Reading a DomU's memory from Dom0 or Xen hypervisor

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Reading a DomU's memory from Dom0 or Xen hypervisor

Brett Stahlman
I'd like to be able to read specific memory locations within a DomU,
either by guest-physical or guest-virtual address, and I'm wondering
what the Xen-provided options in this area are. I've seen
documentation on "grant tables", but that mechanism seems tailored
towards communication between front and back-end drivers. All I want
to do is allow code in either Dom0 or the hypervisor itself to read
specific memory ranges within a specific DomU. I notice there's a
raw_copy_from_guest() function (guestcopy.c), which looks like it
could be useful. However, the hardcoding of "current->domain" in the
call to get_page_from_gva() leads me to suspect that it's intended for
use only in a hypercall. Is there a standard way to read memory from
an *arbitrary* guest, either using guest-physical or guest-virtual
addresses? If so, is it possible to do it from Dom0 without modifying
the Xen hypervisor?

Links to relevant documentation or example source code would be
greatly appreciated...

Thanks,
Brett S.

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xen.org/xen-users
Reply | Threaded
Open this post in threaded view
|

Re: Reading a DomU's memory from Dom0 or Xen hypervisor

Roger Pau Monné-3
On Thu, Oct 05, 2017 at 05:51:39PM +0000, Brett Stahlman wrote:

> I'd like to be able to read specific memory locations within a DomU,
> either by guest-physical or guest-virtual address, and I'm wondering
> what the Xen-provided options in this area are. I've seen
> documentation on "grant tables", but that mechanism seems tailored
> towards communication between front and back-end drivers. All I want
> to do is allow code in either Dom0 or the hypervisor itself to read
> specific memory ranges within a specific DomU. I notice there's a
> raw_copy_from_guest() function (guestcopy.c), which looks like it
> could be useful. However, the hardcoding of "current->domain" in the
> call to get_page_from_gva() leads me to suspect that it's intended for
> use only in a hypercall. Is there a standard way to read memory from
> an *arbitrary* guest, either using guest-physical or guest-virtual
> addresses? If so, is it possible to do it from Dom0 without modifying
> the Xen hypervisor?
>
> Links to relevant documentation or example source code would be
> greatly appreciated...

AFAICT you want to take a look at the foreignmemory library. It allows
you to map DomU memory from Dom0 user-space [0].

Roger.

[0] http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=tools/libs/foreignmemory/core.c

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xen.org/xen-users
Reply | Threaded
Open this post in threaded view
|

Re: Reading a DomU's memory from Dom0 or Xen hypervisor

Brett Stahlman
Excellent. The function xenforeignmemory_map() looks like it may do
what I want. There's also function xc_map_foreign_range(), defined
in... libs/libxc/xc_foreign_memory.c. Is libxc meant to be used only
from tools like xc/xl? I notice that it delegates the actual mapping
to xenforeignmemory_map(). Are you aware of any benefits provided by
the extra level of indirection?

Thanks,
Brett S.

On Fri, Oct 6, 2017 at 3:51 AM, Roger Pau Monné <[hidden email]> wrote:

> On Thu, Oct 05, 2017 at 05:51:39PM +0000, Brett Stahlman wrote:
>> I'd like to be able to read specific memory locations within a DomU,
>> either by guest-physical or guest-virtual address, and I'm wondering
>> what the Xen-provided options in this area are. I've seen
>> documentation on "grant tables", but that mechanism seems tailored
>> towards communication between front and back-end drivers. All I want
>> to do is allow code in either Dom0 or the hypervisor itself to read
>> specific memory ranges within a specific DomU. I notice there's a
>> raw_copy_from_guest() function (guestcopy.c), which looks like it
>> could be useful. However, the hardcoding of "current->domain" in the
>> call to get_page_from_gva() leads me to suspect that it's intended for
>> use only in a hypercall. Is there a standard way to read memory from
>> an *arbitrary* guest, either using guest-physical or guest-virtual
>> addresses? If so, is it possible to do it from Dom0 without modifying
>> the Xen hypervisor?
>>
>> Links to relevant documentation or example source code would be
>> greatly appreciated...
>
> AFAICT you want to take a look at the foreignmemory library. It allows
> you to map DomU memory from Dom0 user-space [0].
>
> Roger.
>
> [0] http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=tools/libs/foreignmemory/core.c

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xen.org/xen-users
Reply | Threaded
Open this post in threaded view
|

Re: Reading a DomU's memory from Dom0 or Xen hypervisor

Brett Stahlman
In reply to this post by Roger Pau Monné-3
On Fri, Oct 6, 2017 at 3:51 AM, Roger Pau Monné <[hidden email]> wrote:

> On Thu, Oct 05, 2017 at 05:51:39PM +0000, Brett Stahlman wrote:
>> I'd like to be able to read specific memory locations within a DomU,
>> either by guest-physical or guest-virtual address, and I'm wondering
>> what the Xen-provided options in this area are. I've seen
>> documentation on "grant tables", but that mechanism seems tailored
>> towards communication between front and back-end drivers. All I want
>> to do is allow code in either Dom0 or the hypervisor itself to read
>> specific memory ranges within a specific DomU. I notice there's a
>> raw_copy_from_guest() function (guestcopy.c), which looks like it
>> could be useful. However, the hardcoding of "current->domain" in the
>> call to get_page_from_gva() leads me to suspect that it's intended for
>> use only in a hypercall. Is there a standard way to read memory from
>> an *arbitrary* guest, either using guest-physical or guest-virtual
>> addresses? If so, is it possible to do it from Dom0 without modifying
>> the Xen hypervisor?
>>
>> Links to relevant documentation or example source code would be
>> greatly appreciated...
>
> AFAICT you want to take a look at the foreignmemory library. It allows
> you to map DomU memory from Dom0 user-space [0].

