Hello, I'm currently attempting to add guard pages to a Xen-based unikernel. These are memory regions that cannot be read, written, or executed, could be potentially ones up to 1MB in size, and would, for instance, separate the stack and the heap to prevent buffer overflows and stack clashes.
Ideally, since the guard pages can't be accessed in any way, I'd like to avoid taking up as much "physical" memory as would be necessary to accommodate the guard pages. The best way I can think of to implement this, then, is to make the sections to be guarded discontiguous — much like how the Linux kernel is placed at a very high address in memory, far from the other memory regions it manages. In order to do this, I need some way to map discontiguous virtual address regions to contiguous physical memory: for instance, to map 0x0-0x20000 to PFNs 0 through 20, and 0x40000-0x80000 to PFNs 20 through 60. I know this is possible, as Linux is able to do this on Xen, but I have so far been unable to figure it out. Apologies if I sound a bit confused here, as documentation is rather scarce, but I'll try to detail as best I can what I've tried so far, which primarily revolves around two functions, namely: - HYPERVISOR_update_va_mapping, which sounds like the right function, but which returns the errno for "invalid argument" when the virtual address I pass as its first argument is outside the range of what the VAs would be if they mapped one-to-one to PFNs. For instance, if PFNs 0x0-0x4000 are actually available to my guest, I would expect to be able to map the VA that _would_ correspond to PFN 0x4001 in a one-to-one mapping to, say, PFN 0x0. This is not the case, and I'm not sure why. I have not been able to find substantial documentation on this function. - HYPERVISOR_mmu_update, which as it understand it takes a struct with the machine address of the page table entry to modify, and the new contents of that PTE. However, it looks like Xen gives me a fixed page table size (in start_info) baed on the actual amount of memory allocated to the guest, so I'm not sure if there's room on the page table for an entry corresponding to an arbitrarily high address. That aside, even if that weren't an issue I don't know how to _get_ the machine address of the PTE to modify, since as far as I know, translating a VA to a machine address requires that the p2m table to contain an entry corresponding to that VA, and in this specific case where I _don't_ want a one-to-one linear mapping, that's not the case. I'm probably missing something about the address conversion, but have been unable to find an explanation of how this function is typically used. If someone here is familiar with these APIs and can point me in the right direction, that would be greatly appreciated.
_______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
