I learned from the Xen SOSP paper that Xen installs a fast trap handler to
allow the system calls issued by guest app direct trap into the guest os
system trap handler. I guess the procedure should be as follows:
Guest app issues a system call, because it runs at ring 3, the instruction
will be trapped. Xem hypervisor, as a VMM, defines an exception handler
for int 80. In the exception handler, there are an interrupt vector
defined according to current running guest OS. That is, guest os reports
its interrupt vector to vmm, and vmm save the vector for fast handling.
Since VMM knows the interrupt vector of the specific guest os, it can
directly jump to the right place, which is the entry of the guest os
system call function, and start to process the system call.
Is my understanding right? If so, I have two questions:
first, when will the guest os register the system call handler with the
second, if a guest os is compromised, can intruders change the handler by
registering another entry point at runtime?
I noticed that many people are trying to do more development on Xen. Can
Xen group publish more design document? Although reading source code is
usually a good way to understand Xen, it is not the fastest way, not to
mention that people may misunderstand some codes. Maybe a simple flow
chart of Xen will help us a lot!
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
Xen-devel mailing list