[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 00/11] Alternate p2m: support multiple copies of host p2m



On Thu, Mar 5, 2015 at 11:36 AM, Tim Deegan <tim@xxxxxxx> wrote:
> At 00:06 +0100 on 05 Mar (1425510383), Tamas K Lengyel wrote:
>> Let's assume we trap an instruction that only performs data accesses
>> on pages other than the one the instruction was fetched from. Since
>> the instruction fetch is repeated after a failed data access due to
>> EPT violation, the page containing the instruction has to be at least
>> --x and the pages that will be touched by it rw- (or the proper
>> combination or r-- and rw-) simultaneously in order to avoid getting
>> into a live-lock. This results in all subsequent instruction fetches
>> to succeed from the original page. Furthermore, as long as all such
>> subsequent instructions keep accessing only the pages touched by the
>> first instruction, we could end up missing a good chunk of code
>> execution.
>
> If all you want is to audit the changes that were made to the target
> page before making them visible (e.g. before marking the target page
> executable or before undoing a private redirection of the page) then
> perhaps you don't care how many instructions have executed.  You can
> just treat that chunk of execution as if it were one really complex
> instruction.
>
> Tim.

Thanks Tim, that indeed seems to have been the intended usecase for
this subsystem. The usecase I was thinking is API call tracing via
instruction fetch violations (stealthy debugging). Unfortunately that
doesn't seem to be possible and the terminology used in the
slides/discussion has been somewhat misleading regarding this
possibility.

Thanks,
Tamas

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.