From mboxrd@z Thu Jan 1 00:00:00 1970 From: Razvan Cojocaru Subject: Re: Mem_event API and MEM_EVENT_REASON_SINGLESTEP Date: Fri, 30 Nov 2012 23:04:41 +0200 Message-ID: <50B91F69.3040506@gmail.com> References: <50B77375.9070904@gmail.com> <50B77CB8.1040606@gmail.com> <50B91273.6050606@gmail.com> <50B91AE0.1040206@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: AP Cc: jepstein98@gmail.com, "xen-devel@lists.xen.org" List-Id: xen-devel@lists.xenproject.org > Not sure what the difference is between first write operation and > first write mem_event. The difference is this: a write operation will only trigger a write event for a page marked rx. So if we're in single step mode and a write happens on a page marked rwx, this will not trigger a write mem_event. >> My scenario is this: I'd like to mark _all_ of the domain's pages rw, >> then when I get a write mem_event, mark only one page rwx, allow that >> write (single stepping), then mark that one page rw again. This would > > Do you mean rx? If you mark a page rw you will not get a write mem_event for it. Yes, I meant rx. Sorry (it's late where I'm writing from). > You could track the EIP and GFN and if you single step more than one > instruction you can mark the page RX and stop single stepping. You > will get control again on the next write. Though if there are jmp, > things could get tricky. So if I understand you correctly, simply single-stepping for only the duration of one MEM_EVENT_REASON_SINGLESTEP, which should be the write operation (ignoring the gfn/gla fields of the mem_event), should do the trick? Thanks, Razvan Cojocaru