On Mon, Oct 30, 2017 at 11:19 AM, Razvan Cojocaru
wrote:
> On 10/30/2017 07:07 PM, Tamas K Lengyel wrote:
>> On Mon, Oct 30, 2017 at 11:01 AM, Razvan Cojocaru
>> wrote:
>>> On 10/30/2017 06:39 PM, Tamas K Lengyel wrote:
>>>> On Mon, Oct 30, 2017 at 10:24 AM, R
On Mon, Oct 30, 2017 at 11:01 AM, Razvan Cojocaru
wrote:
> On 10/30/2017 06:39 PM, Tamas K Lengyel wrote:
>> On Mon, Oct 30, 2017 at 10:24 AM, Razvan Cojocaru
>> wrote:
>>> On 30.10.2017 18:01, Tamas K Lengyel wrote:
>>>> On Mon, Oct 30, 2017 at 4:32 AM, Alex
On Mon, Oct 30, 2017 at 10:24 AM, Razvan Cojocaru
wrote:
> On 30.10.2017 18:01, Tamas K Lengyel wrote:
>> On Mon, Oct 30, 2017 at 4:32 AM, Alexandru Isaila
>> wrote:
>>> This patch is adding a way to enable/disable nested pagefault
>>> events. It introduce
On Mon, Oct 30, 2017 at 4:32 AM, Alexandru Isaila
wrote:
> This patch is adding a way to enable/disable nested pagefault
> events. It introduces the xc_monitor_nested_pagefault function
> and adds the nested_pagefault_disabled in the monitor structure.
> This is needed by the introspection so it w
On Fri, Sep 22, 2017 at 5:11 PM, Daniel Kiper wrote:
> On Fri, Sep 22, 2017 at 02:25:46AM -0600, Jan Beulich wrote:
>> >>> On 22.09.17 at 00:46, wrote:
>> > One piece that I see still missing is the Xen command line parameters
>> > not being verified. It would be ideal to have the option to get t
On Wed, Oct 25, 2017 at 9:32 AM, Yi Zhang wrote:
> On 2017-10-24 at 11:43:45 -0600, Tamas K Lengyel wrote:
>> On Fri, Oct 20, 2017 at 2:44 AM, Yi Zhang wrote:
>> > On 2017-10-19 at 12:17:12 -0600, Tamas K Lengyel wrote:
>> >> On Thu, Oct 19, 2017 at 2:11 AM, Zhang
On Fri, Oct 20, 2017 at 2:44 AM, Yi Zhang wrote:
> On 2017-10-19 at 12:17:12 -0600, Tamas K Lengyel wrote:
>> On Thu, Oct 19, 2017 at 2:11 AM, Zhang Yi wrote:
>> > From: Zhang Yi Z
>> >
>> > Current we only support Sub-page Protection on the 4k
>> >
>> In previous discussion we considered only two variants: in XEN or outside
>> XEN. Stubdomain approach looks more secure, but I'm not sure that it is
>> true.
>> Such stubdomain will need access to all guests memory. If you managed to
>> gain control on mediator stubdomain, you can do anything yo
On Thu, Oct 19, 2017 at 2:13 AM, Zhang Yi wrote:
> From: Zhang Yi Z
>
> The Hypercall is defined as HVMOP_set_subpage
Are there any expected use-cases where a HVM guest would need access
to this hypercall? Is spp compatible with #VE? If not, I think it
would be better to integrate this with the
On Thu, Oct 19, 2017 at 2:12 AM, Zhang Yi wrote:
> From: Zhang Yi Z
>
> The hardware uses the guest-physical address and bits 11:7 of the
> address accessed to lookup the SPPT to fetch a write permission bit for
> the 128 byte wide sub-page region being accessed within the 4K
> guest-physical pag
On Thu, Oct 19, 2017 at 2:11 AM, Zhang Yi wrote:
> From: Zhang Yi Z
>
> Current we only support Sub-page Protection on the 4k
> page table.
>
> Signed-off-by: Zhang Yi Z
> ---
> xen/arch/x86/hvm/vmx/vmx.c | 6 ++
> 1 file changed, 6 insertions(+)
>
> diff --git a/xen/arch/x86/hvm/vmx/vmx.c
d to the
>> hvm_monitor_msr function. Finally I've changed the bool_t param
>> to a bool for the hvm_msr_write_intercept function.
