[Xen-devel] [PATCH v4 00/39] arm/altp2m: Introducing altp2m to ARM

Hi all,

The following patch series can be found on Github[0] and is part of my
contribution to last year's Google Summer of Code (GSoC)[1]. My project is
managed by the organization The Honeynet Project. As part of GSoC, I was being
supervised by the Xen maintainer Tamas K. Lengyel <tamas@xxxxxxxxxxxxx>, George
D. Webster, and Steven Maresca.

In this patch series, we provide an implementation of the altp2m subsystem for
ARM. Our implementation is based on the altp2m subsystem for x86, providing
additional --alternate-- views on the guest's physical memory by means of the
ARM 2nd stage translation mechanism. The patches introduce new HVMOPs and
extend the p2m subsystem. Also, we extend libxl to support altp2m on ARM and
modify xen-access to test the suggested functionality.

To be more precise, altp2m allows to create and switch to additional p2m views
(i.e. gfn to mfn mappings). These views can be manipulated and activated as
will through the provided HVMOPs. In this way, the active guest instance in
question can seamlessly proceed execution without noticing that anything has
changed. The prime scope of application of altp2m is Virtual Machine
Introspection, where guest systems are analyzed from the outside of the VM.

Altp2m can be activated by means of the guest control parameter "altp2m" on x86
and ARM architectures. For use-cases requiring purely external access to
altp2m, this patch allows to specify if the altp2m interface should be external

This version is a revised version of v3 that has been submitted in 2016. It
incorporates the comments of the previous patch series. Although the previous
version has been submitted last year, I have kept the comments of the
individual patches. Both the purpose and changes from v3 to v4 are stated
inside the individual commits.

Best regards,

[0] https://github.com/sergej-proskurin/xen (branch arm-altp2m-v4)
[1] https://summerofcode.withgoogle.com/projects/#4970052843470848

Sergej Proskurin (38):
  arm/p2m: Introduce p2m_(switch|restore)_vttbr_and_(g|s)et_flags
  arm/p2m: Add first altp2m HVMOP stubs
  arm/p2m: Add hvm_allow_(set|get)_param
  arm/p2m: Add HVMOP_altp2m_get_domain_state
  arm/p2m: Introduce p2m_is_(hostp2m|altp2m)
  arm/p2m: Cosmetic fix - substitute _gfn(ULONG_MAX) for INVALID_GFN
  arm/p2m: Move hostp2m init/teardown to individual functions
  arm/p2m: Cosmetic fix - function prototype of p2m_alloc_table
  arm/p2m: Rename parameter in p2m_alloc_vmid
  arm/p2m: Change func prototype and impl of p2m_(alloc|free)_vmid
  altp2m: Move (MAX|INVALID)_ALTP2M to xen/p2m-common.h
  arm/p2m: Add altp2m init/teardown routines
  arm/p2m: Add altp2m table flushing routine
  arm/p2m: Add HVMOP_altp2m_set_domain_state
  arm/p2m: Add HVMOP_altp2m_create_p2m
  arm/p2m: Add HVMOP_altp2m_destroy_p2m
  arm/p2m: Add HVMOP_altp2m_switch_p2m
  arm/p2m: Add p2m_get_active_p2m macro
  arm/p2m: Make p2m_restore_state ready for altp2m
  arm/p2m: Make get_page_from_gva ready for altp2m
  arm/p2m: Cosmetic fix - __p2m_get_mem_access
  arm/p2m: Make p2m_mem_access_check ready for altp2m
  arm/p2m: Cosmetic fix - function prototypes
  arm/p2m: Make p2m_put_l3_page ready for altp2m
  arm/p2m: Modify reference count only if hostp2m active
  arm/p2m: Add HVMOP_altp2m_set_mem_access
  arm/p2m: Add altp2m_propagate_change
  altp2m: Rename p2m_altp2m_check to altp2m_check
  x86/altp2m: Move altp2m_check to altp2m.c
  arm/altp2m: Move altp2m_check to altp2m.h
  arm/altp2m: Introduce altp2m_switch_vcpu_altp2m_by_id
  arm/altp2m: Make altp2m_vcpu_idx ready for altp2m
  arm/p2m: Add altp2m paging mechanism
  arm/p2m: Add HVMOP_altp2m_change_gfn
  arm/p2m: Adjust debug information to altp2m
  altp2m: Allow activating altp2m on ARM domains
  arm/xen-access: Extend xen-access for altp2m on ARM
  arm/xen-access: Add test of xc_altp2m_change_gfn

Tamas K Lengyel (1):
  altp2m: Document external-only use on ARM

 docs/man/xl.cfg.pod.5.in            |   8 +-
 tools/libxl/libxl.h                 |  10 +-
 tools/libxl/libxl_dom.c             |  16 +-
 tools/libxl/libxl_types.idl         |   2 +-
 tools/tests/xen-access/Makefile     |   2 +-
 tools/tests/xen-access/xen-access.c | 213 ++++++++++++-
 xen/arch/arm/Makefile               |   1 +
 xen/arch/arm/altp2m.c               | 601 ++++++++++++++++++++++++++++++++++++
 xen/arch/arm/hvm.c                  | 202 +++++++++++-
 xen/arch/arm/mem_access.c           | 112 +++++--
 xen/arch/arm/p2m.c                  | 219 +++++++++----
 xen/arch/arm/traps.c                |  17 +
 xen/arch/x86/mm/altp2m.c            |   6 +
 xen/arch/x86/mm/p2m.c               |   6 -
 xen/common/vm_event.c               |   3 +-
 xen/include/asm-arm/altp2m.h        |  73 ++++-
 xen/include/asm-arm/domain.h        |  15 +
 xen/include/asm-arm/p2m.h           |  62 +++-
 xen/include/asm-x86/altp2m.h        |   3 +
 xen/include/asm-x86/domain.h        |   3 +-
 xen/include/asm-x86/p2m.h           |   3 -
 xen/include/xen/altp2m-common.h     |   8 +
 22 files changed, 1444 insertions(+), 141 deletions(-)
 create mode 100644 xen/arch/arm/altp2m.c
 create mode 100644 xen/include/xen/altp2m-common.h


