Re: how to set up a #VE

From: Big Strong <fangtuo90@gmail.com>
To: Tamas K Lengyel <tamas.k.lengyel@gmail.com>
Cc: Ian Campbell <ian.campbell@citrix.com>,
	xen-devel <xen-devel@lists.xen.org>
Subject: Re: how to set up a #VE
Date: Fri, 29 Apr 2016 12:27:07 +0800	[thread overview]
Message-ID: <CAFnE1f0veOtuSiF-_6eYYg3sTGuMBRwUaW5GSKFRGZY829m+GQ@mail.gmail.com> (raw)
In-Reply-To: <CABfawhmvXuZqqL3ewsXgjAYn3bnBoW7h6W4SKi4U0m5_bXhupw@mail.gmail.com>

[-- Attachment #1.1: Type: text/plain, Size: 2196 bytes --]

>
> You can always just add a new page to the domain to be used for #VE.

It's there a method to directly assign physical pages to guest from dom0?
Using xc_map_foreign_address just like libvmi?

2016-04-28 23:07 GMT+08:00 Tamas K Lengyel <tamas.k.lengyel@gmail.com>:

>
>
> On Thu, Apr 28, 2016 at 8:36 AM, Big Strong <fangtuo90@gmail.com> wrote:
>
>> I want to set up an EPT page so as to trigger the #VE for testing
>> purpose. However, some problems are met.
>>
>> As the Intel Manual said, there are many conditions to trigger a #VE:
>>
>> a)      If an access to a guest-physical address causes an EPT
>> violation, bit 63 (0) of exactly one of the EPT paging-structure entries
>> used to translate that address is used to determine *whether the EPT
>> violation is convertible*: either an entry that is not present (if the
>> guest-physical address does not translate to a physical address) or an
>> entry that maps a page (if it does).
>>
>> b)      A convertible EPT violation instead causes a virtualization
>> exception if the following all hold:
>>
>> • CR0.PE = 1;
>>
>> • the logical processor is not in the process of delivering an event
>> through the IDT; and
>>
>> • the 32 bits at offset 4 in the virtualization-exception information
>> area are all 0.
>> In xc_altp2m.c, there is a function xc_altp2m_set_vcpu_enable_notify
>> which is used to set up the #VE information area. However, as the arguments
>> gfn is a physical address (of the guest?), how can I safely assign an
>> unused physical memory space to store #VE info?
>>
>
> You can always just add a new page to the domain to be used for #VE.
>
>
>>
>> Besides, there is no xenctrl interface for setting the suprress_ve bit
>> (63) of the EPT PTE, which is needed to trigger #VE. Even though I can set
>> that with ept_set_entry function, this is an internal function of Xen and
>> unavailble to dom0.
>>
>
> It's undocumented enough (and it took me a bit to find as well) but if you
> use xc_altp2m_set_mem_access and have used xc_altp2m_set_vcpu_enable_notify
> before, then those EPT PTE entries will be converted to #VE automatically.
>
> Tamas
>
>

[-- Attachment #1.2: Type: text/html, Size: 4876 bytes --]

[-- Attachment #2: Type: text/plain, Size: 126 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel