce vm_event
2015-01-29 21:46 ` [RFC PATCH V3 05/12] xen: Introduce vm_event Tamas K Lengyel
@ 2015-01-30 17:25 ` Daniel De Graaf
2015-01-31 13:24 ` Tamas K Lengyel
2015-02-02 17:27 ` Ian Campbell
2015-02-03 15:54 ` Jan Beulich
2 siblings, 1 reply; 66+ messages in thread
From: Daniel De Graaf @ 2015-01-30 17:25 UTC (permalink / raw)
To: Tamas K Lengyel, xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
rshriram, keir, yanghy, rcojocaru
On 01/29/2015 04:46 PM, Tamas K Lengyel wrote:
> To make it easier to review the renaming process of mem_event -> vm_event,
> the process is broken into three pieces, of which this patch is the first.
> In this patch the vm_event subsystem is introduced and hooked into the build
> process, but it is not yet used anywhere.
>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
[...]
> diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
> index f20e89c..d6d403a 100644
> --- a/xen/include/xsm/dummy.h
> +++ b/xen/include/xsm/dummy.h
> @@ -525,6 +525,18 @@ static XSM_INLINE int xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op)
> XSM_ASSERT_ACTION(XSM_DM_PRIV);
> return xsm_default_action(action, current->domain, d);
> }
> +
> +static XSM_INLINE int xsm_vm_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op)
> +{
> + XSM_ASSERT_ACTION(XSM_PRIV);
> + return xsm_default_action(action, current->domain, d);
> +}
> +
> +static XSM_INLINE int xsm_vm_event_op(XSM_DEFAULT_ARG struct domain *d, int op)
> +{
> + XSM_ASSERT_ACTION(XSM_DM_PRIV);
> + return xsm_default_action(action, current->domain, d);
> +}
> #endif
>
[...]
> diff --git a/xen/xsm/flask/policy/access_vectors b/xen/xsm/flask/policy/access_vectors
> index 1da9f63..a4241b5 100644
> --- a/xen/xsm/flask/policy/access_vectors
> +++ b/xen/xsm/flask/policy/access_vectors
> @@ -250,6 +250,7 @@ class hvm
> hvmctl
> # XEN_DOMCTL_set_access_required
> mem_event
> + vm_event
> # XEN_DOMCTL_mem_sharing_op and XENMEM_sharing_op_{share,add_physmap} with:
> # source = the domain making the hypercall
> # target = domain whose memory is being shared
>
This implies that device model domains should be allowed to use the operations
covered by xsm_vm_event_op but not those covered by xsm_vm_event_control.
If this is how the eventual operations are intended to be used, the FLASK
permissions also need to be split so that a similar distinction can be made in
the policy.
After looking at the later patches in this series, this appears to be a flaw in
the existing FLASK hooks that got copied over. While it is still useful to fix,
it may be better to make the split in a separate patch from the renames. Now
that VM events apply to more than just HVM domains, it may be useful to move
the new permission(s) from class hvm to either domain2 or mmu.
--
Daniel De Graaf
National Security Agency
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 07/12] xen: Remove mem_event
2015-01-29 21:46 ` [RFC PATCH V3 07/12] xen: Remove mem_event Tamas K Lengyel
@ 2015-01-30 17:25 ` Daniel De Graaf
2015-02-02 17:29 ` Ian Campbell
2015-02-03 16:26 ` Jan Beulich
2 siblings, 0 replies; 66+ messages in thread
From: Daniel De Graaf @ 2015-01-30 17:25 UTC (permalink / raw)
To: Tamas K Lengyel, xen-devel
Cc: kevin.tian, wei.liu2, ian.campbell, steve, stefano.stabellini,
jun.nakajima, tim, ian.jackson, eddie.dong, andres, jbeulich,
rshriram, keir, yanghy, rcojocaru
On 01/29/2015 04:46 PM, Tamas K Lengyel wrote:
> This is the third and final patch in the mem_event -> vm_event renaming process
> which removes all references and remaining code of mem_event from the Xen
> source.
>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
> ---
> MAINTAINERS | 1 -
> docs/misc/xsm-flask.txt | 1 -
> tools/libxc/Makefile | 1 -
> tools/libxc/xc_mem_access.c | 16 +-
> tools/libxc/xc_mem_event.c | 162 ---------
> tools/libxc/xc_private.h | 12 -
> xen/common/Makefile | 1 -
> xen/common/mem_event.c | 738 -----------------------------------------
> xen/include/public/domctl.h | 90 +----
> xen/include/public/mem_event.h | 192 -----------
> xen/include/xen/mem_event.h | 143 --------
> xen/include/xen/sched.h | 41 ---
> xen/include/xsm/dummy.h | 12 -
> xen/include/xsm/xsm.h | 12 -
> xen/xsm/dummy.c | 2 -
> xen/xsm/flask/hooks.c | 12 -
> 16 files changed, 14 insertions(+), 1422 deletions(-)
> delete mode 100644 tools/libxc/xc_mem_event.c
> delete mode 100644 xen/common/mem_event.c
> delete mode 100644 xen/include/public/mem_event.h
> delete mode 100644 xen/include/xen/mem_event.h
You should also remove mem_event from xen/xsm/flask/policy/access_vectors
in this patch.
--
Daniel De Graaf
National Security Agency
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 05/12] xen: Introduce vm_event
2015-01-30 17:25 ` Daniel De Graaf
@ 2015-01-31 13:24 ` Tamas K Lengyel
2015-02-02 19:35 ` Daniel De Graaf
0 siblings, 1 reply; 66+ messages in thread
From: Tamas K Lengyel @ 2015-01-31 13:24 UTC (permalink / raw)
To: Daniel De Graaf
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Steven Maresca,
Stefano Stabellini, Jun Nakajima, Tim Deegan, Ian Jackson,
xen-devel, Dong, Eddie, Andres Lagar-Cavilla, Jan Beulich,
rshriram, Keir Fraser, yanghy, Razvan Cojocaru
On Fri, Jan 30, 2015 at 6:25 PM, Daniel De Graaf <dgdegra@tycho.nsa.gov> wrote:
> On 01/29/2015 04:46 PM, Tamas K Lengyel wrote:
>>
>> To make it easier to review the renaming process of mem_event -> vm_event,
>> the process is broken into three pieces, of which this patch is the first.
>> In this patch the vm_event subsystem is introduced and hooked into the
>> build
>> process, but it is not yet used anywhere.
>>
>> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
>
>
> [...]
>>
>> diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
>> index f20e89c..d6d403a 100644
>> --- a/xen/include/xsm/dummy.h
>> +++ b/xen/include/xsm/dummy.h
>> @@ -525,6 +525,18 @@ static XSM_INLINE int
>> xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op)
>> XSM_ASSERT_ACTION(XSM_DM_PRIV);
>> return xsm_default_action(action, current->domain, d);
>> }
>> +
>> +static XSM_INLINE int xsm_vm_event_control(XSM_DEFAULT_ARG struct domain
>> *d, int mode, int op)
>> +{
>> + XSM_ASSERT_ACTION(XSM_PRIV);
>> + return xsm_default_action(action, current->domain, d);
>> +}
>> +
>> +static XSM_INLINE int xsm_vm_event_op(XSM_DEFAULT_ARG struct domain *d,
>> int op)
>> +{
>> + XSM_ASSERT_ACTION(XSM_DM_PRIV);
>> + return xsm_default_action(action, current->domain, d);
>> +}
>> #endif
>>
> [...]
>>
>> diff --git a/xen/xsm/flask/policy/access_vectors
>> b/xen/xsm/flask/policy/access_vectors
>> index 1da9f63..a4241b5 100644
>> --- a/xen/xsm/flask/policy/access_vectors
>> +++ b/xen/xsm/flask/policy/access_vectors
>> @@ -250,6 +250,7 @@ class hvm
>> hvmctl
>> # XEN_DOMCTL_set_access_required
>> mem_event
>> + vm_event
>> # XEN_DOMCTL_mem_sharing_op and XENMEM_sharing_op_{share,add_physmap}
>> with:
>> # source = the domain making the hypercall
>> # target = domain whose memory is being shared
>>
>
> This implies that device model domains should be allowed to use the
> operations
> covered by xsm_vm_event_op but not those covered by xsm_vm_event_control.
> If this is how the eventual operations are intended to be used, the FLASK
> permissions also need to be split so that a similar distinction can be made
> in
> the policy.
>
> After looking at the later patches in this series, this appears to be a flaw
> in
> the existing FLASK hooks that got copied over. While it is still useful to
> fix,
> it may be better to make the split in a separate patch from the renames.
> Now
> that VM events apply to more than just HVM domains, it may be useful to move
> the new permission(s) from class hvm to either domain2 or mmu.
>
> --
> Daniel De Graaf
> National Security Agency
Moving it to domain2 would make sense to me. The namings seem to be
pretty poor so I have a hard time understanding why xsm_vm_event_op
and xsm_vm_event_control differ when it comes to device model domains.
The event_op corresponds to memops for access, paging and sharing
while event_control for the domctl that enables/disables the rings. So
yes, I think splitting the name for these separating things would make
sense to clarify what they represent but whether that restriction on
device model domains was intentional I'm not sure about.
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures
2015-01-29 21:46 ` [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures Tamas K Lengyel
@ 2015-02-02 17:19 ` Ian Campbell
2015-02-03 9:17 ` Jan Beulich
2015-02-05 12:13 ` Tamas K Lengyel
2015-02-03 15:32 ` Jan Beulich
1 sibling, 2 replies; 66+ messages in thread
From: Ian Campbell @ 2015-02-02 17:19 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: kevin.tian, wei.liu2, jun.nakajima, steve, stefano.stabellini,
tim, ian.jackson, xen-devel, eddie.dong, andres, jbeulich,
rshriram, keir, dgdegra, yanghy, rcojocaru
On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
> From: Razvan Cojocaru <rcojocaru@bitdefender.com>
>
> The public mem_event structures used to communicate with helper applications via
> shared rings have been used in different settings. However, the variable names
> within this structure have not reflected this fact, resulting in the reuse of
> variables to mean different things under different scenarios.
>
> This patch remedies the issue by clearly defining the structure members based on
> the actual context within which the structure is used.
>
> Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
> ---
> v3: Add padding to mem_event structures.
> Add version field to mem_event structures and checks for it.
The addition of versioning is worth mentioning in the commit message
IMHO.
I'm not going to review the tools changes in detail, since I suppose
they are very much mechanical.
> - if ( req.gfn > paging->max_pages )
> + if ( req.data.mem_paging.gfn > paging->max_pages )
> {
> - ERROR("Requested gfn %"PRIx64" higher than max_pages %x\n", req.gfn, paging->max_pages);
> + ERROR("Requested gfn %"PRIx64" higher than max_pages %x\n", req.data.mem_paging.gfn, paging->max_pages);
If you could wrap some of these lines which have become even more overly
long here as you change them then that would be much appreciated.
> + union {
> + struct mem_event_paging_data mem_paging;
> + struct mem_event_sharing_data mem_sharing;
> + struct mem_event_mem_access_data mem_access;
> + struct mem_event_mov_to_cr_data mov_to_cr;
> + struct mem_event_mov_to_msr_data mov_to_msr;
> + struct mem_event_software_breakpoint_data software_breakpoint;
> + struct mem_event_singlestep_data singlestep;
> + } data;
We typically call these unions "u" but that's up to the hypervisor guys
really.
Ian.
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 02/12] xen/mem_event: Rename the mem_event ring from 'access' to 'monitor'
2015-01-29 21:46 ` [RFC PATCH V3 02/12] xen/mem_event: Rename the mem_event ring from 'access' to 'monitor' Tamas K Lengyel
@ 2015-02-02 17:22 ` Ian Campbell
2015-02-03 15:37 ` Jan Beulich
1 sibling, 0 replies; 66+ messages in thread
From: Ian Campbell @ 2015-02-02 17:22 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: kevin.tian, wei.liu2, jun.nakajima, steve, stefano.stabellini,
tim, ian.jackson, xen-devel, eddie.dong, andres, jbeulich,
rshriram, keir, dgdegra, yanghy, rcojocaru
On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
> The name of the ring still implies it is used only for memory accesses,
> which is no longer the case. It is also used to deliver variuos HVM events,
"various".
> thus the name "monitor" is more appropriate in this setting.
I'll allow others to bikeshed the name ;-)
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
Assuming the toolside is all as mechanical as it sounds:
Acked-by: Ian Campbell <ian.campbell@citrix.com>
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 03/12] xen/mem_paging: Convert mem_event_op to mem_paging_op
2015-01-29 21:46 ` [RFC PATCH V3 03/12] xen/mem_paging: Convert mem_event_op to mem_paging_op Tamas K Lengyel
@ 2015-02-02 17:23 ` Ian Campbell
2015-02-03 15:41 ` Jan Beulich
1 sibling, 0 replies; 66+ messages in thread
From: Ian Campbell @ 2015-02-02 17:23 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: kevin.tian, wei.liu2, jun.nakajima, steve, stefano.stabellini,
tim, ian.jackson, xen-devel, eddie.dong, andres, jbeulich,
rshriram, keir, dgdegra, yanghy, rcojocaru
On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
> The only use-case of the mem_event_op structure had been in mem_paging,
> thus renaming the structure mem_paging_op and relocating its associated
> functions clarifies its actual usage.
>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
> Acked-by: Tim Deegan <tim@xen.org>
For tools: Acked-by: Ian Campbell <ian.campbell@citrix.com>
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 05/12] xen: Introduce vm_event
2015-01-29 21:46 ` [RFC PATCH V3 05/12] xen: Introduce vm_event Tamas K Lengyel
2015-01-30 17:25 ` Daniel De Graaf
@ 2015-02-02 17:27 ` Ian Campbell
2015-02-03 15:54 ` Jan Beulich
2 siblings, 0 replies; 66+ messages in thread
From: Ian Campbell @ 2015-02-02 17:27 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: kevin.tian, wei.liu2, jun.nakajima, steve, stefano.stabellini,
tim, ian.jackson, xen-devel, eddie.dong, andres, jbeulich,
rshriram, keir, dgdegra, yanghy, rcojocaru
On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
> To make it easier to review the renaming process of mem_event -> vm_event,
> the process is broken into three pieces, of which this patch is the first.
> In this patch the vm_event subsystem is introduced and hooked into the build
> process, but it is not yet used anywhere.
>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
Tools/*
Acked-by: Ian Campbell <ian.campbell@citrix.com>
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 06/12] xen: migrate mem_event to vm_event
2015-01-29 21:46 ` [RFC PATCH V3 06/12] xen: migrate mem_event to vm_event Tamas K Lengyel
@ 2015-02-02 17:27 ` Ian Campbell
2015-02-03 16:22 ` Jan Beulich
1 sibling, 0 replies; 66+ messages in thread
From: Ian Campbell @ 2015-02-02 17:27 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: kevin.tian, wei.liu2, jun.nakajima, steve, stefano.stabellini,
tim, ian.jackson, xen-devel, eddie.dong, andres, jbeulich,
rshriram, keir, dgdegra, yanghy, rcojocaru
On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
> This is the second patch in the mem_event -> vm_event migration.
> This patch migrates all previous use-cases of mem_event to use the
> new vm_event system.
>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
Assuming it's all mechanical, for tools/*
Acked-by: Ian Campbell <ian.campbell@citrix.com>
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 07/12] xen: Remove mem_event
2015-01-29 21:46 ` [RFC PATCH V3 07/12] xen: Remove mem_event Tamas K Lengyel
2015-01-30 17:25 ` Daniel De Graaf
@ 2015-02-02 17:29 ` Ian Campbell
2015-02-03 16:26 ` Jan Beulich
2 siblings, 0 replies; 66+ messages in thread
From: Ian Campbell @ 2015-02-02 17:29 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: kevin.tian, wei.liu2, jun.nakajima, steve, stefano.stabellini,
tim, ian.jackson, xen-devel, eddie.dong, andres, jbeulich,
rshriram, keir, dgdegra, yanghy, rcojocaru
On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
> This is the third and final patch in the mem_event -> vm_event renaming process
> which removes all references and remaining code of mem_event from the Xen
> source.
>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
If tools/* is all mechanical changes then:
Acked-by: Ian Campbell <ian.campbell@citrix.com>
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 08/12] tools/tests: Clean-up tools/tests/xen-access
2015-01-29 21:46 ` [RFC PATCH V3 08/12] tools/tests: Clean-up tools/tests/xen-access Tamas K Lengyel
@ 2015-02-02 17:30 ` Ian Campbell
0 siblings, 0 replies; 66+ messages in thread
From: Ian Campbell @ 2015-02-02 17:30 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: kevin.tian, wei.liu2, jun.nakajima, steve, stefano.stabellini,
tim, ian.jackson, xen-devel, eddie.dong, andres, jbeulich,
rshriram, keir, dgdegra, yanghy, rcojocaru
On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
> The spin-lock implementation in the xen-access test program is implemented
> in a fashion that is actually incomplete. The x86 assembly that guarantees that
> the lock is held by only one thread lacks the "lock;" instruction.
>
> However, the spin-lock is not actually necessary in xen-access as it is not
> multithreaded. The presence of the faulty implementation of the lock in a non-
> mulithreaded environment is unnecessarily complicated for developers who are
typo: "multithreaded"
> trying to follow this code as a guide in implementing their own applications.
> Thus, removing it from the code improves the clarity on the behavior of the
> system.
>
> Also converting functions that always return 0 to return to void, and making
> the teardown function actually return an error code on error.
>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-29 21:46 ` [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl Tamas K Lengyel
2015-01-30 7:58 ` Razvan Cojocaru
@ 2015-02-02 17:32 ` Ian Campbell
2015-02-04 5:57 ` Tian, Kevin
2015-02-04 9:34 ` Jan Beulich
3 siblings, 0 replies; 66+ messages in thread
From: Ian Campbell @ 2015-02-02 17:32 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: kevin.tian, wei.liu2, jun.nakajima, steve, stefano.stabellini,
tim, ian.jackson, xen-devel, eddie.dong, andres, jbeulich,
rshriram, keir, dgdegra, yanghy, rcojocaru
On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
> In preparation for allowing for introspecting ARM and PV domains the old
> control interface via the hvm_op hypercall is retired. A new control mechanism
> is introduced via the domctl hypercall: monitor_op.
>
> This patch aims to establish a base API on which future applications can build
> on.
>
> Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
The tools stuff all looks like sensible wrappings of the underlying
hypercalls, so if the hypervisor guys are happy with the interface:
Acked-by: Ian Campbell <ian.campbell@citrix.com>
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
` (11 preceding siblings ...)
2015-01-29 21:46 ` [RFC PATCH V3 12/12] xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds Tamas K Lengyel
@ 2015-02-02 17:33 ` Ian Campbell
12 siblings, 0 replies; 66+ messages in thread
From: Ian Campbell @ 2015-02-02 17:33 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: kevin.tian, wei.liu2, jun.nakajima, steve, stefano.stabellini,
tim, ian.jackson, xen-devel, eddie.dong, andres, jbeulich,
rshriram, keir, dgdegra, yanghy, rcojocaru
On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
> MAINTAINERS | 5 +-
> docs/misc/xsm-flask.txt | 2 +-
> tools/libxc/Makefile | 3 +-
> tools/libxc/include/xenctrl.h | 19 +
> tools/libxc/xc_domain_restore.c | 14 +-
> tools/libxc/xc_domain_save.c | 4 +-
> tools/libxc/xc_hvm_build_x86.c | 2 +-
> tools/libxc/xc_mem_access.c | 19 +-
> tools/libxc/xc_mem_event.c | 178 ---------
> tools/libxc/xc_mem_paging.c | 44 ++-
> tools/libxc/xc_memshr.c | 18 +-
> tools/libxc/xc_monitor.c | 118 ++++++
> tools/libxc/xc_private.h | 15 +-
> tools/libxc/xc_vm_event.c | 159 ++++++++
> tools/libxc/xg_save_restore.h | 2 +-
I'm assuming that the hypervisor maintainers will commit these tools
bits alongside the hypervisor bits when the time comes.
Ian.
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 05/12] xen: Introduce vm_event
2015-01-31 13:24 ` Tamas K Lengyel
@ 2015-02-02 19:35 ` Daniel De Graaf
2015-02-06 14:04 ` Tamas K Lengyel
0 siblings, 1 reply; 66+ messages in thread
From: Daniel De Graaf @ 2015-02-02 19:35 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Steven Maresca,
Stefano Stabellini, Jun Nakajima, Tim Deegan, Ian Jackson,
xen-devel, Dong, Eddie, Andres Lagar-Cavilla, Jan Beulich,
rshriram, Keir Fraser, yanghy, Razvan Cojocaru
On 01/31/2015 08:24 AM, Tamas K Lengyel wrote:
> On Fri, Jan 30, 2015 at 6:25 PM, Daniel De Graaf <dgdegra@tycho.nsa.gov> wrote:
>> On 01/29/2015 04:46 PM, Tamas K Lengyel wrote:
>>>
>>> To make it easier to review the renaming process of mem_event -> vm_event,
>>> the process is broken into three pieces, of which this patch is the first.
>>> In this patch the vm_event subsystem is introduced and hooked into the
>>> build
>>> process, but it is not yet used anywhere.
>>>
>>> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
>>
>>
>> [...]
>>>
>>> diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
>>> index f20e89c..d6d403a 100644
>>> --- a/xen/include/xsm/dummy.h
>>> +++ b/xen/include/xsm/dummy.h
>>> @@ -525,6 +525,18 @@ static XSM_INLINE int
>>> xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op)
>>> XSM_ASSERT_ACTION(XSM_DM_PRIV);
>>> return xsm_default_action(action, current->domain, d);
>>> }
>>> +
>>> +static XSM_INLINE int xsm_vm_event_control(XSM_DEFAULT_ARG struct domain
>>> *d, int mode, int op)
>>> +{
>>> + XSM_ASSERT_ACTION(XSM_PRIV);
>>> + return xsm_default_action(action, current->domain, d);
>>> +}
>>> +
>>> +static XSM_INLINE int xsm_vm_event_op(XSM_DEFAULT_ARG struct domain *d,
>>> int op)
>>> +{
>>> + XSM_ASSERT_ACTION(XSM_DM_PRIV);
>>> + return xsm_default_action(action, current->domain, d);
>>> +}
>>> #endif
>>>
>> [...]
