At 09:24 -0500 on 05 Jan (1231147482), Mike Sun wrote:
> Yeah, I've tried adding checks as well (not seen in this version of
> the code) to first check the guest PTE to see if it's writable and to
> check to see if it's shadowed. But I also thought that if I check
> that that mapped page type was PGT_writable_page with a type count of
> 0, I could assume that the guest PTE mapped the page as writable, no?
No, sorry. All it means is that the last typecount it has was
PGT_writeable -- which will indeed have come from a writeable PTE, but
it might not have been this one! The page could have been freed and
recycled as a copy-on-write text page (and dirtied by DMA filling it
with data); or it could be writeable in the kernel and this PTE could be
a read-only user-mode mapping of the same data...
And even if this guest PTE allows write access, you can't allow write
access in the shadow PTE if the target mfn is shadowed, because all
shadowed pages must be read-only in the shadows so that we can intercept
and emulate writes to them. So you need to check that too.
Ideally you'd replicate all the checks that are done in _sh_propagate
(guest PTE allows writes, target pfn not read-only, target mfn not
shadowed, maybe some others I don't remember).
Cheers,
Tim.
--
Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Principal Software Engineer, Citrix Systems (R&D) Ltd.
[Company #02300071, SL9 0DZ, UK.]
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|