stackoom
  简体   繁体   中英

Please explain the issue of sensitive instructions in Virtualization and how it is resolved

 原文  2019-07-23 12:48:47       x86/ virtualization/ isa

Question

In virtualization,is sensitive instructions an issue because it probably gets executed in non-privileged mode without getting trapped or raising an interrupt?

In hardware-assisted virtualization, is the Intel-VT, AMD Pacifica solving the problem by actually executing the sensitive instruction or it is just creating a interrupt trap?

Is Hypervisor catching the trap from Intel-VT/AMD Pacifica and then choosing to execute the sensitive instruction or not?

2 answers

solution1
 2  2019-07-24 21:48:30

In virtualization,is sensitive instructions an issue because it probably gets executed in non-privileged mode without getting trapped or raising an interrupt?

For virtualization; sensitive instructions would be a major problem if they aren't trapped.

In hardware-assisted virtualization, is the Intel-VT, AMD Pacifica solving the problem by actually executing the sensitive instruction or it is just creating a interrupt trap? Is Hypervisor catching the trap from Intel-VT/AMD Pacifica and then choosing to execute the sensitive instruction or not?

For hardware-assisted virtualization; the CPU sees the sensitive instruction and switches to the hyper-visor (eg "VMEXIT") instead of executing the sensitive instruction; and the hyper-visor emulates the instruction (it doesn't ignore the instruction or ask the CPU to execute the instruction).

The emulation of an instruction may be very simple (eg clearing a bit in a variable somewhere in response to a cli instruction) and may be very complicated (eg using sockets on the host to emulate the behavior of a real NE2000 network card to emulate an out instruction in the guest).

solution2
 1  2019-07-24 20:50:28

First paragraph: Yes, sensitive instructions that do not trap are an issue for x86 virtualisation.

Extensions like SVM generally trap for all sensitive instructions AFAIK. The hypervisor's handling of the instructions depends on what the instructions are. It can be either ignored (skipped), handled by some sort of emulation, or directly be executed by the hypervisor.

However, in (non-AMD64) V86M's VME (Virtual Mode Extensions), specific software interrupts (which are generally sensitive) can be handled without trapping.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Explain how the AF flag works in an x86 instructions? How does Hypervisor deal with sensitive instructions executed from host process that is not VM-instance? How do you explain gcc's inline assembly constraints for the IN, OUT instructions of i386? Can someone explain the assembly code please? foreach vs for: please explain the assembly code difference How to implement shr instructions using lea instructions? How does x86 virtualization work Does the VMX mode have the capability to detect previously non-trappable sensitive instructions? How to properly use prefetch instructions? How to use SSE logical instructions
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM