WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Xen
Home Products Support Community News

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
<prev [Thread] next>

Re: [Xen-devel] Readonly memory for guest domain

from [Keir Fraser] [Permanent Link][Original]
To: Peter Teoh <htmldeveloper@xxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-devel] Readonly memory for guest domain
From: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Date: 2007年9月12日 08:28:47 +0100
Delivery-date: 2007年9月12日 00:25:06 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <00ca01c7f4db69ドルd991f09ドルa010a0a@eeyore >
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acf1Do5azSSQD2EBEdykmAAWy6hiGQ==
Thread-topic: [Xen-devel] Readonly memory for guest domain
User-agent: Microsoft-Entourage/11.3.6.070618
Xen does not have this general read-only restriction. It does force page tables to be read-only, otherwise a guest could grant itself access to arbitrary memory that it does not own.

-- Keir


On 12/9/07 02:22, "Peter Teoh" <htmldeveloper@xxxxxxxxx> wrote:

Current Xen design is that the guest domain have readonly access to the memory mapped for them. Documentation say it is not safe for them to be writable. Why?

Is it so as to trigger a trap exception whenever writing is made to it? This is the optimal answer :-).

And since it is not "safe" what checks are done in Xen hypervisor against these "dangers", ie, enumerate the potential dangers? I cannot think of any, as a newbie in Xen. My logic is that if the pages have been assigned as owned by a domain, just let it do whatever it wants to, and so therefore should not trigger any privilege trap condition (or VM exit condition, in the HVM case).

In the traditional Linux model, once a memory is mapped for user process, non-root user included, it can be mapped as writable. So why is this discrepancy in the case of Xen?

By taking away this readonly restriction, I think Xen hypervisor will have a lot of performance to gain.

Please share your thoughts? Apologies for the questions from a newbie.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date: Re: [Xen-users] Re: [Xen-devel] Loading ACM policy in XSM , Syunsuke HAYASHI
Next by Date: Re: [Xen-devel] Regression in serial console on ia64 , Keir Fraser
Previous by Thread: [Xen-devel] Readonly memory for guest domain , Peter Teoh
Next by Thread: Re: [Xen-devel] Readonly memory for guest domain , Peter Teoh
Indexes: [Date] [Thread] [Top] [All Lists]

Copyright ©, Citrix Systems Inc. All rights reserved. Legal and Privacy
Citrix This site is hosted by Citrix

AltStyle によって変換されたページ (->オリジナル) /