>>
>> Signed-off-by: Alexandru Isaila
>> Acked-by: Tamas K Lengyel
>
> I think this should have been dropped with a bug havi
On Fri, Oct 13, 2017 at 6:17 AM, Jan Beulich wrote:
On 13.10.17 at 12:36, wrote:
>> On 13.10.2017 13:29, Jan Beulich wrote:
+__set_bit(index + sizeof(struct monitor_msr_bitmap), bitmap);
>>>
>>> I think you miss "* 8" here - a bit position plus sizeof() doesn't
>>> produce any u
e changed the bool_t param
> to a bool for the hvm_msr_write_intercept function.
>
> Signed-off-by: Alexandru Isaila
Acked-by: Tamas K Lengyel
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
the file given already provides a typesafe version of page_to_mfn.
>
> Signed-off-by: Julien Grall
Acked-by: Tamas K Lengyel
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
return mfn_t by default.
>
> Only reasonable clean-ups are done in this patch because it is
> already quite big. So some of the files now override page_to_mfn and
> mfn_to_page to avoid using mfn_t.
>
> Signed-off-by: Julien Grall
Acked-by: Tamas K Lengyel
On Mon, Oct 2, 2017 at 6:59 AM, Julien Grall wrote:
> Signed-off-by: Julien Grall
> Acked-by: Andrew Cooper
> Reviewed-by: Kevin Tian
> Acked-by: Razvan Cojocaru
> Reviewed-by: Wei Liu
Acked-by: Tamas K Lengyel
___
Xen-devel m
On Fri, Sep 22, 2017 at 2:25 AM, Jan Beulich wrote:
On 22.09.17 at 00:46, wrote:
>> One piece that I see still missing is the Xen command line parameters
>> not being verified. It would be ideal to have the option to get that
>> set during compile time as well, similar to Linux's CONFIG_CMDL
On Wed, Sep 20, 2017 at 10:10 AM, Daniel Kiper wrote:
> On Wed, Sep 20, 2017 at 09:59:51AM -0600, Tamas K Lengyel wrote:
>> On Wed, Sep 20, 2017 at 9:46 AM, Jan Beulich wrote:
>> >>>> On 20.09.17 at 17:20, wrote:
>> >> On Wed, Sep 20, 2017 at 12:30 AM, Ja
On Wed, Sep 20, 2017 at 10:10 AM, Daniel Kiper wrote:
> On Wed, Sep 20, 2017 at 09:59:51AM -0600, Tamas K Lengyel wrote:
>> On Wed, Sep 20, 2017 at 9:46 AM, Jan Beulich wrote:
>> >>>> On 20.09.17 at 17:20, wrote:
>> >> On Wed, Sep 20, 2017 at 12:30 AM, Ja
On Thu, Sep 21, 2017 at 7:03 AM, Jan Beulich wrote:
On 20.09.17 at 22:57, wrote:
>> --- a/xen/common/efi/boot.c
>> +++ b/xen/common/efi/boot.c
>> @@ -1226,9 +1226,13 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE
>> *SystemTable)
>> efi_bs->FreePool(name.w);
>>
>> i
From: Tamas K Lengyel
The EFI messages flash by so fast that it is impossible to catch them without
a serial debugger attached. Sometimes though we don't have that available so
having some time to read the messages off the screen is valuable.
Signed-off-by: Tamas K Lengyel
Cc: Jan Be
From: Tamas K Lengyel
If the shim protocol is located it is expected that the dom0 kernel image
will also pass the shim verification.
Signed-off-by: Tamas K Lengyel
Cc: Jan Beulich
---
xen/common/efi/boot.c | 10 +++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/xen
On Wed, Sep 20, 2017 at 9:46 AM, Jan Beulich wrote:
On 20.09.17 at 17:20, wrote:
>> On Wed, Sep 20, 2017 at 12:30 AM, Jan Beulich wrote:
>> On 20.09.17 at 00:23, wrote:
Yeap, the shim pretty simply removed the .reloc section as it was
marked discardable and did the relocation
On Wed, Sep 20, 2017 at 12:30 AM, Jan Beulich wrote:
On 20.09.17 at 00:23, wrote:
>> On Mon, Sep 18, 2017 at 2:58 AM, Jan Beulich wrote:
>> On 14.09.17 at 18:20, wrote:
Of course, you can grab them from here:
https://drive.google.com/drive/folders/0B5duyI9SzNtWaXE0cjM1QzZJbVk
pe,
> - make x86's paging_domctl() and descendants take a properly typed
> handle,
> - add const in a few places.
