On 1/2/25 6:13 PM, Petr Beneš wrote:
From: Petr Beneš<w1be...@gmail.com>
Changes since v2:
- Reset entry->pw in all cases in p2m_set_entry, except for p2m_access_r_pw
Changes since v1:
- Added signed-off-by tags
This patch introduces a new XENMEM_access_r_pw permission. Functionally, it is
similar to XENMEM_access_r, but for processors with
TERTIARY_EXEC_EPT_PAGING_WRITE support (Intel 12th Gen/Alder Lake and later),
it also permits the CPU to write to the page during guest page-table walks
(e.g., updating A/D bits) without triggering an EPT violation.
This behavior works by both enabling the EPT paging-write feature and setting
the EPT paging-write flag in the EPT leaf entry.
This feature provides a significant performance boost for introspection tools that
monitor guest page-table updates. Previously, every page-table modification by the
guest—including routine updates like setting A/D bits—triggered an EPT violation, adding
unnecessary overhead. The new XENMEM_access_r_pw permission allows these
"uninteresting" updates to occur without EPT violations, improving efficiency.
Considering that this feature provides a significant performance boost
for introspection tools probably we could consider to take it to current
release.
I see that the patch series was acked-by "Acked-by: Tamas K Lengyel
<ta...@tklengyel.com>" but based on the change log it is not clear when
exactly
before Feature freeze date or not. ( and I don't see any reply from Tamas ).
Thanks.
~ Oleksii
Additionally, this feature simplifies the handling of race conditions in
scenarios where an introspection tool:
- Sets an "invisible breakpoint" in the altp2m view for a function F
- Monitors guest page-table updates to track whether the page containing F is
paged out
- Encounters a cleared Access (A) bit on the page containing F while the guest
is about to execute the breakpoint
In the current implementation:
- If xc_monitor_inguest_pagefault() is enabled, the introspection tool must
emulate both the breakpoint and the setting of the Access bit.
- If xc_monitor_inguest_pagefault() is disabled, Xen handles the EPT violation
without notifying the introspection tool, setting the Access bit and emulating
the instruction. However, Xen fetches the instruction from the default view
instead of the altp2m view, potentially causing the breakpoint to be missed.
With this patch, setting XENMEM_access_r_pw for monitored guest page-tables
prevents EPT violations in these cases. This change enhances performance and
reduces complexity for introspection tools, ensuring seamless breakpoint
handling while tracking guest page-table updates.
Petr Beneš (2):
x86: Rename _rsvd field to pw and move it to the bit 58
x86: Add Support for Paging-Write Feature
xen/arch/arm/mem_access.c | 4 ++++
xen/arch/arm/mmu/p2m.c | 1 +
xen/arch/x86/hvm/hvm.c | 1 +
xen/arch/x86/hvm/monitor.c | 1 +
xen/arch/x86/hvm/vmx/vmcs.c | 4 +++-
xen/arch/x86/include/asm/hvm/vmx/vmcs.h | 3 +++
xen/arch/x86/include/asm/hvm/vmx/vmx.h | 4 ++--
xen/arch/x86/include/asm/p2m.h | 1 +
xen/arch/x86/mm/hap/nested_hap.c | 3 +++
xen/arch/x86/mm/mem_access.c | 3 +++
xen/arch/x86/mm/p2m-ept.c | 12 ++++++++++++
xen/include/public/memory.h | 9 +++++++++
xen/include/xen/mem_access.h | 6 ++++++
13 files changed, 49 insertions(+), 3 deletions(-)
