Tian, Kevin
2008-Dec-22 10:12 UTC
[Xen-devel] guest attempted write to read-only memory page.
Now I''m seeing bunch of warning as: multi.c:3238:d3 guest attempted write to read-only memory page. va page=0xc9000, mfn=0x23491 ... multi.c:3238:d3 guest attempted write to read-only memory page. va page=0xd5000, mfn=0x23491 BIOS map: c0000-c8fff: VGA BIOS c9000-d57ff: Etherboot ROM e9000-e914e: SMBIOS tables f0000-fffff: Main BIOS I guess it''s caused by 18931 to update rombios to latest bochs version, and some writes to rom area are added outside of disabling rom write access. But I''m not familiar with this part, and thus hope others (Akio?) may take a deeper dive. Thanks, Kevin _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2008-Dec-22 10:33 UTC
Re: [Xen-devel] guest attempted write to read-only memory page.
On 22/12/2008 10:12, "Tian, Kevin" <kevin.tian@intel.com> wrote:> I guess it''s caused by 18931 to update rombios to latest bochs > version, and some writes to rom area are added outside of disabling > rom write access. But I''m not familiar with this part, and thus hope > others (Akio?) may take a deeper dive.Etherboot likes to try to write to its ROM area. That''s why I actually silenced the warning in __hvm_copy(). I would guess the reason you see this issue now is because the accesses are taking the shadow-fault path, which means you are no longer emulating real mode? ;-) Possibly we should silence the shadow code too, at least perhaps while in real mode or for a certain EIP range. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Tian, Kevin
2008-Dec-22 13:11 UTC
RE: [Xen-devel] guest attempted write to read-only memory page.
>From: Keir Fraser [mailto:keir.fraser@eu.citrix.com] >Sent: Monday, December 22, 2008 6:33 PM > >On 22/12/2008 10:12, "Tian, Kevin" <kevin.tian@intel.com> wrote: > >> I guess it''s caused by 18931 to update rombios to latest bochs >> version, and some writes to rom area are added outside of disabling >> rom write access. But I''m not familiar with this part, and thus hope >> others (Akio?) may take a deeper dive. > >Etherboot likes to try to write to its ROM area. That''s why I actually >silenced the warning in __hvm_copy(). I would guess the reason >you see this >issue now is because the accesses are taking the shadow-fault >path, which >means you are no longer emulating real mode? ;-)I guess it''s combined effect from 18891 and 18931. In 18891, Tim reintroduced vm86 if possible. I didn''t change anything and thus it''s interesting that I''m the only one to report this issue. :-)> >Possibly we should silence the shadow code too, at least >perhaps while in >real mode or for a certain EIP range. >I''m not sure that''s the right fix. Why is write access to rom disabled before rom scan when etherboot is known to have write requirement? #ifdef HVMASSIST call _enable_rom_write_access call _clobber_entry_point call _copy_e820_table call smbios_init call _disable_rom_write_access #endif call _init_boot_vectors mov cx, #0xc800 ;; init option roms mov ax, #0xe000 call rom_scan Should we move disable action to post rom_scan? If shadow warning is simply silenced for such case, it seems breaking the purpose of disable_dom_write_access... Thanks, Kevin _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Tian, Kevin
2008-Dec-22 13:20 UTC
RE: [Xen-devel] guest attempted write to read-only memory page.
