Re: About revoke write access of all the shadows

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

From: Tim Deegan <tim@xen.org>
To: lmingcsce <lmingcsce@gmail.com>
Cc: xen-devel@lists.xen.org
Subject: Re: About revoke write access of all the shadows
Date: Thu, 2 Aug 2012 11:47:41 +0100	[thread overview]
Message-ID: <20120802104741.GB11437@ocelot.phlegethon.org> (raw)
In-Reply-To: <7E3078CC-DDFB-49C4-98A9-CC14395A41ED@gmail.com>

At 16:18 -0400 on 26 Jul (1343319518), lmingcsce wrote:
> Hi all,
> Recently, I read codes about the shadow page table. I'm wondering whether the kernel has provided the function to revoke write access of all the shadows of one domain. If you know one with this function, please tell me about it. Thanks.
> BTW, I have my own idea to implement this. My idea is as follows: 
> void sh_revoke_write_access_all(struct domain *d)
> {
>     foreach_pinned_shadow(d, sp, t)
>     {
> 
>        According to sp->u.sh.type, (like SH_type_l1_32_shadow ......), get each entry (shadow_l1e_get_flags) of the page table. Changes the flags to read only and then write the page table entry back (shadow_set_l1e).
>        When going through the page table, I can use SHADOW_FOREACH_L1E (L2E, L3E, L4E) macro. 
>        However, I have one question. When dealing with shadow page table L2, L3, L4, can I use the same way as L1 page table to change flags and set flags ?
> 
>     }
> }
> Do you think my idea is possible? Thanks for giving me some suggestions.

Yes, that should work.  But since the shadow pagetables never use
superpages, you should only adjust the entries in type_l1* pages;
there's no need to touch L2, L3 or L4.

Cheers,

Tim.

next prev parent reply	other threads:[~2012-08-02 10:47 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-07-26 20:18 About revoke write access of all the shadows lmingcsce
2012-08-02 10:47 ` Tim Deegan [this message]
2012-08-04 13:35   ` lmingcsce
2012-08-07  9:40     ` Tim Deegan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20120802104741.GB11437@ocelot.phlegethon.org \
    --to=tim@xen.org \
    --cc=lmingcsce@gmail.com \
    --cc=xen-devel@lists.xen.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).