>
> Signed-off-by: Jan Beulich
Acked-by: Tamas K Lengyel
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On Mon, Sep 18, 2017 at 2:58 AM, Jan Beulich wrote:
On 14.09.17 at 18:20, wrote:
>> Of course, you can grab them from here:
>> https://drive.google.com/drive/folders/0B5duyI9SzNtWaXE0cjM1QzZJbVk?usp=shar
>> ing
>
> So the dumps of the two (using my own tool) are identical except for
> the ex
On Tue, Sep 5, 2017 at 12:26 PM, Tamas K Lengyel
wrote:
> On Mon, Sep 4, 2017 at 6:40 AM, Daniel Kiper wrote:
>> On Wed, Aug 30, 2017 at 10:16:23AM -0600, Tamas K Lengyel wrote:
>>> On Tue, Aug 29, 2017 at 2:01 PM, Daniel Kiper
>>> wrote:
>>> > Hey Tam
On Thu, Sep 14, 2017 at 12:06 PM, Jan Beulich wrote:
On 14.09.17 at 17:43, wrote:
>> On Wed, Sep 13, 2017 at 11:42 AM, Jan Beulich wrote:
>> On 13.09.17 at 16:40, wrote:
On Wed, Sep 13, 2017 at 3:21 AM, Jan Beulich wrote:
On 13.09.17 at 07:27, wrote:
>>Sections:
>>>
On Wed, Sep 13, 2017 at 11:42 AM, Jan Beulich wrote:
On 13.09.17 at 16:40, wrote:
>> On Wed, Sep 13, 2017 at 3:21 AM, Jan Beulich wrote:
>> On 13.09.17 at 07:27, wrote:
Sections:
Idx Name Size VMA LMA File off
Algn
0 .text
On Wed, Sep 13, 2017 at 11:59 AM, Julien Grall wrote:
> Signed-off-by: Julien Grall
>
I guess the rest of the mem_sharing codebase would benefit from moving
to the use gfn_t as well, clearing up some of the gfn conversion stuff
that's needed right now..
Acked-by: Tama
On Wed, Sep 13, 2017 at 3:21 AM, Jan Beulich wrote:
On 13.09.17 at 07:27, wrote:
>>Sections:
>>Idx Name Size VMA LMA File off Algn
>> 0 .text 0017a1ba 82d08020 82d08020 1000
>> 2**12
>> CONTENTS, AL
Hi all,
for the last couple weeks I've been poking around the options
available to get Xen booted on a Secureboot enabled box. My goal is to
extend the chain of trust to the dom0 kernel. According to
https://wiki.xenproject.org/wiki/Xen_EFI this is something that's
supposed to be supported out-of-t
On Wed, Sep 6, 2017 at 7:48 AM, Petre Pircalabu
wrote:
> This patchset implements a mechanism which allows XEN to send first an event
> if the emulator encountered an unsupported instruction.
> The monitor application can choose to mitigate the error, for example to
> singlestep
> the instruction
On Mon, Sep 4, 2017 at 6:40 AM, Daniel Kiper wrote:
> On Wed, Aug 30, 2017 at 10:16:23AM -0600, Tamas K Lengyel wrote:
>> On Tue, Aug 29, 2017 at 2:01 PM, Daniel Kiper
>> wrote:
>> > Hey Tamas,
>> >
>> > Sorry for late reply. I was on vacation.
>>
and freed in vm_event_disable.
>
> Signed-off-by: Alexandru Isaila
Acked-by: Tamas K Lengyel
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
> diff --git a/xen/include/asm-arm/monitor.h b/xen/include/asm-arm/monitor.h
> index 7567be66bd..66c7fe14fe 100644
> --- a/xen/include/asm-arm/monitor.h
> +++ b/xen/include/asm-arm/monitor.h
> @@ -57,12 +57,15 @@ static inline uint32_t
> arch_monitor_get_capabilities(struct domain *d)
> {
>
On Tue, Aug 29, 2017 at 2:01 PM, Daniel Kiper wrote:
> Hey Tamas,
>
> Sorry for late reply. I was on vacation.
>
> On Tue, Aug 22, 2017 at 09:01:06PM -0600, Tamas K Lengyel wrote:
>> On Tue, May 16, 2017 at 5:04 AM, Daniel Kiper
>> wrote:
>
> [...]
