I''m working on a security application and we want to be able to specify guest memory addresses to monitor. When those addresses (or address range) get written, a notification is sent to the user application in dom0. Currently, we''re doing this by mapping pages and polling but that''s sort of ugly. In general, I believe all I have to do is walk the guest''s page tables and mark the pages of interest as read-only. Then, when the guest attempts to write to the page, we can check the address in the page fault handler and if it an address we care about, notify the user and pass the write operation along. Is it possible to walk an HVM guest''s page tables? Can someone point me to code that does it? I read that the dirty page logging that occurs during live migration starts by making all the pages readonly but when I trace the code for paging_log_dirty_enable(), it doesn''t look like that''s happening. Thanks -matthew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
At 10:23 -0400 on 22 Jul (1216722197), Matthew Donovan wrote:> Is it possible to walk an HVM guest''s page tables? Can someone point me to > code that does it?>From inside Xen? paging_gva_to_gfn().> I read that the dirty page logging that occurs during live migration starts > by making all the pages readonly but when I trace the code for > paging_log_dirty_enable(), it doesn''t look like that''s happening.There are two versions of log-dirty; by far the easier to understand is the hardware-assisted paging code (aka NPT aka EPT); look at hap_enable_log_dirty() &c in xen/arch/x86/mm/hap/hap.c, and svm_do_nested_pgfault() in xen/arch/x86/hvm/svm/svm.c The other version is in the shadow pagetable code and actually removes _all_ mappings of guest memory (by calling shadow_blow_tables) and then marks pages dirty when it puts writeable mappings into the shadows (enforced in _sh_propagate() in xen/arch/x86/mmshadow/multi.c. Tim. -- Tim Deegan <Tim.Deegan@citrix.com> Principal Software Engineer, Citrix Systems (R&D) Ltd. [Company #02300071, SL9 0DZ, UK.] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel