[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] About revoke write access of all the shadows



At 16:18 -0400 on 26 Jul (1343319518), lmingcsce wrote:
> Hi all,
> Recently, I read codes about the shadow page table. I'm wondering whether the 
> kernel has provided the function to revoke write access of all the shadows of 
> one domain. If you know one with this function, please tell me about it. 
> Thanks.
> BTW, I have my own idea to implement this. My idea is as follows: 
> void sh_revoke_write_access_all(struct domain *d)
> {
>     foreach_pinned_shadow(d, sp, t)
>     {
> 
>        According to sp->u.sh.type, (like SH_type_l1_32_shadow ......), get 
> each entry (shadow_l1e_get_flags) of the page table. Changes the flags to 
> read only and then write the page table entry back (shadow_set_l1e).
>        When going through the page table, I can use SHADOW_FOREACH_L1E (L2E, 
> L3E, L4E) macro. 
>        However, I have one question. When dealing with shadow page table L2, 
> L3, L4, can I use the same way as L1 page table to change flags and set flags 
> ?
> 
>     }
> }
> Do you think my idea is possible? Thanks for giving me some suggestions.

Yes, that should work.  But since the shadow pagetables never use
superpages, you should only adjust the entries in type_l1* pages;
there's no need to touch L2, L3 or L4.

Cheers,

Tim.



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.