Hi Paolo,
On 01.09.2014 23:04, Paolo Bonzini wrote:
Valentine, can you produce another trace, this time with both kvm and
kvmmmu events enabled?
I was able to make the trace shorter by grepping only what's happening
on a single CPU core (#0):
On 02.09.2014 12:09, Valentine Sinitsyn wrote:
https://www.dropbox.com/s/slbxmxyg74wh9hv/l1mmio-cpu0.txt.gz?dl=0
Forgot to say: the user space is vanilla QEMU 2.1.0 here.
Valentine
--
To unsubscribe from this list: send the line unsubscribe kvm in
the body of a message to
Il 01/09/2014 21:21, Valentine Sinitsyn ha scritto:
Can you retry running the tests with the latest kvm-unit-tests (branch
master), gather a trace of kvm and kvmmmu events, and send the
compressed trace.dat my way?
You mean the trace when the problem reveal itself (not from running
tests),
On 02.09.2014 14:25, Paolo Bonzini wrote:
I actually meant kvm-unit-tests in order to understand the npt_rsvd
failure. (I had sent a separate message for Jailhouse).
Oops, sorry for misunderstanding. Uploaded it here:
https://www.dropbox.com/s/jp6ohb0ul3d6v4u/npt_rsvd.txt.bz2?dl=0
The
Il 02/09/2014 08:09, Valentine Sinitsyn ha scritto:
https://www.dropbox.com/s/slbxmxyg74wh9hv/l1mmio-cpu0.txt.gz?dl=0
It was taken with kernel 3.16.1 modules with your paging-tmpl.h patch
applied.
This time, the trace looks somewhat different, however my code still
hangs in nested KVM
On 02.09.2014 15:45, Paolo Bonzini wrote:
This *is* different though. I don't see any kvm_inj_exception at all
(with my patch it should be for vector 0xfe).
I've applied the part of your patch, that fixes the uninitialized
exception vector problem, otherwise the lockup will trigger before my
On 02.09.2014 15:45, Paolo Bonzini wrote:
In any case, the problem seems specific to _writes_ to the APIC page.
I'm going to write a testcase for that and see if I can reproduce it now.
If you'll need a complete trace, not only CPU 0, please let me know -
I'll upload it as well. It's about 17M
Il 02/09/2014 11:16, Valentine Sinitsyn ha scritto:
On 02.09.2014 14:25, Paolo Bonzini wrote:
I actually meant kvm-unit-tests in order to understand the npt_rsvd
failure. (I had sent a separate message for Jailhouse).
Oops, sorry for misunderstanding. Uploaded it here:
On 02.09.2014 17:21, Paolo Bonzini wrote:
Ugh, there are many bugs and the test is even wrong because the actual
error code should be 0x20006 (error while visiting page tables).
Well, good they were spotted. :-) Haven't looked at the test code
actually, just saw it fails for some reason.
Il 02/09/2014 11:53, Valentine Sinitsyn ha scritto:
real_gpa = mmu-translate_gpa(vcpu, gfn_to_gpa(gfn), access);
if (real_gpa == UNMAPPED_GVA)
-return 0;
+goto error;
walker-gfn = real_gpa PAGE_SHIFT;
So they should look like regular page faults (as they
Il 22/08/2014 06:33, Valentine Sinitsyn ha scritto:
On 22.08.2014 02:31, Paolo Bonzini wrote:
VMX used the right access size already, the tests are separate for VMX
and SVM.
Sure. So the bug is NPT-specific?
Hmm, unfortunately the test cannot reproduce the bug, at least with 3.16.
It only
Il 20/08/2014 08:46, Valentine Sinitsyn ha scritto:
Looks like it is a bug in KVM. I had a chance to run the same code
bare-metal ([1], line 310 is uncommented for bare-metal case but present
for nested SVM), and it seems to work as expected. However, When I trace
it in nested SVM setup, after
Il 21/08/2014 14:28, Valentine Sinitsyn ha scritto:
It seems to work for VMX (see the testcase I just sent). For SVM, can
you check if this test works for you, so that we can work on a simple
testcase?
