On 22/08/2019 18:36, Tamas K Lengyel wrote: >>> I've found a number of files in the Xen source tree which seem to be >>> related to instruction/x86 platform emulation: >>> >>> arch/x86/x86_emulate.c >>> arch/x86/hvm/emulate.c >>> arch/x86/hvm/vmx/realmode.c >>> arch/x86/hvm/svm/emulate.c >>> arch/x86/pv/emulate.c >>> arch/x86/pv/emul-priv-op.c >>> arch/x86/x86_emulate/x86_emulate.c >>> >>> The last of these, in particular, looks especially hairy (it seems to >>> support emulation of essentially the entire x86 instruction set through >>> a quite impressive edifice of switch statements). >> Lovely, isn't it. For Introspection, we need to be able to emulate an >> instruction which took a permission fault (including No Execute), was >> sent to the analysis engine, and deemed ok to continue. > That's not a requirement for introspection and I find that kind of use > of the emulation very hairy, especially for anything security related. > IMHO it's nothing more then a convenient hack.
Ok fine. I was specialising to the form of introspection that I deal with regularly. Nothing in the Xen introspection APIs forces you to take extra emulation. However, when you're doing a proper product based on it, customers care about it not being unusable slow. In our case, that relies on not falling back to completing instructions using the "pause all other vcpus, unrestricted permissions, singlestep the vcpu, restrict permissions again" approach. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
