[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Read-only locking of Guest Memory pages

  • To: Tim Deegan <Tim.Deegan@xxxxxxxxxx>
  • From: Srujan Kotikela <ksrujandas@xxxxxxxxx>
  • Date: Thu, 16 Jun 2011 07:38:13 -0500
  • Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
  • Delivery-date: Thu, 16 Jun 2011 05:41:48 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=rbv2Aw9GUmhCmtpDcyUtgZcflvN0fOqUwuzEx9/BgW//y7XqKjLWdLz1WlTDHZvl11 tR9wVhsVsnU36c4M5Mt47NUB7FMDqYUrK5d/+x8yas/oX6RNptFPo97bsK97gboU/Sby HzsWVAzqkB7MmNMKq8slfHiMZr1zu7p/r7raI=
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>
I have read that xen traps all the updates to page tables from guest os. How does this work in case of hvm and/or no EPT?
Also isn't it true that xen maintains these page tables as read only? Correct me, if I am wrong. 

--
Srujan D. Kotikela


On Wed, Jun 15, 2011 at 5:05 AM, Tim Deegan <Tim.Deegan@xxxxxxxxxx> wrote:
At 11:38 -0500 on 14 Jun (1308051493), Srujan Kotikela wrote:
> Hi Tim,
>
> I am trying to implement a secure architecture where a process' (selected)
> memory pages have to be set as read-only. The process will send the virtual
> address of pages required (through a custom hypercall) to be set read-only.
> I need to compute the physical address of the pages and set them read-only.

Thanks.  In that case I suspect the memory event hypercalls are what you
need.  They allow access rights on guest frames to be set from a tool in
dom0.  They only work on EPT, though.

Tim.

> On Tue, Jun 14, 2011 at 3:14 AM, Tim Deegan <Tim.Deegan@xxxxxxxxxx> wrote:
>
> > Hi,
> >
> > At 14:52 -0500 on 13 Jun (1307976734), Srujan Kotikela wrote:
> > > Does Xen provide any mechanism to set read-only access/lock on guest's
> > > pages?
> >
> > Yes, Xen has lots of code that makes guest memory read-only for various
> > reasons, and one of them might be suitable.  What's your overall goal?
> >
> > (BTW, you might want to read
> > http://wiki.xensource.com/xenwiki/AskingXenDevelQuestions)
> >
> > Cheers,
> >
> > Tim.
> >
> > --
> > Tim Deegan <Tim.Deegan@xxxxxxxxxx>
> > Principal Software Engineer, Xen Platform Team
> > Citrix Systems UK Ltd.  (Company #02937203, SL9 0BG)
> >

> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel


--
Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Principal Software Engineer, Xen Platform Team
Citrix Systems UK Ltd.  (Company #02937203, SL9 0BG)

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.