>>>
>>> diff --git a/xen/xsm/flask/policy/access_vectors
>>> b/xen/xsm/flask/policy/access_vectors
>>> index 1da9f63..a4241b5 100644
>>> --- a/xen/xsm/flask/policy/access_vectors
>>> +++ b/xen/xsm/flask/policy/access_vectors
>>> @@ -250,6 +250,7 @@ class hvm
>>> hvmctl
>>> # XEN_DOMCTL_set_access_required
>>> mem_event
>>> + vm_event
>>> # XEN_DOMCTL_mem_sharing_op and XENMEM_sharing_op_{share,add_physmap}
>>> with:
>>> # source = the domain making the hypercall
>>> # target = domain whose memory is being shared
>>>
>>
>> This implies that device model domains should be allowed to use the
>> operations
>> covered by xsm_vm_event_op but not those covered by xsm_vm_event_control.
>> If this is how the eventual operations are intended to be used, the FLASK
>> permissions also need to be split so that a similar distinction can be made
>> in
>> the policy.
>>
>> After looking at the later patches in this series, this appears to be a flaw
>> in
>> the existing FLASK hooks that got copied over. While it is still useful to
>> fix,
>> it may be better to make the split in a separate patch from the renames.
>> Now
>> that VM events apply to more than just HVM domains, it may be useful to move
>> the new permission(s) from class hvm to either domain2 or mmu.
>>
>> --
>> Daniel De Graaf
>> National Security Agency
>
> Moving it to domain2 would make sense to me. The namings seem to be
> pretty poor so I have a hard time understanding why xsm_vm_event_op
> and xsm_vm_event_control differ when it comes to device model domains.
> The event_op corresponds to memops for access, paging and sharing
> while event_control for the domctl that enables/disables the rings. So
> yes, I think splitting the name for these separating things would make
> sense to clarify what they represent but whether that restriction on
> device model domains was intentional I'm not sure about.
>
> Tamas
If the device model stubdom does not use (or plan to use) the memory_op
hypercall, then there is no reason to allow it to make this hypercall,
and the XSM check should be changed from XSM_DM_PRIV to XSM_PRIV. From
a quick look, this seems to be true, but I would defer to someone who
has actually used or developed this subsystem.
As far as the naming, several other hypercalls such as tmem have a
distinction between "use" and "control" that is reflected in the XSM
policy. From a quick look at how the hypercalls work, the domctl seems
to be a toolstack-only feature that is set when building a domain, while
the mem_event_op hypercall is used by a helper process.
I think it might be possible to move the helper process to a stub domain
when creating a very disaggregated system. In that case, a distinct
permission for its hypercalls would be useful to let the stub domain
perform sharing operations without being able to turn sharing on and
off. Otherwise the current single permission (moved to domain2) should
be sufficient.
--
Daniel De Graaf
National Security Agency
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures
2015-02-02 17:19 ` Ian Campbell
@ 2015-02-03 9:17 ` Jan Beulich
2015-02-05 12:12 ` Tamas K Lengyel
2015-02-05 12:13 ` Tamas K Lengyel
1 sibling, 1 reply; 66+ messages in thread
From: Jan Beulich @ 2015-02-03 9:17 UTC (permalink / raw)
To: Ian Campbell, Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, rcojocaru, stefano.stabellini,
eddie.dong, ian.jackson, xen-devel, steve, andres, jun.nakajima,
rshriram, keir, dgdegra, yanghy
>>> On 02.02.15 at 18:19, <Ian.Campbell@citrix.com> wrote:
> On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
>> + union {
>> + struct mem_event_paging_data mem_paging;
>> + struct mem_event_sharing_data mem_sharing;
>> + struct mem_event_mem_access_data mem_access;
>> + struct mem_event_mov_to_cr_data mov_to_cr;
>> + struct mem_event_mov_to_msr_data mov_to_msr;
>> + struct mem_event_software_breakpoint_data software_breakpoint;
>> + struct mem_event_singlestep_data singlestep;
>> + } data;
>
> We typically call these unions "u" but that's up to the hypervisor guys
> really.
And yes, I agree we should be consistent with things like this.
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures
2015-01-29 21:46 ` [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures Tamas K Lengyel
2015-02-02 17:19 ` Ian Campbell
@ 2015-02-03 15:32 ` Jan Beulich
1 sibling, 0 replies; 66+ messages in thread
From: Jan Beulich @ 2015-02-03 15:32 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, ian.campbell, rcojocaru,
stefano.stabellini, eddie.dong, ian.jackson, xen-devel, steve,
andres, jun.nakajima, rshriram, keir, dgdegra, yanghy
>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
> +static int hvm_memory_event_traps(long parameters, mem_event_request_t *req)
It looks like parameters isn't really a signed quantity...
> void hvm_memory_event_cr0(unsigned long value, unsigned long old)
> {
> - hvm_memory_event_traps(current->domain->arch.hvm_domain
> - .params[HVM_PARAM_MEMORY_EVENT_CR0],
> - MEM_EVENT_REASON_CR0,
> - value, old, 0, 0);
> + mem_event_request_t req = {
> + .reason = MEM_EVENT_REASON_MOV_TO_CR0,
> + .vcpu_id = current->vcpu_id,
> + .data.mov_to_cr.new_value = value,
> + .data.mov_to_cr.old_value = old
> + };
> +
> + long parameters = current->domain->arch.hvm_domain
> + .params[HVM_PARAM_MEMORY_EVENT_CR0];
> +
> + if ( (parameters & HVMPME_onchangeonly) && (value == old) )
> + return;
> +
> + hvm_memory_event_traps(parameters, &req);
> }
>
> void hvm_memory_event_cr3(unsigned long value, unsigned long old)
> {
> - hvm_memory_event_traps(current->domain->arch.hvm_domain
> - .params[HVM_PARAM_MEMORY_EVENT_CR3],
> - MEM_EVENT_REASON_CR3,
> - value, old, 0, 0);
> + mem_event_request_t req = {
> + .reason = MEM_EVENT_REASON_MOV_TO_CR3,
> + .vcpu_id = current->vcpu_id,
> + .data.mov_to_cr.new_value = value,
> + .data.mov_to_cr.old_value = old
> + };
> +
> + long parameters = current->domain->arch.hvm_domain
> + .params[HVM_PARAM_MEMORY_EVENT_CR3];
> +
> + if ( (parameters & HVMPME_onchangeonly) && (value == old) )
> + return;
> +
> + hvm_memory_event_traps(parameters, &req);
> }
>
> void hvm_memory_event_cr4(unsigned long value, unsigned long old)
> {
> - hvm_memory_event_traps(current->domain->arch.hvm_domain
> - .params[HVM_PARAM_MEMORY_EVENT_CR4],
> - MEM_EVENT_REASON_CR4,
> - value, old, 0, 0);
> + mem_event_request_t req = {
> + .reason = MEM_EVENT_REASON_MOV_TO_CR4,
> + .vcpu_id = current->vcpu_id,
> + .data.mov_to_cr.new_value = value,
> + .data.mov_to_cr.old_value = old
> + };
> +
> + long parameters = current->domain->arch.hvm_domain
> + .params[HVM_PARAM_MEMORY_EVENT_CR4];
> +
> + if ( (parameters & HVMPME_onchangeonly) && (value == old) )
> + return;
> +
> + hvm_memory_event_traps(parameters, &req);
> }
These three functions are extremely similar, and hence there's a lot of
duplication now. Time for another helper?
> --- a/xen/arch/x86/mm/mem_sharing.c
> +++ b/xen/arch/x86/mm/mem_sharing.c
> @@ -559,7 +559,10 @@ int mem_sharing_notify_enomem(struct domain *d, unsigned
> long gfn,
> {
> struct vcpu *v = current;
> int rc;
> - mem_event_request_t req = { .gfn = gfn };
> + mem_event_request_t req = {
> + .reason = MEM_EVENT_REASON_MEM_SHARING,
> + .data.mem_sharing.gfn = gfn
> + };
>
> if ( (rc = __mem_event_claim_slot(d,
> &d->mem_event->share, allow_sleep)) < 0 )
> @@ -571,7 +574,7 @@ int mem_sharing_notify_enomem(struct domain *d, unsigned long gfn,
> mem_event_vcpu_pause(v);
> }
>
> - req.p2mt = p2m_ram_shared;
> + req.data.mem_sharing.p2mt = p2m_ram_shared;
> req.vcpu_id = v->vcpu_id;
These should both be moved up into the initialized imo.
> @@ -1309,15 +1318,15 @@ void p2m_mem_paging_resume(struct domain *d)
> if ( !(rsp.flags & MEM_EVENT_FLAG_DROP_PAGE) )
> {
> gfn_lock(p2m, rsp.gfn, 0);
> - mfn = p2m->get_entry(p2m, rsp.gfn, &p2mt, &a, 0, NULL);
> + mfn = p2m->get_entry(p2m, rsp.data.mem_access.gfn, &p2mt, &a, 0, NULL);
Long line. Also you replace rsp.gfn here, but not in the gfn_lock()
invocation one line up, which seems wrong. (Tim, Andres - shouldn't
these locking macros evaluate all their arguments?) Considering the
further uses below, for readability perhaps worth a local variable?
> @@ -1390,39 +1399,40 @@ void p2m_mem_event_emulate_check(struct vcpu *v, const mem_event_response_t *rsp
> xenmem_access_t access;
> bool_t violation = 1;
>
> - if ( p2m_get_mem_access(v->domain, rsp->gfn, &access) == 0 )
> + if ( p2m_get_mem_access(v->domain, rsp->data.mem_access.gfn, &access) == 0 )
Long line again (more further down).
> --- a/xen/include/public/mem_event.h
> +++ b/xen/include/public/mem_event.h
> @@ -27,9 +27,13 @@
> #ifndef _XEN_PUBLIC_MEM_EVENT_H
> #define _XEN_PUBLIC_MEM_EVENT_H
>
> +#if defined(__XEN__) || defined(__XEN_TOOLS__)
> +
> #include "xen.h"
> #include "io/ring.h"
>
> +#define MEM_EVENT_INTERFACE_VERSION 0x00000001
I think at least this and the xen.h include belong outside the
conditional above. And whether or which parts of the interface to
limit to hypervisor and tools really depends on whether you're
very certain that kernels can't use any of this (including perhaps
on themselves).
> +/* Reasons for the vm event request */
> +/* Default case */
> +#define MEM_EVENT_REASON_UNKNOWN 0
> +/* Memory access violation */
> +#define MEM_EVENT_REASON_MEM_ACCESS 1
> +/* Memory sharing event */
> +#define MEM_EVENT_REASON_MEM_SHARING 2
> +/* Memory paging event */
> +#define MEM_EVENT_REASON_MEM_PAGING 3
> +/* CR0 was updated */
> +#define MEM_EVENT_REASON_MOV_TO_CR0 4
> +/* CR3 was updated */
> +#define MEM_EVENT_REASON_MOV_TO_CR3 5
> +/* CR4 was updated */
> +#define MEM_EVENT_REASON_MOV_TO_CR4 6
> +/* An MSR was updated. Does NOT honour HVMPME_onchangeonly */
> +#define MEM_EVENT_REASON_MOV_TO_MSR 9
> +/* Debug operation executed (int3) */
> +#define MEM_EVENT_REASON_SOFTWARE_BREAKPOINT 7
> +/* Single-step (MTF) */
> +#define MEM_EVENT_REASON_SINGLESTEP 8
Any reason why these aren't put here in order?
> @@ -97,31 +112,74 @@ struct mem_event_regs_x86 {
> uint32_t _pad;
> };
>
> -typedef struct mem_event_st {
> - uint32_t flags;
> - uint32_t vcpu_id;
> -
> +struct mem_event_mem_access_data {
> uint64_t gfn;
> uint64_t offset;
> uint64_t gla; /* if gla_valid */
> + uint8_t access_r;
> + uint8_t access_w;
> + uint8_t access_x;
> + uint8_t gla_valid;
> + uint8_t fault_with_gla;
> + uint8_t fault_in_gpt;
> + uint16_t _pad;
> +};
So you decided to convert bits to bytes. Isn't that wasteful namely
as these are part of the ring entries, especially if further flags need
to be added later?
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 02/12] xen/mem_event: Rename the mem_event ring from 'access' to 'monitor'
2015-01-29 21:46 ` [RFC PATCH V3 02/12] xen/mem_event: Rename the mem_event ring from 'access' to 'monitor' Tamas K Lengyel
2015-02-02 17:22 ` Ian Campbell
@ 2015-02-03 15:37 ` Jan Beulich
2015-02-05 14:24 ` Tamas K Lengyel
1 sibling, 1 reply; 66+ messages in thread
From: Jan Beulich @ 2015-02-03 15:37 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, ian.campbell, rcojocaru,
stefano.stabellini, eddie.dong, ian.jackson, xen-devel, steve,
andres, jun.nakajima, rshriram, keir, dgdegra, yanghy
>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
> -#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS 2
> +#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR 2
While this one looks okay, ...
> -#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE 0
> -#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS_DISABLE 1
> -#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE_INTROSPECTION 2
> +#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE 0
> +#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_DISABLE 1
> +#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION 2
... I don't think the _DOMCTL and _OP in these are really necessary
or meaningful. I realize they were this way before, but now that
you touch them anyway...
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 03/12] xen/mem_paging: Convert mem_event_op to mem_paging_op
2015-01-29 21:46 ` [RFC PATCH V3 03/12] xen/mem_paging: Convert mem_event_op to mem_paging_op Tamas K Lengyel
2015-02-02 17:23 ` Ian Campbell
@ 2015-02-03 15:41 ` Jan Beulich
1 sibling, 0 replies; 66+ messages in thread
From: Jan Beulich @ 2015-02-03 15:41 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, ian.campbell, rcojocaru,
stefano.stabellini, eddie.dong, ian.jackson, xen-devel, steve,
andres, jun.nakajima, rshriram, keir, dgdegra, yanghy
>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
> --- a/xen/arch/x86/mm/mem_paging.c
> +++ b/xen/arch/x86/mm/mem_paging.c
> @@ -25,31 +25,29 @@
> #include <xen/mem_event.h>
>
>
> -int mem_paging_memop(struct domain *d, xen_mem_event_op_t *mec)
> +int mem_paging_memop(struct domain *d, xen_mem_paging_op_t *mpc)
> {
> if ( unlikely(!d->mem_event->paging.ring_page) )
> return -ENODEV;
>
> - switch( mec->op )
> + switch( mpc->op )
> {
> case XENMEM_paging_op_nominate:
> {
> - unsigned long gfn = mec->gfn;
> - return p2m_mem_paging_nominate(d, gfn);
> + return p2m_mem_paging_nominate(d, mpc->gfn);
> }
> break;
>
> case XENMEM_paging_op_evict:
> {
> - unsigned long gfn = mec->gfn;
> - return p2m_mem_paging_evict(d, gfn);
> + return p2m_mem_paging_evict(d, mpc->gfn);
> }
> break;
>
> case XENMEM_paging_op_prep:
> {
> - unsigned long gfn = mec->gfn;
> - return p2m_mem_paging_prep(d, gfn, mec->buffer);
> + unsigned long gfn = mpc->gfn;
> + return p2m_mem_paging_prep(d, gfn, mpc->buffer);
> }
So you nicely dropped the pointless local variables above, but not
here? Why? Also, where you drop them, please also drop the then
pointless figure braces.
> --- a/xen/arch/x86/x86_64/compat/mm.c
> +++ b/xen/arch/x86/x86_64/compat/mm.c
> @@ -188,11 +188,11 @@ int compat_arch_memory_op(unsigned long cmd, XEN_GUEST_HANDLE_PARAM(void) arg)
>
> case XENMEM_paging_op:
> {
> - xen_mem_event_op_t meo;
> - if ( copy_from_guest(&meo, arg, 1) )
> + xen_mem_paging_op_t mpo;
> + if ( copy_from_guest(&mpo, arg, 1) )
Please fix coding style issues in code you touch anyway: Here,
insert a blank line between declaration and first statement.
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 05/12] xen: Introduce vm_event
2015-01-29 21:46 ` [RFC PATCH V3 05/12] xen: Introduce vm_event Tamas K Lengyel
2015-01-30 17:25 ` Daniel De Graaf
2015-02-02 17:27 ` Ian Campbell
@ 2015-02-03 15:54 ` Jan Beulich
2015-02-06 13:54 ` Tamas K Lengyel
2 siblings, 1 reply; 66+ messages in thread
From: Jan Beulich @ 2015-02-03 15:54 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, ian.campbell, rcojocaru,
stefano.stabellini, eddie.dong, ian.jackson, xen-devel, steve,
andres, jun.nakajima, rshriram, keir, dgdegra, yanghy
>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
> --- a/docs/misc/xsm-flask.txt
> +++ b/docs/misc/xsm-flask.txt
> @@ -87,6 +87,7 @@ __HYPERVISOR_domctl (xen/include/public/domctl.h)
> * XEN_DOMCTL_set_machine_address_size
> * XEN_DOMCTL_debug_op
> * XEN_DOMCTL_gethvmcontext_partial
> + * XEN_DOMCTL_vm_event_op
> * XEN_DOMCTL_mem_event_op
> * XEN_DOMCTL_mem_sharing_op
> * XEN_DOMCTL_setvcpuextstate
No - no additions here. You don't define XEN_DOMCTL_vm_event_op
in this patch anyway. Once you rename the other one, replacing it
here will be okay.
> --- /dev/null
> +++ b/xen/common/vm_event.c
> @@ -0,0 +1,739 @@
Please clarify in the patch description whether this (and perhaps
other) copied or cloned code is really just a plain copy with some
renaming, or whether there are any other changes. Reviewing this
as a non-renaming change isn't time well spent in the former case.
> --- a/xen/include/public/domctl.h
> +++ b/xen/include/public/domctl.h
> @@ -835,6 +835,84 @@ typedef struct xen_domctl_mem_event_op xen_domctl_mem_event_op_t;
> DEFINE_XEN_GUEST_HANDLE(xen_domctl_mem_event_op_t);
>
> /*
> + * VM event operations
> + */
> +
> +/* XEN_DOMCTL_vm_event_op */
> +
> +/*
> + * Domain memory paging
> + * Page memory in and out.
> + * Domctl interface to set up and tear down the
> + * pager<->hypervisor interface. Use XENMEM_paging_op*
> + * to perform per-page operations.
> + *
> + * The XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE domctl returns several
> + * non-standard error codes to indicate why paging could not be enabled:
> + * ENODEV - host lacks HAP support (EPT/NPT) or HAP is disabled in guest
> + * EMLINK - guest has iommu passthrough enabled
> + * EXDEV - guest has PoD enabled
> + * EBUSY - guest has or had paging enabled, ring buffer still active
> + */
> +#define XEN_DOMCTL_VM_EVENT_OP_PAGING 1
> +
> +#define XEN_DOMCTL_VM_EVENT_OP_PAGING_ENABLE 0
> +#define XEN_DOMCTL_VM_EVENT_OP_PAGING_DISABLE 1
> +
> +/*
> + * Monitor permissions.
> + *
> + * As with paging, use the domctl for teardown/setup of the
> + * helper<->hypervisor interface.
> + *
> + * There are HVM hypercalls to set the per-page access permissions of every
> + * page in a domain. When one of these permissions--independent, read,
> + * write, and execute--is violated, the VCPU is paused and a memory event
> + * is sent with what happened. (See public/vm_event.h) .
> + *
> + * The memory event handler can then resume the VCPU and redo the access
> + * with a XENMEM_access_op_resume hypercall.
> + *
> + * The XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE domctl returns several
> + * non-standard error codes to indicate why access could not be enabled:
> + * EBUSY - guest has or had access enabled, ring buffer still active
> + */
> +#define XEN_DOMCTL_VM_EVENT_OP_MONITOR 2
> +
> +#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE 0
> +#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_DISABLE 1
> +#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION 2
> +
> +/*
> + * Sharing ENOMEM helper.
> + *
> + * As with paging, use the domctl for teardown/setup of the
> + * helper<->hypervisor interface.
> + *
> + * If setup, this ring is used to communicate failed allocations
> + * in the unshare path. XENMEM_sharing_op_resume is used to wake up
> + * vcpus that could not unshare.
> + *
> + * Note that shring can be turned on (as per the domctl below)
> + * *without* this ring being setup.
> + */
> +#define XEN_DOMCTL_VM_EVENT_OP_SHARING 3
> +
> +#define XEN_DOMCTL_VM_EVENT_OP_SHARING_ENABLE 0
> +#define XEN_DOMCTL_VM_EVENT_OP_SHARING_DISABLE 1
> +
> +/* Use for teardown/setup of helper<->hypervisor interface for paging,
> + * access and sharing.*/
> +struct xen_domctl_vm_event_op {
> + uint32_t op; /* XEN_DOMCTL_VM_EVENT_OP_*_* */
> + uint32_t mode; /* XEN_DOMCTL_VM_EVENT_OP_* */
> +
> + uint32_t port; /* OUT: event channel for ring */
> +};
> +typedef struct xen_domctl_vm_event_op xen_domctl_vm_event_op_t;
> +DEFINE_XEN_GUEST_HANDLE(xen_domctl_vm_event_op_t);
I doubt it is the best approach to do this via add and remove steps,
rather than just a single renaming step (where likely much on the
commentary would remain untouched). Or if staying with that model,
maybe interleaving the additions with the to be replaced code might
be a workable approach.
> @@ -216,6 +217,8 @@ struct vcpu
>
> /* VCPU paused for mem_event replies. */
> atomic_t mem_event_pause_count;
> + /* VCPU paused for vm_event replies. */
> + atomic_t vm_event_pause_count;
Or, to avoid odd changes like this, don't hook up the new source file(s)
to the make system yet.
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 06/12] xen: migrate mem_event to vm_event
2015-01-29 21:46 ` [RFC PATCH V3 06/12] xen: migrate mem_event to vm_event Tamas K Lengyel
2015-02-02 17:27 ` Ian Campbell
@ 2015-02-03 16:22 ` Jan Beulich
1 sibling, 0 replies; 66+ messages in thread
From: Jan Beulich @ 2015-02-03 16:22 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, ian.campbell, rcojocaru,
stefano.stabellini, eddie.dong, ian.jackson, xen-devel, steve,
andres, jun.nakajima, rshriram, keir, dgdegra, yanghy
>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
> This is the second patch in the mem_event -> vm_event migration.
> This patch migrates all previous use-cases of mem_event to use the
> new vm_event system.
