SVNews r330623

NOTE: This service is experimental and subject to change! Use at your own risk!

2018-03-07 20:50:28 - r330623 by jhb (John Baldwin)

Complete list of files affected by revision r330623:

(Note: At the moment, these links point to ViewVC on They are probably slow. Do not overuse.)

   Contents     MODIFY   /stable/11  
  History   Contents   Diff   MODIFY   /stable/11/sys/amd64/include/vmm.h  
  History   Contents   Diff   MODIFY   /stable/11/sys/amd64/vmm/amd/svm.c  
  History   Contents   Diff   MODIFY   /stable/11/sys/amd64/vmm/amd/svm.h  
  History   Contents   Diff   MODIFY   /stable/11/sys/amd64/vmm/amd/vmcb.c  
  History   Contents   Diff   MODIFY   /stable/11/sys/amd64/vmm/intel/vmx.c  
  History   Contents   Diff   MODIFY   /stable/11/sys/amd64/vmm/intel/vmx.h  
  History   Contents   Diff   MODIFY   /stable/11/usr.sbin/bhyvectl/bhyvectl.c  

Commit message:

MFC 328102: Save and restore guest debug registers.

Currently most of the debug registers are not saved and restored
during VM transitions allowing guest and host debug register values to
leak into the opposite context. One result is that hardware
watchpoints do not work reliably within a guest under VT-x.

Due to differences in SVM and VT-x, slightly different approaches are

For VT-x:

- Enable debug register save/restore for VM entry/exit in the VMCS for
- Explicitly save DR0-3,6 of the guest.
- Explicitly save DR0-3,6-7, MSR_DEBUGCTL, and the trap flag from
  %rflags for the host. Note that because DR6 is "software" managed
  and not stored in the VMCS a kernel debugger which single steps
  through VM entry could corrupt the guest DR6 (since a single step
  trap taken after loading the guest DR6 could alter the DR6
  register). To avoid this, explicitly disable single-stepping via
  the trace flag before loading the guest DR6. A determined debugger
  could still defeat this by setting a breakpoint after the guest DR6
  was loaded and then single-stepping.

For SVM:
- Enable debug register caching in the VMCB for DR6/DR7.
- Explicitly save DR0-3 of the guest.
- Explicitly save DR0-3,6-7, and MSR_DEBUGCTL for the host. Since SVM
  saves the guest DR6 in the VMCB, the race with single-stepping
  described for VT-x does not exist.

For both platforms, expose all of the guest DRx values via --get-drX
and --set-drX flags to bhyvectl.


Powered by Python FreeBSD support by secnetix GmbH & Co. KG

Page generated in 9 ms, 8 files printed. Current time is 2018-03-24 11:35:59. All times are in UTC/GMT.