[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Readonly memory for guest domain



Xen does not have this general read-only restriction. It does force page tables to be read-only, otherwise a guest could grant itself access to arbitrary memory that it does not own.

 -- Keir


On 12/9/07 02:22, "Peter Teoh" <htmldeveloper@xxxxxxxxx> wrote:

Current Xen design is that the guest domain have readonly access to the memory mapped for them.   Documentation say it is not safe for them to be writable.   Why?
 
Is it so as to trigger a trap exception whenever writing is made to it?   This is the optimal answer :-).
 
And since it is not "safe" what checks are done in Xen hypervisor against these "dangers", ie, enumerate the potential dangers?   I cannot think of any, as a newbie in Xen.   My logic is that if the pages have been assigned as owned by a domain, just let it do whatever it wants to, and so therefore should not trigger any privilege trap condition (or VM exit condition, in the HVM case).
 
In the traditional Linux model, once a memory is mapped for user process, non-root  user included, it can be mapped as writable.   So why is this discrepancy in the case of Xen?
 
By taking away this readonly restriction, I think Xen hypervisor will have a lot of performance to gain.   
 
Please share your thoughts?   Apologies for the questions from a newbie.


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.