>From: Tian, Kevin >Sent: Monday, December 22, 2008 9:11 PM >> >>Possibly we should silence the shadow code too, at least >>perhaps while in >>real mode or for a certain EIP range. >> > >I''m not sure that''s the right fix. Why is write access to rom disabled >before rom scan when etherboot is known to have write requirement? > >#ifdef HVMASSIST > call _enable_rom_write_access > call _clobber_entry_point > call _copy_e820_table > call smbios_init > call _disable_rom_write_access >#endif > > call _init_boot_vectors > > mov cx, #0xc800 ;; init option roms > mov ax, #0xe000 > call rom_scan > >Should we move disable action to post rom_scan? If shadow warning >is simply silenced for such case, it seems breaking the purpose of >disable_dom_write_access... >I make a quick test, that warning disappears after moving disable action post rom_scan. But I haven''t found the place triggering such write violation, as in previous revision write access is also disabled before rom_scan. It could come from recent bochs update on expansion rom part by 18931. Thanks, Kevin _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2008-Dec-22 13:42 UTC
Re: [Xen-devel] guest attempted write to read-only memory page.
On 22/12/2008 13:20, "Tian, Kevin" <kevin.tian@intel.com> wrote:>> Should we move disable action to post rom_scan? If shadow warning >> is simply silenced for such case, it seems breaking the purpose of >> disable_dom_write_access... >> > > I make a quick test, that warning disappears after moving disable > action post rom_scan. But I haven''t found the place triggering such > write violation, as in previous revision write access is also disabled > before rom_scan. It could come from recent bochs update on > expansion rom part by 18931.Yes, I can repro the warnings. They are due to the vm86 acceleration changes. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Tian, Kevin
2008-Dec-22 14:21 UTC
RE: [Xen-devel] guest attempted write to read-only memory page.
>From: Keir Fraser [mailto:keir.fraser@eu.citrix.com] >Sent: Monday, December 22, 2008 9:43 PM > >On 22/12/2008 13:20, "Tian, Kevin" <kevin.tian@intel.com> wrote: > >>> Should we move disable action to post rom_scan? If shadow warning >>> is simply silenced for such case, it seems breaking the purpose of >>> disable_dom_write_access... >>> >> >> I make a quick test, that warning disappears after moving disable >> action post rom_scan. But I haven''t found the place triggering such >> write violation, as in previous revision write access is >also disabled >> before rom_scan. It could come from recent bochs update on >> expansion rom part by 18931. > >Yes, I can repro the warnings. They are due to the vm86 acceleration >changes. >I saw you removed the warning in latest tree, but sorry that I''m still a bit confused about logic here. Could you help clarify the underlying story to me? :-) Why is such write attempt legitimate? Is the emulation a dummy nop or actually emulated? Thanks, Kevin _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2008-Dec-22 15:11 UTC
Re: [Xen-devel] guest attempted write to read-only memory page.
On 22/12/2008 14:21, "Tian, Kevin" <kevin.tian@intel.com> wrote:>> Yes, I can repro the warnings. They are due to the vm86 acceleration >> changes. >> > > I saw you removed the warning in latest tree, but sorry that I''m still > a bit confused about logic here. Could you help clarify the underlying > story to me? :-) Why is such write attempt legitimate? Is the emulation > a dummy nop or actually emulated?The write is thrown away, and the instruction is skipped. Etherboot can handle these write attempts failing (obviously, since it could really be executed out of ROM). It attempts them just to set up some version info strings, I think -- nothing at all important. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Tian, Kevin
2008-Dec-23 02:37 UTC
RE: [Xen-devel] guest attempted write to read-only memory page.
>From: Keir Fraser [mailto:keir.fraser@eu.citrix.com] >Sent: Monday, December 22, 2008 11:11 PM > >On 22/12/2008 14:21, "Tian, Kevin" <kevin.tian@intel.com> wrote: > >>> Yes, I can repro the warnings. They are due to the vm86 acceleration >>> changes. >>> >> >> I saw you removed the warning in latest tree, but sorry that >I''m still >> a bit confused about logic here. Could you help clarify the >underlying >> story to me? :-) Why is such write attempt legitimate? Is >the emulation >> a dummy nop or actually emulated? > >The write is thrown away, and the instruction is skipped. Etherboot can >handle these write attempts failing (obviously, since it could >really be >executed out of ROM). It attempts them just to set up some version info >strings, I think -- nothing at all important. >ok, got it. Thanks, Kevin _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Akio Takebe
2008-Dec-25 01:54 UTC
Re: [Xen-devel] guest attempted write to read-only memory page.
