This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] create shadow pages

To: Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Subject: Re: [Xen-devel] create shadow pages
From: ding baozeng <baozengding@xxxxxxxxx>
Date: Fri, 5 Nov 2010 19:42:39 +0800
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Fri, 05 Nov 2010 04:43:36 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=M3dIUlwjovEWWqeWnOdmFe0YZLlF7Wk8MqmGLvI3m/Q=; b=vZo7/wqq9dQ5ei9TuZaGuCVoK5Cd6ohXZ7/MF/SQMS4/Pk+rY6fq1gaogQVxsH4PL/ 2sUC/Je3ZBrhjAiMDG3U/zwxIjBkU1YWOQaef5w0Wf0igPnbZKZm3LaiV/6TWpnDExT8 3KtZCFz3/pxDN/yRwBAp4FK7ot9fGIYJ7YOeo=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=M/wzoRwmqVUFURpgVRyvg3ZssHZZvU3QdLFlDzbZj8WtHzp2oj5fOnkLomVPGbSg8Z vj0zVWCjHlJJjyyndOLOooVaPlzFQ3zYxM+03qvDZQ+sy21DTucIuZEPLmLDrc4H1dSF y/Pr7IkDLlfNhrCUWd/eq/L2U1zk3Yv05Lp6k=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20101105102510.GI11016@xxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <AANLkTim3OqBOcw2KtpT9rfNj5ZKuqcBup3tJktCmddJc@xxxxxxxxxxxxxx> <20101104124401.GH11016@xxxxxxxxxxxxxxxxxxxxxxx> <AANLkTinEcDcEOcALoTRss7PBWQ67XFj+=Cj3mgbeo9o=@xxxxxxxxxxxxxx> <20101105102510.GI11016@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx

2010/11/5 Tim Deegan <Tim.Deegan@xxxxxxxxxx>
At 01:32 +0000 on 05 Nov (1288920725), ding baozeng wrote:
> I want to create another address space for security analysis. In this
> address space, we could access all the kernel address space, but the
> kernel address space could not access some memory of it.

I'm not sure shadow pagetables are the right place to do this - have you
thought about having your security code in another VM?  
If I put the security code out-of-vm, the overhead is not satisfactory.
Otherwise you
need to stop the kernel mapping the secure memory in its own pagetables,
granting it to other VMs, DMAing to it, &c.  Also what if you want to
use EPT/NPT?

I use the SPT to obtain security effect and the overhead is also small. I would disable EPT. When putting the security code in-vm, I further use the VT-d technology, CR3_TARGET_LIST to decrease the overhead. As we know, when processes switch, it would update CR3, and so trap into xen, which bring up a lot of overhead.  But after  we write the value of CR3  into the CR3_TARGET_LIST, it would not trap into xen when process switch. So I would create another address space to put the security code and put the address of its shadow page into CR3_TARGET_LIST. (when you have time, please take look at the paper in attachment, thx)
> So this
> address space need to create its own shadow pages. In the shadow
> pages, they contain all the mapping that kernel shadow pages have, and
> also contains some mapping for the memory that the kernel could not
> access. The shadow pages are always in memory. So there would be two
> shadows, one for kernel, one for this address space.

If this address space is identified by its own %CR3 value then there
already are
Do you mean when the hvm domain is created, its shadow page for the kernel is built already? I thought spt is empty first, but  when we access the kernel space, the spt entry is built for it. Am I right?
- all you need to do is modify guest_walk_tables to add the
extra mappings whenever %CR3 holds the right value and everything will
work out.



> First, I want to
> copy the kernel shadow pages and then make some change to create the
> shadow pages we need.  As we know, the kernel shadow pages is built
> dynamically, then how to copy it and make it in memory always?

Tim Deegan <Tim.Deegan@xxxxxxxxxx>
Principal Software Engineer, Xen Platform Team
Citrix Systems UK Ltd.  (Company #02937203, SL9 0BG)

Xen-devel mailing list