public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed
* [Question] Intercept CR3 access in EPT
@ 2012-10-08  8:15 R
  2012-10-08 19:37 ` Marcelo Tosatti
  0 siblings, 1 reply; 3+ messages in thread
From: R @ 2012-10-08  8:15 UTC (permalink / raw)
  To: kvm

Hi,

I am a student. And my teacher told me to monitor every process in guest.
So, I try to intercept every Cr3 access. However, if kvm is loaded
with EPT enable, Acesses to  Cr3  would not cause VM-exit.
I modified the code to change vmcs configuration.
To be specific, these functions are rewirted.
static void ept_update_paging_mode_cr0(unsigned long *hw_cr0,
					unsigned long cr0,
					struct kvm_vcpu *vcpu)
{
            ....
                } else if (!is_paging(vcpu)) {
		/* From nonpaging to paging */
		vmcs_write32(CPU_BASED_VM_EXEC_CONTROL,
			     vmcs_read32(CPU_BASED_VM_EXEC_CONTROL) &
-			     ~(CPU_BASED_CR3_LOAD_EXITING |
+                           ~(    //   CPU_BASED_CR3_LOAD_EXITING|
			       CPU_BASED_CR3_STORE_EXITING));
          ....
}

static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf)
{
         ...
                if (_cpu_based_2nd_exec_control & SECONDARY_EXEC_ENABLE_EPT) {
		/* CR3 accesses and invlpg don't need to cause VM Exits when EPT
		   enabled */
-		_cpu_based_exec_control &= ~(CPU_BASED_CR3_LOAD_EXITING |
+              _cpu_based_exec_control &= ~(     //
CPU_BASED_CR3_LOAD_EXITING |
					     CPU_BASED_CR3_STORE_EXITING |
					     CPU_BASED_INVLPG_EXITING);
        ....
}

I though it can force every Cr3 access to be trapped with EPT enable.
However, VM seems to fail to boot when it changes from nonpaging to
paging.
Do U guys have any idea? Or Can someone tell me how can I intercept
Cr3 access and why can not it work?

Thank U for answering.

-- 
Thanks
Rui Wu

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2012-10-09  1:21 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-10-08  8:15 [Question] Intercept CR3 access in EPT R
2012-10-08 19:37 ` Marcelo Tosatti
2012-10-09  1:21   ` R

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox