On 19/12/2024 6:16 pm, Petr Beneš wrote: > From: Petr Beneš <w1be...@gmail.com> > > This patch introduces a new XENMEM_access_r_pw permission. Functionally, it > is similar to XENMEM_access_r, but for processors with > TERTIARY_EXEC_EPT_PAGING_WRITE support (Intel 12th Gen/Alder Lake and later), > it also permits the CPU to write to the page during guest page-table walks > (e.g., updating A/D bits) without triggering an EPT violation. > > This behavior works by both enabling the EPT paging-write feature and setting > the EPT paging-write flag in the EPT leaf entry. > > This feature provides a significant performance boost for introspection tools > that monitor guest page-table updates. Previously, every page-table > modification by the guest—including routine updates like setting A/D > bits—triggered an EPT violation, adding unnecessary overhead. The new > XENMEM_access_r_pw permission allows these "uninteresting" updates to occur > without EPT violations, improving efficiency. > > Additionally, this feature simplifies the handling of race conditions in > scenarios where an introspection tool: > > - Sets an "invisible breakpoint" in the altp2m view for a function F > - Monitors guest page-table updates to track whether the page containing F is > paged out > - Encounters a cleared Access (A) bit on the page containing F while the > guest is about to execute the breakpoint > > In the current implementation: > > - If xc_monitor_inguest_pagefault() is enabled, the introspection tool must > emulate both the breakpoint and the setting of the Access bit. > - If xc_monitor_inguest_pagefault() is disabled, Xen handles the EPT > violation without notifying the introspection tool, setting the Access bit > and emulating the instruction. However, Xen fetches the instruction from the > default view instead of the altp2m view, potentially causing the breakpoint > to be missed. > > With this patch, setting XENMEM_access_r_pw for monitored guest page-tables > prevents EPT violations in these cases. This change enhances performance and > reduces complexity for introspection tools, ensuring seamless breakpoint > handling while tracking guest page-table updates. > > Petr Beneš (2): > x86: Rename _rsvd field to pw and move it to the bit 58 > x86/EPT: Add Support for Paging-Write Feature
We're past final posting date for 4.20 now. CC Oleksii as release manager. However, it's a small patch series, and comes urgently on the back of Intel ceasing all EPT-SPP support in November. Given the timelines of the release, and how simple the series is, I'd like to make an argument for including it at this juncture. ~Andrew