>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
Provided this is what it looks to be (a mechanical renaming of
mem_event -> vm_event - as said before, saying so explicitly in
the description helps), and provided the used 3 step model is
going to remain the one for this series, relevant hypervisor parts
Acked-by: Jan Beulich <jbeulich@suse.com>
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 07/12] xen: Remove mem_event
2015-01-29 21:46 ` [RFC PATCH V3 07/12] xen: Remove mem_event Tamas K Lengyel
2015-01-30 17:25 ` Daniel De Graaf
2015-02-02 17:29 ` Ian Campbell
@ 2015-02-03 16:26 ` Jan Beulich
2015-02-06 12:54 ` Tamas K Lengyel
2 siblings, 1 reply; 66+ messages in thread
From: Jan Beulich @ 2015-02-03 16:26 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, ian.campbell, rcojocaru,
stefano.stabellini, eddie.dong, ian.jackson, xen-devel, steve,
andres, jun.nakajima, rshriram, keir, dgdegra, yanghy
>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
> --- a/xen/include/public/domctl.h
> +++ b/xen/include/public/domctl.h
> @@ -750,15 +750,15 @@ struct xen_domctl_gdbsx_domstatus {
> };
>
> /*
> - * Memory event operations
> + * VM event operations
> */
>
> -/* XEN_DOMCTL_mem_event_op */
> +/* XEN_DOMCTL_vm_event_op */
>
> /*
> * Domain memory paging
> * Page memory in and out.
> - * Domctl interface to set up and tear down the
> + * Domctl interface to set up and tear down the
> * pager<->hypervisor interface. Use XENMEM_paging_op*
> * to perform per-page operations.
> *
> @@ -769,10 +769,10 @@ struct xen_domctl_gdbsx_domstatus {
> * EXDEV - guest has PoD enabled
> * EBUSY - guest has or had paging enabled, ring buffer still active
> */
> -#define XEN_DOMCTL_MEM_EVENT_OP_PAGING 1
> +#define XEN_DOMCTL_VM_EVENT_OP_PAGING 1
>
> -#define XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE 0
> -#define XEN_DOMCTL_MEM_EVENT_OP_PAGING_DISABLE 1
> +#define XEN_DOMCTL_VM_EVENT_OP_PAGING_ENABLE 0
> +#define XEN_DOMCTL_VM_EVENT_OP_PAGING_DISABLE 1
>
> /*
> * Monitor helper.
> @@ -799,84 +799,6 @@ struct xen_domctl_gdbsx_domstatus {
> * EBUSY - guest has or had access enabled, ring buffer still active
> *
> */
> -#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR 2
> -
> -#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE 0
> -#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_DISABLE 1
> -#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION 2
> -
> -/*
> - * Sharing ENOMEM helper.
> - *
> - * As with paging, use the domctl for teardown/setup of the
> - * helper<->hypervisor interface.
> - *
> - * If setup, this ring is used to communicate failed allocations
> - * in the unshare path. XENMEM_sharing_op_resume is used to wake up
> - * vcpus that could not unshare.
> - *
> - * Note that shring can be turned on (as per the domctl below)
> - * *without* this ring being setup.
> - */
> -#define XEN_DOMCTL_MEM_EVENT_OP_SHARING 3
> -
> -#define XEN_DOMCTL_MEM_EVENT_OP_SHARING_ENABLE 0
> -#define XEN_DOMCTL_MEM_EVENT_OP_SHARING_DISABLE 1
> -
> -/* Use for teardown/setup of helper<->hypervisor interface for paging,
> - * access and sharing.*/
> -struct xen_domctl_mem_event_op {
> - uint32_t op; /* XEN_DOMCTL_MEM_EVENT_OP_*_* */
> - uint32_t mode; /* XEN_DOMCTL_MEM_EVENT_OP_* */
> -
> - uint32_t port; /* OUT: event channel for ring */
> -};
> -typedef struct xen_domctl_mem_event_op xen_domctl_mem_event_op_t;
> -DEFINE_XEN_GUEST_HANDLE(xen_domctl_mem_event_op_t);
> -
> -/*
> - * VM event operations
> - */
> -
> -/* XEN_DOMCTL_vm_event_op */
> -
> -/*
> - * Domain memory paging
> - * Page memory in and out.
> - * Domctl interface to set up and tear down the
> - * pager<->hypervisor interface. Use XENMEM_paging_op*
> - * to perform per-page operations.
> - *
> - * The XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE domctl returns several
> - * non-standard error codes to indicate why paging could not be enabled:
> - * ENODEV - host lacks HAP support (EPT/NPT) or HAP is disabled in guest
> - * EMLINK - guest has iommu passthrough enabled
> - * EXDEV - guest has PoD enabled
> - * EBUSY - guest has or had paging enabled, ring buffer still active
> - */
> -#define XEN_DOMCTL_VM_EVENT_OP_PAGING 1
> -
> -#define XEN_DOMCTL_VM_EVENT_OP_PAGING_ENABLE 0
> -#define XEN_DOMCTL_VM_EVENT_OP_PAGING_DISABLE 1
> -
> -/*
> - * Monitor permissions.
> - *
> - * As with paging, use the domctl for teardown/setup of the
> - * helper<->hypervisor interface.
> - *
> - * There are HVM hypercalls to set the per-page access permissions of every
> - * page in a domain. When one of these permissions--independent, read,
> - * write, and execute--is violated, the VCPU is paused and a memory event
> - * is sent with what happened. (See public/vm_event.h) .
> - *
> - * The memory event handler can then resume the VCPU and redo the access
> - * with a XENMEM_access_op_resume hypercall.
> - *
> - * The XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE domctl returns several
> - * non-standard error codes to indicate why access could not be enabled:
> - * EBUSY - guest has or had access enabled, ring buffer still active
> - */
> #define XEN_DOMCTL_VM_EVENT_OP_MONITOR 2
>
> #define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE 0
Did you look at the resulting patch to see what happened? It didn't
remove the mem_event stuff, but adjusted it enough to become the
vm_event one while removing the previously added vm_event part
again. Another argument against this approach imo.
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 09/12] x86/hvm: factor out and rename vm_event related functions into separate file
2015-01-29 21:46 ` [RFC PATCH V3 09/12] x86/hvm: factor out and rename vm_event related functions into separate file Tamas K Lengyel
@ 2015-02-04 5:54 ` Tian, Kevin
2015-02-04 9:14 ` Jan Beulich
1 sibling, 0 replies; 66+ messages in thread
From: Tian, Kevin @ 2015-02-04 5:54 UTC (permalink / raw)
To: Tamas K Lengyel, xen-devel
Cc: wei.liu2, ian.campbell, steve, stefano.stabellini, Nakajima, Jun,
tim, ian.jackson, Dong, Eddie, andres, jbeulich, rshriram, keir,
dgdegra, yanghy, rcojocaru
> From: Tamas K Lengyel [mailto:tamas.lengyel@zentific.com]
> Sent: Friday, January 30, 2015 5:47 AM
>
> To avoid growing hvm.c these functions can be stored
> separately.
>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
VMX changes are clearly renaming:
Acked-by: Kevin Tian <kevin.tian@intel.com>
> ---
> v3: Style fixes and removing unused fields from msr events.
> ---
> xen/arch/x86/hvm/Makefile | 3 +-
> xen/arch/x86/hvm/event.c | 203
> ++++++++++++++++++++++++++++++++++++++++
> xen/arch/x86/hvm/hvm.c | 169 +--------------------------------
> xen/arch/x86/hvm/vmx/vmx.c | 7 +-
> xen/include/asm-x86/hvm/event.h | 40 ++++++++
> xen/include/asm-x86/hvm/hvm.h | 11 ---
> 6 files changed, 254 insertions(+), 179 deletions(-)
> create mode 100644 xen/arch/x86/hvm/event.c
> create mode 100644 xen/include/asm-x86/hvm/event.h
>
> diff --git a/xen/arch/x86/hvm/Makefile b/xen/arch/x86/hvm/Makefile
> index eea5555..69af47f 100644
> --- a/xen/arch/x86/hvm/Makefile
> +++ b/xen/arch/x86/hvm/Makefile
> @@ -3,6 +3,7 @@ subdir-y += vmx
>
> obj-y += asid.o
> obj-y += emulate.o
> +obj-y += event.o
> obj-y += hpet.o
> obj-y += hvm.o
> obj-y += i8254.o
> @@ -22,4 +23,4 @@ obj-y += vlapic.o
> obj-y += vmsi.o
> obj-y += vpic.o
> obj-y += vpt.o
> -obj-y += vpmu.o
> \ No newline at end of file
> +obj-y += vpmu.o
> diff --git a/xen/arch/x86/hvm/event.c b/xen/arch/x86/hvm/event.c
> new file mode 100644
> index 0000000..65f80a7
> --- /dev/null
> +++ b/xen/arch/x86/hvm/event.c
> @@ -0,0 +1,203 @@
> +/*
> +* event.c: Common hardware virtual machine event abstractions.
> +*
> +* Copyright (c) 2004, Intel Corporation.
> +* Copyright (c) 2005, International Business Machines Corporation.
> +* Copyright (c) 2008, Citrix Systems, Inc.
> +*
> +* This program is free software; you can redistribute it and/or modify it
> +* under the terms and conditions of the GNU General Public License,
> +* version 2, as published by the Free Software Foundation.
> +*
> +* This program is distributed in the hope it will be useful, but WITHOUT
> +* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
> or
> +* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
> for
> +* more details.
> +*
> +* You should have received a copy of the GNU General Public License along
> with
> +* this program; if not, write to the Free Software Foundation, Inc., 59 Temple
> +* Place - Suite 330, Boston, MA 02111-1307 USA.
> +*/
> +
> +#include <xen/vm_event.h>
> +#include <xen/paging.h>
> +#include <public/vm_event.h>
> +
> +static void hvm_event_fill_regs(vm_event_request_t *req)
> +{
> + const struct cpu_user_regs *regs = guest_cpu_user_regs();
> + const struct vcpu *curr = current;
> +
> + req->regs.x86.rax = regs->eax;
> + req->regs.x86.rcx = regs->ecx;
> + req->regs.x86.rdx = regs->edx;
> + req->regs.x86.rbx = regs->ebx;
> + req->regs.x86.rsp = regs->esp;
> + req->regs.x86.rbp = regs->ebp;
> + req->regs.x86.rsi = regs->esi;
> + req->regs.x86.rdi = regs->edi;
> +
> + req->regs.x86.r8 = regs->r8;
> + req->regs.x86.r9 = regs->r9;
> + req->regs.x86.r10 = regs->r10;
> + req->regs.x86.r11 = regs->r11;
> + req->regs.x86.r12 = regs->r12;
> + req->regs.x86.r13 = regs->r13;
> + req->regs.x86.r14 = regs->r14;
> + req->regs.x86.r15 = regs->r15;
> +
> + req->regs.x86.rflags = regs->eflags;
> + req->regs.x86.rip = regs->eip;
> +
> + req->regs.x86.msr_efer = curr->arch.hvm_vcpu.guest_efer;
> + req->regs.x86.cr0 = curr->arch.hvm_vcpu.guest_cr[0];
> + req->regs.x86.cr3 = curr->arch.hvm_vcpu.guest_cr[3];
> + req->regs.x86.cr4 = curr->arch.hvm_vcpu.guest_cr[4];
> +}
> +
> +static int hvm_event_traps(long parameters, vm_event_request_t *req)
> +{
> + int rc;
> + struct vcpu *curr = current;
> + struct domain *currd = curr->domain;
> +
> + if ( !(parameters & HVMPME_MODE_MASK) )
> + return 0;
> +
> + rc = vm_event_claim_slot(currd, &currd->vm_event->monitor);
> + if ( rc == -ENOSYS )
> + {
> + /* If there was no ring to handle the event, then
> + * simple continue executing normally. */
> + return 1;
> + }
> + else if ( rc < 0 )
> + return rc;
> +
> + if ( (parameters & HVMPME_MODE_MASK) == HVMPME_mode_sync )
> + {
> + req->flags |= VM_EVENT_FLAG_VCPU_PAUSED;
> + vm_event_vcpu_pause(curr);
> + }
> +
> + hvm_event_fill_regs(req);
> + vm_event_put_request(currd, &currd->vm_event->monitor, req);
> +
> + return 1;
> +}
> +
> +void hvm_event_cr0(unsigned long value, unsigned long old)
> +{
> + struct vcpu *curr = current;
> + struct domain *currd = curr->domain;
> + vm_event_request_t req = {
> + .reason = VM_EVENT_REASON_MOV_TO_CR0,
> + .vcpu_id = curr->vcpu_id,
> + .data.mov_to_cr.new_value = value,
> + .data.mov_to_cr.old_value = old
> + };
> +
> + long params =
> currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR0];
> +
> + if ( (params & HVMPME_onchangeonly) && (value == old) )
> + return;
> +
> + hvm_event_traps(params, &req);
> +}
> +
> +void hvm_event_cr3(unsigned long value, unsigned long old)
> +{
> + struct vcpu *curr = current;
> + struct domain *currd = curr->domain;
> + vm_event_request_t req = {
> + .reason = VM_EVENT_REASON_MOV_TO_CR3,
> + .vcpu_id = curr->vcpu_id,
> + .data.mov_to_cr.new_value = value,
> + .data.mov_to_cr.old_value = old
> + };
> +
> + long params =
> currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR3];
> +
> + if ( (params & HVMPME_onchangeonly) && (value == old) )
> + return;
> +
> + hvm_event_traps(params, &req);
> +}
> +
> +void hvm_event_cr4(unsigned long value, unsigned long old)
> +{
> + struct vcpu *curr = current;
> + struct domain *currd = curr->domain;
> + vm_event_request_t req = {
> + .reason = VM_EVENT_REASON_MOV_TO_CR4,
> + .vcpu_id = curr->vcpu_id,
> + .data.mov_to_cr.new_value = value,
> + .data.mov_to_cr.old_value = old
> + };
> +
> + long params =
> currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR4];
> +
> + if ( (params & HVMPME_onchangeonly) && (value == old) )
> + return;
> +
> + hvm_event_traps(params, &req);
> +}
> +
> +void hvm_event_msr(unsigned long msr, unsigned long value)
> +{
> + struct vcpu *curr = current;
> + struct domain *currd = curr->domain;
> + vm_event_request_t req = {
> + .reason = VM_EVENT_REASON_MOV_TO_MSR,
> + .vcpu_id = curr->vcpu_id,
> + .data.mov_to_msr.msr = msr,
> + .data.mov_to_msr.value = value,
> + };
> +
> + long params =
> currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_MSR];
> +
> + hvm_event_traps(params, &req);
> +}
> +
> +int hvm_event_int3(unsigned long gla)
> +{
> + uint32_t pfec = PFEC_page_present;
> + struct vcpu *curr = current;
> + struct domain *currd = curr->domain;
> + vm_event_request_t req = {
> + .reason = VM_EVENT_REASON_SOFTWARE_BREAKPOINT,
> + .vcpu_id = curr->vcpu_id,
> + .data.software_breakpoint.gfn = paging_gva_to_gfn(curr, gla,
> &pfec)
> + };
> +
> + long params =
> currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_INT3];
> +
> + return hvm_event_traps(params, &req);
> +}
> +
> +int hvm_event_single_step(unsigned long gla)
> +{
> + uint32_t pfec = PFEC_page_present;
> + struct vcpu *curr = current;
> + struct domain *currd = curr->domain;
> + vm_event_request_t req = {
> + .reason = VM_EVENT_REASON_SINGLESTEP,
> + .vcpu_id = curr->vcpu_id,
> + .data.singlestep.gfn = paging_gva_to_gfn(curr, gla, &pfec)
> + };
> +
> + long params = currd->arch.hvm_domain
> + .params[HVM_PARAM_MEMORY_EVENT_SINGLE_S
> TEP];
> +
> + return hvm_event_traps(params, &req);
> +}
> +
> +/*
> + * Local variables:
> + * mode: C
> + * c-file-style: "BSD"
> + * c-basic-offset: 4
> + * tab-width: 4
> + * indent-tabs-mode: nil
> + * End:
> + */
> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
> index ce82447..97f769a 100644
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -35,7 +35,6 @@
> #include <xen/paging.h>
> #include <xen/cpu.h>
> #include <xen/wait.h>
> -#include <xen/vm_event.h>
> #include <xen/mem_access.h>
> #include <xen/rangeset.h>
> #include <asm/shadow.h>
> @@ -60,6 +59,7 @@
> #include <asm/hvm/cacheattr.h>
> #include <asm/hvm/trace.h>
> #include <asm/hvm/nestedhvm.h>
> +#include <asm/hvm/event.h>
> #include <asm/mtrr.h>
> #include <asm/apic.h>
> #include <public/sched.h>
> @@ -3220,7 +3220,7 @@ int hvm_set_cr0(unsigned long value)
> hvm_funcs.handle_cd(v, value);
>
> hvm_update_cr(v, 0, value);
> - hvm_memory_event_cr0(value, old_value);
> + hvm_event_cr0(value, old_value);
>
> if ( (value ^ old_value) & X86_CR0_PG ) {
> if ( !nestedhvm_vmswitch_in_progress(v) &&
> nestedhvm_vcpu_in_guestmode(v) )
> @@ -3261,7 +3261,7 @@ int hvm_set_cr3(unsigned long value)
> old=v->arch.hvm_vcpu.guest_cr[3];
> v->arch.hvm_vcpu.guest_cr[3] = value;
> paging_update_cr3(v);
> - hvm_memory_event_cr3(value, old);
> + hvm_event_cr3(value, old);
> return X86EMUL_OKAY;
>
> bad_cr3:
> @@ -3302,7 +3302,7 @@ int hvm_set_cr4(unsigned long value)
> }
>
> hvm_update_cr(v, 4, value);
> - hvm_memory_event_cr4(value, old_cr);
> + hvm_event_cr4(value, old_cr);
>
> /*
> * Modifying CR4.{PSE,PAE,PGE,SMEP}, or clearing CR4.PCIDE
> @@ -4452,7 +4452,7 @@ int hvm_msr_write_intercept(unsigned int msr,
> uint64_t msr_content)
> hvm_cpuid(1, NULL, NULL, NULL, &edx);
> mtrr = !!(edx & cpufeat_mask(X86_FEATURE_MTRR));
>
> - hvm_memory_event_msr(msr, msr_content);
> + hvm_event_msr(msr, msr_content);
>
> switch ( msr )
> {
> @@ -6261,165 +6261,6 @@ int hvm_debug_op(struct vcpu *v, int32_t op)
> return rc;
> }
>
> -static void hvm_mem_event_fill_regs(vm_event_request_t *req)
> -{
> - const struct cpu_user_regs *regs = guest_cpu_user_regs();
> - const struct vcpu *curr = current;
> -
> - req->regs.x86.rax = regs->eax;
> - req->regs.x86.rcx = regs->ecx;
> - req->regs.x86.rdx = regs->edx;
> - req->regs.x86.rbx = regs->ebx;
> - req->regs.x86.rsp = regs->esp;
> - req->regs.x86.rbp = regs->ebp;
> - req->regs.x86.rsi = regs->esi;
> - req->regs.x86.rdi = regs->edi;
> -
> - req->regs.x86.r8 = regs->r8;
> - req->regs.x86.r9 = regs->r9;
> - req->regs.x86.r10 = regs->r10;
> - req->regs.x86.r11 = regs->r11;
> - req->regs.x86.r12 = regs->r12;
> - req->regs.x86.r13 = regs->r13;
> - req->regs.x86.r14 = regs->r14;
> - req->regs.x86.r15 = regs->r15;
> -
> - req->regs.x86.rflags = regs->eflags;
> - req->regs.x86.rip = regs->eip;
> -
> - req->regs.x86.msr_efer = curr->arch.hvm_vcpu.guest_efer;
> - req->regs.x86.cr0 = curr->arch.hvm_vcpu.guest_cr[0];
> - req->regs.x86.cr3 = curr->arch.hvm_vcpu.guest_cr[3];
> - req->regs.x86.cr4 = curr->arch.hvm_vcpu.guest_cr[4];
> -}
> -
> -static int hvm_memory_event_traps(long parameters, vm_event_request_t
> *req)
> -{
> - int rc;
> - struct vcpu *v = current;
> - struct domain *d = v->domain;
> -
> - if ( !(parameters & HVMPME_MODE_MASK) )
> - return 0;
> -
> - rc = vm_event_claim_slot(d, &d->vm_event->monitor);
> - if ( rc == -ENOSYS )
> - {
> - /* If there was no ring to handle the event, then
> - * simple continue executing normally. */
> - return 1;
> - }
> - else if ( rc < 0 )
> - return rc;
> -
> - if ( (parameters & HVMPME_MODE_MASK) == HVMPME_mode_sync )
> - {
> - req->flags |= VM_EVENT_FLAG_VCPU_PAUSED;
> - vm_event_vcpu_pause(v);
> - }
> -
> - hvm_mem_event_fill_regs(req);
> - vm_event_put_request(d, &d->vm_event->monitor, req);
> -
> - return 1;
> -}
> -
> -void hvm_memory_event_cr0(unsigned long value, unsigned long old)
> -{
> - vm_event_request_t req = {
> - .reason = VM_EVENT_REASON_MOV_TO_CR0,
> - .vcpu_id = current->vcpu_id,
> - .data.mov_to_cr.new_value = value,
> - .data.mov_to_cr.old_value = old
> - };
> -
> - long parameters = current->domain->arch.hvm_domain
> - .params[HVM_PARAM_MEMORY_EVENT_CR0];
> -
> - if ( (parameters & HVMPME_onchangeonly) && (value == old) )
> - return;
> -
> - hvm_memory_event_traps(parameters, &req);
> -}
> -
> -void hvm_memory_event_cr3(unsigned long value, unsigned long old)
> -{
> - vm_event_request_t req = {
> - .reason = VM_EVENT_REASON_MOV_TO_CR3,
> - .vcpu_id = current->vcpu_id,
> - .data.mov_to_cr.new_value = value,
> - .data.mov_to_cr.old_value = old
> - };
> -
> - long parameters = current->domain->arch.hvm_domain
> - .params[HVM_PARAM_MEMORY_EVENT_CR3];
> -
> - if ( (parameters & HVMPME_onchangeonly) && (value == old) )
> - return;
> -
> - hvm_memory_event_traps(parameters, &req);
> -}
> -
> -void hvm_memory_event_cr4(unsigned long value, unsigned long old)
> -{
> - vm_event_request_t req = {
> - .reason = VM_EVENT_REASON_MOV_TO_CR4,
> - .vcpu_id = current->vcpu_id,
> - .data.mov_to_cr.new_value = value,
> - .data.mov_to_cr.old_value = old
> - };
> -
> - long parameters = current->domain->arch.hvm_domain
> - .params[HVM_PARAM_MEMORY_EVENT_CR4];
> -
> - if ( (parameters & HVMPME_onchangeonly) && (value == old) )
> - return;
> -
> - hvm_memory_event_traps(parameters, &req);
> -}
> -
> -void hvm_memory_event_msr(unsigned long msr, unsigned long value)
> -{
> - vm_event_request_t req = {
> - .reason = VM_EVENT_REASON_MOV_TO_MSR,
> - .vcpu_id = current->vcpu_id,
> - .data.mov_to_msr.msr = msr,
> - .data.mov_to_msr.value = value,
> - };
> -
> - hvm_memory_event_traps(current->domain->arch.hvm_domain
> - .params[HVM_PARAM_MEMORY_EVENT_
> MSR],
> - &req);
> -}
> -
> -int hvm_memory_event_int3(unsigned long gla)
> -{
> - uint32_t pfec = PFEC_page_present;
> - vm_event_request_t req = {
> - .reason = VM_EVENT_REASON_SOFTWARE_BREAKPOINT,
> - .vcpu_id = current->vcpu_id,
> - .data.software_breakpoint.gfn = paging_gva_to_gfn(current, gla,
> &pfec)
> - };
> -
> - return hvm_memory_event_traps(current->domain->arch.hvm_domain
> - .params[HVM_PARAM_MEMORY_
> EVENT_INT3],
> - &req);
> -}
> -
> -int hvm_memory_event_single_step(unsigned long gla)
> -{
> - uint32_t pfec = PFEC_page_present;
> - vm_event_request_t req = {
> - .reason = VM_EVENT_REASON_SINGLESTEP,
> - .vcpu_id = current->vcpu_id,
> - .data.singlestep.gfn = paging_gva_to_gfn(current, gla, &pfec)
> - };
> -
> - return hvm_memory_event_traps(current->domain->arch.hvm_domain
> - .params[HVM_PARAM_MEMORY_
> EVENT_SINGLE_STEP],
> - &req);
> -}
> -
> int nhvm_vcpu_hostrestore(struct vcpu *v, struct cpu_user_regs *regs)
> {
> if (hvm_funcs.nhvm_vcpu_hostrestore)
> diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
> index 522892f..c5e6771 100644
> --- a/xen/arch/x86/hvm/vmx/vmx.c
> +++ b/xen/arch/x86/hvm/vmx/vmx.c
> @@ -52,6 +52,7 @@
> #include <asm/hvm/vpt.h>
> #include <public/hvm/save.h>
> #include <asm/hvm/trace.h>
> +#include <asm/hvm/event.h>
> #include <asm/xenoprof.h>
> #include <asm/debugger.h>
> #include <asm/apic.h>
> @@ -1970,7 +1971,7 @@ static int vmx_cr_access(unsigned long
> exit_qualification)
> unsigned long old = curr->arch.hvm_vcpu.guest_cr[0];
> curr->arch.hvm_vcpu.guest_cr[0] &= ~X86_CR0_TS;
> vmx_update_guest_cr(curr, 0);
> - hvm_memory_event_cr0(curr->arch.hvm_vcpu.guest_cr[0], old);
> + hvm_event_cr0(curr->arch.hvm_vcpu.guest_cr[0], old);
> HVMTRACE_0D(CLTS);
> break;
> }
> @@ -2819,7 +2820,7 @@ void vmx_vmexit_handler(struct cpu_user_regs
> *regs)
> break;
> }
> else {
> - int handled = hvm_memory_event_int3(regs->eip);
> + int handled = hvm_event_int3(regs->eip);
>
> if ( handled < 0 )
> {
> @@ -3136,7 +3137,7 @@ void vmx_vmexit_handler(struct cpu_user_regs
> *regs)
> v->arch.hvm_vmx.exec_control &=
> ~CPU_BASED_MONITOR_TRAP_FLAG;
> vmx_update_cpu_exec_control(v);
> if ( v->arch.hvm_vcpu.single_step ) {
> - hvm_memory_event_single_step(regs->eip);
> + hvm_event_single_step(regs->eip);
> if ( v->domain->debugger_attached )
> domain_pause_for_debugger();
> }
> diff --git a/xen/include/asm-x86/hvm/event.h
> b/xen/include/asm-x86/hvm/event.h
> new file mode 100644
> index 0000000..5a498a9
> --- /dev/null
> +++ b/xen/include/asm-x86/hvm/event.h
> @@ -0,0 +1,40 @@
> +/*
> + * event.h: Hardware virtual machine assist events.
