Re: [Xen-devel] [PATCH v5 03/15] VMX: implement suppress #VE.

2015-07-14 Thread Jan Beulich 
 On 14.07.15 at 02:14, edmund.h.wh...@intel.com wrote:
 In preparation for selectively enabling #VE in a later patch, set
 suppress #VE on all EPTE's.
 
 Suppress #VE should always be the default condition for two reasons:
 it is generally not safe to deliver #VE into a guest unless that guest
 has been modified to receive it; and even then for most EPT violations only
 the hypervisor is able to handle the violation.
 
 Signed-off-by: Ed White edmund.h.wh...@intel.com
 
 Reviewed-by: Andrew Cooper andrew.coop...@citrix.com
 Reviewed-by: George Dunlap george.dun...@eu.citrix.com
 Acked-by: Jun Nakajima jun.nakaj...@intel.com
 ---

Missing revision log here. And I think the dropping of the adjustment
to ept_p2m_init() invalidates reviews as well as Jun's ack - just
consider if my request to do so was wrong for some reason, and
neither of them saw me asking for this.

Jan


___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

[Xen-devel] [PATCH v5 03/15] VMX: implement suppress #VE.

2015-07-13 Thread Ed White 
In preparation for selectively enabling #VE in a later patch, set
suppress #VE on all EPTE's.

Suppress #VE should always be the default condition for two reasons:
it is generally not safe to deliver #VE into a guest unless that guest
has been modified to receive it; and even then for most EPT violations only
the hypervisor is able to handle the violation.

Signed-off-by: Ed White edmund.h.wh...@intel.com

Reviewed-by: Andrew Cooper andrew.coop...@citrix.com
Reviewed-by: George Dunlap george.dun...@eu.citrix.com
Acked-by: Jun Nakajima jun.nakaj...@intel.com
---
 xen/arch/x86/mm/p2m-ept.c | 17 -
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/xen/arch/x86/mm/p2m-ept.c b/xen/arch/x86/mm/p2m-ept.c
index a6c9adf..59410ea 100644
--- a/xen/arch/x86/mm/p2m-ept.c
+++ b/xen/arch/x86/mm/p2m-ept.c
@@ -41,7 +41,8 @@
 #define is_epte_superpage(ept_entry)((ept_entry)-sp)
 static inline bool_t is_epte_valid(ept_entry_t *e)
 {
-return (e-epte != 0  e-sa_p2mt != p2m_invalid);
+/* suppress_ve alone is not considered valid, so mask it off */
+return ((e-epte  ~(1ul  63)) != 0  e-sa_p2mt != p2m_invalid);
 }
 
 /* returns : 0 for success, -errno otherwise */
@@ -219,6 +220,8 @@ static void ept_p2m_type_to_flags(struct p2m_domain *p2m, 
ept_entry_t *entry,
 static int ept_set_middle_entry(struct p2m_domain *p2m, ept_entry_t *ept_entry)
 {
 struct page_info *pg;
+ept_entry_t *table;
+unsigned int i;
 
 pg = p2m_alloc_ptp(p2m, 0);
 if ( pg == NULL )
@@ -232,6 +235,15 @@ static int ept_set_middle_entry(struct p2m_domain *p2m, 
ept_entry_t *ept_entry)
 /* Manually set A bit to avoid overhead of MMU having to write it later. */
 ept_entry-a = 1;
 
+ept_entry-suppress_ve = 1;
+
+table = __map_domain_page(pg);
+
+for ( i = 0; i  EPT_PAGETABLE_ENTRIES; i++ )
+table[i].suppress_ve = 1;
+
+unmap_domain_page(table);
+
 return 1;
 }
 
@@ -281,6 +293,7 @@ static int ept_split_super_page(struct p2m_domain *p2m, 
ept_entry_t *ept_entry,
 epte-sp = (level  1);
 epte-mfn += i * trunk;
 epte-snp = (iommu_enabled  iommu_snoop);
+epte-suppress_ve = 1;
 
 ept_p2m_type_to_flags(p2m, epte, epte-sa_p2mt, epte-access);
 
@@ -790,6 +803,8 @@ ept_set_entry(struct p2m_domain *p2m, unsigned long gfn, 
mfn_t mfn,
 ept_p2m_type_to_flags(p2m, new_entry, p2mt, p2ma);
 }
 
+new_entry.suppress_ve = 1;
+
 rc = atomic_write_ept_entry(ept_entry, new_entry, target);
 if ( unlikely(rc) )
 old_entry.epte = 0;
-- 
1.9.1


___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel