3 Replies Latest reply on Apr 30, 2009 8:20 PM by devcentral

    AMD SVM, hanlde intercepted page fault

      How to handle intercepted page fault.

      I am trying to write a simple hypervisor using AMD SVM.

      I was able to intercept Page Fault created by the guest (not Nested page fault). I handled it by injecting an PF event into the guest.

      The handler code is given below:

      vm->vmcb->eventinj.fields.vector =  14;
      vm->vmcb->eventinj.fields.type = EVENT_TYPE_EXCEPTION;
      vm->vmcb->eventinj.fields.ev = 1;
      vm->vmcb->eventinj.fields.v = 1;
      vm->vmcb->eventinj.fields.errorcode = vm->vmcb->exitinfo1;
      //errorcode givein in exitinfo1, will be pushed to the stack
      vm->vmcb->cr2 = vm->vmcb->exitinfo2;
      //exitinfo2 contains the faulting address, which should be put into cr2

      vm->vmcb is a pointer to the vmcb structure.


      Somehow the guest OS behaves different (does not boot correctly) if I enable this interception and handler.

      Anyone who have got Page fault interception to work, please tell me how you did it. It would help a lot.


        • AMD SVM, hanlde intercepted page fault

          The simplest answer may be: do not intercept page fault, which is possible only if you’re using nested paging.  However, in this case, my guess is that the Exitintinfo field was nonzero when this failure happened, and that’s the value you should be injecting.  Be careful of an infinite loop: the #PF will happen again if it’s really a guest #PF.  This situation can happen, for example, if the guest’s stack or IDT were paged out by the guest when an exception or interrupt arrived (though most OSes do not page out their system state).  And if you’re not intercepting the #PF, the problem is solved.  If you must intercept #PF, and if Exitintinfo is nonzero, then you may need to emulate the stack push yourself. 


          If this is shadow paging, then you must handle the #PF in the hypervisor and decide whether this is really a #PF that the guest caused, or if it’s a #PF induced by the hypervisor’s shadow paging algorithm.  You might want to look at Xen or KVM’s implementation to compare what they’re doing.