This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] Can't map the page referenced by HVM-DomU CR3 in Dom0

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] Can't map the page referenced by HVM-DomU CR3 in Dom0
From: david <david_n@xxxxxx>
Date: Fri, 15 Apr 2011 15:45:34 +0200
Delivery-date: Fri, 15 Apr 2011 06:45:56 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Lightning/1.0b3pre Thunderbird/3.1.9

I'm trying to access the page containing the paging information for a DomU from Dom0.

I'm doing that by translating the address contained in the DomU CR3 register with xc_translate_foreign_address (libxc) and try to map the
returned frame number with xc_map_foreign_range.

The problem is, that the return value from xc_translate_foreign_address is 0 (guest cr3 is 0x002f3000 in my case), which indicates an error (corresponding to the code comments). After some debugging I have discovered, that pte becomes 0 when level=2 and therefore the function returns 0 on line 79:

69    /* Walk the pagetables */
70    for (level = pt_levels; level > 0; level--) {
71        paddr += ((virt & mask) >> (xc_ffs64(mask) - 1)) * size;
72        map = xc_map_foreign_range(xc_handle, dom, PAGE_SIZE, PROT_READ,
73                                   paddr >>PAGE_SHIFT);
74        if (!map)
75            return 0;
76        memcpy(&pte, map + (paddr & (PAGE_SIZE - 1)), size);
77        munmap(map, PAGE_SIZE);
78        if (!(pte & 1))
79            return 0;
80        paddr = pte & 0x000ffffffffff000ull;

I'm currently trying to examine why pte becomes 0. Is anyone familiar with this part of the code and can explain why it is not possible to map the page?

My setup:
Dom0: debian x86_64
DomU: HVM Win XP SP2 32bit

thanks for any hints,


Xen-devel mailing list