* Question's about to detect unauthorized memory access
[not found] <1725921008.21075110.1373365505787.JavaMail.root@vmware.com>
@ 2013-07-09 10:52 ` Kai Luo
[not found] ` <CAGU+autBm7-roy3Wscic3Pc_ZxYJk+g4crJEn8AzLEkV-KwCSQ@mail.gmail.com>
0 siblings, 1 reply; 2+ messages in thread
From: Kai Luo @ 2013-07-09 10:52 UTC (permalink / raw)
To: xen-devel
[-- Attachment #1.1: Type: text/plain, Size: 668 bytes --]
Hi:
To detect and handle unauthorized memory map from hvm to dom0,I found xsm can prevent a privileged domain from arbitrarily mapping pages from other domains,however,I try to find whether there is another way. So I try to trap the memory access and compare the page owner whth the accessor, if they are different, somthing must happend and a warning to the administrator will be raised.
My question is how can I trap the memory access? Is there any other mechanism to detect unauthorized memory map?With EPT/NPT, memory access are so closed to hardware that I don‘t know how should I trap it?Can you give me any suggestion?
Thank you very much!
Jone
[-- Attachment #1.2: Type: text/html, Size: 970 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Question's about to detect unauthorized memory access
[not found] ` <CAGU+autBm7-roy3Wscic3Pc_ZxYJk+g4crJEn8AzLEkV-KwCSQ@mail.gmail.com>
@ 2013-07-11 19:08 ` Aravindh Puthiyaparambil (aravindp)
0 siblings, 0 replies; 2+ messages in thread
From: Aravindh Puthiyaparambil (aravindp) @ 2013-07-11 19:08 UTC (permalink / raw)
To: Kai Luo, xen-devel@lists.xensource.com
> To detect and handle unauthorized memory map from hvm to dom0,I
> found xsm can prevent a privileged domain from arbitrarily mapping pages
> from other domains,however,I try to find whether there is another way. So I
> try to trap the memory access and compare the page owner whth the
> accessor, if they are different, somthing must happend and a warning to the
> administrator will be raised.
> My question is how can I trap the memory access? Is there any other
> mechanism to detect unauthorized memory map?With EPT/NPT, memory
> access are so closed to hardware that I don‘t know how should I trap it?Can
> you give me any suggestion?
You can trap memory accesses using the mem_event / mem_access APIs. Take a look at tools/tests/xen-access/. You should also look in to libVMI. A combination of the two might give you what you are after.
Thanks,
Aravindh
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-07-11 19:08 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <1725921008.21075110.1373365505787.JavaMail.root@vmware.com>
2013-07-09 10:52 ` Question's about to detect unauthorized memory access Kai Luo
[not found] ` <CAGU+autBm7-roy3Wscic3Pc_ZxYJk+g4crJEn8AzLEkV-KwCSQ@mail.gmail.com>
2013-07-11 19:08 ` Aravindh Puthiyaparambil (aravindp)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).