pool/xen
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
296b5421e5
xen/53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
Charles Arnold 99885eadf2 - Update to Xen Version 4.4.1 FCS 
xen-4.4.1-testing-src.tar.bz2
- Dropped patches now contained in tarball
  53d7b781-x86-cpu-undo-BIOS-CPUID-max_leaf-limit-earlier.patch
  53df71c7-lz4-check-for-underruns.patch
  53e47d6b-x86_emulate-properly-do-IP-updates-and-other-side-effects.patch

- bnc#882089 - Windows 2012 R2 fails to boot up with greater than
  60 vcpus 
  53df727b-x86-HVM-extend-LAPIC-shortcuts-around-P2M-lookups.patch
  53e8be5f-x86-vHPET-use-rwlock-instead-of-simple-one.patch
  53ff3659-x86-consolidate-boolean-inputs-in-hvm-and-p2m.patch
  53ff36ae-x86-hvm-treat-non-insn-fetch-NPF-also-as-read-violations.patch
  53ff36d5-x86-mem_event-deliver-gla-fault-EPT-violation-information.patch
  54005472-EPT-utilize-GLA-GPA-translation-known-for-certain-faults.patch
- Upstream patches from Jan
  53f737b1-VMX-fix-DebugCtl-MSR-clearing.patch
  53f7386d-x86-irq-process-softirqs-in-irq-keyhandlers.patch
  53ff3716-x86-ats-Disable-Address-Translation-Services-by-default.patch
  53ff3899-x86-NMI-allow-processing-unknown-NMIs-with-watchdog.patch

- bnc#864801 - VUL-0: CVE-2013-4540: qemu: zaurus: buffer overrun
  on invalid state load
  CVE-2013-4540-qemu.patch

OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=328
2014-09-03 21:59:31 +00:00

134 lines
4.3 KiB
Diff
Raw Blame History

References: bnc#882089
# Commit 692f3cc7dd05b80dbd027e46372b1c25d7975332
# Date 2014-08-28 16:04:05 +0200
# Author Tamas K Lengyel <tamas.lengyel@zentific.com>
# Committer Jan Beulich <jbeulich@suse.com>
x86/mem_event: deliver gla fault EPT violation information
On Intel EPT the exit qualification generated by a violation also
includes a bit (EPT_GLA_FAULT) which describes the following
information: Set if the access causing the EPT violation is to a
guest-physical address that is the translation of a linear address.
Clear if the access causing the EPT violation is to a paging-structure
entry as part of a page walk or the update of an accessed or dirty bit.
For more information see Table 27-7 in the Intel SDM.
This patch extends the mem_event system to deliver this extra
information, which could be useful for determining the cause of a
violation.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Kevin Tian <kevin.tian@intel.com>
Acked-by: Tim Deegan <tim@xen.org>
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -1289,7 +1289,7 @@ const struct hvm_function_table * __init
}
static void svm_do_nested_pgfault(struct vcpu *v,
- struct cpu_user_regs *regs, uint32_t pfec, paddr_t gpa)
+ struct cpu_user_regs *regs, uint64_t pfec, paddr_t gpa)
{
int ret;
unsigned long gfn = gpa >> PAGE_SHIFT;
@@ -1309,6 +1309,12 @@ static void svm_do_nested_pgfault(struct
.insn_fetch = !!(pfec & PFEC_insn_fetch)
};
+ /* These bits are mutually exclusive */
+ if ( pfec & NPT_PFEC_with_gla )
+ npfec.kind = npfec_kind_with_gla;
+ else if ( pfec & NPT_PFEC_in_gpt )
+ npfec.kind = npfec_kind_in_gpt;
+
ret = hvm_hap_nested_page_fault(gpa, ~0ul, npfec);
if ( tb_init_done )
--- a/xen/arch/x86/hvm/vmx/vmx.c
+++ b/xen/arch/x86/hvm/vmx/vmx.c
@@ -2317,6 +2317,10 @@ static void ept_handle_violation(unsigne
{
__vmread(GUEST_LINEAR_ADDRESS, &gla);
npfec.gla_valid = 1;
+ if( qualification & EPT_GLA_FAULT )
+ npfec.kind = npfec_kind_with_gla;
+ else
+ npfec.kind = npfec_kind_in_gpt;
}
else
gla = ~0ull;
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -1343,10 +1343,13 @@ bool_t p2m_mem_access_check(paddr_t gpa,
req->offset = gpa & ((1 << PAGE_SHIFT) - 1);
req->gla_valid = npfec.gla_valid;
req->gla = gla;
+ if ( npfec.kind == npfec_kind_with_gla )
+ req->fault_with_gla = 1;
+ else if ( npfec.kind == npfec_kind_in_gpt )
+ req->fault_in_gpt = 1;
req->access_r = npfec.read_access;
req->access_w = npfec.write_access;
req->access_x = npfec.insn_fetch;
-
req->vcpu_id = v->vcpu_id;
}
--- a/xen/include/asm-x86/hvm/svm/svm.h
+++ b/xen/include/asm-x86/hvm/svm/svm.h
@@ -105,4 +105,10 @@ extern u32 svm_feature_flags;
extern void svm_host_osvw_reset(void);
extern void svm_host_osvw_init(void);
+/* EXITINFO1 fields on NPT faults */
+#define _NPT_PFEC_with_gla 32
+#define NPT_PFEC_with_gla (1UL<<_NPT_PFEC_with_gla)
+#define _NPT_PFEC_in_gpt 33
+#define NPT_PFEC_in_gpt (1UL<<_NPT_PFEC_in_gpt)
+
#endif /* __ASM_X86_HVM_SVM_H__ */
--- a/xen/include/asm-x86/mm.h
+++ b/xen/include/asm-x86/mm.h
@@ -552,6 +552,16 @@ void audit_domains(void);
#endif
/*
+ * Extra fault info types which are used to further describe
+ * the source of an access violation.
+ */
+typedef enum {
+ npfec_kind_unknown, /* must be first */
+ npfec_kind_in_gpt, /* violation in guest page table */
+ npfec_kind_with_gla /* violation with guest linear address */
+} npfec_kind_t;
+
+/*
* Nested page fault exception codes.
*/
struct npfec {
@@ -559,6 +569,7 @@ struct npfec {
unsigned int write_access:1;
unsigned int insn_fetch:1;
unsigned int gla_valid:1;
+ unsigned int kind:2; /* npfec_kind_t */
};
int new_guest_cr3(unsigned long pfn);
--- a/xen/include/public/mem_event.h
+++ b/xen/include/public/mem_event.h
@@ -62,7 +62,9 @@ typedef struct mem_event_st {
uint16_t access_w:1;
uint16_t access_x:1;
uint16_t gla_valid:1;
- uint16_t available:12;
+ uint16_t fault_with_gla:1;
+ uint16_t fault_in_gpt:1;
+ uint16_t available:10;
uint16_t reason;
} mem_event_request_t, mem_event_response_t;
Reference in New Issue View Git Blame Copy Permalink