All of lore.kernel.org
 help / color / mirror / Atom feed
* about page table
@ 2011-09-09 14:31 吴锐
  2011-09-12  9:16 ` Fwd: " 吴锐
  0 siblings, 1 reply; 5+ messages in thread
From: 吴锐 @ 2011-09-09 14:31 UTC (permalink / raw)
  To: xen-devel


[-- Attachment #1.1: Type: text/plain, Size: 516 bytes --]

Hi,everyone
I have been using dbg_pv_va2mfn() function to scan PV dom's page
table.However,when i intended to modify the page table's entry.Something
went wrong.
Should I modify the P2M and M2P table,either?But I kind of lose track of how
things work at P2M and M2P table.Can someone tell me something about these
tables.
Or can someone can tell me which function can come in handy,or where to look
in.
I am in the middle of  a project that needs to manipulate the page table in
dom.


                       Thanks

[-- Attachment #1.2: Type: text/html, Size: 727 bytes --]

[-- Attachment #2: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Fwd: about page table
  2011-09-09 14:31 about page table 吴锐
@ 2011-09-12  9:16 ` 吴锐
  2011-09-12 10:10   ` Tim Deegan
  0 siblings, 1 reply; 5+ messages in thread
From: 吴锐 @ 2011-09-12  9:16 UTC (permalink / raw)
  To: xen-devel


[-- Attachment #1.1: Type: text/plain, Size: 1985 bytes --]

Hi,everyone
I have been using dbg_pv_va2mfn() function to scan PV dom's page
table.However,when i intended to modify the page table's entry.Something
went wrong.
Should I modify the P2M and M2P table,either?But I kind of lose track of how
things work at P2M and M2P table.Can someone tell me something about these
tables.
Or can someone can tell me which function can come in handy,or where to look
in.
I am in the middle of  a project that needs to manipulate the page table in
dom.
For example,
static unsigned long
dbg_pv_va2mfn(dbgva_t vaddr, struct domain *dp, uint64_t pgd3val)
{
    l3_pgentry_t l3e, *l3t;
    l2_pgentry_t l2e, *l2t;
    l1_pgentry_t l1e, *l1t;
    unsigned long cr3 = (pgd3val ? pgd3val : dp->vcpu[0]->arch.cr3);
    unsigned long mfn = cr3 >> PAGE_SHIFT;

    DBGP2("vaddr:%lx domid:%d cr3:%lx pgd3:%lx\n", vaddr, dp->domain_id,
          cr3, pgd3val);

    if ( pgd3val == 0 )
    {
        l3t  = map_domain_page(mfn);
        l3t += (cr3 & 0xFE0UL) >> 3;
        l3e = l3t[l3_table_offset(vaddr)];
        mfn = l3e_get_pfn(l3e);
        unmap_domain_page(l3t);
        if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
            return INVALID_MFN;
    }

    l2t = map_domain_page(mfn);
    l2e = l2t[l2_table_offset(vaddr)];
    mfn = l2e_get_pfn(l2e);
    unmap_domain_page(l2t);
    if ( !(l2e_get_flags(l2e) & _PAGE_PRESENT) ||
         (l2e_get_flags(l2e) & _PAGE_PSE) )
        return INVALID_MFN;

    l1t = map_domain_page(mfn);
    l1e = l1t[l1_table_offset(vaddr)];----------------------------------(1)
    mfn = l1e_get_pfn(l1e);----------------------------------------------(2)

    unmap_domain_page(l1t);

    return mfn_valid(mfn) ? mfn : INVALID_MFN;
}
What should i do if i want to change the l1e page table entry.I allocate a
page using the function alloc_domheap_page,and use l1e_from_page() to write
the l1e entry,but it proved to be wrong,and my system keeps reboot itself.
Can anyone gives me a hand?


                       Thanks

[-- Attachment #1.2: Type: text/html, Size: 2742 bytes --]

[-- Attachment #2: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Fwd: about page table
  2011-09-12  9:16 ` Fwd: " 吴锐
@ 2011-09-12 10:10   ` Tim Deegan
  2011-09-13  1:32     ` 吴锐
  0 siblings, 1 reply; 5+ messages in thread
From: Tim Deegan @ 2011-09-12 10:10 UTC (permalink / raw)
  To: ????; +Cc: xen-devel

Hello, 

Please read http://wiki.xen.org/xenwiki/AskingXenDevelQuestions before
posting again; it's pretty unclear from your email what you're trying to
do and how it fails.

