This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] read-only pagetable entries

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] read-only pagetable entries
From: Srujan Kotikela <ksrujandas@xxxxxxxxx>
Date: Sun, 19 Jun 2011 21:29:29 -0500
Delivery-date: Sun, 19 Jun 2011 19:30:07 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:date:message-id:subject:from:to :content-type; bh=2FicoCdOcAZL0xxeRg7/oATmyJKYOYesNbH3q3wO/8U=; b=wjbcOzBSVGqNO2JyWWeA8BEOCIkcOHG6K1jRid2bDi2YXtQWNDGNqqct1Pa2kYGVtl fe9pbCIRmoR4rVNENdGjhxeG1VrJdWoDQtZRp9q46KTh4WzAVcz09Ydgd85Dc6CzNZRp xf3szrS+IedguYPB0kXx8oaXUoUzurVAoYkXk=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=sD1IxyYNeG6OUyN1k07PKWlHEyuwdDe2a9QcA2qOZkFUmQwE8ojZ6Dc3iOEHnPG+gf s/5fTAHN+Fuo4hvct3xUbRgqHlbOiiEMDGcSAfE70rX2Jf2VsZWcLhnVHh3JnY4LU4ZJ SMxX7nP7zpk/29jsWUJhKrgHbOpUNPjCnKg4s=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx

I am trying to mark certain page-table entries (pte) of a guest as read-only by the guest operating system (complete control by xen). If this pte is ever to be changed to READ/WRITE, it should be done by  a custom hypercall (called only by a special process). The guest os's request to mark this pte READ/WRITE should be denied/ignored by xen. 

The approach I am planning is, obtain the (guest) virtual address from the process and pass to xen through hypercall, obtain cr3 from the vcpu, compute PDE (page directory entry), obtain PT (Page Table) base address, compute PTE's (guest) physical address. Then translate PFN to MFN and update the entries to READ-ONLY. 

However, I feel this process is not sufficient to restrict the OS from changing it. So I would like to know your suggestions/changes in my approach.

Srujan D. Kotikela
Xen-devel mailing list
<Prev in Thread] Current Thread [Next in Thread>