From: Paul Durrant <Paul.Durrant@citrix.com>
To: Andrew Cooper <Andrew.Cooper3@citrix.com>,
'Jan Beulich' <JBeulich@suse.com>
Cc: xen-devel <xen-devel@lists.xenproject.org>
Subject: Re: [PATCH 0/2] MMIO emulation fixes
Date: Fri, 10 Aug 2018 15:08:12 +0000 [thread overview]
Message-ID: <a735b4359ccc4b278330204d9790c6ac@AMSPEX02CL03.citrite.net> (raw)
In-Reply-To: <fdf19f7d-1b92-a9c0-3602-b1c9807bf610@citrix.com>
> -----Original Message-----
> From: Andrew Cooper
> Sent: 10 August 2018 13:56
> To: Paul Durrant <Paul.Durrant@citrix.com>; 'Jan Beulich'
> <JBeulich@suse.com>
> Cc: xen-devel <xen-devel@lists.xenproject.org>
> Subject: Re: [Xen-devel] [PATCH 0/2] MMIO emulation fixes
>
> On 10/08/18 13:43, Paul Durrant wrote:
> >> -----Original Message-----
> >> From: Jan Beulich [mailto:JBeulich@suse.com]
> >> Sent: 10 August 2018 13:37
> >> To: Paul Durrant <Paul.Durrant@citrix.com>
> >> Cc: xen-devel <xen-devel@lists.xenproject.org>
> >> Subject: RE: [Xen-devel] [PATCH 0/2] MMIO emulation fixes
> >>
> >>>>> On 10.08.18 at 14:22, <Paul.Durrant@citrix.com> wrote:
> >>>> -----Original Message-----
> >>>> From: Jan Beulich [mailto:JBeulich@suse.com]
> >>>> Sent: 10 August 2018 13:13
> >>>> To: Paul Durrant <Paul.Durrant@citrix.com>
> >>>> Cc: xen-devel <xen-devel@lists.xenproject.org>
> >>>> Subject: RE: [Xen-devel] [PATCH 0/2] MMIO emulation fixes
> >>>>
> >>>>>>> On 10.08.18 at 14:08, <Paul.Durrant@citrix.com> wrote:
> >>>>>> -----Original Message-----
> >>>>>> From: Jan Beulich [mailto:JBeulich@suse.com]
> >>>>>> Sent: 10 August 2018 13:02
> >>>>>> To: Paul Durrant <Paul.Durrant@citrix.com>
> >>>>>> Cc: xen-devel <xen-devel@lists.xenproject.org>
> >>>>>> Subject: Re: [Xen-devel] [PATCH 0/2] MMIO emulation fixes
> >>>>>>
> >>>>>>>>> On 10.08.18 at 12:37, <paul.durrant@citrix.com> wrote:
> >>>>>>> These are probably both candidates for back-port.
> >>>>>>>
> >>>>>>> Paul Durrant (2):
> >>>>>>> x86/hvm/ioreq: MMIO range checking completely ignores
> direction
> >> flag
> >>>>>>> x86/hvm/emulate: make sure rep I/O emulation does not cross
> GFN
> >>>>>>> boundaries
> >>>>>>>
> >>>>>>> xen/arch/x86/hvm/emulate.c | 17 ++++++++++++++++-
> >>>>>>> xen/arch/x86/hvm/ioreq.c | 15 ++++++++++-----
> >>>>>>> 2 files changed, 26 insertions(+), 6 deletions(-)
> >>>>>> I take it this isn't yet what we've talked about yesterday on irc?
> >>>>>>
> >>>>> This is the band-aid fix. I can now show correct handling of a rep mov
> >>>>> walking off MMIO into RAM.
> >>>> But that's not the problem we're having. In our case the bad behavior
> >>>> is with a single MOV. That's why I had assumed that your plan to fiddle
> >>>> with null_handler would help in our case as well, while this series
> clearly
> >>>> won't (afaict).
> >>>>
> >>> Oh, I see. A single MOV spanning MMIO and RAM has undefined
> behaviour
> >> though
> >>> as I understand it. Am I incorrect?
> >> I'm not aware of SDM or PM saying anything like this. Anyway, the
> >> specific case where this is being observed as an issue is when
> >> accessing the last few bytes of a normal RAM page followed by a
> >> ballooned out one. The balloon driver doesn't remove the virtual
> >> mapping of such pages (presumably in order to not shatter super
> >> pages); observation is with the old XenoLinux one, but from code
> >> inspection the upstream one behaves the same.
