[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Fwd: about page table

Hi,
Sorry for my posting question in such a bad manner.Actually I want to
rebuild a GuestOS including vcpu and memory , and allow dom0 to modify
the memory such as page table.In this way, I can experiment some test
such as monitor attack and rebuild the attack for the sake of
researching.Back to my problem,I have discover a piece of code in Xen
to get the mfn from virtual address inside Guest OS.But when I eager
to change the mfn that the entry points to.Something went wrong.

/*=============================*/
static unsigned long
dbg_pv_va2mfn(dbgva_t vaddr, struct domain *dp, uint64_t pgd3val)
{
    l3_pgentry_t l3e, *l3t;
    l2_pgentry_t l2e, *l2t;
    l1_pgentry_t l1e, *l1t;
    unsigned long cr3 = (pgd3val ? pgd3val : dp->vcpu[0]->arch.cr3);
    unsigned long mfn = cr3 >> PAGE_SHIFT;

    DBGP2("vaddr:%lx domid:%d cr3:%lx pgd3:%lx\n", vaddr, dp->domain_id,
          cr3, pgd3val);

    if ( pgd3val == 0 )
    {
        l3t  = map_domain_page(mfn);
        l3t += (cr3 & 0xFE0UL) >> 3;
        l3e = l3t[l3_table_offset(vaddr)];
        mfn = l3e_get_pfn(l3e);
        unmap_domain_page(l3t);
        if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
            return INVALID_MFN;
    }

    l2t = map_domain_page(mfn);
    l2e = l2t[l2_table_offset(vaddr)];
    mfn = l2e_get_pfn(l2e);
    unmap_domain_page(l2t);
    if ( !(l2e_get_flags(l2e) & _PAGE_PRESENT) ||
         (l2e_get_flags(l2e) & _PAGE_PSE) )
        return INVALID_MFN;

    l1t = map_domain_page(mfn);
    l1e = l1t[l1_table_offset(vaddr)]; //--------------------------(1)
    mfn = l1e_get_pfn(l1e);             //--------------------------(1)
    unmap_domain_page(l1t);

    return mfn_valid(mfn) ? mfn : INVALID_MFN;
}

For example,what should I do if I want to modify the mfn that l1e
entry points to?Seems that changing the value of l1e is not enough.Now
I am working through my way to modify do_mmu_update to make it
available inside the Xen and use it to modify the page table.Am I in
the right path.Thank you for answering it.

                                              Thanks

2011/9/12, Tim Deegan <tim@xxxxxxx>:
> Hello,
>
> Please read http://wiki.xen.org/xenwiki/AskingXenDevelQuestions before
> posting again; it's pretty unclear from your email what you're trying to
> do and how it fails.
>
> At 17:16 +0800 on 12 Sep (1315847793), ???? wrote:
>> Hi,everyone
>> I have been using dbg_pv_va2mfn() function to scan PV dom's page
>> table.However,when i intended to modify the page table's entry.Something
>> went wrong.
>> Should I modify the P2M and M2P table,either?But I kind of lose track of
>> how
>> things work at P2M and M2P table.Can someone tell me something about these
>> tables.
>> Or can someone can tell me which function can come in handy,or where to
>> look
>> in.
>> I am in the middle of  a project that needs to manipulate the page table
>> in
>> dom.
>
> OK, I guess from the code below that you want to change the contents of
> a PV guest's pagetables from inside Xen?  That's not really allowed --
> since PV guests make their own pagetables you need to have the guest
> OS's cooperation.
>
> If you tell us what the project is, and _why_ you want to do this, we
> might be able to suggest a better approach.
>
> Cheers,
>
> Tim.
>
>> For example,
>> static unsigned long
>> dbg_pv_va2mfn(dbgva_t vaddr, struct domain *dp, uint64_t pgd3val)
>> {
>>     l3_pgentry_t l3e, *l3t;
>>     l2_pgentry_t l2e, *l2t;
>>     l1_pgentry_t l1e, *l1t;
>>     unsigned long cr3 = (pgd3val ? pgd3val : dp->vcpu[0]->arch.cr3);
>>     unsigned long mfn = cr3 >> PAGE_SHIFT;
>>
>>     DBGP2("vaddr:%lx domid:%d cr3:%lx pgd3:%lx\n", vaddr, dp->domain_id,
>>           cr3, pgd3val);
>>
>>     if ( pgd3val == 0 )
>>     {
>>         l3t  = map_domain_page(mfn);
>>         l3t += (cr3 & 0xFE0UL) >> 3;
>>         l3e = l3t[l3_table_offset(vaddr)];
>>         mfn = l3e_get_pfn(l3e);
>>         unmap_domain_page(l3t);
>>         if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
>>             return INVALID_MFN;
>>     }
>>
>>     l2t = map_domain_page(mfn);
>>     l2e = l2t[l2_table_offset(vaddr)];
>>     mfn = l2e_get_pfn(l2e);
>>     unmap_domain_page(l2t);
>>     if ( !(l2e_get_flags(l2e) & _PAGE_PRESENT) ||
>>          (l2e_get_flags(l2e) & _PAGE_PSE) )
>>         return INVALID_MFN;
>>
>>     l1t = map_domain_page(mfn);
>>     l1e =
>> l1t[l1_table_offset(vaddr)];----------------------------------(1)
>>     mfn =
>> l1e_get_pfn(l1e);----------------------------------------------(2)
>>
>>     unmap_domain_page(l1t);
>>
>>     return mfn_valid(mfn) ? mfn : INVALID_MFN;
>> }
>> What should i do if i want to change the l1e page table entry.I allocate a
>> page using the function alloc_domheap_page,and use l1e_from_page() to
>> write
>> the l1e entry,but it proved to be wrong,and my system keeps reboot itself.
>> Can anyone gives me a hand?
>>
>>
>>                        Thanks
>
>> _______________________________________________
>> Xen-devel mailing list
>> Xen-devel@xxxxxxxxxxxxxxxxxxx
>> http://lists.xensource.com/xen-devel
>
>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.