>
&g
On Tue, Aug 29, 2017 at 9:59 AM, Wei Liu wrote:
> On Tue, Aug 29, 2017 at 05:17:05PM +0300, Alexandru Isaila wrote:
> [...]
>>
>> /**
>> diff --git a/xen/common/domain.c b/xen/common/domain.c
>> index b22aacc..30f507b 100644
>> --- a/xen/common/domain.c
>> +++ b/xen/common/domain.c
>> @@ -363,9 +
On Tue, Aug 29, 2017 at 8:17 AM, Alexandru Isaila
wrote:
> The patch splits the vm_event into three structures:vm_event_share,
> vm_event_paging, vm_event_monitor. The allocation for the
> structure is moved to vm_event_enable so that it can be
> allocated/init when needed and freed in vm_event_di
ke all other hypercalls.
>
> Introduce a mechanism whereby the introspection agent can whitelist the
> use of HVMOP_guest_request_vm_event directly from userspace.
>
> Signed-off-by: Alexandru Isaila
> Acked-by: Wei Liu
Acked-by: Tamas K Lengyel
On Tue, Aug 29, 2017 at 3:36 AM, Jan Beulich wrote:
On 29.08.17 at 11:23, wrote:
>> In some introspection usecases, an in-guest agent needs to communicate
>> with the external introspection agent. An existing mechanism is
>> HVMOP_guest_request_vm_event, but this is restricted to kernel use
On Mon, Aug 28, 2017 at 7:29 AM, Jan Beulich wrote:
On 28.08.17 at 14:51, wrote:
>> --- a/xen/include/asm-arm/monitor.h
>> +++ b/xen/include/asm-arm/monitor.h
>> @@ -26,6 +26,12 @@
>> #include
>>
>> static inline
>> +void arch_allow_userspace(struct domain *d, uint8_t allow_userspace)
>>
On Mon, Aug 28, 2017 at 5:10 AM, Jan Beulich wrote:
On 28.08.17 at 11:38, wrote:
>> In some introspection usecases, an in-guest agent needs to communicate
>> with the external introspection agent. An existing mechanism is
>> HVMOP_guest_request_vm_event, but this is restricted to kernel use
> diff --git a/xen/common/monitor.c b/xen/common/monitor.c
> index 451f42f..0c3e645 100644
> --- a/xen/common/monitor.c
> +++ b/xen/common/monitor.c
> @@ -75,6 +75,7 @@ int monitor_domctl(struct domain *d, struct
> xen_domctl_monitor_op *mop)
> domain_pause(d);
> d->monitor.guest
On Mon, Aug 28, 2017 at 4:54 AM, Alexandru Isaila
wrote:
> The patch splits the vm_event into three structures:vm_event_share,
> vm_event_paging, vm_event_monitor. The allocation for the
> structure is moved to vm_event_enable so that it can be
> allocated/init when needed and freed in vm_event_di
On Fri, Aug 25, 2017 at 7:44 AM, Jan Beulich wrote:
On 25.08.17 at 15:00, wrote:
>> On Vi, 2017-08-25 at 06:13 -0600, Jan Beulich wrote:
>>> >
>>> > >
>>> > > >
>>> > > > On 17.08.17 at 13:50, wrote:
>>> > --- a/xen/common/monitor.c
>>> > +++ b/xen/common/monitor.c
>>> > @@ -75,6 +75,7 @@ i
On Thu, Aug 24, 2017 at 9:24 AM, Jan Beulich wrote:
On 24.08.17 at 17:17, wrote:
>> On Jo, 2017-08-24 at 07:24 -0600, Jan Beulich wrote:
>>> > @@ -500,6 +519,9 @@ bool_t vm_event_check_ring(struct
>>> > vm_event_domain *ved)
>>> > int __vm_event_claim_slot(struct domain *d, struct vm_event_
On Thu, Aug 24, 2017 at 5:48 AM, Alexandru Isaila
wrote:
> The patch splits the vm_event into three structures:vm_event_share,
> vm_event_paging, vm_event_monitor. The allocation for the
> structure is moved to vm_event_enable so that it can be
> allocated/init when needed and freed in vm_event_di
On Tue, May 16, 2017 at 5:04 AM, Daniel Kiper wrote:
> On Mon, May 15, 2017 at 07:09:54PM +, Bill Jacobs (billjac) wrote:
>> > -Original Message-
>> > From: Daniel Kiper [mailto:daniel.ki...@oracle.com]
>> > Sent: Monday, May 15, 2017 6:13 AM
>> > To: Bill Jacobs (billjac) ; george.dun
ke all other hypercalls.
