limp
2010-Oct-16 14:55 UTC
[Xen-devel] Prevent guest OSes from accessing paricular memory locations
Hi all, This is my first post on the list so please bare with me! I would like to use Xen hypervisor for running a Linux guest but I want to prohibit Linux from accessing (i.e. writing to) some physical memory locations in which registers of some x86 peripherals are located in. For instance, I would like to prevent Linux (not only the Linux kernel code but anyone who tries to access these I/O ports and memory mapped registers by e.g. writing a kernel module, etc.) from accessing I/O ports 3F8h - 3FFh (serial port 1) and HPET memory mapped registers at 0xFED00000 - 0xFED003FF. Is it possible Xen to redirect these accesses to a printf displaying for instance a message saying "The access to this memory location is not allowed" or just ignore them? Please have a look at http://img209.imageshack.us/img209/4431/linuxmoduleaccessesproh.gif for a graphical overview of what I want to achieve. Any help will be much appreciated. Kind Regards, Ioannis. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Pasi Kärkkäinen
2010-Oct-16 17:30 UTC
Re: [Xen-devel] Prevent guest OSes from accessing paricular memory locations
On Sat, Oct 16, 2010 at 03:55:37PM +0100, limp wrote:> Hi all, > > This is my first post on the list so please bare with me! > > I would like to use Xen hypervisor for running a Linux guest but I want to > prohibit Linux from accessing (i.e. writing to) some physical memory > locations in which registers of some x86 peripherals are located in. For > instance, I would like to prevent Linux (not only the Linux kernel code > but anyone who tries to access these I/O ports and memory mapped registers > by e.g. writing a kernel module, etc.) from accessing I/O ports 3F8h - > 3FFh (serial port 1) and HPET memory mapped registers at 0xFED00000 - > 0xFED003FF. > > Is it possible Xen to redirect these accesses to a printf displaying for > instance a message saying "The access to this memory location is not > allowed" or just ignore them? > > Please have a look at > [1]http://img209.imageshack.us/img209/4431/linuxmoduleaccessesproh.gif for > a graphical overview of what I want to achieve. > > Any help will be much appreciated. >So I assume you''re talking about Linux driver in Xen dom0 ? How about using Xen hypervisor badpage= boot option to mark specific memory addresses as bad? See: http://wiki.xensource.com/xenwiki/XenHypervisorBootOptions -- Pasi _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel