From: Corneliu ZUZU <czuzu@bitdefender.com>
To: xen-devel@lists.xen.org
Cc: Kevin Tian <kevin.tian@intel.com>,
Tamas K Lengyel <tamas@tklengyel.com>,
Jan Beulich <jbeulich@suse.com>,
Razvan Cojocaru <rcojocaru@bitdefender.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Jun Nakajima <jun.nakajima@intel.com>
Subject: [PATCH v2 2/7] x86/vm-event/monitor: relocate code-motion more appropriately
Date: Tue, 5 Jul 2016 17:27:26 +0300 [thread overview]
Message-ID: <1467728846-13682-1-git-send-email-czuzu@bitdefender.com> (raw)
In-Reply-To: <1467728717-13592-1-git-send-email-czuzu@bitdefender.com>
For readability:
* Add function arch_monitor_write_data (in x86/monitor.c) and separate handling
of monitor_write_data there (previously done directly in hvm_do_resume).
* Separate enabling/disabling of CPU_BASED_CR3_LOAD_EXITING for CR3 monitor
vm-events from CR0 node @ vmx_update_guest_cr(v, 0) into newly added function
vmx_vm_event_update_cr3_traps(d); also, for a better interface, create generic
function write_ctrlreg_adjust_traps (in x86/monitor.c) which deals with setting
up any traps for cr-write monitor vm-events.
Signed-off-by: Corneliu ZUZU <czuzu@bitdefender.com>
Acked-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
---
Changed since v1:
* separated vmx-specific code motion in vmx_vm_event_update_cr3_traps
* minor: reorder added include alphabetically
* minor: move arch_monitor_write_data call in if @ hvm_do_resume
---
xen/arch/x86/hvm/hvm.c | 46 ++++++++++++-------------------
xen/arch/x86/hvm/vmx/vmx.c | 58 +++++++++++++++++++++++++++++++++++----
xen/arch/x86/monitor.c | 48 +++++++++++++++++++++++++++-----
xen/include/asm-x86/hvm/vmx/vmx.h | 1 +
xen/include/asm-x86/monitor.h | 2 ++
5 files changed, 114 insertions(+), 41 deletions(-)
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index c89ab6e..e3829d2 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -475,8 +475,6 @@ void hvm_do_resume(struct vcpu *v)
if ( unlikely(v->arch.vm_event) )
{
- struct monitor_write_data *w = &v->arch.vm_event->write_data;
-
if ( v->arch.vm_event->emulate_flags )
{
enum emul_kind kind = EMUL_KIND_NORMAL;
@@ -494,29 +492,7 @@ void hvm_do_resume(struct vcpu *v)
v->arch.vm_event->emulate_flags = 0;
}
- if ( w->do_write.msr )
- {
- hvm_msr_write_intercept(w->msr, w->value, 0);
- w->do_write.msr = 0;
- }
-
- if ( w->do_write.cr0 )
- {
- hvm_set_cr0(w->cr0, 0);
- w->do_write.cr0 = 0;
- }
-
- if ( w->do_write.cr4 )
- {
- hvm_set_cr4(w->cr4, 0);
- w->do_write.cr4 = 0;
- }
-
- if ( w->do_write.cr3 )
- {
- hvm_set_cr3(w->cr3, 0);
- w->do_write.cr3 = 0;
- }
+ arch_monitor_write_data(v);
}
/* Inject pending hw/sw trap */
@@ -2206,7 +2182,10 @@ int hvm_set_cr0(unsigned long value, bool_t may_defer)
if ( hvm_monitor_crX(CR0, value, old_value) )
{
- /* The actual write will occur in hvm_do_resume(), if permitted. */
+ /*
+ * The actual write will occur in arch_monitor_write_data(), if
+ * permitted.
+ */
v->arch.vm_event->write_data.do_write.cr0 = 1;
v->arch.vm_event->write_data.cr0 = value;
@@ -2308,7 +2287,10 @@ int hvm_set_cr3(unsigned long value, bool_t may_defer)
if ( hvm_monitor_crX(CR3, value, old) )
{
- /* The actual write will occur in hvm_do_resume(), if permitted. */
+ /*
+ * The actual write will occur in arch_monitor_write_data(), if
+ * permitted.
+ */
v->arch.vm_event->write_data.do_write.cr3 = 1;
v->arch.vm_event->write_data.cr3 = value;
@@ -2388,7 +2370,10 @@ int hvm_set_cr4(unsigned long value, bool_t may_defer)
if ( hvm_monitor_crX(CR4, value, old_cr) )
{
- /* The actual write will occur in hvm_do_resume(), if permitted. */
+ /*
+ * The actual write will occur in arch_monitor_write_data(), if
+ * permitted.
