* Question's about to detect unauthorized memory access [not found] <1725921008.21075110.1373365505787.JavaMail.root@vmware.com> @ 2013-07-09 10:52 ` Kai Luo [not found] ` <CAGU+autBm7-roy3Wscic3Pc_ZxYJk+g4crJEn8AzLEkV-KwCSQ@mail.gmail.com> 0 siblings, 1 reply; 2+ messages in thread From: Kai Luo @ 2013-07-09 10:52 UTC (permalink / raw) To: xen-devel [-- Attachment #1.1: Type: text/plain, Size: 668 bytes --] Hi: To detect and handle unauthorized memory map from hvm to dom0,I found xsm can prevent a privileged domain from arbitrarily mapping pages from other domains,however,I try to find whether there is another way. So I try to trap the memory access and compare the page owner whth the accessor, if they are different, somthing must happend and a warning to the administrator will be raised. My question is how can I trap the memory access? Is there any other mechanism to detect unauthorized memory map?With EPT/NPT, memory access are so closed to hardware that I don‘t know how should I trap it?Can you give me any suggestion? Thank you very much! Jone [-- Attachment #1.2: Type: text/html, Size: 970 bytes --] [-- Attachment #2: Type: text/plain, Size: 126 bytes --] _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 2+ messages in thread
[parent not found: <CAGU+autBm7-roy3Wscic3Pc_ZxYJk+g4crJEn8AzLEkV-KwCSQ@mail.gmail.com>]
* Re: Question's about to detect unauthorized memory access [not found] ` <CAGU+autBm7-roy3Wscic3Pc_ZxYJk+g4crJEn8AzLEkV-KwCSQ@mail.gmail.com> @ 2013-07-11 19:08 ` Aravindh Puthiyaparambil (aravindp) 0 siblings, 0 replies; 2+ messages in thread From: Aravindh Puthiyaparambil (aravindp) @ 2013-07-11 19:08 UTC (permalink / raw) To: Kai Luo, xen-devel@lists.xensource.com > To detect and handle unauthorized memory map from hvm to dom0,I > found xsm can prevent a privileged domain from arbitrarily mapping pages > from other domains,however,I try to find whether there is another way. So I > try to trap the memory access and compare the page owner whth the > accessor, if they are different, somthing must happend and a warning to the > administrator will be raised. > My question is how can I trap the memory access? Is there any other > mechanism to detect unauthorized memory map?With EPT/NPT, memory > access are so closed to hardware that I don‘t know how should I trap it?Can > you give me any suggestion? You can trap memory accesses using the mem_event / mem_access APIs. Take a look at tools/tests/xen-access/. You should also look in to libVMI. A combination of the two might give you what you are after. Thanks, Aravindh _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel ^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-07-11 19:08 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <1725921008.21075110.1373365505787.JavaMail.root@vmware.com>
2013-07-09 10:52 ` Question's about to detect unauthorized memory access Kai Luo
[not found] ` <CAGU+autBm7-roy3Wscic3Pc_ZxYJk+g4crJEn8AzLEkV-KwCSQ@mail.gmail.com>
2013-07-11 19:08 ` Aravindh Puthiyaparambil (aravindp)
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).