However, npt_rsvd seems to be broken - maybe that is the reason?
BTW npt_rsvd does *not*
Hi Paolo,
On 01.09.2014 23:41, Paolo Bonzini wrote:
Il 21/08/2014 14:28, Valentine Sinitsyn ha scritto:
BTW npt_rsvd does *not* fail on the machine I've been testing on today.
I can confirm l1mmio test doesn't fail in kvm-unit-test's master
anymore. npt_rsvd still does. I also needed to
Il 22/08/2014 06:33, Valentine Sinitsyn ha scritto:
On 22.08.2014 02:31, Paolo Bonzini wrote:
VMX used the right access size already, the tests are separate for VMX
and SVM.
Sure. So the bug is NPT-specific?
Looks like that, yes.
Paolo
--
To unsubscribe from this list: send the line
Hi all,
On 20.08.2014 14:11, Paolo Bonzini wrote:
Another patch... I will post parts of it separately, if I am right
you should get 0xfe as the vector and a WARN from the gva_to_gpa function.
With the patch like this:
diff --git a/arch/x86/kvm/paging_tmpl.h b/arch/x86/kvm/paging_tmpl.h
On 21.08.2014 12:28, Valentine Sinitsyn wrote:
KVM seems to work properly (no weird exceptions injected), although my
code now freezes (quick look on the trace suggests it's looping reading
APIC). Not sure whose bug is it, will look further.
Looks like the problem is that if nested page tables
Il 21/08/2014 10:48, Valentine Sinitsyn ha scritto:
So I'm returning to my original question: is this an intended behavior
of KVM that APIC access on nested page tables level are not trapped, or
is this a bug?
I think it's just a bug. Nobody thought that you'd let L2 access L1's
APIC via NPT.
On 2014-08-21 13:04, Paolo Bonzini wrote:
Il 21/08/2014 10:48, Valentine Sinitsyn ha scritto:
So I'm returning to my original question: is this an intended behavior
of KVM that APIC access on nested page tables level are not trapped, or
is this a bug?
I think it's just a bug. Nobody
On 21.08.2014 17:06, Jan Kiszka wrote:
Do you think it would only affect the APIC, or could it cause troubles
with other pass-through devices as well (some PCI BAR e.g.)?
I've skimmed the KVM sources only quickly, but if feel there is nothing
APIC-specific in nested paging code. I.e. access to
On 21.08.2014 17:04, Paolo Bonzini wrote:
I think it's just a bug. Nobody thought that you'd let L2 access L1's
Sure, this is by no means a common use case. However can be seen as a
flaw that lets the malicious guest to affects others by mapping and
reprogramming APICs or other.
Valentine
Il 21/08/2014 10:48, Valentine Sinitsyn ha scritto:
No kvm_apic: after NPTs are set up, no page faults caused by register
read (error_code: d), to trap and emulate APIC access.
It seems to work for VMX (see the testcase I just sent). For SVM, can you
check if this test works for you, so that
On 21.08.2014 17:24, Paolo Bonzini wrote:
It seems to work for VMX (see the testcase I just sent). For SVM, can you
check if this test works for you, so that we can work on a simple testcase?
It passes for SVM, too.
However, npt_rsvd seems to be broken - maybe that is the reason?
Also, I
On 21.08.2014 18:28, Valentine Sinitsyn wrote:
Also, I tried to use different register values for npt_l1mmio_test() and
npt_l1mmio_check() (like 0xfee00030 and 0xfee00400), but got test passed
Just a small clarification: I made npt_l1mmio_test() to read 0xfee00030
and npt_l1mmio_check() to
Sorry for the chain letters.
On 21.08.2014 18:28, Valentine Sinitsyn wrote:
It passes for SVM, too.
I also looked at SVM tests more closely, and found out that NPT maps the
whole memory-range as cached memory. This can also be a reason for a
false positive in the test (if there is one). Will
On 21.08.2014 17:24, Paolo Bonzini wrote:
It seems to work for VMX (see the testcase I just sent). For SVM, can you
check if this test works for you, so that we can work on a simple testcase?