At 17:16 +0800 on 12 Sep (1315847793), ???? wrote:
> Hi,everyone
> I have been using dbg_pv_va2mfn() function to scan PV dom's page
> table.However,when i intended to modify the page table's entry.Something
> went wrong.
> Should I modify the P2M and M2P table,either?But I kind of lose track of how
> things work at P2M and M2P table.Can someone tell me something about these
> tables.
> Or can someone can tell me which function can come in handy,or where to look
> in.
> I am in the middle of  a project that needs to manipulate the page table in
> dom.

OK, I guess from the code below that you want to change the contents of
a PV guest's pagetables from inside Xen?  That's not really allowed --
since PV guests make their own pagetables you need to have the guest
OS's cooperation.

If you tell us what the project is, and _why_ you want to do this, we
might be able to suggest a better approach. 

Cheers,

Tim.

> For example,
> static unsigned long
> dbg_pv_va2mfn(dbgva_t vaddr, struct domain *dp, uint64_t pgd3val)
> {
>     l3_pgentry_t l3e, *l3t;
>     l2_pgentry_t l2e, *l2t;
>     l1_pgentry_t l1e, *l1t;
>     unsigned long cr3 = (pgd3val ? pgd3val : dp->vcpu[0]->arch.cr3);
>     unsigned long mfn = cr3 >> PAGE_SHIFT;
> 
>     DBGP2("vaddr:%lx domid:%d cr3:%lx pgd3:%lx\n", vaddr, dp->domain_id,
>           cr3, pgd3val);
> 
>     if ( pgd3val == 0 )
>     {
>         l3t  = map_domain_page(mfn);
>         l3t += (cr3 & 0xFE0UL) >> 3;
>         l3e = l3t[l3_table_offset(vaddr)];
>         mfn = l3e_get_pfn(l3e);
>         unmap_domain_page(l3t);
>         if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
>             return INVALID_MFN;
>     }
> 
>     l2t = map_domain_page(mfn);
>     l2e = l2t[l2_table_offset(vaddr)];
>     mfn = l2e_get_pfn(l2e);
>     unmap_domain_page(l2t);
>     if ( !(l2e_get_flags(l2e) & _PAGE_PRESENT) ||
>          (l2e_get_flags(l2e) & _PAGE_PSE) )
>         return INVALID_MFN;
> 
>     l1t = map_domain_page(mfn);
>     l1e = l1t[l1_table_offset(vaddr)];----------------------------------(1)
>     mfn = l1e_get_pfn(l1e);----------------------------------------------(2)
> 
>     unmap_domain_page(l1t);
> 
>     return mfn_valid(mfn) ? mfn : INVALID_MFN;
> }
> What should i do if i want to change the l1e page table entry.I allocate a
> page using the function alloc_domheap_page,and use l1e_from_page() to write
> the l1e entry,but it proved to be wrong,and my system keeps reboot itself.
> Can anyone gives me a hand?
> 
> 
>                        Thanks

> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Fwd: about page table
  2011-09-12 10:10   ` Tim Deegan
@ 2011-09-13  1:32     ` 吴锐
  2011-09-13  8:00       ` Tim Deegan
  0 siblings, 1 reply; 5+ messages in thread
From: 吴锐 @ 2011-09-13  1:32 UTC (permalink / raw)
  To: Tim Deegan; +Cc: xen-devel

Hi,
Sorry for my posting question in such a bad manner.Actually I want to
rebuild a GuestOS including vcpu and memory , and allow dom0 to modify
the memory such as page table.In this way, I can experiment some test
such as monitor attack and rebuild the attack for the sake of
researching.Back to my problem,I have discover a piece of code in Xen
to get the mfn from virtual address inside Guest OS.But when I eager
to change the mfn that the entry points to.Something went wrong.

/*=============================*/
static unsigned long
dbg_pv_va2mfn(dbgva_t vaddr, struct domain *dp, uint64_t pgd3val)
{
    l3_pgentry_t l3e, *l3t;
    l2_pgentry_t l2e, *l2t;
    l1_pgentry_t l1e, *l1t;
    unsigned long cr3 = (pgd3val ? pgd3val : dp->vcpu[0]->arch.cr3);
    unsigned long mfn = cr3 >> PAGE_SHIFT;

