>>> On 23.11.18 at 09:54, <roger....@citrix.com> wrote: > On Thu, Nov 22, 2018 at 08:24:52PM +0200, Razvan Cojocaru wrote: >> What this patch attempts to do is to mark P1 rwx (so allow the write), >> then put the faulting VCPU into singlestep mode, then restore the >> restrictions after it has finished single stepping. By now it's obvious >> why all the other VCPUs need to be paused: one of them might do a >> malicious write into P1 that silently succeeds (since the EPT is shared >> among all VCPUs - putting altp2m aside for a moment). We don't want that. > > Can't you just change the p2m of a single vCPU? Either using altp2m or > some other mechanism.
I guess as a very basic limitation there are not enough distinct altp2m-s available to use one per vCPU. > Also keep in mind that this pause approach might work for guests with > a relatively small number of vCPUs, but I'm unsure this is going to > work for guests with high number of vCPUs, pausing all vCPUs for each > trapped instruction is likely going to stall the guest. Indeed. Yet for smaller guests a per-vCPU-altp2m approach would seem to be feasible at least from an abstract pov. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
