On Thu, Apr 28, 2016 at 8:36 AM, Big Strong <fangtu...@gmail.com> wrote:
> I want to set up an EPT page so as to trigger the #VE for testing purpose. > However, some problems are met. > > As the Intel Manual said, there are many conditions to trigger a #VE: > > a) If an access to a guest-physical address causes an EPT violation, bit > 63 (0) of exactly one of the EPT paging-structure entries used to > translate that address is used to determine *whether the EPT violation is > convertible*: either an entry that is not present (if the guest-physical > address does not translate to a physical address) or an entry that maps a > page (if it does). > > b) A convertible EPT violation instead causes a virtualization > exception if the following all hold: > > • CR0.PE = 1; > > • the logical processor is not in the process of delivering an event > through the IDT; and > > • the 32 bits at offset 4 in the virtualization-exception information > area are all 0. > In xc_altp2m.c, there is a function xc_altp2m_set_vcpu_enable_notify > which is used to set up the #VE information area. However, as the arguments > gfn is a physical address (of the guest?), how can I safely assign an > unused physical memory space to store #VE info? > You can always just add a new page to the domain to be used for #VE. > > Besides, there is no xenctrl interface for setting the suprress_ve bit > (63) of the EPT PTE, which is needed to trigger #VE. Even though I can set > that with ept_set_entry function, this is an internal function of Xen and > unavailble to dom0. > It's undocumented enough (and it took me a bit to find as well) but if you use xc_altp2m_set_mem_access and have used xc_altp2m_set_vcpu_enable_notify before, then those EPT PTE entries will be converted to #VE automatically. Tamas
_______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
