This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] read-only pagetable entries

To: Srujan Kotikela <ksrujandas@xxxxxxxxx>
Subject: Re: [Xen-devel] read-only pagetable entries
From: Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Date: Mon, 20 Jun 2011 09:27:37 +0100
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 20 Jun 2011 01:30:31 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <BANLkTimY71LDc-fyeBjN+q=UFxeXR4Xmpg@xxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <BANLkTimY71LDc-fyeBjN+q=UFxeXR4Xmpg@xxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.21 (2010-09-15)

At 21:29 -0500 on 19 Jun (1308518969), Srujan Kotikela wrote:
> I am trying to mark certain page-table entries (pte) of a guest as read-only
> by the guest operating system (complete control by xen). If this pte is
> ever to be changed to READ/WRITE, it should be done by  a custom hypercall
> (called only by a special process). The guest os's request to mark this pte
> READ/WRITE should be denied/ignored by xen.
> The approach I am planning is, obtain the (guest) virtual address from the
> process and pass to xen through hypercall, obtain cr3 from the vcpu, compute
> PDE (page directory entry), obtain PT (Page Table) base address, compute
> PTE's (guest) physical address. Then translate PFN to MFN and update the
> entries to READ-ONLY.
> However, I feel this process is not sufficient to restrict the OS from
> changing it.

It's certainly not enough to stop the OS from changing it by itself.
You'd need to make that PTE read-only _and_ make all mappings of the PTE
itself read-only _and_ make sure there are no new r/w mappings of it.

I think the right thing to do is to translate the VA you start with into
a PFN and then just call p2m_change_type to mark that PFN read-only.
That way, the PTE the guest sees will still be r/w but all writes to the
address will be dropped.  (That assumes this is a HVM guest, by the



Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Principal Software Engineer, Xen Platform Team
Citrix Systems UK Ltd.  (Company #02937203, SL9 0BG)

Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>