+ */
v->arch.vm_event->write_data.do_write.cr4 = 1;
v->arch.vm_event->write_data.cr4 = value;
@@ -3767,7 +3752,10 @@ int hvm_msr_write_intercept(unsigned int msr, uint64_t msr_content,
{
ASSERT(v->arch.vm_event);
- /* The actual write will occur in hvm_do_resume() (if permitted). */
+ /*
+ * The actual write will occur in arch_monitor_write_data(), if
+ * permitted.
+ */
v->arch.vm_event->write_data.do_write.msr = 1;
v->arch.vm_event->write_data.msr = msr;
v->arch.vm_event->write_data.value = msr_content;
diff --git a/xen/arch/x86/hvm/vmx/vmx.c b/xen/arch/x86/hvm/vmx/vmx.c
index 8ab074f..0fa3fea 100644
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -1442,11 +1442,6 @@ static void vmx_update_guest_cr(struct vcpu *v, unsigned int cr)
if ( !hvm_paging_enabled(v) && !vmx_unrestricted_guest(v) )
v->arch.hvm_vmx.exec_control |= cr3_ctls;
- /* Trap CR3 updates if CR3 memory events are enabled. */
- if ( v->domain->arch.monitor.write_ctrlreg_enabled &
- monitor_ctrlreg_bitmask(VM_EVENT_X86_CR3) )
- v->arch.hvm_vmx.exec_control |= CPU_BASED_CR3_LOAD_EXITING;
-
if ( old_ctls != v->arch.hvm_vmx.exec_control )
vmx_update_cpu_exec_control(v);
}
@@ -3899,6 +3894,59 @@ void vmx_vmenter_helper(const struct cpu_user_regs *regs)
}
/*
+ * Adjusts domain CR3 load-exiting execution control for CR3-write monitor
+ * vm-event.
+ */
+void vmx_vm_event_update_cr3_traps(struct domain *d)
+{
+ struct vcpu *v;
+ struct arch_vmx_struct *avmx;
+ unsigned int cr3_bitmask;
+ bool_t cr3_vmevent, cr3_ldexit;
+
+ /* domain must be paused */
+ ASSERT(atomic_read(&d->pause_count));
+
+ /* non-hap domains trap CR3 writes unconditionally */
+ if ( !paging_mode_hap(d) )
+ {
+#ifndef NDEBUG
+ for_each_vcpu ( d, v )
+ ASSERT(v->arch.hvm_vmx.exec_control & CPU_BASED_CR3_LOAD_EXITING);
+#endif
+ return;
+ }
+
+ cr3_bitmask = monitor_ctrlreg_bitmask(VM_EVENT_X86_CR3);
+ cr3_vmevent = !!(d->arch.monitor.write_ctrlreg_enabled & cr3_bitmask);
+
+ for_each_vcpu ( d, v )
+ {
+ avmx = &v->arch.hvm_vmx;
+ cr3_ldexit = !!(avmx->exec_control & CPU_BASED_CR3_LOAD_EXITING);
+
+ if ( cr3_vmevent == cr3_ldexit )
+ continue;
+
+ /*
+ * If CR0.PE=0, CR3 load exiting must remain enabled.
+ * See vmx_update_guest_cr code motion for cr = 0.
+ */
+ if ( cr3_ldexit && !hvm_paging_enabled(v) && !vmx_unrestricted_guest(v) )
+ continue;
+
+ if ( cr3_vmevent )
+ avmx->exec_control |= CPU_BASED_CR3_LOAD_EXITING;
+ else
+ avmx->exec_control &= ~CPU_BASED_CR3_LOAD_EXITING;
+
+ vmx_vmcs_enter(v);
+ vmx_update_cpu_exec_control(v);
+ vmx_vmcs_exit(v);
+ }
+}
+
+/*
* Local variables:
* mode: C
* c-file-style: "BSD"
diff --git a/xen/arch/x86/monitor.c b/xen/arch/x86/monitor.c
index 205df41..2bb7d86 100644
--- a/xen/arch/x86/monitor.c
+++ b/xen/arch/x86/monitor.c
@@ -19,7 +19,9 @@
* License along with this program; If not, see <http://www.gnu.org/licenses/>.
