qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [RFC][PATCH] x86: Optional segment type and limit check

From: Jamie Lokier
Subject: Re: [Qemu-devel] [RFC][PATCH] x86: Optional segment type and limit checks - v2
Date: Mon, 14 Jul 2008 15:02:38 +0100
User-agent: Mutt/1.5.13 (2006-08-11) 
Paul Brook wrote:
> > For guests like older Linux, with zero base and non-maximum limit in
> > user mode, could limit checking be done by the MMU TLB instead?
> 
> Not really. The only resonable way to do this would be to use a very
> large virtual address space, with the high bits being the segment
> descriptor.  This might work for 32-bit targets on 64-bit hosts, but
> even then it's liable to be more pain than it's worth.

I was thinking more like this, on any host:

   - All segment bases are zero, and all limits are LIMIT
     (3GiB for old Linux in user mode).
   - When filling the MMU TLB, if it's for an address >= LIMIT,
     treat as MMU exception.
   - Flush MMU TLB on any interesting segment change (limit gets
     smaller, etc.).
   - Count rate of interesting segment changes.  When it's high,
     switch to including segment checks in translated code (same as
     non-zero bases) and not flushing TLB.  When it's low, don't put
     segment checks into translated code, and use TLB flushes on
     segment changes.
   - Keep separate count for ring 0 and ring 3, or for
     "code which uses segment prefixes" vs "code which doesn't".

     This would suit old Linux, as kernel code uses segment to limit
     copy-from/to-user range, but user code has no segment changes
     normally, and the user limit check is equivalent to forcing all
     MMU pages above that virtual address to be supervisor-only.

-- Jamie
reply via email to
[Prev in Thread] Current Thread [Next in Thread]