This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] [RESEND] Question about recursive mappings

To: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Subject: Re: [Xen-devel] [RESEND] Question about recursive mappings
From: Mathieu Ropert <mro@xxxxxxxxxx>
Date: Tue, 23 May 2006 14:22:15 +0200
Cc: Ian Pratt <m+Ian.Pratt@xxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 24 May 2006 01:57:55 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <9e623acb8c30c70453a9b82b8b9a63b7@xxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <A95E2296287EAD4EB592B5DEEFCE0E9D4BA7E0@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <9e623acb8c30c70453a9b82b8b9a63b7@xxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0.8 (X11/20060502)
Keir Fraser wrote:

On 23 May 2006, at 10:41, Ian Pratt wrote:

Can you explain the pagtable structure a little better please. Does the
L3 contain an entry point at itself (recursive), or at another L3

I've never come across non-root pagetable linear mappings other than in
the crock that is PAE (3 level) where you have to use 4 entries in an L2
to point to all the L2s due to the limited address space.

And that's something we don't currently support. A slightly more generic linear pagetable logic that would permit us to support linear pagetables on PAE would be a good thing.

 -- Keir

A bit more explanation:
- All my L4 tables (kernel and user) have one of their entries pointing on themselves. - As I can't use the same tables in kernel and user mode on x86_64, the kernel table is always the same, and sometimes needs to map a user L4 to modify. - In order to do that, i set an entry of the kernel L4 to the machine address of the wanted L4 user table. So my L4 user recursive entry is used as a L3 one in kernel tables.
- When i want to access a user table in kernel mode, i do 2 mmu updates:
1/ Set a L4 kernel table entry with the machine address of the L4 user table i want to change. This step currently works. 2/ Set the L4 user table recursive as valid (i clear the valid bit when i'm done with my changes, don't want the user to be able to read his page tables). This is where Xen refuse to update the tables.

About the possible fix, won't something like trying a get_linear_pagetable() at all level works? Will it cause too much overhead? Generally speaking, is allowing a R/O mapping of another table the domain own (whichever level it is) safe? At first thought, i don't see any way of exploiting it.


Xen-devel mailing list