*/
+#include <asm/hvm/vmx/vmx.h>
#include <asm/monitor.h>
+#include <asm/vm_event.h>
#include <public/vm_event.h>
int arch_monitor_init_domain(struct domain *d)
@@ -41,6 +43,35 @@ void arch_monitor_cleanup_domain(struct domain *d)
memset(&d->monitor, 0, sizeof(d->monitor));
}
+void arch_monitor_write_data(struct vcpu *v)
+{
+ struct monitor_write_data *w = &v->arch.vm_event->write_data;
+
+ if ( w->do_write.msr )
+ {
+ hvm_msr_write_intercept(w->msr, w->value, 0);
+ w->do_write.msr = 0;
+ }
+
+ if ( w->do_write.cr0 )
+ {
+ hvm_set_cr0(w->cr0, 0);
+ w->do_write.cr0 = 0;
+ }
+
+ if ( w->do_write.cr4 )
+ {
+ hvm_set_cr4(w->cr4, 0);
+ w->do_write.cr4 = 0;
+ }
+
+ if ( w->do_write.cr3 )
+ {
+ hvm_set_cr3(w->cr3, 0);
+ w->do_write.cr3 = 0;
+ }
+}
+
static unsigned long *monitor_bitmap_for_msr(const struct domain *d, u32 *msr)
{
ASSERT(d->arch.monitor.msr_bitmap && msr);
@@ -119,6 +150,15 @@ bool_t monitored_msr(const struct domain *d, u32 msr)
return test_bit(msr, bitmap);
}
+static inline void write_ctrlreg_adjust_traps(struct domain *d, uint8_t index)
+{
+ /* vmx only */
+ ASSERT(cpu_has_vmx);
+
+ if ( VM_EVENT_X86_CR3 == index )
+ vmx_vm_event_update_cr3_traps(d);
+}
+
int arch_monitor_domctl_event(struct domain *d,
struct xen_domctl_monitor_op *mop)
{
@@ -159,13 +199,7 @@ int arch_monitor_domctl_event(struct domain *d,
else
ad->monitor.write_ctrlreg_enabled &= ~ctrlreg_bitmask;
- if ( VM_EVENT_X86_CR3 == mop->u.mov_to_cr.index )
- {
- struct vcpu *v;
- /* Latches new CR3 mask through CR0 code. */
- for_each_vcpu ( d, v )
- hvm_update_guest_cr(v, 0);
- }
+ write_ctrlreg_adjust_traps(d, mop->u.mov_to_cr.index);
domain_unpause(d);
diff --git a/xen/include/asm-x86/hvm/vmx/vmx.h b/xen/include/asm-x86/hvm/vmx/vmx.h
index 359b2a9..15bb592 100644
--- a/xen/include/asm-x86/hvm/vmx/vmx.h
+++ b/xen/include/asm-x86/hvm/vmx/vmx.h
@@ -101,6 +101,7 @@ void vmx_update_debug_state(struct vcpu *v);
void vmx_update_exception_bitmap(struct vcpu *v);
void vmx_update_cpu_exec_control(struct vcpu *v);
void vmx_update_secondary_exec_control(struct vcpu *v);
+void vmx_vm_event_update_cr3_traps(struct domain *d);
#define POSTED_INTR_ON 0
#define POSTED_INTR_SN 1
diff --git a/xen/include/asm-x86/monitor.h b/xen/include/asm-x86/monitor.h
index a9db3c0..0611681 100644
--- a/xen/include/asm-x86/monitor.h
+++ b/xen/include/asm-x86/monitor.h
@@ -94,6 +94,8 @@ int arch_monitor_init_domain(struct domain *d);
void arch_monitor_cleanup_domain(struct domain *d);
+void arch_monitor_write_data(struct vcpu *v);
+
bool_t monitored_msr(const struct domain *d, u32 msr);
#endif /* __ASM_X86_MONITOR_H__ */
--
2.5.0
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-07-05 14:27 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-05 14:25 [PATCH v2 0/7] x86/vm-event: Adjustments & fixes Corneliu ZUZU
2016-07-05 14:26 ` [PATCH v2 1/7] x86/vmx_update_guest_cr: minor optimization Corneliu ZUZU
2016-07-05 14:27 ` Corneliu ZUZU [this message]
2016-07-05 14:28 ` [PATCH v2 3/7] x86/vm-event/monitor: don't compromise monitor_write_data on domain cleanup Corneliu ZUZU
2016-07-05 14:45 ` George Dunlap
2016-07-05 14:46 ` George Dunlap
2016-07-05 17:16 ` Razvan Cojocaru
2016-07-06 7:01 ` Corneliu ZUZU
2016-07-05 14:29 ` [PATCH v2 4/7] x86/vm_event_resume: surround VM_EVENT_REASON_MOV_TO_MSR w/ CONFIG_X86 Corneliu ZUZU
2016-07-05 14:29 ` [PATCH v2 5/7] x86/vm-event: minor ASSERT fix, add 'unlikely' Corneliu ZUZU
2016-07-05 14:30 ` [PATCH v2 6/7] minor fixes (formatting, comments, unused includes etc.) Corneliu ZUZU
2016-07-05 15:46 ` Razvan Cojocaru
2016-07-06 9:52 ` Julien Grall
2016-07-05 14:31 ` [PATCH v2 7/7] minor #include change Corneliu ZUZU
2016-07-05 14:39 ` Tamas K Lengyel
2016-07-05 15:25 ` Razvan Cojocaru
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1467728846-13682-1-git-send-email-czuzu@bitdefender.com \
--to=czuzu@bitdefender.com \
--cc=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=jun.nakajima@intel.com \
--cc=kevin.tian@intel.com \
--cc=rcojocaru@bitdefender.com \
--cc=tamas@tklengyel.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.