RE: Switching from writeable pagetable to shadowlog-dirtyat runtime
I don't see ptwr_flush() when shadow mode enable in both ia32 and x86_64 code. Why plain ia32 log dirty shadow can work?
audit_adjust_pgtables() is for plain ia32 only and it doesn't work for both ia32 pae and x86_64, but this function only check the ref counts and doesn't update guest PTE entry, e.g. R/W bit.
Another question is that how does guest update its guest page-table after shadow mode is enabled? As writable-pagetable can't be used after shadow mode is enabled.
Ian Pratt scribbled on 2005年10月14日 1:44:
>> When we switch from writeable pagetable to shadow log-dirty
>> mode at runtime, there are some PTEs with write-protected;
>> once we do ptwr_flush(), we write-protect back the page
>> table. If we simply consult the guest page tables when
>> building the shadow page tables, then we also copy the write
>> protection to the shadow pages tables. Since the shadow code
>> does not have the logic for the writeable page table, the
>> guest kernel, for exmaple, can see write-protected page
>> table, resulting a panic. We are experiencing the problem
>> with PAE log-dirty mode (that we are working on now).
> We should certainly be doing a ptwr_flush() before switching page
> table modes.
> My recollection is that domain_pause in shadow_enable would cause a
> sync_pagetable_state, but that code has changed a lot since I wrote
>> So I think the current state in the writeable page should be
>> flushed and adjusted (in audit, for example, make the
>> write-protected pages back to writeable) before we switch to shadow
>> mode. Given the fact that we can switch writeable pagetable to
>> shadow log-dirty at runtime for the plain 32-bit, I'm wondering
>> where we are doing that kind of thing.
>> Intel Open Source Technology Center
>> Xen-devel mailing list
>> [hidden email] >> http://lists.xensource.com/xen-devel >>
> Xen-devel mailing list
> [hidden email] > http://lists.xensource.com/xen-devel
Re: Switching from writeable pagetable to shadowlog-dirtyat runtime
On 14 Oct 2005, at 03:46, Li, Chengyuan wrote:
> I don't see ptwr_flush() when shadow mode enable in both ia32 and
> x86_64 code. Why plain ia32 log dirty shadow can work?
Perhaps it can't, properly. :-)
The best fix will be to make domain_pause() call
sync_pagetable_state(d). The main problem I can see is that the
cleanup_writeable_pagetable() function is not currently safe to be
called by other than the subject domain. For example, failure paths
crash the calling domain rather than the subject domain! This needs
> audit_adjust_pgtables() is for plain ia32 only and it doesn't work for
> both ia32 pae and x86_64, but this function only check the ref counts
> and doesn't update guest PTE entry, e.g. R/W bit.
> Another question is that how does guest update its guest page-table
> after shadow mode is enabled? As writable-pagetable can't be used
> after shadow mode is enabled.
Shadow pagetable code has its own quite separate writeable pagetable
logic, I believe. Which is why the non-shadow wrpt state must be
flushed before switching to shadow pagetables.