> + *
> + * This program is free software; you can redistribute it and/or modify it
> + * under the terms and conditions of the GNU General Public License,
> + * version 2, as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope it will be useful, but WITHOUT
> + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
> or
> + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
> License for
> + * more details.
> + *
> + * You should have received a copy of the GNU General Public License along
> with
> + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
> + * Place - Suite 330, Boston, MA 02111-1307 USA.
> + */
> +
> +#ifndef __ASM_X86_HVM_EVENT_H__
> +#define __ASM_X86_HVM_EVENT_H__
> +
> +/* Called for current VCPU on crX changes by guest */
> +void hvm_event_cr0(unsigned long value, unsigned long old);
> +void hvm_event_cr3(unsigned long value, unsigned long old);
> +void hvm_event_cr4(unsigned long value, unsigned long old);
> +void hvm_event_msr(unsigned long msr, unsigned long value);
> +/* Called for current VCPU on int3: returns -1 if no listener */
> +int hvm_event_int3(unsigned long gla);
> +int hvm_event_single_step(unsigned long gla);
> +
> +#endif /* __ASM_X86_HVM_EVENT_H__ */
> +
> +/*
> + * Local variables:
> + * mode: C
> + * c-file-style: "BSD"
> + * c-basic-offset: 4
> + * tab-width: 4
> + * indent-tabs-mode: nil
> + * End:
> + */
> diff --git a/xen/include/asm-x86/hvm/hvm.h
> b/xen/include/asm-x86/hvm/hvm.h
> index e3d2d9a..c77076a 100644
> --- a/xen/include/asm-x86/hvm/hvm.h
> +++ b/xen/include/asm-x86/hvm/hvm.h
> @@ -473,17 +473,6 @@ int hvm_hap_nested_page_fault(paddr_t gpa,
> unsigned long gla,
> int hvm_x2apic_msr_read(struct vcpu *v, unsigned int msr, uint64_t
> *msr_content);
> int hvm_x2apic_msr_write(struct vcpu *v, unsigned int msr, uint64_t
> msr_content);
>
> -/* Called for current VCPU on crX changes by guest */
> -void hvm_memory_event_cr0(unsigned long value, unsigned long old);
> -void hvm_memory_event_cr3(unsigned long value, unsigned long old);
> -void hvm_memory_event_cr4(unsigned long value, unsigned long old);
> -void hvm_memory_event_msr(unsigned long msr, unsigned long value);
> -/* Called for current VCPU on int3: returns -1 if no listener */
> -int hvm_memory_event_int3(unsigned long gla);
> -
> -/* Called for current VCPU on single step: returns -1 if no listener */
> -int hvm_memory_event_single_step(unsigned long gla);
> -
> /*
> * Nested HVM
> */
> --
> 2.1.4
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-29 21:46 ` [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl Tamas K Lengyel
2015-01-30 7:58 ` Razvan Cojocaru
2015-02-02 17:32 ` Ian Campbell
@ 2015-02-04 5:57 ` Tian, Kevin
2015-02-04 9:34 ` Jan Beulich
3 siblings, 0 replies; 66+ messages in thread
From: Tian, Kevin @ 2015-02-04 5:57 UTC (permalink / raw)
To: Tamas K Lengyel, xen-devel
Cc: wei.liu2, ian.campbell, steve, stefano.stabellini, Nakajima, Jun,
tim, ian.jackson, Dong, Eddie, andres, jbeulich, rshriram, keir,
dgdegra, yanghy, rcojocaru
> From: Tamas K Lengyel [mailto:tamas.lengyel@zentific.com]
> Sent: Friday, January 30, 2015 5:47 AM
>
> In preparation for allowing for introspecting ARM and PV domains the old
> control interface via the hvm_op hypercall is retired. A new control
> mechanism
> is introduced via the domctl hypercall: monitor_op.
>
> This patch aims to establish a base API on which future applications can build
> on.
>
> Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
for VMX changes:
Acked-by: Kevin Tian <kevin.tian@intel.com>
> ---
> tools/libxc/Makefile | 1 +
> tools/libxc/include/xenctrl.h | 19 ++++
> tools/libxc/xc_mem_access.c | 9 +-
> tools/libxc/xc_monitor.c | 118 +++++++++++++++++++++
> tools/libxc/xc_private.h | 2 +-
> tools/libxc/xc_vm_event.c | 7 +-
> tools/tests/xen-access/xen-access.c | 14 +--
> xen/arch/x86/Makefile | 1 +
> xen/arch/x86/hvm/event.c | 41 ++------
> xen/arch/x86/hvm/hvm.c | 38 +------
> xen/arch/x86/hvm/vmx/vmcs.c | 4 +-
> xen/arch/x86/hvm/vmx/vmx.c | 2 +-
> xen/arch/x86/mm/p2m.c | 9 --
> xen/arch/x86/monitor.c | 197
> ++++++++++++++++++++++++++++++++++++
> xen/common/domctl.c | 11 ++
> xen/common/vm_event.c | 7 --
> xen/include/asm-arm/monitor.h | 13 +++
> xen/include/asm-x86/domain.h | 45 ++++++++
> xen/include/asm-x86/monitor.h | 9 ++
> xen/include/public/domctl.h | 55 +++++++++-
> xen/include/public/hvm/params.h | 15 ---
> xen/include/public/vm_event.h | 2 +-
> 22 files changed, 495 insertions(+), 124 deletions(-)
> create mode 100644 tools/libxc/xc_monitor.c
> create mode 100644 xen/arch/x86/monitor.c
> create mode 100644 xen/include/asm-arm/monitor.h
> create mode 100644 xen/include/asm-x86/monitor.h
>
> diff --git a/tools/libxc/Makefile b/tools/libxc/Makefile
> index 6ef17ec..2d79e7c 100644
> --- a/tools/libxc/Makefile
> +++ b/tools/libxc/Makefile
> @@ -27,6 +27,7 @@ CTRL_SRCS-y += xc_cpu_hotplug.c
> CTRL_SRCS-y += xc_resume.c
> CTRL_SRCS-y += xc_tmem.c
> CTRL_SRCS-y += xc_vm_event.c
> +CTRL_SRCS-y += xc_monitor.c
> CTRL_SRCS-y += xc_mem_paging.c
> CTRL_SRCS-y += xc_mem_access.c
> CTRL_SRCS-y += xc_memshr.c
> diff --git a/tools/libxc/include/xenctrl.h b/tools/libxc/include/xenctrl.h
> index 0ad8b8d..6428365 100644
> --- a/tools/libxc/include/xenctrl.h
> +++ b/tools/libxc/include/xenctrl.h
> @@ -2308,6 +2308,25 @@ int xc_get_mem_access(xc_interface *xch,
> domid_t domain_id,
> uint64_t pfn, xenmem_access_t *access);
>
> /***
> + * Monitor control operations.
> + */
> +int xc_monitor_mov_to_cr0(xc_interface *xch, domid_t domain_id,
> + unsigned int op, unsigned int sync,
> + unsigned int onchangeonly);
> +int xc_monitor_mov_to_cr3(xc_interface *xch, domid_t domain_id,
> + unsigned int op, unsigned int sync,
> + unsigned int onchangeonly);
> +int xc_monitor_mov_to_cr4(xc_interface *xch, domid_t domain_id,
> + unsigned int op, unsigned int sync,
> + unsigned int onchangeonly);
> +int xc_monitor_mov_to_msr(xc_interface *xch, domid_t domain_id,
> + unsigned int op, unsigned int
> extended_capture);
> +int xc_monitor_singlestep(xc_interface *xch, domid_t domain_id,
> + unsigned int op);
> +int xc_monitor_software_breakpoint(xc_interface *xch, domid_t domain_id,
> + unsigned int op);
> +
> +/***
> * Memory sharing operations.
> *
> * Unles otherwise noted, these calls return 0 on succes, -1 and errno on
> diff --git a/tools/libxc/xc_mem_access.c b/tools/libxc/xc_mem_access.c
> index aa6e777..70cc8d0 100644
> --- a/tools/libxc/xc_mem_access.c
> +++ b/tools/libxc/xc_mem_access.c
> @@ -27,14 +27,7 @@
> void *xc_mem_access_enable(xc_interface *xch, domid_t domain_id,
> uint32_t *port)
> {
> return xc_vm_event_enable(xch, domain_id,
> HVM_PARAM_MONITOR_RING_PFN,
> - port, 0);
> -}
> -
> -void *xc_mem_access_enable_introspection(xc_interface *xch, domid_t
> domain_id,
> - uint32_t *port)
> -{
> - return xc_vm_event_enable(xch, domain_id,
> HVM_PARAM_MONITOR_RING_PFN,
> - port, 1);
> + port);
> }
>
> int xc_mem_access_disable(xc_interface *xch, domid_t domain_id)
> diff --git a/tools/libxc/xc_monitor.c b/tools/libxc/xc_monitor.c
> new file mode 100644
> index 0000000..ee5a37b
> --- /dev/null
> +++ b/tools/libxc/xc_monitor.c
> @@ -0,0 +1,118 @@
> +/**************************************************************
> ****************
> + *
> + * xc_monitor.c
> + *
> + * Interface to VM event monitor
> + *
> + * Copyright (c) 2015 Tamas K Lengyel (tamas@tklengyel.com)
> + *
> + * This library is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU Lesser General Public
> + * License as published by the Free Software Foundation; either
> + * version 2.1 of the License, or (at your option) any later version.
> + *
> + * This library is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> GNU
> + * Lesser General Public License for more details.
> + *
> + * You should have received a copy of the GNU Lesser General Public
> + * License along with this library; if not, write to the Free Software
> + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
> USA
> + */
> +
> +#include "xc_private.h"
> +
> +int xc_monitor_mov_to_cr0(xc_interface *xch, domid_t domain_id,
> + unsigned int op, unsigned int sync,
> + unsigned int onchangeonly)
> +{
> + DECLARE_DOMCTL;
> +
> + domctl.cmd = XEN_DOMCTL_monitor_op;
> + domctl.domain = domain_id;
> + domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
> + :
> XEN_DOMCTL_MONITOR_OP_DISABLE;
> + domctl.u.monitor_op.subop =
> XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR0;
> + domctl.u.monitor_op.options.mov_to_cr0.sync = sync;
> + domctl.u.monitor_op.options.mov_to_cr0.onchangeonly =
> onchangeonly;
> +
> + return do_domctl(xch, &domctl);
> +}
> +
> +int xc_monitor_mov_to_cr3(xc_interface *xch, domid_t domain_id,
> + unsigned int op, unsigned int sync,
> + unsigned int onchangeonly)
> +{
> + DECLARE_DOMCTL;
> +
> + domctl.cmd = XEN_DOMCTL_monitor_op;
> + domctl.domain = domain_id;
> + domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
> + :
> XEN_DOMCTL_MONITOR_OP_DISABLE;
> + domctl.u.monitor_op.subop =
> XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR3;
> + domctl.u.monitor_op.options.mov_to_cr3.sync = sync;
> + domctl.u.monitor_op.options.mov_to_cr3.onchangeonly =
> onchangeonly;
> +
> + return do_domctl(xch, &domctl);
> +}
> +
> +int xc_monitor_mov_to_cr4(xc_interface *xch, domid_t domain_id,
> + unsigned int op, unsigned int sync,
> + unsigned int onchangeonly)
> +{
> + DECLARE_DOMCTL;
> +
> + domctl.cmd = XEN_DOMCTL_monitor_op;
> + domctl.domain = domain_id;
> + domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
> + :
> XEN_DOMCTL_MONITOR_OP_DISABLE;
> + domctl.u.monitor_op.subop =
> XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR4;
> + domctl.u.monitor_op.options.mov_to_cr4.sync = sync;
> + domctl.u.monitor_op.options.mov_to_cr4.onchangeonly =
> onchangeonly;
> +
> + return do_domctl(xch, &domctl);
> +}
> +
> +int xc_monitor_mov_to_msr(xc_interface *xch, domid_t domain_id,
> + unsigned int op, unsigned int
> extended_capture)
> +{
> + DECLARE_DOMCTL;
> +
> + domctl.cmd = XEN_DOMCTL_monitor_op;
> + domctl.domain = domain_id;
> + domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
> + :
> XEN_DOMCTL_MONITOR_OP_DISABLE;
> + domctl.u.monitor_op.subop =
> XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_MSR;
> + domctl.u.monitor_op.options.mov_to_msr.extended_capture =
> extended_capture;
> +
> + return do_domctl(xch, &domctl);
> +}
> +
> +int xc_monitor_software_breakpoint(xc_interface *xch, domid_t domain_id,
> + unsigned int op)
> +{
> + DECLARE_DOMCTL;
> +
> + domctl.cmd = XEN_DOMCTL_monitor_op;
> + domctl.domain = domain_id;
> + domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
> + :
> XEN_DOMCTL_MONITOR_OP_DISABLE;
> + domctl.u.monitor_op.subop =
> XEN_DOMCTL_MONITOR_SUBOP_SOFTWARE_BREAKPOINT;
> +
> + return do_domctl(xch, &domctl);
> +}
> +
> +int xc_monitor_singlestep(xc_interface *xch, domid_t domain_id,
> + unsigned int op)
> +{
> + DECLARE_DOMCTL;
> +
> + domctl.cmd = XEN_DOMCTL_monitor_op;
> + domctl.domain = domain_id;
> + domctl.u.monitor_op.op = op ? XEN_DOMCTL_MONITOR_OP_ENABLE
> + :
> XEN_DOMCTL_MONITOR_OP_DISABLE;
> + domctl.u.monitor_op.subop =
> XEN_DOMCTL_MONITOR_SUBOP_SINGLESTEP;
> +
> + return do_domctl(xch, &domctl);
> +}
> diff --git a/tools/libxc/xc_private.h b/tools/libxc/xc_private.h
> index 843540c..9f55309 100644
> --- a/tools/libxc/xc_private.h
> +++ b/tools/libxc/xc_private.h
> @@ -430,6 +430,6 @@ int xc_vm_event_control(xc_interface *xch, domid_t
> domain_id, unsigned int op,
> * param can be HVM_PARAM_PAGING/ACCESS/SHARING_RING_PFN
> */
> void *xc_vm_event_enable(xc_interface *xch, domid_t domain_id, int
> param,
> - uint32_t *port, int enable_introspection);
> + uint32_t *port);
>
> #endif /* __XC_PRIVATE_H__ */
> diff --git a/tools/libxc/xc_vm_event.c b/tools/libxc/xc_vm_event.c
> index bd14c9d..12d2169 100644
> --- a/tools/libxc/xc_vm_event.c
> +++ b/tools/libxc/xc_vm_event.c
> @@ -41,7 +41,7 @@ int xc_vm_event_control(xc_interface *xch, domid_t
> domain_id, unsigned int op,
> }
>
> void *xc_vm_event_enable(xc_interface *xch, domid_t domain_id, int
> param,
> - uint32_t *port, int enable_introspection)
> + uint32_t *port)
> {
> void *ring_page = NULL;
> uint64_t pfn;
> @@ -104,10 +104,7 @@ void *xc_vm_event_enable(xc_interface *xch,
> domid_t domain_id, int param,
> break;
>
> case HVM_PARAM_MONITOR_RING_PFN:
> - if ( enable_introspection )
> - op =
> XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION;
> - else
> - op = XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE;
> + op = XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE;
> mode = XEN_DOMCTL_VM_EVENT_OP_MONITOR;
> break;
>
> diff --git a/tools/tests/xen-access/xen-access.c
> b/tools/tests/xen-access/xen-access.c
> index c9aaed4..5411eab 100644
> --- a/tools/tests/xen-access/xen-access.c
> +++ b/tools/tests/xen-access/xen-access.c
> @@ -447,13 +447,13 @@ int main(int argc, char *argv[])
> }
>
> if ( int3 )
> - rc = xc_hvm_param_set(xch, domain_id,
> HVM_PARAM_MEMORY_EVENT_INT3, HVMPME_mode_sync);
> - else
> - rc = xc_hvm_param_set(xch, domain_id,
> HVM_PARAM_MEMORY_EVENT_INT3, HVMPME_mode_disabled);
> - if ( rc < 0 )
> {
> - ERROR("Error %d setting int3 vm_event\n", rc);
> - goto exit;
> + rc = xc_monitor_software_breakpoint(xch, domain_id, 1);
> + if ( rc < 0 )
> + {
> + ERROR("Error %d setting int3 vm_event\n", rc);
> + goto exit;
> + }
> }
>
> /* Wait for access */
> @@ -467,7 +467,7 @@ int main(int argc, char *argv[])
> rc = xc_set_mem_access(xch, domain_id,
> XENMEM_access_rwx, ~0ull, 0);
> rc = xc_set_mem_access(xch, domain_id,
> XENMEM_access_rwx, 0,
>
> xenaccess->domain_info->max_pages);
> - rc = xc_hvm_param_set(xch, domain_id,
> HVM_PARAM_MEMORY_EVENT_INT3, HVMPME_mode_disabled);
> + rc = xc_monitor_software_breakpoint(xch, domain_id, 0);
>
> shutting_down = 1;
> }
> diff --git a/xen/arch/x86/Makefile b/xen/arch/x86/Makefile
> index 86ca5f8..37e547c 100644
> --- a/xen/arch/x86/Makefile
> +++ b/xen/arch/x86/Makefile
> @@ -36,6 +36,7 @@ obj-y += microcode_intel.o
> # This must come after the vendor specific files.