    DBGP2("vaddr:%lx domid:%d cr3:%lx pgd3:%lx\n", vaddr, dp->domain_id,
          cr3, pgd3val);

    if ( pgd3val == 0 )
    {
        l3t  = map_domain_page(mfn);
        l3t += (cr3 & 0xFE0UL) >> 3;
        l3e = l3t[l3_table_offset(vaddr)];
        mfn = l3e_get_pfn(l3e);
        unmap_domain_page(l3t);
        if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
            return INVALID_MFN;
    }

    l2t = map_domain_page(mfn);
    l2e = l2t[l2_table_offset(vaddr)];
    mfn = l2e_get_pfn(l2e);
    unmap_domain_page(l2t);
    if ( !(l2e_get_flags(l2e) & _PAGE_PRESENT) ||
         (l2e_get_flags(l2e) & _PAGE_PSE) )
        return INVALID_MFN;

    l1t = map_domain_page(mfn);
    l1e = l1t[l1_table_offset(vaddr)]; //--------------------------(1)
    mfn = l1e_get_pfn(l1e);             //--------------------------(1)
    unmap_domain_page(l1t);

    return mfn_valid(mfn) ? mfn : INVALID_MFN;
}

For example,what should I do if I want to modify the mfn that l1e
entry points to?Seems that changing the value of l1e is not enough.Now
I am working through my way to modify do_mmu_update to make it
available inside the Xen and use it to modify the page table.Am I in
the right path.Thank you for answering it.

                                              Thanks

2011/9/12, Tim Deegan <tim@xen.org>:
> Hello,
>
> Please read http://wiki.xen.org/xenwiki/AskingXenDevelQuestions before
> posting again; it's pretty unclear from your email what you're trying to
> do and how it fails.
>
> At 17:16 +0800 on 12 Sep (1315847793), ???? wrote:
>> Hi,everyone
>> I have been using dbg_pv_va2mfn() function to scan PV dom's page
>> table.However,when i intended to modify the page table's entry.Something
>> went wrong.
>> Should I modify the P2M and M2P table,either?But I kind of lose track of
>> how
>> things work at P2M and M2P table.Can someone tell me something about these
>> tables.
>> Or can someone can tell me which function can come in handy,or where to
>> look
>> in.
>> I am in the middle of  a project that needs to manipulate the page table
>> in
>> dom.
>
> OK, I guess from the code below that you want to change the contents of
> a PV guest's pagetables from inside Xen?  That's not really allowed --
> since PV guests make their own pagetables you need to have the guest
> OS's cooperation.
>
> If you tell us what the project is, and _why_ you want to do this, we
> might be able to suggest a better approach.
>
> Cheers,
>
> Tim.
>
>> For example,
>> static unsigned long
>> dbg_pv_va2mfn(dbgva_t vaddr, struct domain *dp, uint64_t pgd3val)
>> {
>>     l3_pgentry_t l3e, *l3t;
>>     l2_pgentry_t l2e, *l2t;
>>     l1_pgentry_t l1e, *l1t;
>>     unsigned long cr3 = (pgd3val ? pgd3val : dp->vcpu[0]->arch.cr3);
>>     unsigned long mfn = cr3 >> PAGE_SHIFT;
>>
>>     DBGP2("vaddr:%lx domid:%d cr3:%lx pgd3:%lx\n", vaddr, dp->domain_id,
>>           cr3, pgd3val);
>>
>>     if ( pgd3val == 0 )
>>     {
>>         l3t  = map_domain_page(mfn);
>>         l3t += (cr3 & 0xFE0UL) >> 3;
>>         l3e = l3t[l3_table_offset(vaddr)];
>>         mfn = l3e_get_pfn(l3e);
>>         unmap_domain_page(l3t);
>>         if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
>>             return INVALID_MFN;
>>     }
>>
>>     l2t = map_domain_page(mfn);
>>     l2e = l2t[l2_table_offset(vaddr)];
>>     mfn = l2e_get_pfn(l2e);
>>     unmap_domain_page(l2t);
>>     if ( !(l2e_get_flags(l2e) & _PAGE_PRESENT) ||
>>          (l2e_get_flags(l2e) & _PAGE_PSE) )
>>         return INVALID_MFN;
>>
>>     l1t = map_domain_page(mfn);
>>     l1e =
>> l1t[l1_table_offset(vaddr)];----------------------------------(1)
>>     mfn =
>> l1e_get_pfn(l1e);----------------------------------------------(2)
>>
>>     unmap_domain_page(l1t);
>>
>>     return mfn_valid(mfn) ? mfn : INVALID_MFN;
>> }
>> What should i do if i want to change the l1e page table entry.I allocate a
>> page using the function alloc_domheap_page,and use l1e_from_page() to
>> write
>> the l1e entry,but it proved to be wrong,and my system keeps reboot itself.
>> Can anyone gives me a hand?
>>
>>
>>                        Thanks
>
>> _______________________________________________
>> Xen-devel mailing list
>> Xen-devel@lists.xensource.com
>> http://lists.xensource.com/xen-devel
>
>

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Fwd: about page table
  2011-09-13  1:32     ` 吴锐
@ 2011-09-13  8:00       ` Tim Deegan
  0 siblings, 0 replies; 5+ messages in thread
From: Tim Deegan @ 2011-09-13  8:00 UTC (permalink / raw)
  To: ????; +Cc: xen-devel

Hello, 

Please don't top-post.

