> Testability is still a potential issue. We have offered to make our > internal > Windows test binaries available for intra-domain testing. Tamas has > been working on toolstack support for cross-domain testing with a slightly > earlier patch series, and we hope he will submit that support. >
Hi Ed, the toolstack support for externel monitoring seems to be functioning now. I can post it separately but IMHO it would make most sense to just append it to the series (if you plan to submit it again), or wait till your side gets merged. My branch can be found at https://github.com/tklengyel/xen/tree/altp2m_mine. I've extended xen-access to exercise this new feature taking into account some of the current limitations. Using the altp2m_write|exec options we create a duplicate view of the default hostp2m, and instead of relaxing the mem_access permissions when we encounter a violation, we swap the view on the violating vCPU while also enabling MTF singlestepping. When the singlestep event fires, we use the response to that event to swap the view back to the restricted altp2m view. # ./xen-access 6 altp2m_write xenaccess init max_gpfn = ff000 starting altp2m_write 6 altp2m view created with id 1 Setting altp2m mem_access permissions.. done! Permissions set on 260171 pages. Got event from Xen Got event from Xen PAGE ACCESS: rw- for GFN 272e (offset 000b98) gla 000000008272eb98 (valid: y; fault in gpt: n; fault with gla: y) (vcpu 0, altp2m view 1) Switching back to hostp2m default view! Got event from Xen Singlestep: rip=0000000082a1a634, vcpu 0 Switching altp2m to view 1! Got event from Xen PAGE ACCESS: rw- for GFN 272e (offset 000b8c) gla 000000008272eb8c (valid: y; fault in gpt: n; fault with gla: y) (vcpu 0, altp2m view 1) Switching back to hostp2m default view! Some of the more exotic features, such as the gfn remapping, is left as future work for now. We definitely have plans on utilizing it in the near future though and it is exposed via libxc but no toolside test exercises it at the moment. Cheers! -- [image: www.novetta.com] Tamas K Lengyel Senior Security Researcher 7921 Jones Branch Drive McLean VA 22102 Email tleng...@novetta.com
_______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
