* Monitoring access to a guest page?
@ 2008-11-03 3:03 Brendan Dolan-Gavitt
2008-11-06 15:56 ` Avi Kivity
0 siblings, 1 reply; 2+ messages in thread
From: Brendan Dolan-Gavitt @ 2008-11-03 3:03 UTC (permalink / raw)
To: KVM list
Hi,
I'm working on a patch to let me monitor reads and writes to a
particular guest page. The overall strategy is:
1. Mark the guest page as non-present.
2. In the PF handler, if the access is to the monitored page, log,
and emulate the instruction.
When I asked about this in #kvm, some kind folks pointed out that
this is how MMIO is handled. So after looking through the MMIO code,
the new plan is:
1. Create a new MMIO handler (a kvm_io_device) that will shadow a
guest page.
2. Copy the page to be monitored from the guest and store it in the
private region of the new IO device. (using kvm_read_guest).
Basically, create a shadow copy of the page.
3. Mark the page as non-present.
4. Register the IO device, have its in_range check whether the
address is in the page being watched.
5. In the IO device's read/write handler, service reads and writes
from the shadow copy, and log.
So I have two questions:
1. Does this all seem reasonably correct?
2. What's the best way to accomplish step 3? I can't seem to find a
function in mmu.c that will do this, but it seems overly complicated
to use kvm_guest_write to modify the PTE by hand.
Thanks in advance,
Brendan Dolan-Gavitt
PhD Student, GTISC (Georgia Tech)
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Monitoring access to a guest page?
2008-11-03 3:03 Monitoring access to a guest page? Brendan Dolan-Gavitt
@ 2008-11-06 15:56 ` Avi Kivity
0 siblings, 0 replies; 2+ messages in thread
From: Avi Kivity @ 2008-11-06 15:56 UTC (permalink / raw)
To: Brendan Dolan-Gavitt; +Cc: KVM list
Brendan Dolan-Gavitt wrote:
> Hi,
>
> I'm working on a patch to let me monitor reads and writes to a
> particular guest page. The overall strategy is:
> 1. Mark the guest page as non-present.
> 2. In the PF handler, if the access is to the monitored page, log, and
> emulate the instruction.
>
> When I asked about this in #kvm, some kind folks pointed out that this
> is how MMIO is handled. So after looking through the MMIO code, the
> new plan is:
> 1. Create a new MMIO handler (a kvm_io_device) that will shadow a
> guest page.
> 2. Copy the page to be monitored from the guest and store it in the
> private region of the new IO device. (using kvm_read_guest).
> Basically, create a shadow copy of the page.
> 3. Mark the page as non-present.
> 4. Register the IO device, have its in_range check whether the address
> is in the page being watched.
> 5. In the IO device's read/write handler, service reads and writes
> from the shadow copy, and log.
>
> So I have two questions:
> 1. Does this all seem reasonably correct?
> 2. What's the best way to accomplish step 3? I can't seem to find a
> function in mmu.c that will do this, but it seems overly complicated
> to use kvm_guest_write to modify the PTE by hand.
It's the other way round. All pages are not-present unless made present
by the mmu.
All you have to do is _not_ register a memory slot that contains your
page. When the guest accesses this memory, the mmu will _not_
instantiate a present pte, and will forward all accesses to your mmio
handler.
It's going to be slow, though.
--
error compiling committee.c: too many arguments to function
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2008-11-06 15:56 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-11-03 3:03 Monitoring access to a guest page? Brendan Dolan-Gavitt
2008-11-06 15:56 ` Avi Kivity
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox