This is a workaround patch for Windows 2003 Server.
Windows (vcpu>=2) set itr[1].ar=3(RWX) but dtr[1].ar=2(RW).
It causes an impossible INST_ACCESS_RIGHTS interruption via VHPT
which is used for emulating TR.
Surprisingly, windows ordinarily accepts this interruption.
But windows sometimes crashes with the message 'PANIC_STACK_SWITCH'
owing to this interruption.
Signed-off-by: Kouya Shimura <kouya@jp.fujitsu.com>
switch (vec) {
+ case 22: // IA64_INST_ACCESS_RIGHTS_VECTOR
+ if (vhpt_access_rights_fixup(vcpu, ifa, 0))
+ return;
+ break;
+
case 25: // IA64_DISABLED_FPREG_VECTOR
if (FP_PSR(vcpu) & IA64_PSR_DFH) {
ia64_srlz_i();
}
}
+
+int vhpt_access_rights_fixup(VCPU *v, u64 ifa, int is_data)
+{
+ thash_data_t *trp, *data;
+ u64 ps, tag, mask;
+
+ trp = __vtr_lookup(v, ifa, is_data);
+ if (trp) {
+ ps = _REGION_PAGE_SIZE(ia64_get_rr(ifa));
+ if (trp->ps < ps)
+ return 0;
+ ifa = PAGEALIGN(ifa, ps);
+ data = (thash_data_t *)ia64_thash(ifa);
+ tag = ia64_ttag(ifa);
+ do {
+ if (data->etag == tag) {
+ mask = trp->page_flags & PAGE_FLAGS_AR_PL_MASK;
+ if (mask != (data->page_flags & PAGE_FLAGS_AR_PL_MASK)) {
+ data->page_flags &= ~PAGE_FLAGS_AR_PL_MASK;
+ data->page_flags |= mask;
+ machine_tlb_purge(ifa, ps);
+ return 1;
+ }
+ return 0;
+ }
+ data = data->next;
+ } while(data);
+ }
+ return 0;
+}
+
/*
* vhpt lookup
*/
#define ITIR_RV_MASK (((1UL<<32)-1)<<32 | 0x3)
#define PAGE_FLAGS_RV_MASK (0x2 | (0x3UL<<50)|(((1UL<<11)-1)<<53))
+#define PAGE_FLAGS_AR_PL_MASK ((0x7UL<<9)|(0x3UL<<7))
extern u64 machine_ttag(PTA pta, u64 va);
extern u64 machine_thash(PTA pta, u64 va);
extern void purge_machine_tc_by_domid(domid_t domid);
extern void thash_vhpt_insert(struct vcpu *v, u64 pte, u64 itir, u64 ifa,
int type);
extern u64 guest_vhpt_lookup(u64 iha, u64 *pte);
+extern int vhpt_access_rights_fixup(struct vcpu *v, u64 ifa, int is_data);
static inline void vmx_vcpu_set_tr (thash_data_t *trp, u64 pte, u64 itir, u64 va, u64 rid)
{
projects / xen.git / commitdiff