From: Razvan Cojocaru <rzvncj@gmail.com>
To: "xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
Subject: Mem_event API and MEM_EVENT_REASON_SINGLESTEP
Date: Thu, 29 Nov 2012 16:38:45 +0200 [thread overview]
Message-ID: <50B77375.9070904@gmail.com> (raw)
Hello,
I'm interested in using the mem_event API (or it's LibVMI wrapper), but
I'm interested in capturing write events anywhere in a domU guest's
memory, _and_ not just once for each page write, but every time a page
is being written to.
To this end, I've looked at the xen-access.c example, where at first all
the pages are being monitored:
xc_hvm_set_mem_access(xch, domain_id, HVMMEM_access_rx, ~0ull, 0);
xc_hvm_set_mem_access(xch, domain_id, HVMMEM_access_rx, 0,
xenaccess->domain_info->max_pages);
Then, after an event is received:
xc_hvm_set_mem_access(xch, domain_id, HVMMEM_access_rwx, req.gfn, 1);
thus allowing 'rwx' access to 1 page starting at req.gfn.
This strategy indeed allows me to inspect writes to any page of the
guest OS, however I can only do this once per page. Once the page is
allowed HVMMEM_access_rwx access, any subsequent writes to it become
unavailable to my dom0 userspace tool (I'm "unregistering" for that
page-specific event).
The author of LibVMI's events code has suggested that I might enable
writes to that page, single step past the write instruction, and then
disable writes again.
Two questions:
1. I haven't been able to find an example of how single-stepping via the
mem_event API might work. Can you point me to some code that does this
(or a paper, etc.)?
2. Is there any other way to achieve what I'm after?
Thanks,
Razvan Cojocaru
next reply other threads:[~2012-11-29 14:38 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-29 14:38 Razvan Cojocaru [this message]
2012-11-29 15:18 ` Mem_event API and MEM_EVENT_REASON_SINGLESTEP Razvan Cojocaru
2012-11-30 19:50 ` AP
2012-11-30 20:09 ` Razvan Cojocaru
2012-11-30 20:24 ` AP
2012-11-30 20:45 ` Razvan Cojocaru
2012-11-30 20:56 ` AP
2012-11-30 21:04 ` Razvan Cojocaru
2012-11-30 21:17 ` AP
2012-12-04 7:23 ` Razvan Cojocaru
2012-11-30 21:07 ` Tim Deegan
2012-11-30 21:14 ` Razvan Cojocaru
2012-11-29 15:58 ` Tim Deegan
2012-11-29 16:20 ` Razvan Cojocaru
2012-11-29 18:05 ` Tim Deegan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=50B77375.9070904@gmail.com \
--to=rzvncj@gmail.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.