> obj-y += microcode.o
> obj-y += mm.o
> +obj-y += monitor.o
> obj-y += mpparse.o
> obj-y += nmi.o
> obj-y += numa.o
> diff --git a/xen/arch/x86/hvm/event.c b/xen/arch/x86/hvm/event.c
> index 65f80a7..34975b4 100644
> --- a/xen/arch/x86/hvm/event.c
> +++ b/xen/arch/x86/hvm/event.c
> @@ -55,15 +55,12 @@ static void hvm_event_fill_regs(vm_event_request_t
> *req)
> req->regs.x86.cr4 = curr->arch.hvm_vcpu.guest_cr[4];
> }
>
> -static int hvm_event_traps(long parameters, vm_event_request_t *req)
> +static int hvm_event_traps(uint8_t sync, vm_event_request_t *req)
> {
> int rc;
> struct vcpu *curr = current;
> struct domain *currd = curr->domain;
>
> - if ( !(parameters & HVMPME_MODE_MASK) )
> - return 0;
> -
> rc = vm_event_claim_slot(currd, &currd->vm_event->monitor);
> if ( rc == -ENOSYS )
> {
> @@ -74,7 +71,7 @@ static int hvm_event_traps(long parameters,
> vm_event_request_t *req)
> else if ( rc < 0 )
> return rc;
>
> - if ( (parameters & HVMPME_MODE_MASK) == HVMPME_mode_sync )
> + if ( sync )
> {
> req->flags |= VM_EVENT_FLAG_VCPU_PAUSED;
> vm_event_vcpu_pause(curr);
> @@ -97,12 +94,10 @@ void hvm_event_cr0(unsigned long value, unsigned
> long old)
> .data.mov_to_cr.old_value = old
> };
>
> - long params =
> currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR0];
> -
> - if ( (params & HVMPME_onchangeonly) && (value == old) )
> + if ( currd->arch.monitor_options.mov_to_cr0.onchangeonly && value ==
> old )
> return;
>
> - hvm_event_traps(params, &req);
> + hvm_event_traps(currd->arch.monitor_options.mov_to_cr0.sync, &req);
> }
>
> void hvm_event_cr3(unsigned long value, unsigned long old)
> @@ -116,12 +111,10 @@ void hvm_event_cr3(unsigned long value, unsigned
> long old)
> .data.mov_to_cr.old_value = old
> };
>
> - long params =
> currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR3];
> -
> - if ( (params & HVMPME_onchangeonly) && (value == old) )
> + if ( currd->arch.monitor_options.mov_to_cr3.onchangeonly && value ==
> old )
> return;
>
> - hvm_event_traps(params, &req);
> + hvm_event_traps(currd->arch.monitor_options.mov_to_cr3.sync, &req);
> }
>
> void hvm_event_cr4(unsigned long value, unsigned long old)
> @@ -135,18 +128,15 @@ void hvm_event_cr4(unsigned long value, unsigned
> long old)
> .data.mov_to_cr.old_value = old
> };
>
> - long params =
> currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR4];
> -
> - if ( (params & HVMPME_onchangeonly) && (value == old) )
> + if ( currd->arch.monitor_options.mov_to_cr4.onchangeonly && value ==
> old )
> return;
>
> - hvm_event_traps(params, &req);
> + hvm_event_traps(currd->arch.monitor_options.mov_to_cr3.sync, &req);
> }
>
> void hvm_event_msr(unsigned long msr, unsigned long value)
> {
> struct vcpu *curr = current;
> - struct domain *currd = curr->domain;
> vm_event_request_t req = {
> .reason = VM_EVENT_REASON_MOV_TO_MSR,
> .vcpu_id = curr->vcpu_id,
> @@ -154,42 +144,33 @@ void hvm_event_msr(unsigned long msr, unsigned
> long value)
> .data.mov_to_msr.value = value,
> };
>
> - long params =
> currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_MSR];
> -
> - hvm_event_traps(params, &req);
> + hvm_event_traps(1, &req);
> }
>
> int hvm_event_int3(unsigned long gla)
> {
> uint32_t pfec = PFEC_page_present;
> struct vcpu *curr = current;
> - struct domain *currd = curr->domain;
> vm_event_request_t req = {
> .reason = VM_EVENT_REASON_SOFTWARE_BREAKPOINT,
> .vcpu_id = curr->vcpu_id,
> .data.software_breakpoint.gfn = paging_gva_to_gfn(curr, gla,
> &pfec)
> };
>
> - long params =
> currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_INT3];
> -
> - return hvm_event_traps(params, &req);
> + return hvm_event_traps(1, &req);
> }
>
> int hvm_event_single_step(unsigned long gla)
> {
> uint32_t pfec = PFEC_page_present;
> struct vcpu *curr = current;
> - struct domain *currd = curr->domain;
> vm_event_request_t req = {
> .reason = VM_EVENT_REASON_SINGLESTEP,
> .vcpu_id = curr->vcpu_id,
> .data.singlestep.gfn = paging_gva_to_gfn(curr, gla, &pfec)
> };
>
> - long params = currd->arch.hvm_domain
> - .params[HVM_PARAM_MEMORY_EVENT_SINGLE_ST
> EP];
> -
> - return hvm_event_traps(params, &req);
> + return hvm_event_traps(1, &req);
> }
>
> /*
> diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
> index 97f769a..0baeee3 100644
> --- a/xen/arch/x86/hvm/hvm.c
> +++ b/xen/arch/x86/hvm/hvm.c
> @@ -5727,23 +5727,6 @@ long do_hvm_op(unsigned long op,
> XEN_GUEST_HANDLE_PARAM(void) arg)
> case HVM_PARAM_ACPI_IOPORTS_LOCATION:
> rc = pmtimer_change_ioport(d, a.value);
> break;
> - case HVM_PARAM_MEMORY_EVENT_CR0:
> - case HVM_PARAM_MEMORY_EVENT_CR3:
> - case HVM_PARAM_MEMORY_EVENT_CR4:
> - if ( d == current->domain )
> - rc = -EPERM;
> - break;
> - case HVM_PARAM_MEMORY_EVENT_INT3:
> - case HVM_PARAM_MEMORY_EVENT_SINGLE_STEP:
> - case HVM_PARAM_MEMORY_EVENT_MSR:
> - if ( d == current->domain )
> - {
> - rc = -EPERM;
> - break;
> - }
> - if ( a.value & HVMPME_onchangeonly )
> - rc = -EINVAL;
> - break;
> case HVM_PARAM_NESTEDHVM:
> rc = xsm_hvm_param_nested(XSM_PRIV, d);
> if ( rc )
> @@ -5802,29 +5785,10 @@ long do_hvm_op(unsigned long op,
> XEN_GUEST_HANDLE_PARAM(void) arg)
> }
> }
>
> - if ( rc == 0 )
> + if ( rc == 0 )
> {
> d->arch.hvm_domain.params[a.index] = a.value;
> -
> - switch( a.index )
> - {
> - case HVM_PARAM_MEMORY_EVENT_INT3:
> - case HVM_PARAM_MEMORY_EVENT_SINGLE_STEP:
> - {
> - domain_pause(d);
> - domain_unpause(d); /* Causes guest to latch new
> status */
> - break;
> - }
> - case HVM_PARAM_MEMORY_EVENT_CR3:
> - {
> - for_each_vcpu ( d, v )
> - hvm_funcs.update_guest_cr(v, 0); /* Latches
> new CR3 mask through CR0 code */
> - break;
> - }
> - }
> -
> }
> -
> }
> else
> {
> diff --git a/xen/arch/x86/hvm/vmx/vmcs.c b/xen/arch/x86/hvm/vmx/vmcs.c
> index 0f2b2e6..9787f3f 100644
> --- a/xen/arch/x86/hvm/vmx/vmcs.c
> +++ b/xen/arch/x86/hvm/vmx/vmcs.c
> @@ -1375,8 +1375,8 @@ void vmx_do_resume(struct vcpu *v)
> }
>
> debug_state = v->domain->debugger_attached
> - ||
> v->domain->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_INT3]
> - ||
> v->domain->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_SING
> LE_STEP];
> + ||
> v->domain->arch.monitor_options.software_breakpoint.enabled
> + ||
> v->domain->arch.monitor_options.singlestep.enabled;
>
> if ( unlikely(v->arch.hvm_vcpu.debug_state_latch != debug_state) )
> {
> diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
> index c5e6771..ce3dcbd 100644
> --- a/xen/arch/x86/hvm/vmx/vmx.c
> +++ b/xen/arch/x86/hvm/vmx/vmx.c
> @@ -1232,7 +1232,7 @@ static void vmx_update_guest_cr(struct vcpu *v,
> unsigned int cr)
> v->arch.hvm_vmx.exec_control |= cr3_ctls;
>
> /* Trap CR3 updates if CR3 memory events are enabled. */
> - if
> ( v->domain->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR3
> ] )
> + if ( v->domain->arch.monitor_options.mov_to_cr3.enabled )
> v->arch.hvm_vmx.exec_control |=
> CPU_BASED_CR3_LOAD_EXITING;
>
> vmx_update_cpu_exec_control(v);
> diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
> index c7a0bde..3b58700 100644
> --- a/xen/arch/x86/mm/p2m.c
> +++ b/xen/arch/x86/mm/p2m.c
> @@ -1445,15 +1445,6 @@ void p2m_vm_event_emulate_check(struct vcpu
> *v, const vm_event_response_t *rsp)
> }
> }
>
> -void p2m_setup_introspection(struct domain *d)
> -{
> - if ( hvm_funcs.enable_msr_exit_interception )
> - {
> - d->arch.hvm_domain.introspection_enabled = 1;
> - hvm_funcs.enable_msr_exit_interception(d);
> - }
> -}
> -
> bool_t p2m_mem_access_check(paddr_t gpa, unsigned long gla,
> struct npfec npfec,
> vm_event_request_t **req_ptr)
> diff --git a/xen/arch/x86/monitor.c b/xen/arch/x86/monitor.c
> new file mode 100644
> index 0000000..c172aaf
> --- /dev/null
> +++ b/xen/arch/x86/monitor.c
> @@ -0,0 +1,197 @@
> +/*
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public
> + * License v2 as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> GNU
> + * General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public
> + * License along with this program; if not, write to the
> + * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
> + * Boston, MA 021110-1307, USA.
> + */
> +
> +#include <xen/config.h>
> +#include <xen/sched.h>
> +#include <xen/mm.h>
> +#include <asm/domain.h>
> +
> +#define DISABLE_OPTION(option) \
> + if ( !option->enabled ) \
> + return -EFAULT; \
> + memset(option, 0, sizeof(*option))
> +
> +int monitor_domctl(struct xen_domctl_monitor_op *domctl, struct domain
> *d)
> +{
> + /*
> + * At the moment only HVM domains are supported. However, event
> delivery
> + * could be extended to PV domains. See comments below.
> + */
> + if ( !is_hvm_domain(d) )
> + return -ENOSYS;
> +
> + if ( domctl->op != XEN_DOMCTL_MONITOR_OP_ENABLE &&
> + domctl->op != XEN_DOMCTL_MONITOR_OP_DISABLE )
> + return -EFAULT;
> +
> + switch ( domctl->subop )
> + {
> + case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR0:
> + {
> + /* Note: could be supported on PV domains. */
> + struct mov_to_cr0 *options =
> &d->arch.monitor_options.mov_to_cr0;
> +
> + if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
> + {
> + if ( options->enabled )
> + return -EBUSY;
> +
> + options->enabled = 1;
> + options->sync = domctl->options.mov_to_cr0.sync;
> + options->onchangeonly =
> domctl->options.mov_to_cr0.onchangeonly;
> + }
> + else
> + {
> + DISABLE_OPTION(options);
> + }
> + break;
> + }
> + case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR3:
> + {
> + /* Note: could be supported on PV domains. */
> + struct vcpu *v;
> + struct mov_to_cr3 *options =
> &d->arch.monitor_options.mov_to_cr3;
> +
> + if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
> + {
> + if ( options->enabled )
> + return -EBUSY;
> +
> + options->enabled = 1;
> + options->sync = domctl->options.mov_to_cr3.sync;
> + options->onchangeonly =
> domctl->options.mov_to_cr3.onchangeonly;
> + }
> + else
> + {
> + DISABLE_OPTION(options);
> + }
> +
> + /* Latches new CR3 mask through CR0 code */
> + for_each_vcpu ( d, v )
> + hvm_funcs.update_guest_cr(v, 0);
> + break;
> + }
> +
> + case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR4:
> + {
> + /* Note: could be supported on PV domains. */
> + struct mov_to_cr4 *options =
> &d->arch.monitor_options.mov_to_cr4;
> +
> + if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
> + {
> + if ( options->enabled )
> + return -EBUSY;
> +
> + options->enabled = 1;
> + options->sync = domctl->options.mov_to_cr4.sync;
> + options->onchangeonly =
> domctl->options.mov_to_cr4.onchangeonly;
> + }
> + else
> + {
> + DISABLE_OPTION(options);
> + }
> + break;
> + }
> + case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_MSR:
> + {
> + struct mov_to_msr *options =
> &d->arch.monitor_options.mov_to_msr;
> +
> + if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
> + {
> + if ( options->enabled )
> + return -EBUSY;
> +
> + options->enabled = 1;
> +
> + if ( domctl->options.mov_to_msr.extended_capture )
> + {
> + if ( hvm_funcs.enable_msr_exit_interception )
> + {
> + options->extended_capture = 1;
> + hvm_funcs.enable_msr_exit_interception(d);
> + }
> + else
> + {
> + return -ENOSYS;
> + }
> + }
> + }
> + else
> + {
> + DISABLE_OPTION(options);
> + }
> +
> + break;
> + }
> + case XEN_DOMCTL_MONITOR_SUBOP_SINGLESTEP:
> + {
> + struct singlestep *options = &d->arch.monitor_options.singlestep;
> +
> + if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
> + {
> + if ( options->enabled )
> + return -EBUSY;
> +
> + options->enabled = 1;
> + }
> + else
> + {
> + DISABLE_OPTION(options);
> + }
> +
> + /* Causes guest to latch new status */
> + domain_pause(d);
> + domain_unpause(d);
> + break;
> + }
> + case XEN_DOMCTL_MONITOR_SUBOP_SOFTWARE_BREAKPOINT:
> + {
> + struct software_breakpoint *options =
> + &d->arch.monitor_options.software_breakpoint;
> +
> + if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
> + {
> + if ( options->enabled )
> + return -EBUSY;
> +
> + options->enabled = 1;
> + }
> + else
> + {
> + DISABLE_OPTION(options);
> + }
> +
> + domain_pause(d);
> + domain_unpause(d); /* Causes guest to latch new status */
> + break;
> + }
> +
> + default:
> + return -EFAULT;
> +
> + };
> +
> + return 0;
> +}
> +
> +/*
> + * Local variables:
> + * mode: C
> + * c-file-style: "BSD"
> + * c-basic-offset: 4
> + * indent-tabs-mode: nil
> + * End:
> + */
> diff --git a/xen/common/domctl.c b/xen/common/domctl.c
> index 44d45d1..98c2dc6 100644
> --- a/xen/common/domctl.c
> +++ b/xen/common/domctl.c
> @@ -29,6 +29,7 @@
> #include <asm/irq.h>
> #include <asm/page.h>
> #include <asm/p2m.h>
> +#include <asm/monitor.h>
> #include <public/domctl.h>
> #include <xsm/xsm.h>
>
> @@ -1179,6 +1180,16 @@ long
> do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
> }
> break;
>
> + case XEN_DOMCTL_monitor_op:
> + {
> + ret = -EPERM;
> + if ( current->domain == d )
> + break;
> +
> + ret = monitor_domctl(&op->u.monitor_op, d);
> + }
> + break;
> +
> default:
> ret = arch_do_domctl(op, d, u_domctl);
> break;
> diff --git a/xen/common/vm_event.c b/xen/common/vm_event.c
> index 0db899e..0b30750 100644
> --- a/xen/common/vm_event.c
> +++ b/xen/common/vm_event.c
> @@ -617,16 +617,10 @@ int vm_event_domctl(struct domain *d,
> xen_domctl_vm_event_op_t *vec,
> switch( vec->op )
> {
> case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE:
> - case
> XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
> {
> rc = vm_event_enable(d, vec, ved, _VPF_mem_access,
>
> HVM_PARAM_MONITOR_RING_PFN,
> mem_access_notification);
> -
> - if ( vec->op ==
> XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
> - && !rc )
> - p2m_setup_introspection(d);
> -
> }
> break;
>
> @@ -635,7 +629,6 @@ int vm_event_domctl(struct domain *d,
> xen_domctl_vm_event_op_t *vec,
> if ( ved->ring_page )
> {
> rc = vm_event_disable(d, ved);
> - d->arch.hvm_domain.introspection_enabled = 0;
> }
> }
> break;
> diff --git a/xen/include/asm-arm/monitor.h b/xen/include/asm-arm/monitor.h
> new file mode 100644
> index 0000000..ef8f38a
> --- /dev/null
> +++ b/xen/include/asm-arm/monitor.h
> @@ -0,0 +1,13 @@
> +#ifndef __ASM_ARM_MONITOR_H__
> +#define __ASM_ARM_MONITOR_H__
> +
> +#include <xen/config.h>
> +#include <public/domctl.h>
> +
> +static inline
> +int monitor_domctl(struct xen_domctl_monitor_op *op, struct domain *d)
> +{
> + return -ENOSYS;
> +}
> +
> +#endif /* __ASM_X86_MONITOR_H__ */
> diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h
> index 20ede1e..99fcd94 100644
> --- a/xen/include/asm-x86/domain.h
> +++ b/xen/include/asm-x86/domain.h
> @@ -236,6 +236,41 @@ struct time_scale {
> u32 mul_frac;
> };
>
> +/************************************************/
> +/* monitor event options */
> +/************************************************/
> +struct mov_to_cr0 {
> + uint8_t enabled;
> + uint8_t sync;
> + uint8_t onchangeonly;
> +};
> +
> +struct mov_to_cr3 {
> + uint8_t enabled;
> + uint8_t sync;
> + uint8_t onchangeonly;
> +};
> +
> +struct mov_to_cr4 {
> + uint8_t enabled;
> + uint8_t sync;
> + uint8_t onchangeonly;
> +};
> +
> +struct mov_to_msr {
> + uint8_t enabled;
> + uint8_t extended_capture;
> +};
> +
> +struct singlestep {
> + uint8_t enabled;
> +};
> +
> +struct software_breakpoint {
> + uint8_t enabled;
> +};
> +
> +
> struct pv_domain
> {
> l1_pgentry_t **gdt_ldt_l1tab;
> @@ -330,6 +365,16 @@ struct arch_domain
> unsigned long pirq_eoi_map_mfn;
>
> unsigned int psr_rmid; /* RMID assigned to the domain for CMT */
> +
> + /* Monitor options */
> + struct {
> + struct mov_to_cr0 mov_to_cr0;
> + struct mov_to_cr3 mov_to_cr3;
> + struct mov_to_cr4 mov_to_cr4;
> + struct mov_to_msr mov_to_msr;
> + struct singlestep singlestep;
> + struct software_breakpoint software_breakpoint;
> + } monitor_options;
> } __cacheline_aligned;
>
> #define has_arch_pdevs(d) (!list_empty(&(d)->arch.pdev_list))
> diff --git a/xen/include/asm-x86/monitor.h b/xen/include/asm-x86/monitor.h
> new file mode 100644
> index 0000000..1d7cdd3
> --- /dev/null
> +++ b/xen/include/asm-x86/monitor.h
> @@ -0,0 +1,9 @@
> +#ifndef __ASM_X86_MONITOR_H__
> +#define __ASM_X86_MONITOR_H__
> +
> +#include <xen/config.h>
> +#include <public/domctl.h>
> +
> +int monitor_domctl(struct xen_domctl_monitor_op *op, struct domain *d);
> +
> +#endif /* __ASM_X86_MONITOR_H__ */
> diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h
> index 5d48a4d..4f3b685 100644
> --- a/xen/include/public/domctl.h
> +++ b/xen/include/public/domctl.h
> @@ -803,7 +803,6 @@ struct xen_domctl_gdbsx_domstatus {
>
> #define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE
> 0
> #define XEN_DOMCTL_VM_EVENT_OP_MONITOR_DISABLE
> 1
> -#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
> 2
>
> /*
> * Sharing ENOMEM helper.
> @@ -1001,6 +1000,58 @@ struct xen_domctl_psr_cmt_op {
> typedef struct xen_domctl_psr_cmt_op xen_domctl_psr_cmt_op_t;
> DEFINE_XEN_GUEST_HANDLE(xen_domctl_psr_cmt_op_t);
>
> +/* XEN_DOMCTL_MONITOR_*
> + *
> + * Enable/disable monitoring various VM events.
> + * This domctl configures what events will be reported to helper apps
> + * via the ring buffer "MONITOR". The ring has to be first enabled
> + * with the domctl XEN_DOMCTL_VM_EVENT_OP_MONITOR.
> + *
> + * NOTICE: mem_access events are also delivered via the "MONITOR" ring
> buffer;
> + * however, enabling/disabling those events is performed with the use of
> + * memory_op hypercalls!
> + *
> + */
> +#define XEN_DOMCTL_MONITOR_OP_ENABLE 0
> +#define XEN_DOMCTL_MONITOR_OP_DISABLE 1
> +
> +#define XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR0 0
> +#define XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR3 1
> +#define XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR4 2
> +#define XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_MSR 3
> +#define XEN_DOMCTL_MONITOR_SUBOP_SINGLESTEP 4
> +#define XEN_DOMCTL_MONITOR_SUBOP_SOFTWARE_BREAKPOINT 5
> +
> +struct xen_domctl_monitor_op {
> + uint32_t op; /* XEN_DOMCTL_MONITOR_OP_* */
> + uint32_t subop; /* XEN_DOMCTL_MONITOR_SUBOP_* */
> +
> + /*
> + * Further options when issuing XEN_DOMCTL_MONITOR_OP_ENABLE.