> >>
> >> Unless we want to change the balloon driver's behavior, at least
> >> this specific case needs to be considered having defined behavior,
> >> I think.
> >>
> > Ok. I'll see what I can do.
>
> It is a software error to try and cross boundaries. Modern processors
> do their best to try and cause the correct behaviour to occur, albeit
> with a massive disclaimer about the performance hit. Older processors
> didn't cope.
>
> As far as I'm concerned, its fine to terminate a emulation which crosses
> a boundary with the null ops.
Alas we never even get as far as the I/O handlers in some circumstances...
I just set up a variant of an XTF test doing a backwards rep movsd into a well aligned stack buffer where source buffer starts 1 byte before a boundary between RAM and MMIO. The code in hvmemul_rep_movs() (rightly) detects that both the source and dest of the initial rep are RAM, skips over the I/O emulation calls, and then fails when the hvm_copy_from_guest_phys() (unsurprisingly) fails to grab the 8 bytes for the initial rep.
So, any logic we add to deal with handling page spanning ops is going to have to go in at the top level of instruction emulation... which I fear is going to be quite a major change and not something that's going to be easy to back-port.
Paul
>
> ~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2018-08-10 15:08 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-10 10:37 [PATCH 0/2] MMIO emulation fixes Paul Durrant
2018-08-10 10:37 ` [PATCH 1/2] x86/hvm/ioreq: MMIO range checking completely ignores direction flag Paul Durrant
2018-08-10 11:11 ` Andrew Cooper
2018-08-10 10:37 ` [PATCH 2/2] x86/hvm/emulate: make sure rep I/O emulation does not cross GFN boundaries Paul Durrant
2018-08-10 11:14 ` Andrew Cooper
2018-08-10 11:50 ` Paul Durrant
2018-08-10 11:50 ` Andrew Cooper
2018-08-10 11:59 ` Jan Beulich
2018-08-10 12:10 ` Paul Durrant
2018-08-10 12:01 ` [PATCH 0/2] MMIO emulation fixes Jan Beulich
2018-08-10 12:08 ` Paul Durrant
2018-08-10 12:13 ` Jan Beulich
2018-08-10 12:22 ` Paul Durrant
2018-08-10 12:37 ` Jan Beulich
2018-08-10 12:43 ` Paul Durrant
2018-08-10 12:55 ` Andrew Cooper
2018-08-10 15:08 ` Paul Durrant [this message]
2018-08-10 15:30 ` Jan Beulich
2018-08-10 15:35 ` Paul Durrant
[not found] ` <5B6DB69D02000078001DD06A@prv1*mh.provo.novell.com>
[not found] ` <eaab5a73*2910*7fb6*e1fc*08537e63088c@citrix.com>
[not found] ` <92ca69e5*98b1*61e4*817a*3868f829471a@citrix.com>
2018-08-10 16:00 ` Jan Beulich
2018-08-10 16:30 ` George Dunlap
2018-08-10 16:37 ` Andrew Cooper
2018-08-13 6:50 ` Jan Beulich
2018-08-16 11:08 ` Andrew Cooper
2018-08-29 10:36 ` Olaf Hering
2018-08-29 10:53 ` Andrew Cooper
2018-08-29 11:00 ` Olaf Hering
2018-08-29 11:09 ` Andrew Cooper
2018-08-29 11:14 ` Andrew Cooper
2018-08-29 11:26 ` Juergen Gross
[not found] ` <5B86773A0200004903F324A0@prv1-mh.provo.novell.com>
[not found] ` <5B867B1A0200006D03F3278E@prv1-mh.provo.novell.com>
[not found] ` <5B867D000200009103F328E2@prv1-mh.provo.novell.com>
[not found] ` <5B867F020200009E04E46402@prv1-mh.provo.novell.com>
2018-08-29 12:06 ` Jan Beulich
[not found] ` <5B87A68A0200001C04E5493A@prv1-mh.provo.novell.com>
2018-08-30 8:23 ` Jan Beulich
2018-08-30 10:42 ` Olaf Hering
2018-08-30 8:10 ` Olaf Hering
2018-08-16 10:29 ` Jan Beulich
2018-08-16 10:56 ` Andrew Cooper
2018-08-16 11:27 ` Jan Beulich
[not found] <20180810103714.5112=3def=3dbf=3dbd1=3def=3dbf=3dbdpau?= =?UTF-8?Q?l.durrant@ci=3f=3d_trix.com>
[not found] ` <fdf19f7d=ef=bf=bd1b92=ef=bf=bda9c0?= =?UTF-8?Q?=ef=bf=bd3602=ef=bf=bdb1c9807bf610@citrix.com>
[not found] ` <a735b4359ccc4b278?= =?UTF-8?Q?330204d9790c6ac@AMSPEX02CL03.citrite.net>
[not found] ` <5B6DAF9F02000078001DD0?= =?UTF-8?Q?40@prv1=ef=bf=bdmh.provo.novell.com>
[not found] ` <e2f77af0b2394b8f859a1f2dc1a?= =?UTF-8?Q?91797@AMSPEX02CL03.citrite.net>
[not found] ` <5B6DB69D02000078001DD06A@prv1?= =?UTF-8?B?77+9bWgucHJvdm8ubm92ZWxsLmNvbT4gPGVhYWI1YTcz77+9MjkxMO+/vTdmYjY=?= =?UTF-8?B?77+9ZTFmY++/vTA4NTM3ZTYzMDg4Y0BjaXRyaXguY29tPiA8OTJjYTY5ZTXvv705?= =?UTF-8?B?OGIx77+9NjFlNO+/vTgxN2Hvv70zODY4ZjgyOTQ3MWFAY2l0>
[not found] ` <11c0c96?= =?UTF-8?Q?5-9af7-2cec-1420-4541e281183a@citrix.com>
[not found] ` <5B755FBC0200007_=3d=3f?= =?UTF-8?Q?UTF-8=3fQ=3f8001DEDBF@suse.com>
[not found] ` <dd3c99c2-67e3-faf1-4219-85651b89?= =?UTF-8?Q?1adc@suse.com>
2018-09-04 16:24 ` Andrew Cooper
[not found] ` <651CBD680200008737554D14@prv1-mh.provo.novell.com>
[not found] ` <21554C83020000C537554D14@prv1-mh.provo.novell.com>
[not found] ` <06D73C83020000C037554D14@prv1-mh.provo.novell.com>
[not found] ` <A283E656020000808E2C01CD@prv1-mh.provo.novell.com>
2018-09-05 7:10 ` Jan Beulich
[not found] <20180810103714.5112=ef=bf=bd1=ef=bf=bdpaul.durrant@ci?= =?UTF-8?Q?trix.com>
[not found] ` <5B6D86F30?= =?UTF-8?Q?2000078001DCF85@prv1=ef=bf=bdmh.provo.novell.com>
[not found] ` <e8cff3ca6c154b?= =?UTF-8?Q?67a2a932af83719354@AMSPEX02CL03.citrite.net>
[not found] ` <fdf19f7d=ef=bf=bd1b?= =?UTF-8?B?OTLvv71hOWMw77+9MzYwMu+/vWIxYzk4MDdiZjYxMEBjaXRyaXguY29tPiA8YTcz?= =?UTF-8?Q?5b4359ccc4b278330204d9790c6ac@AMSPEX02CL03.citrite.net>
[not found] ` <5B6DAF9F?= =?UTF-8?Q?02000078001DD040@prv1=ef=bf=bdmh.provo.novell.com>
[not found] ` <e2f77af0b2394?= =?UTF-8?Q?b8f859a1f2dc1a91797@AMSPEX02CL03.citrite.net>
[not found] ` <5B6DB69D0200007800?= =?UTF-8?Q?1DD06A@prv1=ef=bf=bdmh.provo.novell.com>
[not found] ` <eaab5a73=ef=bf=bd2910?= =?UTF-8?B?77+9N2ZiNu+/vWUxZmPvv70wODUzN2U2MzA4OGNAY2l0cml4LmNvbT4gPDkyY2E2?= =?UTF-8?B?OWU177+9OThiMe+/vTYxZTTvv704MTdh77+9Mzg2OGY4Mjk0NzFhQGNpdHJpeC5j?= =?UTF-8?Q?om>
[not found] ` <5B75521102000078001DED13@prv1=ef=bf=bdmh.provo.novell.com>
[not found] ` <?= =?UTF-8?Q?11c0c965-9af7-2cec-1420-4541e281183a@citrix.com>
[not found] ` <5B755FBC0200007?= =?UTF-8?Q?8001DEDBF@suse.com>
2018-08-16 12:52 ` Juergen Gross
2018-09-04 16:11 ` Juergen Gross
[not found] <20180810103714.5112=3def=3dbf=3dbd1=3def=3dbf=3dbdpau?= l.durrant@ci?= trix.com>
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a735b4359ccc4b278330204d9790c6ac@AMSPEX02CL03.citrite.net \
--to=paul.durrant@citrix.com \
--cc=Andrew.Cooper3@citrix.com \
--cc=JBeulich@suse.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.