Hi,
Sorry for my posting question in such a bad manner.Actually I want to
rebuild a GuestOS including vcpu and memory , and allow dom0 to modify
the memory such as page table.In this way, I can experiment some test
such as monitor attack and rebuild the attack for the sake of
researching.Back to my problem,I have discover a piece of code in Xen
to get the mfn from virtual address inside Guest OS.But when I eager
to change the mfn that the entry points to.Something went wrong.
/*=============================*/
static unsigned long
dbg_pv_va2mfn(dbgva_t vaddr, struct domain *dp, uint64_t pgd3val)
{
l3_pgentry_t l3e, *l3t;
l2_pgentry_t l2e, *l2t;
l1_pgentry_t l1e, *l1t;
unsigned long cr3 = (pgd3val ? pgd3val : dp->vcpu[0]->arch.cr3);
unsigned long mfn = cr3 >> PAGE_SHIFT;
DBGP2("vaddr:%lx domid:%d cr3:%lx pgd3:%lx\n", vaddr, dp->domain_id,
cr3, pgd3val);
if ( pgd3val == 0 )
{
l3t = map_domain_page(mfn);
l3t += (cr3 & 0xFE0UL) >> 3;
l3e = l3t[l3_table_offset(vaddr)];
mfn = l3e_get_pfn(l3e);
unmap_domain_page(l3t);
if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
return INVALID_MFN;
}
l2t = map_domain_page(mfn);
l2e = l2t[l2_table_offset(vaddr)];
mfn = l2e_get_pfn(l2e);
unmap_domain_page(l2t);
if ( !(l2e_get_flags(l2e) & _PAGE_PRESENT) ||
(l2e_get_flags(l2e) & _PAGE_PSE) )
return INVALID_MFN;
l1t = map_domain_page(mfn);
l1e = l1t[l1_table_offset(vaddr)]; //--------------------------(1)
mfn = l1e_get_pfn(l1e); //--------------------------(1)
unmap_domain_page(l1t);
return mfn_valid(mfn) ? mfn : INVALID_MFN;
}
For example,what should I do if I want to modify the mfn that l1e
entry points to?Seems that changing the value of l1e is not enough.Now
I am working through my way to modify do_mmu_update to make it
available inside the Xen and use it to modify the page table.Am I in
the right path.Thank you for answering it.
Thanks
2011/9/12, Tim Deegan <tim@xxxxxxx>:
> Hello,
>
> Please read http://wiki.xen.org/xenwiki/AskingXenDevelQuestions before
> posting again; it's pretty unclear from your email what you're trying to
> do and how it fails.
>
> At 17:16 +0800 on 12 Sep (1315847793), ???? wrote:
>> Hi,everyone
>> I have been using dbg_pv_va2mfn() function to scan PV dom's page
>> table.However,when i intended to modify the page table's entry.Something
>> went wrong.
>> Should I modify the P2M and M2P table,either?But I kind of lose track of
>> how
>> things work at P2M and M2P table.Can someone tell me something about these
>> tables.
>> Or can someone can tell me which function can come in handy,or where to
>> look
>> in.
>> I am in the middle of a project that needs to manipulate the page table
>> in
>> dom.
>
> OK, I guess from the code below that you want to change the contents of
> a PV guest's pagetables from inside Xen? That's not really allowed --
> since PV guests make their own pagetables you need to have the guest
> OS's cooperation.
>
> If you tell us what the project is, and _why_ you want to do this, we
> might be able to suggest a better approach.
>
> Cheers,
>
> Tim.
>
>> For example,
>> static unsigned long
>> dbg_pv_va2mfn(dbgva_t vaddr, struct domain *dp, uint64_t pgd3val)
>> {
>> l3_pgentry_t l3e, *l3t;
>> l2_pgentry_t l2e, *l2t;
>> l1_pgentry_t l1e, *l1t;
>> unsigned long cr3 = (pgd3val ? pgd3val : dp->vcpu[0]->arch.cr3);
>> unsigned long mfn = cr3 >> PAGE_SHIFT;
>>
>> DBGP2("vaddr:%lx domid:%d cr3:%lx pgd3:%lx\n", vaddr, dp->domain_id,
>> cr3, pgd3val);
>>
>> if ( pgd3val == 0 )
>> {
>> l3t = map_domain_page(mfn);
>> l3t += (cr3 & 0xFE0UL) >> 3;
>> l3e = l3t[l3_table_offset(vaddr)];
>> mfn = l3e_get_pfn(l3e);
>> unmap_domain_page(l3t);
>> if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
>> return INVALID_MFN;
>> }
>>
>> l2t = map_domain_page(mfn);
>> l2e = l2t[l2_table_offset(vaddr)];
>> mfn = l2e_get_pfn(l2e);
>> unmap_domain_page(l2t);
>> if ( !(l2e_get_flags(l2e) & _PAGE_PRESENT) ||
>> (l2e_get_flags(l2e) & _PAGE_PSE) )
>> return INVALID_MFN;
>>
>> l1t = map_domain_page(mfn);
>> l1e =
>> l1t[l1_table_offset(vaddr)];----------------------------------(1)
>> mfn =
>> l1e_get_pfn(l1e);----------------------------------------------(2)
>>
>> unmap_domain_page(l1t);
>>
>> return mfn_valid(mfn) ? mfn : INVALID_MFN;
>> }
>> What should i do if i want to change the l1e page table entry.I allocate a
>> page using the function alloc_domheap_page,and use l1e_from_page() to
>> write
>> the l1e entry,but it proved to be wrong,and my system keeps reboot itself.
>> Can anyone gives me a hand?
>>
>>
>> Thanks
>
>> _______________________________________________
>> Xen-devel mailing list
>> Xen-devel@xxxxxxxxxxxxxxxxxxx
>> http://lists.xensource.com/xen-devel
>
>
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|