> + */
> + union {
> + struct {
> + uint8_t sync; /* Pause vCPU until response */
> + uint8_t onchangeonly; /* Send event only on a change of value
> */
> + uint8_t pad[6];
> + } mov_to_cr0, mov_to_cr3, mov_to_cr4;
> +
> + /* Enable the capture of msr events on
> + MSR_IA32_SYSENTER_EIP
> + MSR_IA32_SYSENTER_ESP
> + MSR_IA32_SYSENTER_CS
> + MSR_IA32_MC0_CTL
> + MSR_STAR
> + MSR_LSTAR */
> + struct {
> + uint8_t extended_capture;
> + uint8_t pad[7];
> + } mov_to_msr;
> + } options;
> +};
> +typedef struct xen_domctl__op xen_domctl_monitor_op_t;
> +DEFINE_XEN_GUEST_HANDLE(xen_domctl_monitor_op_t);
> +
> struct xen_domctl {
> uint32_t cmd;
> #define XEN_DOMCTL_createdomain 1
> @@ -1076,6 +1127,7 @@ struct xen_domctl {
> #define XEN_DOMCTL_setvnumainfo 74
> #define XEN_DOMCTL_psr_cmt_op 75
> #define XEN_DOMCTL_arm_configure_domain 76
> +#define XEN_DOMCTL_monitor_op 77
> #define XEN_DOMCTL_gdbsx_guestmemio 1000
> #define XEN_DOMCTL_gdbsx_pausevcpu 1001
> #define XEN_DOMCTL_gdbsx_unpausevcpu 1002
> @@ -1141,6 +1193,7 @@ struct xen_domctl {
> struct xen_domctl_gdbsx_domstatus gdbsx_domstatus;
> struct xen_domctl_vnuma vnuma;
> struct xen_domctl_psr_cmt_op psr_cmt_op;
> + struct xen_domctl_monitor_op monitor_op;
> uint8_t pad[128];
> } u;
> };
> diff --git a/xen/include/public/hvm/params.h
> b/xen/include/public/hvm/params.h
> index 6efcc0b..5de6a4b 100644
> --- a/xen/include/public/hvm/params.h
> +++ b/xen/include/public/hvm/params.h
> @@ -162,21 +162,6 @@
> */
> #define HVM_PARAM_ACPI_IOPORTS_LOCATION 19
>
> -/* Enable blocking memory events, async or sync (pause vcpu until response)
> - * onchangeonly indicates messages only on a change of value */
> -#define HVM_PARAM_MEMORY_EVENT_CR0 20
> -#define HVM_PARAM_MEMORY_EVENT_CR3 21
> -#define HVM_PARAM_MEMORY_EVENT_CR4 22
> -#define HVM_PARAM_MEMORY_EVENT_INT3 23
> -#define HVM_PARAM_MEMORY_EVENT_SINGLE_STEP 25
> -#define HVM_PARAM_MEMORY_EVENT_MSR 30
> -
> -#define HVMPME_MODE_MASK (3 << 0)
> -#define HVMPME_mode_disabled 0
> -#define HVMPME_mode_async 1
> -#define HVMPME_mode_sync 2
> -#define HVMPME_onchangeonly (1 << 2)
> -
> /* Boolean: Enable nestedhvm (hvm only) */
> #define HVM_PARAM_NESTEDHVM 24
>
> diff --git a/xen/include/public/vm_event.h b/xen/include/public/vm_event.h
> index 8fba3d1b..a057608 100644
> --- a/xen/include/public/vm_event.h
> +++ b/xen/include/public/vm_event.h
> @@ -67,7 +67,7 @@
> #define VM_EVENT_REASON_MOV_TO_CR3 5
> /* CR4 was updated */
> #define VM_EVENT_REASON_MOV_TO_CR4 6
> -/* An MSR was updated. Does NOT honour HVMPME_onchangeonly */
> +/* An MSR was updated. */
> #define VM_EVENT_REASON_MOV_TO_MSR 9
> /* Debug operation executed (int3) */
> #define VM_EVENT_REASON_SOFTWARE_BREAKPOINT 7
> --
> 2.1.4
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 12/12] xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds
2015-01-29 21:46 ` [RFC PATCH V3 12/12] xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds Tamas K Lengyel
@ 2015-02-04 5:59 ` Tian, Kevin
2015-02-06 13:20 ` Tamas K Lengyel
2015-02-04 9:49 ` Jan Beulich
1 sibling, 1 reply; 66+ messages in thread
From: Tian, Kevin @ 2015-02-04 5:59 UTC (permalink / raw)
To: Tamas K Lengyel, xen-devel
Cc: wei.liu2, ian.campbell, steve, stefano.stabellini, Nakajima, Jun,
tim, ian.jackson, Dong, Eddie, andres, jbeulich, rshriram, keir,
dgdegra, yanghy, rcojocaru
> From: Tamas K Lengyel [mailto:tamas.lengyel@zentific.com]
> Sent: Friday, January 30, 2015 5:47 AM
>
> The flag is only used for debugging purposes, thus it should be only checked
> for in debug builds of Xen.
>
> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
> ---
> xen/arch/x86/mm/mem_sharing.c | 2 ++
> xen/arch/x86/mm/p2m.c | 2 ++
> xen/common/mem_access.c | 31
> +++++++++++++++++++++++++++++++
> 3 files changed, 35 insertions(+)
>
> diff --git a/xen/arch/x86/mm/mem_sharing.c
> b/xen/arch/x86/mm/mem_sharing.c
> index c487207..303c2fb 100644
> --- a/xen/arch/x86/mm/mem_sharing.c
> +++ b/xen/arch/x86/mm/mem_sharing.c
> @@ -604,8 +604,10 @@ int mem_sharing_sharing_resume(struct domain *d)
> if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
> continue;
>
> +#ifndef NDEBUG
> if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
> continue;
> +#endif
>
> /* Validate the vcpu_id in the response. */
> if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
> diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
> index 3b58700..1d91000 100644
> --- a/xen/arch/x86/mm/p2m.c
> +++ b/xen/arch/x86/mm/p2m.c
> @@ -1305,8 +1305,10 @@ void p2m_mem_paging_resume(struct domain *d)
> if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
> continue;
>
> +#ifndef NDEBUG
> if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
> continue;
> +#endif
>
> /* Validate the vcpu_id in the response. */
> if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
> diff --git a/xen/common/mem_access.c b/xen/common/mem_access.c
> index 3655165..e0a538f 100644
> --- a/xen/common/mem_access.c
> +++ b/xen/common/mem_access.c
> @@ -30,6 +30,37 @@
> #include <asm/p2m.h>
> #include <xsm/xsm.h>
>
> +void mem_access_resume(struct domain *d)
so there is no caller of this new function?
> +{
> + vm_event_response_t rsp;
> +
> + /* Pull all responses off the ring. */
> + while ( vm_event_get_response(d, &d->vm_event->monitor, &rsp) )
> + {
> + struct vcpu *v;
> +
> + if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
> + continue;
> +
> +#ifndef NDEBUG
> + if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
> + continue;
> +#endif
> +
> + /* Validate the vcpu_id in the response. */
> + if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
> + continue;
> +
> + v = d->vcpu[rsp.vcpu_id];
> +
> + p2m_vm_event_emulate_check(v, &rsp);
> +
> + /* Unpause domain. */
> + if ( rsp.flags & VM_EVENT_FLAG_VCPU_PAUSED )
> + vm_event_vcpu_unpause(v);
> + }
> +}
> +
> int mem_access_memop(unsigned long cmd,
>
> XEN_GUEST_HANDLE_PARAM(xen_mem_access_op_t) arg)
> {
> --
> 2.1.4
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 09/12] x86/hvm: factor out and rename vm_event related functions into separate file
2015-01-29 21:46 ` [RFC PATCH V3 09/12] x86/hvm: factor out and rename vm_event related functions into separate file Tamas K Lengyel
2015-02-04 5:54 ` Tian, Kevin
@ 2015-02-04 9:14 ` Jan Beulich
1 sibling, 0 replies; 66+ messages in thread
From: Jan Beulich @ 2015-02-04 9:14 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, ian.campbell, rcojocaru,
stefano.stabellini, eddie.dong, ian.jackson, xen-devel, steve,
andres, jun.nakajima, rshriram, keir, dgdegra, yanghy
>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
> +static int hvm_event_traps(long parameters, vm_event_request_t *req)
> +{
> + int rc;
> + struct vcpu *curr = current;
> + struct domain *currd = curr->domain;
> +
> + if ( !(parameters & HVMPME_MODE_MASK) )
> + return 0;
> +
> + rc = vm_event_claim_slot(currd, &currd->vm_event->monitor);
> + if ( rc == -ENOSYS )
> + {
> + /* If there was no ring to handle the event, then
> + * simple continue executing normally. */
Coding style.
> + return 1;
> + }
> + else if ( rc < 0 )
> + return rc;
Pointless "else".
> +void hvm_event_cr0(unsigned long value, unsigned long old)
> +{
> + struct vcpu *curr = current;
> + struct domain *currd = curr->domain;
> + vm_event_request_t req = {
> + .reason = VM_EVENT_REASON_MOV_TO_CR0,
> + .vcpu_id = curr->vcpu_id,
> + .data.mov_to_cr.new_value = value,
> + .data.mov_to_cr.old_value = old
> + };
> +
> + long params = currd->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR0];
No blank lines between declarations please (they're used to separate
declarations from statements). Also while I can see the need for
"curr", I don't think you need "currd" - it's being used just once.
> --- /dev/null
> +++ b/xen/include/asm-x86/hvm/event.h
> @@ -0,0 +1,40 @@
> +/*
> + * event.h: Hardware virtual machine assist events.
> + *
> + * This program is free software; you can redistribute it and/or modify it
> + * under the terms and conditions of the GNU General Public License,
> + * version 2, as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope it will be useful, but WITHOUT
> + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
> + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
> + * more details.
> + *
> + * You should have received a copy of the GNU General Public License along with
> + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
> + * Place - Suite 330, Boston, MA 02111-1307 USA.
> + */
> +
> +#ifndef __ASM_X86_HVM_EVENT_H__
> +#define __ASM_X86_HVM_EVENT_H__
> +
> +/* Called for current VCPU on crX changes by guest */
> +void hvm_event_cr0(unsigned long value, unsigned long old);
> +void hvm_event_cr3(unsigned long value, unsigned long old);
> +void hvm_event_cr4(unsigned long value, unsigned long old);
> +void hvm_event_msr(unsigned long msr, unsigned long value);
> +/* Called for current VCPU on int3: returns -1 if no listener */
> +int hvm_event_int3(unsigned long gla);
> +int hvm_event_single_step(unsigned long gla);
Either have correct comments for all individual functions or groups
thereof, or none at all. IOW, please be consistent.
> -/* Called for current VCPU on single step: returns -1 if no listener */
> -int hvm_memory_event_single_step(unsigned long gla);
Oddly enough you can't even say you just copied what was there, as
you lost this comment in any case.
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-01-29 21:46 ` [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl Tamas K Lengyel
` (2 preceding siblings ...)
2015-02-04 5:57 ` Tian, Kevin
@ 2015-02-04 9:34 ` Jan Beulich
2015-02-05 14:15 ` Tamas K Lengyel
3 siblings, 1 reply; 66+ messages in thread
From: Jan Beulich @ 2015-02-04 9:34 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, ian.campbell, rcojocaru,
stefano.stabellini, eddie.dong, ian.jackson, xen-devel, steve,
andres, jun.nakajima, rshriram, keir, dgdegra, yanghy
>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
> --- /dev/null
> +++ b/xen/arch/x86/monitor.c
> @@ -0,0 +1,197 @@
> +/*
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public
> + * License v2 as published by the Free Software Foundation.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + * General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public
> + * License along with this program; if not, write to the
> + * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
> + * Boston, MA 021110-1307, USA.
> + */
> +
> +#include <xen/config.h>
> +#include <xen/sched.h>
> +#include <xen/mm.h>
> +#include <asm/domain.h>
> +
> +#define DISABLE_OPTION(option) \
> + if ( !option->enabled ) \
> + return -EFAULT; \
> + memset(option, 0, sizeof(*option))
This needs to be wrapped in either ({ }) or do { } while (0), allowing
you to drop currently necessary (but suggested to be omitted by
./CODING_STYLE) braces around (some of) its uses below.
> +int monitor_domctl(struct xen_domctl_monitor_op *domctl, struct domain *d)
> +{
> + /*
> + * At the moment only HVM domains are supported. However, event delivery
> + * could be extended to PV domains. See comments below.
> + */
> + if ( !is_hvm_domain(d) )
> + return -ENOSYS;
> +
> + if ( domctl->op != XEN_DOMCTL_MONITOR_OP_ENABLE &&
> + domctl->op != XEN_DOMCTL_MONITOR_OP_DISABLE )
> + return -EFAULT;
> +
> + switch ( domctl->subop )
> + {
> + case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR0:
> + {
> + /* Note: could be supported on PV domains. */
> + struct mov_to_cr0 *options = &d->arch.monitor_options.mov_to_cr0;
> +
> + if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
> + {
> + if ( options->enabled )
> + return -EBUSY;
> +
> + options->enabled = 1;
> + options->sync = domctl->options.mov_to_cr0.sync;
> + options->onchangeonly = domctl->options.mov_to_cr0.onchangeonly;
Shouldn't you set "->enabled" last, after a suitable barrier (and with
the consuming sides using suitable barriers too)? Or are you missing
a domain_pause() here?
> + }
> + else
> + {
> + DISABLE_OPTION(options);
> + }
> + break;
> + }
> + case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR3:
Please consistently have blank lines between individual, not falling
through cases.
> + default:
> + return -EFAULT;
Certainly not.
> @@ -1179,6 +1180,16 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xen_domctl_t) u_domctl)
> }
> break;
>
> + case XEN_DOMCTL_monitor_op:
> + {
> + ret = -EPERM;
> + if ( current->domain == d )
> + break;
> +
> + ret = monitor_domctl(&op->u.monitor_op, d);
> + }
> + break;
Pointless braces.
> --- a/xen/common/vm_event.c
> +++ b/xen/common/vm_event.c
> @@ -617,16 +617,10 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
> switch( vec->op )
> {
> case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE:
> - case XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION:
> {
> rc = vm_event_enable(d, vec, ved, _VPF_mem_access,
> HVM_PARAM_MONITOR_RING_PFN,
> mem_access_notification);
> -
> - if ( vec->op == XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION
> - && !rc )
> - p2m_setup_introspection(d);
> -
> }
> break;
The braces should now be removed too.
> @@ -635,7 +629,6 @@ int vm_event_domctl(struct domain *d, xen_domctl_vm_event_op_t *vec,
> if ( ved->ring_page )
> {
> rc = vm_event_disable(d, ved);
> - d->arch.hvm_domain.introspection_enabled = 0;
> }
And again. Please go through all of the modification the series makes
and adjust for coding style.
> --- a/xen/include/asm-x86/domain.h
> +++ b/xen/include/asm-x86/domain.h
> @@ -236,6 +236,41 @@ struct time_scale {
> u32 mul_frac;
> };
>
> +/************************************************/
> +/* monitor event options */
> +/************************************************/
> +struct mov_to_cr0 {
> + uint8_t enabled;
> + uint8_t sync;
> + uint8_t onchangeonly;
> +};
> +
> +struct mov_to_cr3 {
> + uint8_t enabled;
> + uint8_t sync;
> + uint8_t onchangeonly;
> +};
> +
> +struct mov_to_cr4 {
> + uint8_t enabled;
> + uint8_t sync;
> + uint8_t onchangeonly;
> +};
As long as they're identical, these should just be a single
struct mov_to_cr, allowing (afaict) further abstraction elsewhere.
> +struct mov_to_msr {
> + uint8_t enabled;
> + uint8_t extended_capture;
> +};
> +
> +struct singlestep {
> + uint8_t enabled;
> +};
> +
> +struct software_breakpoint {
> + uint8_t enabled;
> +};
These may also better be a common struct debug_event.
> +
> +
> struct pv_domain
Just a single blank line please.
> --- /dev/null
> +++ b/xen/include/asm-x86/monitor.h
> @@ -0,0 +1,9 @@
> +#ifndef __ASM_X86_MONITOR_H__
> +#define __ASM_X86_MONITOR_H__
> +
> +#include <xen/config.h>
Not needed anywhere. Please drop such inclusions from the series.
> @@ -1001,6 +1000,58 @@ struct xen_domctl_psr_cmt_op {
> typedef struct xen_domctl_psr_cmt_op xen_domctl_psr_cmt_op_t;
> DEFINE_XEN_GUEST_HANDLE(xen_domctl_psr_cmt_op_t);
>
> +/* XEN_DOMCTL_MONITOR_*
> + *
> + * Enable/disable monitoring various VM events.
> + * This domctl configures what events will be reported to helper apps
> + * via the ring buffer "MONITOR". The ring has to be first enabled
> + * with the domctl XEN_DOMCTL_VM_EVENT_OP_MONITOR.
> + *
> + * NOTICE: mem_access events are also delivered via the "MONITOR" ring buffer;
> + * however, enabling/disabling those events is performed with the use of
> + * memory_op hypercalls!
> + *
> + */
Stray blank comment line.
> +struct xen_domctl_monitor_op {
> + uint32_t op; /* XEN_DOMCTL_MONITOR_OP_* */
> + uint32_t subop; /* XEN_DOMCTL_MONITOR_SUBOP_* */
> +
> + /*
> + * Further options when issuing XEN_DOMCTL_MONITOR_OP_ENABLE.
> + */
> + union {
> + struct {
> + uint8_t sync; /* Pause vCPU until response */
> + uint8_t onchangeonly; /* Send event only on a change of value */
> + uint8_t pad[6];
> + } mov_to_cr0, mov_to_cr3, mov_to_cr4;
> +
> + /* Enable the capture of msr events on
> + MSR_IA32_SYSENTER_EIP
> + MSR_IA32_SYSENTER_ESP
> + MSR_IA32_SYSENTER_CS
> + MSR_IA32_MC0_CTL
> + MSR_STAR
> + MSR_LSTAR */
Coding style.
> --- a/xen/include/public/hvm/params.h
> +++ b/xen/include/public/hvm/params.h
> @@ -162,21 +162,6 @@
> */
> #define HVM_PARAM_ACPI_IOPORTS_LOCATION 19
>
> -/* Enable blocking memory events, async or sync (pause vcpu until response)
> - * onchangeonly indicates messages only on a change of value */
> -#define HVM_PARAM_MEMORY_EVENT_CR0 20
> -#define HVM_PARAM_MEMORY_EVENT_CR3 21
> -#define HVM_PARAM_MEMORY_EVENT_CR4 22
> -#define HVM_PARAM_MEMORY_EVENT_INT3 23
> -#define HVM_PARAM_MEMORY_EVENT_SINGLE_STEP 25
> -#define HVM_PARAM_MEMORY_EVENT_MSR 30
I'm not sure if HVM param slots can be re-used. If they can, leaving a
note that the deleted numbers are available for re-sue would be nice.
If they can't, leaving a note that they shouldn't be re-used would
seem mandatory.
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 11/12] xen/vm_event: Decouple vm_event and mem_access.
2015-01-29 21:46 ` [RFC PATCH V3 11/12] xen/vm_event: Decouple vm_event and mem_access Tamas K Lengyel
@ 2015-02-04 9:47 ` Jan Beulich
2015-02-06 13:10 ` Tamas K Lengyel
0 siblings, 1 reply; 66+ messages in thread
From: Jan Beulich @ 2015-02-04 9:47 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, ian.campbell, rcojocaru,
stefano.stabellini, eddie.dong, ian.jackson, xen-devel, steve,
andres, jun.nakajima, rshriram, keir, dgdegra, yanghy
>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
> --- a/xen/common/Makefile
> +++ b/xen/common/Makefile
> @@ -52,9 +52,10 @@ obj-y += tmem_xen.o
> obj-y += radix-tree.o
> obj-y += rbtree.o
> obj-y += lzo.o
> +obj-y += vm_event.o
> +obj-y += monitor.o
Please make the (not) sorting situation worse than it already is - the
original intention was for entries to be alphabetically sorted here.
> --- /dev/null
> +++ b/xen/common/monitor.c
> @@ -0,0 +1,64 @@
> +/******************************************************************************
> + * monitor.c
> + *
> + * VM event monitor support.
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 2 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, write to the Free Software
> + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> + */
> +
> +#include <xen/sched.h>
> +#include <xen/vm_event.h>
> +#include <xen/mem_access.h>
> +
> +void monitor_resume(struct domain *d)
> +{
> + vm_event_response_t rsp;
> +
> + /* Pull all responses off the ring. */
> + while ( vm_event_get_response(d, &d->vm_event->monitor, &rsp) )
> + {
> + struct vcpu *v;
> +
> + if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
> + continue;
> +
> +#ifndef NDEBUG
> + if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
> + continue;
> +#endif
This code was unconditional in the original function. Such a change
needs mentioning in the description.
> @@ -49,7 +53,7 @@ int mem_access_send_req(struct domain *d, vm_event_request_t *req)
> return -ENOSYS;
> }
>
> -static inline void mem_access_resume(struct domain *d) {}
> +static inline void mem_access_resume(struct vcpu *vcpu, vm_event_response_t *rsp) {}
Long line.
> --- /dev/null
> +++ b/xen/include/xen/monitor.h
> @@ -0,0 +1,38 @@
> +/******************************************************************************
> + * monitor.h
> + *
> + * Monitor event support.
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation; either version 2 of the License, or
> + * (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, write to the Free Software
> + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
> + */
> +
> +#ifndef _XEN_ASM_MONITOR_H
> +#define _XEN_ASM_MONITOR_H
> +
> +#include <public/memory.h>
This can't be enough (nor can I see why it's needed here), or else ...
> +/* Resumes the running of the VCPU, restarting the last instruction */
> +void monitor_resume(struct domain *d);
... struct domain may end up being a forward reference (with scope
restricted to monitor_resume()).
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 12/12] xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds
2015-01-29 21:46 ` [RFC PATCH V3 12/12] xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds Tamas K Lengyel
2015-02-04 5:59 ` Tian, Kevin
@ 2015-02-04 9:49 ` Jan Beulich
2015-02-06 13:22 ` Tamas K Lengyel
1 sibling, 1 reply; 66+ messages in thread
From: Jan Beulich @ 2015-02-04 9:49 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: tim, kevin.tian, wei.liu2, ian.campbell, rcojocaru,
stefano.stabellini, eddie.dong, ian.jackson, xen-devel, steve,
andres, jun.nakajima, rshriram, keir, dgdegra, yanghy
>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
> The flag is only used for debugging purposes, thus it should be only checked
> for in debug builds of Xen.
So this should be where the respective conditional I just complained
about should get added.
> --- a/xen/common/mem_access.c
> +++ b/xen/common/mem_access.c
> @@ -30,6 +30,37 @@
> #include <asm/p2m.h>
> #include <xsm/xsm.h>
>
> +void mem_access_resume(struct domain *d)
> +{
Why is this being re-added, and how do things build with the other
(inline) mem_access_resume() added in an earlier patch?
