From mboxrd@z Thu Jan  1 00:00:00 1970
From: Xiao Guangrong <xiaoguangrong@linux.vnet.ibm.com>
Subject: Re: KVM: MMU: Tracking guest writes through EPT entries ?
Date: Tue, 31 Jul 2012 10:49:05 +0800
Message-ID: <501747A1.6000105@linux.vnet.ibm.com>
References: <CALSEb2cFMwAXu_jSuY6GQn6R9C4BbTrMqtbNPQmdrCrPU-+swA@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: kvm@vger.kernel.org
To: Sunil <sunil.agham@gmail.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from e28smtp04.in.ibm.com ([122.248.162.4]:40793 "EHLO
	e28smtp04.in.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755210Ab2GaCtP (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 30 Jul 2012 22:49:15 -0400
Received: from /spool/local
	by e28smtp04.in.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted
	for <kvm@vger.kernel.org> from <xiaoguangrong@linux.vnet.ibm.com>;
	Tue, 31 Jul 2012 08:19:10 +0530
Received: from d28av02.in.ibm.com (d28av02.in.ibm.com [9.184.220.64])
	by d28relay04.in.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id q6V2n7pB20447280
	for <kvm@vger.kernel.org>; Tue, 31 Jul 2012 08:19:07 +0530
Received: from d28av02.in.ibm.com (loopback [127.0.0.1])
	by d28av02.in.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id q6V2n7Wf018617
	for <kvm@vger.kernel.org>; Tue, 31 Jul 2012 12:49:07 +1000
In-Reply-To: <CALSEb2cFMwAXu_jSuY6GQn6R9C4BbTrMqtbNPQmdrCrPU-+swA@mail.gmail.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 07/31/2012 01:18 AM, Sunil wrote:
> Hello List,
> 
> I am a KVM newbie and studying KVM mmu code.
> 
> On the existing guest, I am trying to track all guest writes by
> marking page table entry as read-only in EPT entry [ I am using Intel
> machine with vmx and ept support ]. Looks like EPT support re-uses
> shadow page table(SPT) code and hence some of SPT routines.
> 
> I was thinking of below possible approach. Use pte_list_walk() to
> traverse through list of sptes and use mmu_spte_update()  to flip the
> PT_WRITABLE_MASK flag. But all SPTEs are not part of any single list;
> but on separate lists (based on gfn, page level, memory_slot). So,
> recording all the faulted guest GFN and then using above method work ?
> 

There are two ways to write-protect all sptes:
- use kvm_mmu_slot_remove_write_access() on all memslots
- walk the shadow page cache to get the shadow pages in the highest level
  (level = 4 on EPT), then write-protect its entries.

If you just want to do it for the specified gfn, you can use
rmap_write_protect().

Just inquisitive, what is your purpose? :)