RE: Switching from writeable pagetable to shadowlog-dirtyat runtime

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

RE: Switching from writeable pagetable to shadowlog-dirtyat runtime

Li, Chengyuan
Ian, Jun,

I don't see ptwr_flush() when shadow mode enable in both ia32 and x86_64 code. Why plain ia32 log dirty shadow can work?
audit_adjust_pgtables() is for plain ia32 only and it doesn't work for both ia32 pae and x86_64, but this function only check the ref counts and doesn't update guest PTE entry, e.g. R/W bit.

Another question is that how does guest update its guest page-table after shadow mode is enabled?  As writable-pagetable can't be used after shadow mode is enabled.

Ian Pratt scribbled on 2005年10月14日 1:44:

>> When we switch from writeable pagetable to shadow log-dirty
>> mode at runtime, there are some PTEs with write-protected;
>> once we do ptwr_flush(), we write-protect back the page
>> table. If we simply consult the guest page tables when
>> building the shadow page tables, then we also copy the write
>> protection to the shadow pages tables. Since the shadow code
>> does not have the logic for the writeable page table, the
>> guest kernel, for exmaple, can see write-protected page
>> table, resulting a panic. We are experiencing the problem
>> with PAE log-dirty mode (that we are working on now).
>
> We should certainly be doing a ptwr_flush() before switching page
> table modes.

>
> My recollection is that domain_pause in shadow_enable would cause a
> sync_pagetable_state, but that code has changed a lot since I wrote
> it.
>
> Ian
>
>> So I think the current state in the writeable page should be
>> flushed and adjusted (in audit, for example, make the
>> write-protected pages back to writeable) before we switch to shadow
>> mode. Given the fact that we can switch writeable pagetable to
>> shadow log-dirty at runtime for the plain 32-bit, I'm wondering
>> where we are doing that kind of thing.
>>
>> Jun
>> ---
>> Intel Open Source Technology Center
>>
>> _______________________________________________
>> Xen-devel mailing list
>> [hidden email]
>> http://lists.xensource.com/xen-devel
>>
>
> _______________________________________________
> Xen-devel mailing list
> [hidden email]
> http://lists.xensource.com/xen-devel

Thanks,
Chengyuan

_______________________________________________
Xen-devel mailing list
[hidden email]
http://lists.xensource.com/xen-devel
Reply | Threaded
Open this post in threaded view
|

Re: Switching from writeable pagetable to shadowlog-dirtyat runtime

Keir Fraser

On 14 Oct 2005, at 03:46, Li, Chengyuan wrote:

>
> I don't see ptwr_flush() when shadow mode enable in both ia32 and
> x86_64 code. Why plain ia32 log dirty shadow can work?

Perhaps it can't, properly. :-)

The best fix will be to make domain_pause() call
sync_pagetable_state(d). The main problem I can see is that the
cleanup_writeable_pagetable() function is not currently safe to be
called by other than the subject domain. For example, failure paths
crash the calling domain rather than the subject domain! This needs
fixing.

> audit_adjust_pgtables() is for plain ia32 only and it doesn't work for
> both ia32 pae and x86_64, but this function only check the ref counts
> and doesn't update guest PTE entry, e.g. R/W bit.
>
> Another question is that how does guest update its guest page-table
> after shadow mode is enabled?  As writable-pagetable can't be used
> after shadow mode is enabled.

Shadow pagetable code has its own quite separate writeable pagetable
logic, I believe. Which is why the non-shadow wrpt state must be
flushed before switching to shadow pagetables.

  -- Keir


_______________________________________________
Xen-devel mailing list
[hidden email]
http://lists.xensource.com/xen-devel