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures
2015-02-03 9:17 ` Jan Beulich
@ 2015-02-05 12:12 ` Tamas K Lengyel
0 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-05 12:12 UTC (permalink / raw)
To: Jan Beulich
Cc: Tim Deegan, Tian, Kevin, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Dong, Eddie, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
On Tue, Feb 3, 2015 at 10:17 AM, Jan Beulich <JBeulich@suse.com> wrote:
>>>> On 02.02.15 at 18:19, <Ian.Campbell@citrix.com> wrote:
>> On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
>>> + union {
>>> + struct mem_event_paging_data mem_paging;
>>> + struct mem_event_sharing_data mem_sharing;
>>> + struct mem_event_mem_access_data mem_access;
>>> + struct mem_event_mov_to_cr_data mov_to_cr;
>>> + struct mem_event_mov_to_msr_data mov_to_msr;
>>> + struct mem_event_software_breakpoint_data software_breakpoint;
>>> + struct mem_event_singlestep_data singlestep;
>>> + } data;
>>
>> We typically call these unions "u" but that's up to the hypervisor guys
>> really.
>
> And yes, I agree we should be consistent with things like this.
>
> Jan
Ack.
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures
2015-02-02 17:19 ` Ian Campbell
2015-02-03 9:17 ` Jan Beulich
@ 2015-02-05 12:13 ` Tamas K Lengyel
1 sibling, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-05 12:13 UTC (permalink / raw)
To: Ian Campbell
Cc: Tian, Kevin, wei.liu2, Jun Nakajima, Steven Maresca,
Stefano Stabellini, Tim Deegan, Ian Jackson, xen-devel, Dong,
Eddie, Andres Lagar-Cavilla, Jan Beulich, rshriram, Keir Fraser,
Daniel De Graaf, yanghy, Razvan Cojocaru
On Mon, Feb 2, 2015 at 6:19 PM, Ian Campbell <Ian.Campbell@citrix.com> wrote:
> On Thu, 2015-01-29 at 22:46 +0100, Tamas K Lengyel wrote:
>> From: Razvan Cojocaru <rcojocaru@bitdefender.com>
>>
>> The public mem_event structures used to communicate with helper applications via
>> shared rings have been used in different settings. However, the variable names
>> within this structure have not reflected this fact, resulting in the reuse of
>> variables to mean different things under different scenarios.
>>
>> This patch remedies the issue by clearly defining the structure members based on
>> the actual context within which the structure is used.
>>
>> Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
>> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
>> ---
>> v3: Add padding to mem_event structures.
>> Add version field to mem_event structures and checks for it.
>
> The addition of versioning is worth mentioning in the commit message
> IMHO.
OK, will do!
>
> I'm not going to review the tools changes in detail, since I suppose
> they are very much mechanical.
Indeed, no logic changes in this patch.
>
>> - if ( req.gfn > paging->max_pages )
>> + if ( req.data.mem_paging.gfn > paging->max_pages )
>> {
>> - ERROR("Requested gfn %"PRIx64" higher than max_pages %x\n", req.gfn, paging->max_pages);
>> + ERROR("Requested gfn %"PRIx64" higher than max_pages %x\n", req.data.mem_paging.gfn, paging->max_pages);
>
> If you could wrap some of these lines which have become even more overly
> long here as you change them then that would be much appreciated.
OK!
>
>> + union {
>> + struct mem_event_paging_data mem_paging;
>> + struct mem_event_sharing_data mem_sharing;
>> + struct mem_event_mem_access_data mem_access;
>> + struct mem_event_mov_to_cr_data mov_to_cr;
>> + struct mem_event_mov_to_msr_data mov_to_msr;
>> + struct mem_event_software_breakpoint_data software_breakpoint;
>> + struct mem_event_singlestep_data singlestep;
>> + } data;
>
> We typically call these unions "u" but that's up to the hypervisor guys
> really.
>
> Ian.
>
Thanks,
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-02-04 9:34 ` Jan Beulich
@ 2015-02-05 14:15 ` Tamas K Lengyel
2015-02-09 18:45 ` Tamas K Lengyel
0 siblings, 1 reply; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-05 14:15 UTC (permalink / raw)
To: Jan Beulich
Cc: Tim Deegan, Tian, Kevin, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Dong, Eddie, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
>> +int monitor_domctl(struct xen_domctl_monitor_op *domctl, struct domain *d)
>> +{
>> + /*
>> + * At the moment only HVM domains are supported. However, event delivery
>> + * could be extended to PV domains. See comments below.
>> + */
>> + if ( !is_hvm_domain(d) )
>> + return -ENOSYS;
>> +
>> + if ( domctl->op != XEN_DOMCTL_MONITOR_OP_ENABLE &&
>> + domctl->op != XEN_DOMCTL_MONITOR_OP_DISABLE )
>> + return -EFAULT;
>> +
>> + switch ( domctl->subop )
>> + {
>> + case XEN_DOMCTL_MONITOR_SUBOP_MOV_TO_CR0:
>> + {
>> + /* Note: could be supported on PV domains. */
>> + struct mov_to_cr0 *options = &d->arch.monitor_options.mov_to_cr0;
>> +
>> + if ( domctl->op == XEN_DOMCTL_MONITOR_OP_ENABLE )
>> + {
>> + if ( options->enabled )
>> + return -EBUSY;
>> +
>> + options->enabled = 1;
>> + options->sync = domctl->options.mov_to_cr0.sync;
>> + options->onchangeonly = domctl->options.mov_to_cr0.onchangeonly;
>
> Shouldn't you set "->enabled" last, after a suitable barrier (and with
> the consuming sides using suitable barriers too)? Or are you missing
> a domain_pause() here?
Hm, there wasn't any barrier previously with HVM params so I was not
sure. Would make sense as now we have multiple fields instead of a
single one so its no longer being set atomically. I think
pause/unpause would make the most sense as it is already used in some
of the settings.
...
>
>> --- a/xen/include/public/hvm/params.h
>> +++ b/xen/include/public/hvm/params.h
>> @@ -162,21 +162,6 @@
>> */
>> #define HVM_PARAM_ACPI_IOPORTS_LOCATION 19
>>
>> -/* Enable blocking memory events, async or sync (pause vcpu until response)
>> - * onchangeonly indicates messages only on a change of value */
>> -#define HVM_PARAM_MEMORY_EVENT_CR0 20
>> -#define HVM_PARAM_MEMORY_EVENT_CR3 21
>> -#define HVM_PARAM_MEMORY_EVENT_CR4 22
>> -#define HVM_PARAM_MEMORY_EVENT_INT3 23
>> -#define HVM_PARAM_MEMORY_EVENT_SINGLE_STEP 25
>> -#define HVM_PARAM_MEMORY_EVENT_MSR 30
>
> I'm not sure if HVM param slots can be re-used. If they can, leaving a
> note that the deleted numbers are available for re-sue would be nice.
> If they can't, leaving a note that they shouldn't be re-used would
> seem mandatory.
>
> Jan
I'm not sure either if they can be reused, I would assume yes so I'll
make the comment accordingly (unless someone knows more and objects).
All other comments: Ack.
Thanks!
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 02/12] xen/mem_event: Rename the mem_event ring from 'access' to 'monitor'
2015-02-03 15:37 ` Jan Beulich
@ 2015-02-05 14:24 ` Tamas K Lengyel
0 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-05 14:24 UTC (permalink / raw)
To: Jan Beulich
Cc: Tim Deegan, Tian, Kevin, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Dong, Eddie, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
On Tue, Feb 3, 2015 at 4:37 PM, Jan Beulich <JBeulich@suse.com> wrote:
>>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
>> -#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS 2
>> +#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR 2
>
> While this one looks okay, ...
>
>> -#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE 0
>> -#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS_DISABLE 1
>> -#define XEN_DOMCTL_MEM_EVENT_OP_ACCESS_ENABLE_INTROSPECTION 2
>> +#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE 0
>> +#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_DISABLE 1
>> +#define XEN_DOMCTL_MEM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION 2
>
> ... I don't think the _DOMCTL and _OP in these are really necessary
> or meaningful. I realize they were this way before, but now that
> you touch them anyway...
>
> Jan
Good idea!
Thanks,
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 07/12] xen: Remove mem_event
2015-02-03 16:26 ` Jan Beulich
@ 2015-02-06 12:54 ` Tamas K Lengyel
2015-02-06 14:18 ` Jan Beulich
0 siblings, 1 reply; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-06 12:54 UTC (permalink / raw)
To: Jan Beulich
Cc: Tim Deegan, Tian, Kevin, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Dong, Eddie, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
> Did you look at the resulting patch to see what happened? It didn't
> remove the mem_event stuff, but adjusted it enough to become the
> vm_event one while removing the previously added vm_event part
> again. Another argument against this approach imo.
>
> Jan
Hm, that is some strange git behavior. I'll reshuffle things in the
next iteration to have most everything in the renaming patch.
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 11/12] xen/vm_event: Decouple vm_event and mem_access.
2015-02-04 9:47 ` Jan Beulich
@ 2015-02-06 13:10 ` Tamas K Lengyel
2015-02-06 14:20 ` Jan Beulich
0 siblings, 1 reply; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-06 13:10 UTC (permalink / raw)
To: Jan Beulich
Cc: Tim Deegan, Tian, Kevin, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Dong, Eddie, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
On Wed, Feb 4, 2015 at 10:47 AM, Jan Beulich <JBeulich@suse.com> wrote:
>>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
>> --- a/xen/common/Makefile
>> +++ b/xen/common/Makefile
>> @@ -52,9 +52,10 @@ obj-y += tmem_xen.o
>> obj-y += radix-tree.o
>> obj-y += rbtree.o
>> obj-y += lzo.o
>> +obj-y += vm_event.o
>> +obj-y += monitor.o
>
> Please make the (not) sorting situation worse than it already is - the
> original intention was for entries to be alphabetically sorted here.
I'm just going to sort the list in this patch to have everything in
alphabetic order.
>
>> --- /dev/null
>> +++ b/xen/common/monitor.c
>> @@ -0,0 +1,64 @@
>> +/******************************************************************************
>> + * monitor.c
>> + *
>> + * VM event monitor support.
>> + *
>> + * This program is free software; you can redistribute it and/or modify
>> + * it under the terms of the GNU General Public License as published by
>> + * the Free Software Foundation; either version 2 of the License, or
>> + * (at your option) any later version.
>> + *
>> + * This program is distributed in the hope that it will be useful,
>> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
>> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>> + * GNU General Public License for more details.
>> + *
>> + * You should have received a copy of the GNU General Public License
>> + * along with this program; if not, write to the Free Software
>> + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
>> + */
>> +
>> +#include <xen/sched.h>
>> +#include <xen/vm_event.h>
>> +#include <xen/mem_access.h>
>> +
>> +void monitor_resume(struct domain *d)
>> +{
>> + vm_event_response_t rsp;
>> +
>> + /* Pull all responses off the ring. */
>> + while ( vm_event_get_response(d, &d->vm_event->monitor, &rsp) )
>> + {
>> + struct vcpu *v;
>> +
>> + if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
>> + continue;
>> +
>> +#ifndef NDEBUG
>> + if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
>> + continue;
>> +#endif
>
> This code was unconditional in the original function. Such a change
> needs mentioning in the description.
Ah, yes, the patch that makes this conditional has to be moved up
before this one.
>
>> @@ -49,7 +53,7 @@ int mem_access_send_req(struct domain *d, vm_event_request_t *req)
>> return -ENOSYS;
>> }
>>
>> -static inline void mem_access_resume(struct domain *d) {}
>> +static inline void mem_access_resume(struct vcpu *vcpu, vm_event_response_t *rsp) {}
>
> Long line.
>
>> --- /dev/null
>> +++ b/xen/include/xen/monitor.h
>> @@ -0,0 +1,38 @@
>> +/******************************************************************************
>> + * monitor.h
>> + *
>> + * Monitor event support.
>> + *
>> + * This program is free software; you can redistribute it and/or modify
>> + * it under the terms of the GNU General Public License as published by
>> + * the Free Software Foundation; either version 2 of the License, or
>> + * (at your option) any later version.
>> + *
>> + * This program is distributed in the hope that it will be useful,
>> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
>> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>> + * GNU General Public License for more details.
>> + *
>> + * You should have received a copy of the GNU General Public License
>> + * along with this program; if not, write to the Free Software
>> + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
>> + */
>> +
>> +#ifndef _XEN_ASM_MONITOR_H
>> +#define _XEN_ASM_MONITOR_H
>> +
>> +#include <public/memory.h>
>
> This can't be enough (nor can I see why it's needed here), or else ...
>
>> +/* Resumes the running of the VCPU, restarting the last instruction */
>> +void monitor_resume(struct domain *d);
>
> ... struct domain may end up being a forward reference (with scope
> restricted to monitor_resume()).
>
> Jan
I'll revisit the headers needed for this one but it did build fine.
Thanks,
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 12/12] xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds
2015-02-04 5:59 ` Tian, Kevin
@ 2015-02-06 13:20 ` Tamas K Lengyel
0 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-06 13:20 UTC (permalink / raw)
To: Tian, Kevin
Cc: wei.liu2, ian.campbell, steve, stefano.stabellini, Nakajima, Jun,
tim, ian.jackson, xen-devel, Dong, Eddie, andres, jbeulich,
rshriram, keir, dgdegra, yanghy, rcojocaru
On Wed, Feb 4, 2015 at 6:59 AM, Tian, Kevin <kevin.tian@intel.com> wrote:
>> From: Tamas K Lengyel [mailto:tamas.lengyel@zentific.com]
>> Sent: Friday, January 30, 2015 5:47 AM
>>
>> The flag is only used for debugging purposes, thus it should be only checked
>> for in debug builds of Xen.
>>
>> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
>> ---
>> xen/arch/x86/mm/mem_sharing.c | 2 ++
>> xen/arch/x86/mm/p2m.c | 2 ++
>> xen/common/mem_access.c | 31
>> +++++++++++++++++++++++++++++++
>> 3 files changed, 35 insertions(+)
>>
>> diff --git a/xen/arch/x86/mm/mem_sharing.c
>> b/xen/arch/x86/mm/mem_sharing.c
>> index c487207..303c2fb 100644
>> --- a/xen/arch/x86/mm/mem_sharing.c
>> +++ b/xen/arch/x86/mm/mem_sharing.c
>> @@ -604,8 +604,10 @@ int mem_sharing_sharing_resume(struct domain *d)
>> if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
>> continue;
>>
>> +#ifndef NDEBUG
>> if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
>> continue;
>> +#endif
>>
>> /* Validate the vcpu_id in the response. */
>> if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
>> diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
>> index 3b58700..1d91000 100644
>> --- a/xen/arch/x86/mm/p2m.c
>> +++ b/xen/arch/x86/mm/p2m.c
>> @@ -1305,8 +1305,10 @@ void p2m_mem_paging_resume(struct domain *d)
>> if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
>> continue;
>>
>> +#ifndef NDEBUG
>> if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
>> continue;
>> +#endif
>>
>> /* Validate the vcpu_id in the response. */
>> if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
>> diff --git a/xen/common/mem_access.c b/xen/common/mem_access.c
>> index 3655165..e0a538f 100644
>> --- a/xen/common/mem_access.c
>> +++ b/xen/common/mem_access.c
>> @@ -30,6 +30,37 @@
>> #include <asm/p2m.h>
>> #include <xsm/xsm.h>
>>
>> +void mem_access_resume(struct domain *d)
>
> so there is no caller of this new function?
This patch seems to got a bit mangled with the previous one so I'll
clean it up. The only thing I intended to have in this patch is the
#ifndef wrapper to be around the DUMMY check. Sorry for the noise.
>
>> +{
>> + vm_event_response_t rsp;
>> +
>> + /* Pull all responses off the ring. */
>> + while ( vm_event_get_response(d, &d->vm_event->monitor, &rsp) )
>> + {
>> + struct vcpu *v;
>> +
>> + if ( rsp.version != VM_EVENT_INTERFACE_VERSION )
>> + continue;
>> +
>> +#ifndef NDEBUG
>> + if ( rsp.flags & VM_EVENT_FLAG_DUMMY )
>> + continue;
>> +#endif
>> +
>> + /* Validate the vcpu_id in the response. */
>> + if ( (rsp.vcpu_id >= d->max_vcpus) || !d->vcpu[rsp.vcpu_id] )
>> + continue;
>> +
>> + v = d->vcpu[rsp.vcpu_id];
>> +
>> + p2m_vm_event_emulate_check(v, &rsp);
>> +
>> + /* Unpause domain. */
>> + if ( rsp.flags & VM_EVENT_FLAG_VCPU_PAUSED )
>> + vm_event_vcpu_unpause(v);
>> + }
>> +}
>> +
>> int mem_access_memop(unsigned long cmd,
>>
>> XEN_GUEST_HANDLE_PARAM(xen_mem_access_op_t) arg)
>> {
>> --
>> 2.1.4
>
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 12/12] xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds
2015-02-04 9:49 ` Jan Beulich
@ 2015-02-06 13:22 ` Tamas K Lengyel
0 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-06 13:22 UTC (permalink / raw)
To: Jan Beulich
Cc: Tim Deegan, Tian, Kevin, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Dong, Eddie, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
On Wed, Feb 4, 2015 at 10:49 AM, Jan Beulich <JBeulich@suse.com> wrote:
>>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
>> The flag is only used for debugging purposes, thus it should be only checked
>> for in debug builds of Xen.
>
> So this should be where the respective conditional I just complained
> about should get added.
>
>
>> --- a/xen/common/mem_access.c
>> +++ b/xen/common/mem_access.c
>> @@ -30,6 +30,37 @@
>> #include <asm/p2m.h>
>> #include <xsm/xsm.h>
>>
>> +void mem_access_resume(struct domain *d)
>> +{
>
> Why is this being re-added, and how do things build with the other
> (inline) mem_access_resume() added in an earlier patch?
>
> Jan
Yes, this patch got a bit mixed up with the previous one.
To answer your question nevertheless, mem_access_resume is redefined
to be only doing mem_access related work. Previously it was
responsible to pulling all the responses off the ring, even if these
were not mem_access related. Now the monitor is pulling the responses
off the ring, and issues mem_access_resume if the response is to a
mem_access request.
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 05/12] xen: Introduce vm_event
2015-02-03 15:54 ` Jan Beulich
@ 2015-02-06 13:54 ` Tamas K Lengyel
2015-02-06 13:58 ` Andrew Cooper
0 siblings, 1 reply; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-06 13:54 UTC (permalink / raw)
To: Jan Beulich
Cc: Tim Deegan, Tian, Kevin, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Dong, Eddie, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
On Tue, Feb 3, 2015 at 4:54 PM, Jan Beulich <JBeulich@suse.com> wrote:
>>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
>> --- a/docs/misc/xsm-flask.txt
>> +++ b/docs/misc/xsm-flask.txt
>> @@ -87,6 +87,7 @@ __HYPERVISOR_domctl (xen/include/public/domctl.h)
>> * XEN_DOMCTL_set_machine_address_size
>> * XEN_DOMCTL_debug_op
>> * XEN_DOMCTL_gethvmcontext_partial
>> + * XEN_DOMCTL_vm_event_op
>> * XEN_DOMCTL_mem_event_op
>> * XEN_DOMCTL_mem_sharing_op
>> * XEN_DOMCTL_setvcpuextstate
>
> No - no additions here. You don't define XEN_DOMCTL_vm_event_op
> in this patch anyway. Once you rename the other one, replacing it
> here will be okay.
>
>> --- /dev/null
>> +++ b/xen/common/vm_event.c
>> @@ -0,0 +1,739 @@
>
> Please clarify in the patch description whether this (and perhaps
> other) copied or cloned code is really just a plain copy with some
> renaming, or whether there are any other changes. Reviewing this
> as a non-renaming change isn't time well spent in the former case.
Ack, this code is identical to mem_event beside the name.
>
>> --- a/xen/include/public/domctl.h
>> +++ b/xen/include/public/domctl.h
>> @@ -835,6 +835,84 @@ typedef struct xen_domctl_mem_event_op xen_domctl_mem_event_op_t;
>> DEFINE_XEN_GUEST_HANDLE(xen_domctl_mem_event_op_t);
>>
>> /*
>> + * VM event operations
>> + */
>> +
>> +/* XEN_DOMCTL_vm_event_op */
>> +
>> +/*
>> + * Domain memory paging
>> + * Page memory in and out.
>> + * Domctl interface to set up and tear down the
>> + * pager<->hypervisor interface. Use XENMEM_paging_op*
>> + * to perform per-page operations.
>> + *
>> + * The XEN_DOMCTL_MEM_EVENT_OP_PAGING_ENABLE domctl returns several
>> + * non-standard error codes to indicate why paging could not be enabled:
>> + * ENODEV - host lacks HAP support (EPT/NPT) or HAP is disabled in guest
>> + * EMLINK - guest has iommu passthrough enabled
>> + * EXDEV - guest has PoD enabled
>> + * EBUSY - guest has or had paging enabled, ring buffer still active
>> + */
>> +#define XEN_DOMCTL_VM_EVENT_OP_PAGING 1
>> +
>> +#define XEN_DOMCTL_VM_EVENT_OP_PAGING_ENABLE 0
>> +#define XEN_DOMCTL_VM_EVENT_OP_PAGING_DISABLE 1
>> +
>> +/*
>> + * Monitor permissions.
>> + *
>> + * As with paging, use the domctl for teardown/setup of the
>> + * helper<->hypervisor interface.
>> + *
>> + * There are HVM hypercalls to set the per-page access permissions of every
>> + * page in a domain. When one of these permissions--independent, read,
>> + * write, and execute--is violated, the VCPU is paused and a memory event
>> + * is sent with what happened. (See public/vm_event.h) .
>> + *
>> + * The memory event handler can then resume the VCPU and redo the access
>> + * with a XENMEM_access_op_resume hypercall.
>> + *
>> + * The XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE domctl returns several
>> + * non-standard error codes to indicate why access could not be enabled:
>> + * EBUSY - guest has or had access enabled, ring buffer still active
>> + */
>> +#define XEN_DOMCTL_VM_EVENT_OP_MONITOR 2
>> +
>> +#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE 0
>> +#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_DISABLE 1
>> +#define XEN_DOMCTL_VM_EVENT_OP_MONITOR_ENABLE_INTROSPECTION 2
>> +
>> +/*
>> + * Sharing ENOMEM helper.
>> + *
>> + * As with paging, use the domctl for teardown/setup of the
>> + * helper<->hypervisor interface.
>> + *
>> + * If setup, this ring is used to communicate failed allocations
>> + * in the unshare path. XENMEM_sharing_op_resume is used to wake up
>> + * vcpus that could not unshare.
>> + *
>> + * Note that shring can be turned on (as per the domctl below)
>> + * *without* this ring being setup.
