[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Question's about to detect unauthorized memory access


  • To: Kai Luo <kluo@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
  • From: "Aravindh Puthiyaparambil (aravindp)" <aravindp@xxxxxxxxx>
  • Date: Thu, 11 Jul 2013 19:08:01 +0000
  • Accept-language: en-US
  • Delivery-date: Thu, 11 Jul 2013 19:08:30 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>
  • Thread-index: AQHOfmjLcGiXM7tiVUqd7AppP6Zs4plf1NZQ
  • Thread-topic: [Xen-devel] Question's about to detect unauthorized memory access

>     To detect and handle unauthorized memory map from hvm to dom0ïI
> found xsm can  prevent a privileged domain from arbitrarily mapping pages
> from other domains,however,I try to find whether there is another way. So I
> try to  trap the memory access and  compare the page owner whth the
> accessor, if they are different, somthing must happend and a warning to the
> administrator will be raised.
>     My question is how can I trap the memory access? Is there any other
> mechanism to detect unauthorized memory map?With EPT/NPT, memory
> access are so closed to hardware that I donât know how should I trap it?Can
> you give me any suggestion?

You can trap memory accesses using the mem_event / mem_access APIs. Take a look 
at tools/tests/xen-access/. You should also look in to libVMI. A combination of 
the two might give you what you are after.

Thanks,
Aravindh

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.