WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] Tracking DomU memory

To: "Diwaker Gupta" <diwaker.lists@xxxxxxxxx>, "Security Initiative Team" <passrete@xxxxxxxxx>
Subject: RE: [Xen-users] Tracking DomU memory
From: "Petersson, Mats" <Mats.Petersson@xxxxxxx>
Date: Mon, 18 Dec 2006 12:00:55 +0100
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 18 Dec 2006 03:01:16 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <891be9410612151456q79da9896n7a5edcdde8c6ade7@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AccgnExQGJEHjcQWQGWgXogJG6kjEAB9wYsg
Thread-topic: [Xen-users] Tracking DomU memory
> -----Original Message-----
> From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
> [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of 
> Diwaker Gupta
> Sent: 15 December 2006 22:56
> To: Security Initiative Team
> Cc: Petersson, Mats; xen-users@xxxxxxxxxxxxxxxxxxx
> Subject: Re: [Xen-users] Tracking DomU memory
> 
> I actually want do to something similar, but simpler. I'm only
> interested in keeping track of pages that a guest domain is accessing
> (both reads and writes). I'm _not_ looking for the *exact* memory
> address -- just the physical page being accessed. Can log dirty be
> modified to keep track of read accesses as well?

This isn't far from what I'm doing (except I need to look at one or a
few pages, which makes life somewhat easier). 

You'd have to change the page-table writes so that they are written with
"not present", and then update your statistics based on the page-fault.
You'll have to "fix" the fault and then reset the page-table, which is
probably easiest done by using the x86_emulate_memop() function
[alternatively, set the trace-bit in the flags on stack before exiting
the PF-handler, take the trace-interrupt, reset the page-table and
continue]. 

However, if you're doing this for every memory access of the guest,
you'll not get much work done... :-(

--
mats
> 
> Thanks,
> Diwaker
> 
> On 10/9/06, Security Initiative Team <passrete@xxxxxxxxx> wrote:
> > My main purpose is to know when a user-level application in DomU
> > is updating its memory.
> > (Tracking changes to the stack segment might be too hard 
> due to frequent
> > memory updates, so maybe only the "text" segment).
> >
> > I want to be able to track this from either Dom0 or the 
> hypervisor layer,
> > whichever is easier.
> >
> > When is ptwr_emulated_update() used and when is do_mmu_update()
> > used?
> >
> > Thanks,
> > -Criag
> >
> >
> > "Petersson, Mats" <Mats.Petersson@xxxxxxx> wrote:
> >
> > What do you ACTUALLY want to do?
> >
> > log-dirty doesn't log to a file - it keeps track of "dirty" 
> pages in a list
> > in memory, but doesn't actually store it in a file [ever, at all].
> >
> > do_mmu_update is possibly a good place to hook into, but it 
> depends on what
> > you want to do... [And it's non-trivial code, so beware of 
> complications
> > from changing it].
> >
> > You may want to look at ptwr_emulated_update, as that's 
> used when the
> > do_mmu_update() hypercall isn't used to update a page-table-entry.
> >
> > --
> > Mats
> >
> >
> >  ________________________________
> -- 
> Web/Blog/Gallery: http://floatingsun.net/blog
> 
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
> 
> 
> 



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>