>> + */
>> +#define XEN_DOMCTL_VM_EVENT_OP_SHARING 3
>> +
>> +#define XEN_DOMCTL_VM_EVENT_OP_SHARING_ENABLE 0
>> +#define XEN_DOMCTL_VM_EVENT_OP_SHARING_DISABLE 1
>> +
>> +/* Use for teardown/setup of helper<->hypervisor interface for paging,
>> + * access and sharing.*/
>> +struct xen_domctl_vm_event_op {
>> + uint32_t op; /* XEN_DOMCTL_VM_EVENT_OP_*_* */
>> + uint32_t mode; /* XEN_DOMCTL_VM_EVENT_OP_* */
>> +
>> + uint32_t port; /* OUT: event channel for ring */
>> +};
>> +typedef struct xen_domctl_vm_event_op xen_domctl_vm_event_op_t;
>> +DEFINE_XEN_GUEST_HANDLE(xen_domctl_vm_event_op_t);
>
> I doubt it is the best approach to do this via add and remove steps,
> rather than just a single renaming step (where likely much on the
> commentary would remain untouched). Or if staying with that model,
> maybe interleaving the additions with the to be replaced code might
> be a workable approach.
>
>> @@ -216,6 +217,8 @@ struct vcpu
>>
>> /* VCPU paused for mem_event replies. */
>> atomic_t mem_event_pause_count;
>> + /* VCPU paused for vm_event replies. */
>> + atomic_t vm_event_pause_count;
>
> Or, to avoid odd changes like this, don't hook up the new source file(s)
> to the make system yet.
>
> Jan
The last one I think is the most workable, I'll only hook vm_event
into the build system when it is getting used (next patch in the
series). That avoids a bunch of weird additions we see here.
Thanks,
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 05/12] xen: Introduce vm_event
2015-02-06 13:54 ` Tamas K Lengyel
@ 2015-02-06 13:58 ` Andrew Cooper
2015-02-06 14:01 ` Tamas K Lengyel
0 siblings, 1 reply; 66+ messages in thread
From: Andrew Cooper @ 2015-02-06 13:58 UTC (permalink / raw)
To: Tamas K Lengyel, Jan Beulich
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Dong, Eddie, Tim Deegan, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy, Ian Jackson
On 06/02/15 13:54, Tamas K Lengyel wrote:
>> Please clarify in the patch description whether this (and perhaps
>> other) copied or cloned code is really just a plain copy with some
>> renaming, or whether there are any other changes. Reviewing this
>> as a non-renaming change isn't time well spent in the former case.
> Ack, this code is identical to mem_event beside the name.
Using git format-patch/diff -M will make this much more obvious by
creating a diff which looks something like:
--- a/xen/common/mem_event.c
+++ b/xen/common/vm_event.c
and contains hunks renaming the functions alone.
~Andrew
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 05/12] xen: Introduce vm_event
2015-02-06 13:58 ` Andrew Cooper
@ 2015-02-06 14:01 ` Tamas K Lengyel
0 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-06 14:01 UTC (permalink / raw)
To: Andrew Cooper
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Jun Nakajima, Dong, Eddie, Tim Deegan,
xen-devel, Steven Maresca, Andres Lagar-Cavilla, Jan Beulich,
rshriram, Keir Fraser, Daniel De Graaf, yanghy, Ian Jackson
On Fri, Feb 6, 2015 at 2:58 PM, Andrew Cooper <andrew.cooper3@citrix.com> wrote:
> On 06/02/15 13:54, Tamas K Lengyel wrote:
>>> Please clarify in the patch description whether this (and perhaps
>>> other) copied or cloned code is really just a plain copy with some
>>> renaming, or whether there are any other changes. Reviewing this
>>> as a non-renaming change isn't time well spent in the former case.
>> Ack, this code is identical to mem_event beside the name.
>
> Using git format-patch/diff -M will make this much more obvious by
> creating a diff which looks something like:
>
> --- a/xen/common/mem_event.c
> +++ b/xen/common/vm_event.c
>
> and contains hunks renaming the functions alone.
>
> ~Andrew
I'll take a look at that, it would certainly simplify things.
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 05/12] xen: Introduce vm_event
2015-02-02 19:35 ` Daniel De Graaf
@ 2015-02-06 14:04 ` Tamas K Lengyel
0 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-06 14:04 UTC (permalink / raw)
To: Daniel De Graaf
Cc: Tian, Kevin, wei.liu2, Ian Campbell, Steven Maresca,
Stefano Stabellini, Jun Nakajima, Tim Deegan, Ian Jackson,
xen-devel, Dong, Eddie, Andres Lagar-Cavilla, Jan Beulich,
rshriram, Keir Fraser, yanghy, Razvan Cojocaru
On Mon, Feb 2, 2015 at 8:35 PM, Daniel De Graaf <dgdegra@tycho.nsa.gov> wrote:
> On 01/31/2015 08:24 AM, Tamas K Lengyel wrote:
>>
>> On Fri, Jan 30, 2015 at 6:25 PM, Daniel De Graaf <dgdegra@tycho.nsa.gov>
>> wrote:
>>>
>>> On 01/29/2015 04:46 PM, Tamas K Lengyel wrote:
>>>>
>>>>
>>>> To make it easier to review the renaming process of mem_event ->
>>>> vm_event,
>>>> the process is broken into three pieces, of which this patch is the
>>>> first.
>>>> In this patch the vm_event subsystem is introduced and hooked into the
>>>> build
>>>> process, but it is not yet used anywhere.
>>>>
>>>> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
>>>
>>>
>>>
>>> [...]
>>>>
>>>>
>>>> diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h
>>>> index f20e89c..d6d403a 100644
>>>> --- a/xen/include/xsm/dummy.h
>>>> +++ b/xen/include/xsm/dummy.h
>>>> @@ -525,6 +525,18 @@ static XSM_INLINE int
>>>> xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op)
>>>> XSM_ASSERT_ACTION(XSM_DM_PRIV);
>>>> return xsm_default_action(action, current->domain, d);
>>>> }
>>>> +
>>>> +static XSM_INLINE int xsm_vm_event_control(XSM_DEFAULT_ARG struct
>>>> domain
>>>> *d, int mode, int op)
>>>> +{
>>>> + XSM_ASSERT_ACTION(XSM_PRIV);
>>>> + return xsm_default_action(action, current->domain, d);
>>>> +}
>>>> +
>>>> +static XSM_INLINE int xsm_vm_event_op(XSM_DEFAULT_ARG struct domain *d,
>>>> int op)
>>>> +{
>>>> + XSM_ASSERT_ACTION(XSM_DM_PRIV);
>>>> + return xsm_default_action(action, current->domain, d);
>>>> +}
>>>> #endif
>>>>
>>> [...]
>>>>
>>>>
>>>> diff --git a/xen/xsm/flask/policy/access_vectors
>>>> b/xen/xsm/flask/policy/access_vectors
>>>> index 1da9f63..a4241b5 100644
>>>> --- a/xen/xsm/flask/policy/access_vectors
>>>> +++ b/xen/xsm/flask/policy/access_vectors
>>>> @@ -250,6 +250,7 @@ class hvm
>>>> hvmctl
>>>> # XEN_DOMCTL_set_access_required
>>>> mem_event
>>>> + vm_event
>>>> # XEN_DOMCTL_mem_sharing_op and XENMEM_sharing_op_{share,add_physmap}
>>>> with:
>>>> # source = the domain making the hypercall
>>>> # target = domain whose memory is being shared
>>>>
>>>
>>> This implies that device model domains should be allowed to use the
>>> operations
>>> covered by xsm_vm_event_op but not those covered by xsm_vm_event_control.
>>> If this is how the eventual operations are intended to be used, the FLASK
>>> permissions also need to be split so that a similar distinction can be
>>> made
>>> in
>>> the policy.
>>>
>>> After looking at the later patches in this series, this appears to be a
>>> flaw
>>> in
>>> the existing FLASK hooks that got copied over. While it is still useful
>>> to
>>> fix,
>>> it may be better to make the split in a separate patch from the renames.
>>> Now
>>> that VM events apply to more than just HVM domains, it may be useful to
>>> move
>>> the new permission(s) from class hvm to either domain2 or mmu.
>>>
>>> --
>>> Daniel De Graaf
>>> National Security Agency
>>
>>
>> Moving it to domain2 would make sense to me. The namings seem to be
>> pretty poor so I have a hard time understanding why xsm_vm_event_op
>> and xsm_vm_event_control differ when it comes to device model domains.
>> The event_op corresponds to memops for access, paging and sharing
>> while event_control for the domctl that enables/disables the rings. So
>> yes, I think splitting the name for these separating things would make
>> sense to clarify what they represent but whether that restriction on
>> device model domains was intentional I'm not sure about.
>>
>> Tamas
>
>
> If the device model stubdom does not use (or plan to use) the memory_op
> hypercall, then there is no reason to allow it to make this hypercall,
> and the XSM check should be changed from XSM_DM_PRIV to XSM_PRIV. From
> a quick look, this seems to be true, but I would defer to someone who
> has actually used or developed this subsystem.
This subsystem hasn't really seen much use AFAIK and I'm not aware on
anyone using it in device model stubdom, thus this change would be
reasonable.
>
> As far as the naming, several other hypercalls such as tmem have a
> distinction between "use" and "control" that is reflected in the XSM
> policy. From a quick look at how the hypercalls work, the domctl seems
> to be a toolstack-only feature that is set when building a domain, while
> the mem_event_op hypercall is used by a helper process.
>
> I think it might be possible to move the helper process to a stub domain
> when creating a very disaggregated system. In that case, a distinct
> permission for its hypercalls would be useful to let the stub domain
> perform sharing operations without being able to turn sharing on and
> off. Otherwise the current single permission (moved to domain2) should
> be sufficient.
I would rather keep with the current single permission and split it
only when there is a need for it. In our current model the secondary
(security) control domain pretty much holds equivalent rights to dom0
over a subset of domains, so for us there is no benefit in having such
refined distinction between permissions.
>
>
> --
> Daniel De Graaf
> National Security Agency
Thanks,
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 07/12] xen: Remove mem_event
2015-02-06 12:54 ` Tamas K Lengyel
@ 2015-02-06 14:18 ` Jan Beulich
2015-02-06 16:13 ` Tamas K Lengyel
0 siblings, 1 reply; 66+ messages in thread
From: Jan Beulich @ 2015-02-06 14:18 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: Tim Deegan, Kevin Tian, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Eddie Dong, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
>>> On 06.02.15 at 13:54, <tamas.lengyel@zentific.com> wrote:
>> Did you look at the resulting patch to see what happened? It didn't
>> remove the mem_event stuff, but adjusted it enough to become the
>> vm_event one while removing the previously added vm_event part
>> again. Another argument against this approach imo.
>
> Hm, that is some strange git behavior. I'll reshuffle things in the
> next iteration to have most everything in the renaming patch.
Considering that Andrew too seems to think that this 3 stage
approach is undesirable, I think you'd better go the "git mv" route
for the next version.
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 11/12] xen/vm_event: Decouple vm_event and mem_access.
2015-02-06 13:10 ` Tamas K Lengyel
@ 2015-02-06 14:20 ` Jan Beulich
2015-02-06 16:12 ` Tamas K Lengyel
0 siblings, 1 reply; 66+ messages in thread
From: Jan Beulich @ 2015-02-06 14:20 UTC (permalink / raw)
To: Tamas K Lengyel
Cc: Tim Deegan, Kevin Tian, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Eddie Dong, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
>>> On 06.02.15 at 14:10, <tamas.lengyel@zentific.com> wrote:
> On Wed, Feb 4, 2015 at 10:47 AM, Jan Beulich <JBeulich@suse.com> wrote:
>>>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
>>> --- a/xen/common/Makefile
>>> +++ b/xen/common/Makefile
>>> @@ -52,9 +52,10 @@ obj-y += tmem_xen.o
>>> obj-y += radix-tree.o
>>> obj-y += rbtree.o
>>> obj-y += lzo.o
>>> +obj-y += vm_event.o
>>> +obj-y += monitor.o
>>
>> Please make the (not) sorting situation worse than it already is - the
>> original intention was for entries to be alphabetically sorted here.
>
> I'm just going to sort the list in this patch to have everything in
> alphabetic order.
In a prereq patch then you (hopefully) mean?
>>> +#include <public/memory.h>
>>
>> This can't be enough (nor can I see why it's needed here), or else ...
>>
>>> +/* Resumes the running of the VCPU, restarting the last instruction */
>>> +void monitor_resume(struct domain *d);
>>
>> ... struct domain may end up being a forward reference (with scope
>> restricted to monitor_resume()).
>
> I'll revisit the headers needed for this one but it did build fine.
Sure - presumably because the including sites included what is needed
up front.
Jan
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 11/12] xen/vm_event: Decouple vm_event and mem_access.
2015-02-06 14:20 ` Jan Beulich
@ 2015-02-06 16:12 ` Tamas K Lengyel
0 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-06 16:12 UTC (permalink / raw)
To: Jan Beulich
Cc: Tim Deegan, Kevin Tian, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Eddie Dong, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
On Fri, Feb 6, 2015 at 3:20 PM, Jan Beulich <JBeulich@suse.com> wrote:
>>>> On 06.02.15 at 14:10, <tamas.lengyel@zentific.com> wrote:
>> On Wed, Feb 4, 2015 at 10:47 AM, Jan Beulich <JBeulich@suse.com> wrote:
>>>>>> On 29.01.15 at 22:46, <tamas.lengyel@zentific.com> wrote:
>>>> --- a/xen/common/Makefile
>>>> +++ b/xen/common/Makefile
>>>> @@ -52,9 +52,10 @@ obj-y += tmem_xen.o
>>>> obj-y += radix-tree.o
>>>> obj-y += rbtree.o
>>>> obj-y += lzo.o
>>>> +obj-y += vm_event.o
>>>> +obj-y += monitor.o
>>>
>>> Please make the (not) sorting situation worse than it already is - the
>>> original intention was for entries to be alphabetically sorted here.
>>
>> I'm just going to sort the list in this patch to have everything in
>> alphabetic order.
>
> In a prereq patch then you (hopefully) mean?
Does reordering the already out-of-whack list worth its own patch? I
just reordered it as part of this patch that adds to it.
>
>>>> +#include <public/memory.h>
>>>
>>> This can't be enough (nor can I see why it's needed here), or else ...
>>>
>>>> +/* Resumes the running of the VCPU, restarting the last instruction */
>>>> +void monitor_resume(struct domain *d);
>>>
>>> ... struct domain may end up being a forward reference (with scope
>>> restricted to monitor_resume()).
>>
>> I'll revisit the headers needed for this one but it did build fine.
>
> Sure - presumably because the including sites included what is needed
> up front.
Probably. Looking at this header all it would need is xen/sched.h for
the definition of struct domain.
> Jan
Thanks,
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 07/12] xen: Remove mem_event
2015-02-06 14:18 ` Jan Beulich
@ 2015-02-06 16:13 ` Tamas K Lengyel
0 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-06 16:13 UTC (permalink / raw)
To: Jan Beulich
Cc: Tim Deegan, Kevin Tian, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Eddie Dong, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
On Fri, Feb 6, 2015 at 3:18 PM, Jan Beulich <JBeulich@suse.com> wrote:
>>>> On 06.02.15 at 13:54, <tamas.lengyel@zentific.com> wrote:
>>> Did you look at the resulting patch to see what happened? It didn't
>>> remove the mem_event stuff, but adjusted it enough to become the
>>> vm_event one while removing the previously added vm_event part
>>> again. Another argument against this approach imo.
>>
>> Hm, that is some strange git behavior. I'll reshuffle things in the
>> next iteration to have most everything in the renaming patch.
>
> Considering that Andrew too seems to think that this 3 stage
> approach is undesirable, I think you'd better go the "git mv" route
> for the next version.
>
> Jan
Ack, I'll give it a shot. I did that first but hopefully the trick is
in the magic git -M option.
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
* Re: [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl
2015-02-05 14:15 ` Tamas K Lengyel
@ 2015-02-09 18:45 ` Tamas K Lengyel
0 siblings, 0 replies; 66+ messages in thread
From: Tamas K Lengyel @ 2015-02-09 18:45 UTC (permalink / raw)
To: Jan Beulich
Cc: Tim Deegan, Tian, Kevin, wei.liu2, Ian Campbell, Razvan Cojocaru,
Stefano Stabellini, Dong, Eddie, Ian Jackson, xen-devel,
Steven Maresca, Andres Lagar-Cavilla, Jun Nakajima, rshriram,
Keir Fraser, Daniel De Graaf, yanghy
>>> --- a/xen/include/public/hvm/params.h
>>> +++ b/xen/include/public/hvm/params.h
>>> @@ -162,21 +162,6 @@
>>> */
>>> #define HVM_PARAM_ACPI_IOPORTS_LOCATION 19
>>>
>>> -/* Enable blocking memory events, async or sync (pause vcpu until response)
>>> - * onchangeonly indicates messages only on a change of value */
>>> -#define HVM_PARAM_MEMORY_EVENT_CR0 20
>>> -#define HVM_PARAM_MEMORY_EVENT_CR3 21
>>> -#define HVM_PARAM_MEMORY_EVENT_CR4 22
>>> -#define HVM_PARAM_MEMORY_EVENT_INT3 23
>>> -#define HVM_PARAM_MEMORY_EVENT_SINGLE_STEP 25
>>> -#define HVM_PARAM_MEMORY_EVENT_MSR 30
>>
>> I'm not sure if HVM param slots can be re-used. If they can, leaving a
>> note that the deleted numbers are available for re-sue would be nice.
>> If they can't, leaving a note that they shouldn't be re-used would
>> seem mandatory.
>>
>> Jan
>
> I'm not sure either if they can be reused, I would assume yes so I'll
> make the comment accordingly (unless someone knows more and objects).
>
> All other comments: Ack.
>
> Thanks!
> Tamas
On a second look there seems to be a handful of HVM params that are
already undefined, so they don't seem to get recycled.
Tamas
^ permalink raw reply [flat|nested] 66+ messages in thread
end of thread, other threads:[~2015-02-09 18:45 UTC | newest]
Thread overview: 66+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-01-29 21:46 [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 01/12] xen/mem_event: Cleanup of mem_event structures Tamas K Lengyel
2015-02-02 17:19 ` Ian Campbell
2015-02-03 9:17 ` Jan Beulich
2015-02-05 12:12 ` Tamas K Lengyel
2015-02-05 12:13 ` Tamas K Lengyel
2015-02-03 15:32 ` Jan Beulich
2015-01-29 21:46 ` [RFC PATCH V3 02/12] xen/mem_event: Rename the mem_event ring from 'access' to 'monitor' Tamas K Lengyel
2015-02-02 17:22 ` Ian Campbell
2015-02-03 15:37 ` Jan Beulich
2015-02-05 14:24 ` Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 03/12] xen/mem_paging: Convert mem_event_op to mem_paging_op Tamas K Lengyel
2015-02-02 17:23 ` Ian Campbell
2015-02-03 15:41 ` Jan Beulich
2015-01-29 21:46 ` [RFC PATCH V3 04/12] xen/mem_access: Merge mem_event sanity check into mem_access check Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 05/12] xen: Introduce vm_event Tamas K Lengyel
2015-01-30 17:25 ` Daniel De Graaf
2015-01-31 13:24 ` Tamas K Lengyel
2015-02-02 19:35 ` Daniel De Graaf
2015-02-06 14:04 ` Tamas K Lengyel
2015-02-02 17:27 ` Ian Campbell
2015-02-03 15:54 ` Jan Beulich
2015-02-06 13:54 ` Tamas K Lengyel
2015-02-06 13:58 ` Andrew Cooper
2015-02-06 14:01 ` Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 06/12] xen: migrate mem_event to vm_event Tamas K Lengyel
2015-02-02 17:27 ` Ian Campbell
2015-02-03 16:22 ` Jan Beulich
2015-01-29 21:46 ` [RFC PATCH V3 07/12] xen: Remove mem_event Tamas K Lengyel
2015-01-30 17:25 ` Daniel De Graaf
2015-02-02 17:29 ` Ian Campbell
2015-02-03 16:26 ` Jan Beulich
2015-02-06 12:54 ` Tamas K Lengyel
2015-02-06 14:18 ` Jan Beulich
2015-02-06 16:13 ` Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 08/12] tools/tests: Clean-up tools/tests/xen-access Tamas K Lengyel
2015-02-02 17:30 ` Ian Campbell
2015-01-29 21:46 ` [RFC PATCH V3 09/12] x86/hvm: factor out and rename vm_event related functions into separate file Tamas K Lengyel
2015-02-04 5:54 ` Tian, Kevin
2015-02-04 9:14 ` Jan Beulich
2015-01-29 21:46 ` [RFC PATCH V3 10/12] xen: Introduce monitor_op domctl Tamas K Lengyel
2015-01-30 7:58 ` Razvan Cojocaru
2015-01-30 10:38 ` Tamas K Lengyel
2015-01-30 11:07 ` Razvan Cojocaru
2015-01-30 11:15 ` Tamas K Lengyel
2015-01-30 11:24 ` Tamas K Lengyel
2015-01-30 11:33 ` Razvan Cojocaru
2015-01-30 11:45 ` Tamas K Lengyel
2015-01-30 12:24 ` Razvan Cojocaru
2015-01-30 12:36 ` Tamas K Lengyel
2015-02-02 17:32 ` Ian Campbell
2015-02-04 5:57 ` Tian, Kevin
2015-02-04 9:34 ` Jan Beulich
2015-02-05 14:15 ` Tamas K Lengyel
2015-02-09 18:45 ` Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 11/12] xen/vm_event: Decouple vm_event and mem_access Tamas K Lengyel
2015-02-04 9:47 ` Jan Beulich
2015-02-06 13:10 ` Tamas K Lengyel
2015-02-06 14:20 ` Jan Beulich
2015-02-06 16:12 ` Tamas K Lengyel
2015-01-29 21:46 ` [RFC PATCH V3 12/12] xen/vm_event: Check for VM_EVENT_FLAG_DUMMY only in Debug builds Tamas K Lengyel
2015-02-04 5:59 ` Tian, Kevin
2015-02-06 13:20 ` Tamas K Lengyel
2015-02-04 9:49 ` Jan Beulich
2015-02-06 13:22 ` Tamas K Lengyel
2015-02-02 17:33 ` [RFC PATCH V3 00/12] xen: Clean-up of mem_event subsystem Ian Campbell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.