I was able to reproduce the bug with your testcase when I changed APIC
register access size (see
Il 21/08/2014 19:35, Valentine Sinitsyn ha scritto:
I was able to reproduce the bug with your testcase when I changed APIC
register access size (see below). Please check if it fails on VMX as
well now.
VMX used the right access size already, the tests are separate for VMX
and SVM.
On a side
On 22.08.2014 02:31, Paolo Bonzini wrote:
VMX used the right access size already, the tests are separate for VMX
and SVM.
Sure. So the bug is NPT-specific?
BTW I was likely wrong stating:
if nested page tables maps some GPA to 0xfee0 HPA, it's really mapped to
this HPA,
Looks more
Hi all,
Please excuse me for bringing alive a two-month old thread, but I had
time to investigate the issue a bit only recently.
On 18.06.2014 18:47, Jan Kiszka wrote:
On 2014-06-18 13:36, Valentine Sinitsyn wrote:
If we want to provide useful nested SVM support, this must be feasible.
If
Il 20/08/2014 08:46, Valentine Sinitsyn ha scritto:
You can see the problem here: the code tries to access APIC MMIO
register, which is trapped by KVM's MMU code (at nested page table
walk). During MMIO access emulation, KVM decides to inject 0x23c
exception (which looks wrong, as there is
Hi Paolo,
On 20.08.2014 12:55, Paolo Bonzini wrote:
Is the 0x23c always the same?
No, it's just a garbage - I've seen other values as well (0x80 last time).
Can you try this patch?
Sure. It does print a warning:
[ 2176.722098] [ cut here ]
[ 2176.722118] WARNING:
Il 20/08/2014 09:37, Valentine Sinitsyn ha scritto:
Hi Paolo,
On 20.08.2014 12:55, Paolo Bonzini wrote:
Is the 0x23c always the same?
No, it's just a garbage - I've seen other values as well (0x80 last time).
Can you try this patch?
Sure. It does print a warning:
[ 2176.722098]
On 20.08.2014 14:11, Paolo Bonzini wrote:
Another patch... I will post parts of it separately, if I am right
you should get 0xfe as the vector and a WARN from the gva_to_gpa function.
I confirm the vector is 0xfe, however I see no warnings from
gva_to_gpa() - only from emulate_exception():
Il 18/06/2014 18:59, Valentine Sinitsyn ha scritto:
I also noticed that setting PAT MSR from the nested hypervisor leaves
high word unassigned, i.e. the code like this:
mov $0x70106, %rax
mov %rax, %rdx
mov $0x0277, %rcx
wrmsr
rdmsr
yields %rax = 0, %rdx = 0x70106.
This should be
Hi all,
I'm using a KVM/Qemu nested SVM setup to debug another hypervisor
(Jailhouse) I contribute to. IOW, the scheme is: AMD64 Linux host
running [paravirtualized] AMD64 Linux guest (the same kernel as the
host) running Jailhouse.
Jailhouse, in turn, uses Nested Paging to virtualize
On 2014-06-18 13:36, Valentine Sinitsyn wrote:
Hi all,
I'm using a KVM/Qemu nested SVM setup to debug another hypervisor
(Jailhouse) I contribute to. IOW, the scheme is: AMD64 Linux host
running [paravirtualized] AMD64 Linux guest (the same kernel as the
host) running Jailhouse.
Hi Jan,
If we want to provide useful nested SVM support, this must be feasible.
If there is a bug, it has to be fixed.
I was more concerned about if it is supported (and it means I do
something wrong), or if it is not supported (at least, now).
Maybe you can describe how you configured the
Hi all,
If we want to provide useful nested SVM support, this must be feasible.
If there is a bug, it has to be fixed.
I did a quick look on KVM sources this morning, and although I can be
wrong, this really looks like a bug.
The reason is nested_svm_vmrun() doesn't do anything to host or
38 matches
Mail list logo