Tian, Kevin wrote:>> From: Tian, Kevin >> Sent: Monday, December 22, 2008 9:11 PM >>> Possibly we should silence the shadow code too, at least >>> perhaps while in >>> real mode or for a certain EIP range. >>> >> I''m not sure that''s the right fix. Why is write access to rom disabled >> before rom scan when etherboot is known to have write requirement? >> >> #ifdef HVMASSIST >> call _enable_rom_write_access >> call _clobber_entry_point >> call _copy_e820_table >> call smbios_init >> call _disable_rom_write_access >> #endif >> >> call _init_boot_vectors >> >> mov cx, #0xc800 ;; init option roms >> mov ax, #0xe000 >> call rom_scan >> >> Should we move disable action to post rom_scan? If shadow warning >> is simply silenced for such case, it seems breaking the purpose of >> disable_dom_write_access... >> > > I make a quick test, that warning disappears after moving disable > action post rom_scan. But I haven''t found the place triggering such > write violation, as in previous revision write access is also disabled > before rom_scan. It could come from recent bochs update on > expansion rom part by 18931.Sorry for my late response. That''s a bug of mine. Some option ROMs would do write accesses. So rombios need to enable write acess before rom_scan. I''ll post a patch to fix. Best Regards, Akio Takebe _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2008-Dec-25 08:09 UTC
Re: [Xen-devel] guest attempted write to read-only memory page.
On 25/12/2008 01:54, "Akio Takebe" <takebe_akio@jp.fujitsu.com> wrote:>> I make a quick test, that warning disappears after moving disable >> action post rom_scan. But I haven''t found the place triggering such >> write violation, as in previous revision write access is also disabled >> before rom_scan. It could come from recent bochs update on >> expansion rom part by 18931. > > Sorry for my late response. > That''s a bug of mine. > > Some option ROMs would do write accesses. > So rombios need to enable write acess before rom_scan. > I''ll post a patch to fix.This behaviour existed before your upgrade, and it''s not a bug. I fixed by removing the warning message. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Akio Takebe
2008-Dec-25 08:36 UTC
Re: [Xen-devel] guest attempted write to read-only memory page.
Keir Fraser wrote:> On 25/12/2008 01:54, "Akio Takebe" <takebe_akio@jp.fujitsu.com> wrote: > >>> I make a quick test, that warning disappears after moving disable >>> action post rom_scan. But I haven''t found the place triggering such >>> write violation, as in previous revision write access is also disabled >>> before rom_scan. It could come from recent bochs update on >>> expansion rom part by 18931. >> Sorry for my late response. >> That''s a bug of mine. >> >> Some option ROMs would do write accesses. >> So rombios need to enable write acess before rom_scan. >> I''ll post a patch to fix. > > This behaviour existed before your upgrade, and it''s not a bug. I fixed by > removing the warning message. >But shadow memory should enable write accesses during INIT and BCV. It''s in BBS spec. Best Regards, Akio Takebe _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2008-Dec-25 09:09 UTC
Re: [Xen-devel] guest attempted write to read-only memory page.
On 25/12/2008 08:36, "Akio Takebe" <takebe_akio@jp.fujitsu.com> wrote:>>> Some option ROMs would do write accesses. >>> So rombios need to enable write acess before rom_scan. >>> I''ll post a patch to fix. >> >> This behaviour existed before your upgrade, and it''s not a bug. I fixed by >> removing the warning message. >> > But shadow memory should enable write accesses during INIT and BCV. > It''s in BBS spec.Oh, I hadn''t realised that. Perhaps then it is appropriate to apply your patch and actually re-enable warnings in Xen. Since the only ''false positives'' were from the ROM initialisations. I shall apply something suitable. Thanks. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel