On Fri, Apr 14, 2017 at 1:03 PM, Razvan Cojocaru <rcojoc...@bitdefender.com> wrote:
> On 04/14/2017 09:08 PM, Tamas K Lengyel wrote: > > > > > > On Thu, Apr 13, 2017 at 4:20 AM, Razvan Cojocaru > > <rcojoc...@bitdefender.com <mailto:rcojoc...@bitdefender.com>> wrote: > > > > On 04/12/2017 08:11 PM, Tamas K Lengyel wrote: > > > > > > > > > On Mon, Apr 10, 2017 at 3:44 AM, Razvan Cojocaru > > > + emulate = 1; > > > + memaccess = 1; > > > + } > > > #if defined(__i386__) || defined(__x86_64__) > > > else if ( !strcmp(argv[0], "breakpoint") ) > > > { > > > @@ -536,7 +551,7 @@ int main(int argc, char *argv[]) > > > } > > > > > > rc = xc_set_mem_access(xch, domain_id, default_access, > > > START_PFN, > > > - (xenaccess->max_gpfn - > START_PFN) ); > > > + emulate ? 1000 : > > > (xenaccess->max_gpfn - START_PFN)); > > > > > > > > > Why only 1000? What if the domain has less then 1000? > > > > Because it will kill the guest to emulate everything, and the > emulator > > still can't handle all instructions (this is easy to see by using all > > the guest's pages and looking at the output of xl dmesg with > loglvl=all > > guest_loglvl=all on the Xen command line). > > > > > > So what's the guarantee that the emulator will work if you only do it > > only up to the first 1000 pages? Seems totally arbitrary to me. If the > > emulator can't handle all instructions then you would have to check that > > the instruction for which you are returning the emulate flag is in the > > list of instruction that can be handled.. Can such a list be derived > > right now? > > If an instruction can't be emulated it will be shown as such in the ring > buffer used by xl dmesg. Speaking of that, I'd like to, at some point, > send a patch that sends a vm_event saying that emulation failed to > userspace when that is the case, to give it a chance to do something > else (for example use altp2m, or lift the page restrictions). > I think that would be a much needed addition to make this system more robust. > > We can also probably go through the emulator code and build an exact > list of all the officially supported instructions, but I believe that > that would have to be manual work - I am not aware of a tool to extract > them or a header file that lists them in some structure. I'd love to be > wrong about this. > > As for your question, there's no guarantee that the emulator will > work,obut that's not why I chose 1000. I chose that number because the > application will get less EPT events, and the guest will not be bogged > down by handling them. But in my experiments it's also less likely to > hit unhandleable instructions in the first 1000 pages since those are > usually used by the guest kernel, drivers, and so on, and are less > likely to cause problems. > > In any case, I don't mind dropping the 1000 pages limit - I can always > build a custom xen-access when I need it. > I don't mind setting it only for a 1000 in the test program, just wanted to understand rationale behind it. I think a comment in the program explaining what has been discussed here would also be helpful. Tamas
_______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