>
> Introduce a mechanism whereby the introspection agent can whitelist the
> use of HVMOP_guest_request_vm_event directly from userspace.
>
> Signed-off-by: Alexandru Isaila
Acked-by: Tamas K Lengyel
>
> ---
> Changes since V5:
>
On Wed, Aug 16, 2017 at 6:43 AM, Razvan Cojocaru
wrote:
> On 16.08.2017 15:32, Tamas K Lengyel wrote:
>>
>> On Wed, Aug 16, 2017 at 12:07 AM, Razvan Cojocaru
>> wrote:
>>>
>>> On 08/16/2017 02:16 AM, Tamas K Lengyel wrote:
>>>>
>&
On Tue, Aug 15, 2017 at 2:06 AM, Jan Beulich wrote:
On 14.08.17 at 17:53, wrote:
>> On Tue, Aug 8, 2017 at 2:27 AM, Alexandru Isaila
>> wrote:
>>> --- a/xen/arch/x86/hvm/hypercall.c
>>> +++ b/xen/arch/x86/hvm/hypercall.c
>>> @@ -155,6 +155,11 @@ int hvm_hypercall(struct cpu_user_regs *regs
On Tue, Aug 8, 2017 at 2:27 AM, Alexandru Isaila
wrote:
>
> In some introspection usecases, an in-guest agent needs to communicate
> with the external introspection agent. An existing mechanism is
> HVMOP_guest_request_vm_event, but this is restricted to kernel usecases
> like all other hypercall
e-execute an instruction not supported by
> the emulator using the real processor (e.g. altp2m) instead of just
> crashing.
>
> Signed-off-by: Petre Pircalabu
>
Acked-by: Tamas K Lengyel
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On Sat, Aug 5, 2017 at 2:18 AM, Razvan Cojocaru
wrote:
> On 08/05/2017 04:32 AM, Tamas K Lengyel wrote:
> >
> >
> > On Fri, Aug 4, 2017 at 5:32 AM, Alexandru Isaila
> > mailto:aisa...@bitdefender.com>> wrote:
> >
> > In some introspection useca
On Fri, Aug 4, 2017 at 5:32 AM, Alexandru Isaila
wrote:
> In some introspection usecases, an in-guest agent needs to communicate
> with the external introspection agent. An existing mechanism is
> HVMOP_guest_request_vm_event, but this is restricted to kernel usecases
> like all other hypercalls
On Tue, Aug 1, 2017 at 4:30 AM, Andrew Cooper wrote:
> On 01/08/17 10:46, Alexandru Isaila wrote:
>> Allow guest userspace code to request that a vm_event be sent out
>> via VMCALL. This functionality seems to be handy for a number of
>> Xen developers, as stated on the mailing list (thread "[Xen-
Hey Razvan,
the vm_event that is being generated by doing
VM_EVENT_FLAG_GET_NEXT_INTERRUPT sends almost all required information
about the interrupt to the listener to allow it to get reinjected,
except the instruction length. If the listener wants to reinject the
interrupt to the guest via xc_hvm_
On Thu, Jul 20, 2017 at 12:25 PM, Razvan Cojocaru
wrote:
> On 07/20/2017 07:46 PM, Tamas K Lengyel wrote:
>> On Thu, Jul 20, 2017 at 10:43 AM, George Dunlap
>> wrote:
>>> On Wed, Jul 19, 2017 at 7:24 PM, Tamas K Lengyel
>>> wrote:
>>>>> I think
On Thu, Jul 20, 2017 at 11:03 AM, Tamas K Lengyel wrote:
> On Thu, Jul 20, 2017 at 10:57 AM, George Dunlap
> wrote:
>> On 07/20/2017 05:46 PM, Tamas K Lengyel wrote:
>>> On Thu, Jul 20, 2017 at 10:43 AM, George Dunlap
>>> wrote:
>>>> On Wed, Jul 19, 201
On Thu, Jul 20, 2017 at 10:57 AM, George Dunlap
wrote:
> On 07/20/2017 05:46 PM, Tamas K Lengyel wrote:
>> On Thu, Jul 20, 2017 at 10:43 AM, George Dunlap
>> wrote:
>>> On Wed, Jul 19, 2017 at 7:24 PM, Tamas K Lengyel
>>> wrote:
>>>>> I think the
On Thu, Jul 20, 2017 at 10:43 AM, George Dunlap
wrote:
> On Wed, Jul 19, 2017 at 7:24 PM, Tamas K Lengyel wrote:
>>> I think the issue would be whether to allow a domain to set/clear the
>>> suppress #VE bit for its pages by calling the new HVMOP on itself.
