Keir Fraser
2004-Sep-10 14:19 UTC
Re: Never mind Re: [Xen-devel] Re: Xen reboots when trying to start new domain
> When do the changes to the ptes take effect? How does Xen enforce > security in this case? My guess would be to detach the leaf table from > the page directory, and reattach and check it on demand at first fault. > Is this correct? Does Xen keep shadow copies of all pgds then, or only > the currently active one? Sounds clever.You just described version 1 of writable pagetables. In v2, when the guest tries to write his pagetable we instead give him write access to a copy of that table. Then, next time he TLB flushes, or the guest faults on the VA area that th eupdated p.t. maps, we validate any modifications and copy them back into the real p.t. This means there is no need to unlink the real p.t. at any point. -- Keir ------------------------------------------------------- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php _______________________________________________ Xen-devel mailing list Xen-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xen-devel