| |
|
 |
|
 |
|
|
|
| |
|
|
xen-devel
Re: [Xen-devel] Logging External Page Writes for a Given Domain
Scott Baker wrote:
Hello, all:
My team's goal is to be able to log all writes that are made to any
memory page of a certain domain, except those writes that the domain
itself makes. That is to say, if Domain 2 is the domain we want to
log page writes for (where logging is capturing what was written and
its location), then we want to be able to log all the writes made by
any domain /except/ Domain 2 -- i.e., writes made to shared pages that
belong to Domain 2.
The details here are going to make a big difference. Do you want to
know the content of every write?
You'll have to modify Xen. You can probably reuse some of the shadow
paging code to track the dirty mappings of foreign pages for a domain.
However, this won't track the contents of the write.
If you want to do that, you're going to have to implement a large amount
of emulation to track what data gets written to the page so you can
emulate the writes completely. If this is an important requirement, you
may wish to try to user an emulator (Bochs or qemu).
Regards,
Anthony Liguori
Ideally, we would like to be able to have these writes for domain /x/
detected and trap to a process running on Domain 0, with minimal VMM
modification. Preferably, the method used would only cause
significant overhead when a write is made from outside domain /x/
(rather than for every write /x/ and everyone else makes), but I'm not
picky about efficiency at the moment.
The rough idea we have at this point is to make the monitor process on
Domain 0 mark all the pages of Domain /x/ as read-only (while
remembering which are actually read-only). Then, when a write-fault
occurred, the VMM would pass it on to the monitoring process, which
would then let Domain /x/ finish the write, the monitor would record
what was written, and let everything continue as normal.
Unfortunately, I'm not sure how that vague sketch fits into Xen. For
the page table read-only flag setting, would we use the
update_va_mapping() hypercall? And, how would the monitoring process
let Domain /x/ finish the write and then get control back? (Or, does
the VMM know what is about to be written, so we could just pass that
to the monitoring process?) Finally, where in Xen's code would we
have to go to modify the fault-handling behavior so the callback could
be made?
Hope I'm clear, and hope you can help a newbie!
Thanks,
Scott
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
| |
|
Home