>>
>&g
On Thu, Jul 20, 2017 at 9:11 AM, George Dunlap
wrote:
> On Thu, Jun 15, 2017 at 8:01 PM, Tamas K Lengyel wrote:
>> On Fri, Jun 9, 2017 at 10:51 AM, Adrian Pop wrote:
>>> Introduce a new hvmop, HVMOP_altp2m_set_suppress_ve, which allows a
>>> privileged domain to
On Thu, Jul 20, 2017 at 8:38 AM, George Dunlap
wrote:
> On Thu, Jun 15, 2017 at 7:49 PM, Tamas K Lengyel wrote:
>> On Fri, Jun 9, 2017 at 10:51 AM, Adrian Pop wrote:
>>> From: Vlad Ioan Topan
>>>
>>> The default value for the "suppress #VE" bit se
On Wed, Jul 19, 2017 at 5:47 AM, Adrian Pop wrote:
> Hello,
>
> On Tue, Jul 18, 2017 at 11:26:45AM -0600, Tamas K Lengyel wrote:
>> On Tue, Jul 18, 2017 at 9:25 AM, Adrian Pop wrote:
>> > From: Vlad Ioan Topan
>> >
>> > The default value for th
On Tue, Jul 18, 2017 at 9:25 AM, Adrian Pop wrote:
> From: Vlad Ioan Topan
>
> The default value for the "suppress #VE" bit set by set_mem_access()
> currently depends on whether the call is made from the same domain (the
> bit is set when called from another domain and cleared if called from
> t
Pop
> Acked-by: Wei Liu
Acked-by: Tamas K Lengyel
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
truction not supported by
> the emulator using the real processor (e.g. altp2m) instead of just
> crashing.
>
> Signed-off-by: Petre Pircalabu
Acked-by: Tamas K Lengyel
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
On Wed, Jul 12, 2017 at 11:21 AM, Petre Pircalabu
wrote:
> If case of a vm_event with the emulate_flags set, if the instruction
> cannot be emulated, the monitor should be notified instead of directly
> injecting a hw exception.
> This behavior can be used to re-execute an instruction not supporte
On Wed, Jul 12, 2017 at 2:43 AM, Petre Pircalabu
wrote:
> If case of a vm_event with the emulate_flags set, if the instruction
> cannot be emulated, the monitor should be notified instead of directly
> injecting a hw exception.
> This behavior can be used to re-execute an instruction not supported
On Tue, Jul 11, 2017 at 8:53 AM, Petre Pircalabu
wrote:
> If case of a vm_event with the emulate_flags set, if the instruction
> cannot be emulated, the monitor should be notified instead of directly
> injecting a hw exception.
> This behavior can be used to re-execute an instruction not supported
On Mon, Jul 10, 2017 at 11:07 AM, Petre Pircalabu
wrote:
> If case of a vm_event with the emulate_flags set, if the instruction
> cannot be emulated, the monitor should be notified instead of directly
> injecting a hw exception.
> This behavior can be used to re-execute an instruction not supporte
On Tue, Jun 27, 2017 at 3:48 AM, Razvan Cojocaru
wrote:
> Hello,
>
>> - Security > Alternative 2pm : Supported – I think we should split this
>> out – it is currently implicitly covered under "Virtual Machine
>> Introspection"
>
> I agree that altp2m deserves its own space. While we're interested
On Tue, Jun 27, 2017 at 8:25 AM, Razvan Cojocaru
wrote:
> On 06/27/2017 02:45 PM, Jan Beulich wrote:
> Razvan Cojocaru 06/27/17 1:38 PM >>>
>>> On 06/27/2017 02:26 PM, Jan Beulich wrote:
>>> Razvan Cojocaru 06/27/17 10:32 AM >>>
> On 06/27/2017 09:21 AM, Jan Beulich wrote:
>
On Mon, Jun 26, 2017 at 9:09 AM, Andrew Cooper
wrote:
> On 26/06/17 15:52, Tamas K Lengyel wrote:
>> On Mon, Jun 26, 2017 at 3:48 AM, Razvan Cojocaru
>> wrote:
>>> Pending livepatch code wants to check if the vm_event wait queues
>>> are active, and this is made
On Mon, Jun 26, 2017 at 3:48 AM, Razvan Cojocaru
wrote:
> Pending livepatch code wants to check if the vm_event wait queues
> are active, and this is made harder by the fact that they were
> previously only initialized some time after the domain was created,
> in vm_event_enable(). This patch init
ask) was added to the xc_monitor_write_ctrlreg
>> function in order to mask the event generation if the changed bits are
>> set.
