Xen project Mailing List

Re: [Xen-devel] reserve e820 ram

To: Tim Deegan <tim@xxxxxxx>

From: Francisco Rocha <f.e.liberal-rocha@xxxxxxxxxxxxxxx>

Date: Wed, 18 Apr 2012 18:10:13 +0100

Accept-language: en-GB

Acceptlanguage: en-GB

Cc: "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>

Delivery-date: Wed, 18 Apr 2012 17:12:10 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Thread-index: Ac0dhh7KdXHkGcTfQO+C/DSfkmxR0g==

Thread-topic: [Xen-devel] reserve e820 ram

On 04/18/2012 05:43 PM, Tim Deegan wrote: > > At 15:36 +0100 on 18 Apr (1334763404), Francisco Rocha wrote: > > Hi Tim, > > > > I was thinking about changing my approach. > > > > I think that for now I will leave those pages off because I am > > mostly interested in protecting other areas. > > > > Those accesses for now are inevitable to get the VM to properly > > operate. Now, the question is if it is possible to use page table > > entries to do what I want to do. > > > > The objective would be to use a bit flag that would determine if > > the pages are returned when a call to map_foreign_range is made. > > So, my final objective would be that only pages used for the three > > operations you describe are accessible to Dom0. > > Everything that is not BIOS and related, Qemu or PV backend > > drivers will not be returned. > > > > From what I see in the header files you use 12-bits from a 24-bit > > flag (x86_64). Can we do it? This would again take us to controlling > > access at get_page_from_l1e(), right? > > Are you talking about the count_info and type_info fields? yes, I think > you can probably put a new flag or two in there. > I was thinking about the ones used in page table entries (_PAGE_PRESENT|RW, etc). So, I can do the type of control I want to achieve using type_info, maybe the flags I was thinking about are not the best option for what I want. > > Choosing which pages > qemu can map will be interesting, though -- it needs to map anything the > VM uses for I/O. But maybe you can just define the things you protect > and declare taht they can't be used for I/O. That sounds easier. :) > The objective is to protect the kernel and its data structures. That is why I was considering the flags I previously mentioned. There is one denominated _PAGE_GUEST_KERNEL. I see that we have them all available. int get_page_from_l1e(...) ... struct page_info *page = mfn_to_page(mfn); uint32_t l1f = l1e_get_flags(l1e); ... Which flags do you recommend I use to try this out? > > > Cheers, > > Tim. > > Thank you, Francisco _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.