At 09:32 +0800 on 13 Sep (1315906354), ???? wrote:
> Sorry for my posting question in such a bad manner.Actually I want to
> rebuild a GuestOS including vcpu and memory , and allow dom0 to modify
> the memory such as page table.In this way, I can experiment some test
> such as monitor attack and rebuild the attack for the sake of
> researching.Back to my problem,I have discover a piece of code in Xen
> to get the mfn from virtual address inside Guest OS.But when I eager
> to change the mfn that the entry points to.Something went wrong.

What?  What went wrong?

> /*=============================*/
> static unsigned long
> dbg_pv_va2mfn(dbgva_t vaddr, struct domain *dp, uint64_t pgd3val)
> {
>     l3_pgentry_t l3e, *l3t;
>     l2_pgentry_t l2e, *l2t;
>     l1_pgentry_t l1e, *l1t;
>     unsigned long cr3 = (pgd3val ? pgd3val : dp->vcpu[0]->arch.cr3);
>     unsigned long mfn = cr3 >> PAGE_SHIFT;
> 
>     DBGP2("vaddr:%lx domid:%d cr3:%lx pgd3:%lx\n", vaddr, dp->domain_id,
>           cr3, pgd3val);
> 
>     if ( pgd3val == 0 )
>     {
>         l3t  = map_domain_page(mfn);
>         l3t += (cr3 & 0xFE0UL) >> 3;
>         l3e = l3t[l3_table_offset(vaddr)];
>         mfn = l3e_get_pfn(l3e);
>         unmap_domain_page(l3t);
>         if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
>             return INVALID_MFN;
>     }
> 
>     l2t = map_domain_page(mfn);
>     l2e = l2t[l2_table_offset(vaddr)];
>     mfn = l2e_get_pfn(l2e);
>     unmap_domain_page(l2t);
>     if ( !(l2e_get_flags(l2e) & _PAGE_PRESENT) ||
>          (l2e_get_flags(l2e) & _PAGE_PSE) )
>         return INVALID_MFN;
> 
>     l1t = map_domain_page(mfn);
>     l1e = l1t[l1_table_offset(vaddr)]; //--------------------------(1)
>     mfn = l1e_get_pfn(l1e);             //--------------------------(1)
>     unmap_domain_page(l1t);
> 
>     return mfn_valid(mfn) ? mfn : INVALID_MFN;
> }
> 
> For example,what should I do if I want to modify the mfn that l1e
> entry points to?Seems that changing the value of l1e is not enough.

Yes, like I said: 

> > OK, I guess from the code below that you want to change the contents of
> > a PV guest's pagetables from inside Xen?  That's not really allowed --
> > since PV guests make their own pagetables you need to have the guest
> > OS's cooperation.

so you can't just batter this guy's pagetables without having him
involved - otherwise your guest OS will probably crash in its own
reference counting code when it comes to modify its pagetables later. 

In fact, just changing the MFN will break xen's own reference counting as
well.

> Now
> I am working through my way to modify do_mmu_update to make it
> available inside the Xen and use it to modify the page table.Am I in
> the right path.Thank you for answering it.

That's a better idea but you still have to worry about the guest. 

If you want to change the VA->MA mapping without the guest seeing what
you've done you should turn on shadow pagetables for the guest, 
and make whatever changes you like there (in _sh_propagate()).  

The problem with that is that Xen's shadow pagetables don't index by VA,
they shadow actual pagetable pages, so 
(a) if the guest uses the same pagetable page in the mapping of two
    different VA ranges, your modification will apply to both 
    (Thta's true of the approach you're taking above, as well).
(b) it's not always clear which pagetable page maps which VA so 
    it might be tricky to know when to make your changes. 


Now, if you step back and look at your original problem, I think it
might be better to either
 - have the guest make the pagetables that you wanted in the first place
   and then just have the PT verification code in 86/mm.c check that it
   has done the right thing;
or
 - see if you can do what you want in a HVM guest by making changes to
   the guest-physical-to-machine-physical (p2m) mappings.

Cheers,

Tim.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2011-09-13  8:00 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-09-09 14:31 about page table 吴锐
2011-09-12  9:16 ` Fwd: " 吴锐
2011-09-12 10:10   ` Tim Deegan
2011-09-13  1:32     ` 吴锐
2011-09-13  8:00       ` Tim Deegan

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.