>>
>> Signed-off-by: Petre Pircalabu
>> Acked-by: Tamas K Lengyel
>
> Coverity isn't happy with this patch.
>
> It seems to me there
re.
>
> Signed-off-by: Sergej Proskurin
Acked-by: Tamas K Lengyel
> ---
> Cc: Razvan Cojocaru
> Cc: Tamas K Lengyel
> Cc: Stefano Stabellini
> Cc: Julien Grall
> ---
> v2: Check the returned access rights after walking the guest's page tables in
> the fu
> The method I found to work is getting the maximum_gpfn from the guest
> and then calling populate_physmap with ++max_gpfn. The only problem
> then is that I don't see a way to "unpopulate" the page from the
> domain and free the corresponding mfn while the domain is running. Is
> that currently p
On Mon, Jun 19, 2017 at 9:34 AM, Julien Grall wrote:
>
>
> On 19/06/17 15:57, Tamas K Lengyel wrote:
>>
>> On Mon, Jun 19, 2017 at 8:52 AM, Julien Grall
>> wrote:
>>>
>>>
>>>
>>> On 19/06/17 15:39, Tamas K Lengyel wrote:
>>&
On Mon, Jun 19, 2017 at 8:52 AM, Julien Grall wrote:
>
>
> On 19/06/17 15:39, Tamas K Lengyel wrote:
>>
>> On Mon, Jun 19, 2017 at 3:09 AM, Julien Grall
>> wrote:
>>>
>>> Hi,
>>>
>>>
>>> On 19/06/17 09:15,
On Mon, Jun 19, 2017 at 8:54 AM, George Dunlap wrote:
> On 19/06/17 15:48, Tamas K Lengyel wrote:
>> On Mon, Jun 19, 2017 at 3:11 AM, George Dunlap
>> wrote:
>>> On 19/06/17 09:15, Jan Beulich wrote:
>>>>>>> On 18.06.17 at 21:19, wrote:
>&g
On Mon, Jun 19, 2017 at 6:24 AM, Petre Pircalabu
wrote:
> Add test for write_ctrlreg event handling.
>
> Signed-off-by: Petre Pircalabu
Acked-by: Tamas K Lengyel
> ---
> tools/tests/xen-access/xen-access.c | 53
> -
> 1 file changed
On Mon, Jun 19, 2017 at 3:11 AM, George Dunlap wrote:
> On 19/06/17 09:15, Jan Beulich wrote:
> On 18.06.17 at 21:19, wrote:
>>> On Tue, Apr 4, 2017 at 1:04 PM, Andrew Cooper
>>> wrote:
On 04/04/17 14:14, Jan Beulich wrote:
> We shouldn't hand MFN info back from increase-reservation
On Mon, Jun 19, 2017 at 3:09 AM, Julien Grall wrote:
> Hi,
>
>
> On 19/06/17 09:15, Jan Beulich wrote:
>
> On 18.06.17 at 21:19, wrote:
>>>
>>> On Tue, Apr 4, 2017 at 1:04 PM, Andrew Cooper
>>> wrote:
On 04/04/17 14:14, Jan Beulich wrote:
>
> We shouldn't hand MFN info
On Tue, Apr 4, 2017 at 1:04 PM, Andrew Cooper wrote:
> On 04/04/17 14:14, Jan Beulich wrote:
>> We shouldn't hand MFN info back from increase-reservation for
>> translated domains, just like we don't for populate-physmap and
>> memory-exchange. For full symmetry also check for a NULL guest handle
mask the event generation if the changed bits are
>>>>> set.
>>>>>
>>>>> Signed-off-by: Petre Pircalabu
>>>>
>>>> Acked-by: Tamas K Lengyel
>>>
>>> Are you btw in agreement
hanging certains bits.
