Xen project Mailing List

Re: [Xen-devel] [PATCH V3 1/3] xen/mem_access: Support for memory-content hiding

To: "Lengyel, Tamas" <tlengyel@xxxxxxxxxxx>

From: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>

Date: Mon, 6 Jul 2015 21:27:12 +0300

Cc: Jun Nakajima <jun.nakajima@xxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, kevin.tian@xxxxxxxxx, keir@xxxxxxx, Ian Campbell <ian.campbell@xxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, eddie.dong@xxxxxxxxx, Xen-devel <xen-devel@xxxxxxxxxxxxx>, Aravind.Gopalakrishnan@xxxxxxx, Jan Beulich <jbeulich@xxxxxxxx>, suravee.suthikulpanit@xxxxxxx, boris.ostrovsky@xxxxxxxxxx, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>

Comment: DomainKeys? See http://domainkeys.sourceforge.net/

Delivery-date: Mon, 06 Jul 2015 18:27:29 +0000

Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=bitdefender.com; b=j5g09j0rqu8Y7+jEmMYhXiXej2yRctcf4nwexwNGPTgx5BW3VSakUxAc04xtKnYd6s9tAV0VXu3VooPoQgZLVC3W+a5ZI3NyeIFPjLeHi7+yX2Xgf23P7qYnn68FXXmBe9a3GQozdUlcSNskfdDcZIQZaboTbbgJ5JkPiFH114kwMEch1xcht5wZu8L7oPIadGF90ZaeaxPLq2GsEXGiA9RjDDVpcd8M1aKNpKqBWRb4apN6Tc2jfvPY739/k9euEf3VGJWmKG3zAGz2vn9GfB0dgAycEicf5Ltgo3Ky/11BI55k21LikQz0UWKW3kJn4Zym3JxU27J/UoKXE+GbjQ==; h=Received:Received:Received:Received:Received:Subject:To:References:Cc:From:X-Enigmail-Draft-Status:Message-ID:Date:User-Agent:MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-BitDefender-Scanner:X-BitDefender-Spam:X-BitDefender-SpamStamp:X-BitDefender-CF-Stamp;

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 07/06/2015 07:50 PM, Lengyel, Tamas wrote: > Handy feature, thanks for doing it! You're very welcome, I'm quite happy you find it useful. > @@ -1466,6 +1466,10 @@ void p2m_mem_access_emulate_check(struct vcpu *v, > } > > v->arch.vm_event.emulate_flags = violation ? rsp->flags : 0; > + > + if ( rsp->flags & MEM_ACCESS_SET_EMUL_READ_DATA && > > > So one of the use-cases for this feature I would have is using it in the > vm_event response to the software breakpoint event. A little bit of > context: I have written 0xCC into target memory locations, which are > further protected by mem_access R/W. This setup right now would suffice > to hide the content easily from the R mem_access events without having > to remove it. But for X tracing I'm not using mem_access events. Here > this feature is locked to be only in response to a mem_access events. I > can *technically* work around that by changing the response type to the > mem_access event, but it would be nice if this feature would be clearly > available for non-mem_access events as well (or at least for software > breakpoint). What do you think, does that usecase make sense here? It does make a fair ammount of sense, but with this little time until the feature freeze it does look like a non-trivial change, so if it doesn't bother you very much to use the plain mem_access event while we work towards making the response more general, I'd go for trying to get this patch into 4.6, whatever its chances are. If you'd prefer that I do some ground work for the future (i.e. rename MEM_ACCESS constants, etc.), please let me know. Thanks, Razvan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.