>>> A new parameter (bitmask) was added to the xc_monitor_write_ctrlreg
>>> function in order to mask the event generation if the changed bits are
>>> set.
>>>
>>> Signed-off-by: Petre Pircalabu
>>
>> A
On Fri, Jun 16, 2017 at 9:12 AM, Jan Beulich wrote:
On 16.06.17 at 16:32, wrote:
>> On Tue, May 30, 2017 at 3:46 AM, Petre Pircalabu
>> wrote:
>>> @@ -314,6 +317,22 @@ static void get_request(vm_event_t *vm_event,
>>> vm_event_request_t *req)
>>> }
>>>
>>> /*
>>> + * X86 control registe
On Tue, May 30, 2017 at 3:46 AM, Petre Pircalabu
wrote:
> Add test for write_ctrlreg event handling.
>
> Signed-off-by: Petre Pircalabu
> ---
> tools/tests/xen-access/xen-access.c | 47
> -
> 1 file changed, 46 insertions(+), 1 deletion(-)
>
> diff --git a/to
t generation if the changed bits are
> set.
>
> Signed-off-by: Petre Pircalabu
Acked-by: Tamas K Lengyel
> ---
> tools/libxc/include/xenctrl.h | 2 +-
> tools/libxc/xc_monitor.c | 3 ++-
> xen/arch/x86/hvm/monitor.c| 3 ++-
> xen/arch/x86/monitor.c| 6 ++
On Thu, Jun 15, 2017 at 10:00 PM, Zhongze Liu wrote:
> 2017-06-16 11:50 GMT+08:00 Zhongze Liu :
>> Hi there,
>>
>> I was experimenting with the mem_sharing_op and I found a handy tool:
>> tools/tests/mem-sharing/memshrtool
>> I set up two bare metal x86_64 VMS running some simple code in 16-bit
>>
On Fri, Jun 9, 2017 at 10:51 AM, Adrian Pop wrote:
> Introduce a new hvmop, HVMOP_altp2m_set_suppress_ve, which allows a
> privileged domain to change the value of the #VE suppress bit for a
> page.
>
> Add a libxc wrapper for invoking this hvmop.
>
> Signed-off-by: Adrian Pop
> ---
> tools/libx
On Fri, Jun 9, 2017 at 10:51 AM, Adrian Pop wrote:
> From: Vlad Ioan Topan
>
> The default value for the "suppress #VE" bit set by set_mem_access()
> currently depends on whether the call is made from the same domain (the
> bit is set when called from another domain and cleared if called from
> t
- pfn_to_paddr(gfn_x(...)) => gfn_to_gaddr(...)
> - _mfn(... >> PAGE_SHIFT) => maddr_to_mfn(...)
>
> Signed-off-by: Julien Grall
> Cc: Razvan Cojocaru
> Cc: Tamas K Lengyel
Cool, this makes things a lot more readable!
re.
>
> Signed-off-by: Sergej Proskurin
> ---
> Cc: Razvan Cojocaru
> Cc: Tamas K Lengyel
> Cc: Stefano Stabellini
> Cc: Julien Grall
> ---
> v2: Check the returned access rights after walking the guest's page tables in
> the function p2m_mem_access_check_a
On Thu, May 18, 2017 at 9:07 AM, Adrian Pop wrote:
> Introduce a new hvmop, HVMOP_altp2m_set_suppress_ve, which allows a
> domain to change the value of the #VE suppress bit for a page.
>
> Signed-off-by: Adrian Pop
> ---
> xen/arch/x86/hvm/hvm.c | 14
> xen/arch/x86/mm/mem
On Tue, May 9, 2017 at 10:22 AM, Julien Grall wrote:
>
>
> On 09/05/17 17:04, Tamas K Lengyel wrote:
>>
>> On Tue, May 9, 2017 at 2:09 AM, Julien Grall wrote:
>>>
>>>
>>>
>>> On 05/09/2017 08:17 AM, Sergej Proskurin wrote:
>>>&
On Tue, May 9, 2017 at 2:09 AM, Julien Grall wrote:
>
>
> On 05/09/2017 08:17 AM, Sergej Proskurin wrote:
>>
>> Hi,
>>
What you currently do is try gva_to_ipa and if it does not work >> you
will call p2m_gva_to_ipa. This sounds a bit pointless to me and
waste of time if the underlyi
1 - 100 of 1036 matches
Mail list logo