Hmm... Just noticed that the foreignmemory mapping code was factored
out of libxc and into libxenforeignmemory in commit 324869 (Xen 4.7).
So it looks like there was no alternative to the libxc functions until
fairly recently. I'll probably try using the libxenforeignmemory
functions (tools/libs/foreignmemory) directly, unless someone can give
me a reason to prefer the libxc wrapper...

Thanks,
Brett S.

>
> Roger.
>
> [0] http://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=tools/libs/foreignmemory/core.c

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xen.org/xen-users
Reply | Threaded
Open this post in threaded view
|

Re: Reading a DomU's memory from Dom0 or Xen hypervisor

Roger Pau Monné-3
On Fri, Oct 06, 2017 at 04:01:29PM +0000, Brett Stahlman wrote:

> On Fri, Oct 6, 2017 at 3:51 AM, Roger Pau Monné <[hidden email]> wrote:
> > On Thu, Oct 05, 2017 at 05:51:39PM +0000, Brett Stahlman wrote:
> >> I'd like to be able to read specific memory locations within a DomU,
> >> either by guest-physical or guest-virtual address, and I'm wondering
> >> what the Xen-provided options in this area are. I've seen
> >> documentation on "grant tables", but that mechanism seems tailored
> >> towards communication between front and back-end drivers. All I want
> >> to do is allow code in either Dom0 or the hypervisor itself to read
> >> specific memory ranges within a specific DomU. I notice there's a
> >> raw_copy_from_guest() function (guestcopy.c), which looks like it
> >> could be useful. However, the hardcoding of "current->domain" in the
> >> call to get_page_from_gva() leads me to suspect that it's intended for
> >> use only in a hypercall. Is there a standard way to read memory from
> >> an *arbitrary* guest, either using guest-physical or guest-virtual
> >> addresses? If so, is it possible to do it from Dom0 without modifying
> >> the Xen hypervisor?
> >>
> >> Links to relevant documentation or example source code would be
> >> greatly appreciated...
> >
> > AFAICT you want to take a look at the foreignmemory library. It allows
> > you to map DomU memory from Dom0 user-space [0].
>
> Hmm... Just noticed that the foreignmemory mapping code was factored
> out of libxc and into libxenforeignmemory in commit 324869 (Xen 4.7).
> So it looks like there was no alternative to the libxc functions until
> fairly recently. I'll probably try using the libxenforeignmemory
> functions (tools/libs/foreignmemory) directly, unless someone can give
> me a reason to prefer the libxc wrapper...

libxc doesn't have a stable interface, libxenforeignmemory OTOH is
stable, so you should aim at using the later, or else you
implementation might be tied to a specific Xen version.

Roger.

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xen.org/xen-users
Reply | Threaded
Open this post in threaded view
|

Re: Reading a DomU's memory from Dom0 or Xen hypervisor

Brett Stahlman
On Mon, Oct 9, 2017 at 4:35 AM, Roger Pau Monné <[hidden email]> wrote:

> On Fri, Oct 06, 2017 at 04:01:29PM +0000, Brett Stahlman wrote:
>> On Fri, Oct 6, 2017 at 3:51 AM, Roger Pau Monné <[hidden email]> wrote:
>> > On Thu, Oct 05, 2017 at 05:51:39PM +0000, Brett Stahlman wrote:
>> >> I'd like to be able to read specific memory locations within a DomU,
>> >> either by guest-physical or guest-virtual address, and I'm wondering
>> >> what the Xen-provided options in this area are. I've seen
>> >> documentation on "grant tables", but that mechanism seems tailored
>> >> towards communication between front and back-end drivers. All I want
>> >> to do is allow code in either Dom0 or the hypervisor itself to read
>> >> specific memory ranges within a specific DomU. I notice there's a
>> >> raw_copy_from_guest() function (guestcopy.c), which looks like it
>> >> could be useful. However, the hardcoding of "current->domain" in the
>> >> call to get_page_from_gva() leads me to suspect that it's intended for
>> >> use only in a hypercall. Is there a standard way to read memory from
>> >> an *arbitrary* guest, either using guest-physical or guest-virtual
>> >> addresses? If so, is it possible to do it from Dom0 without modifying
>> >> the Xen hypervisor?
>> >>
>> >> Links to relevant documentation or example source code would be
>> >> greatly appreciated...
>> >
>> > AFAICT you want to take a look at the foreignmemory library. It allows
>> > you to map DomU memory from Dom0 user-space [0].
>>
>> Hmm... Just noticed that the foreignmemory mapping code was factored
>> out of libxc and into libxenforeignmemory in commit 324869 (Xen 4.7).
>> So it looks like there was no alternative to the libxc functions until
>> fairly recently. I'll probably try using the libxenforeignmemory
>> functions (tools/libs/foreignmemory) directly, unless someone can give
>> me a reason to prefer the libxc wrapper...
>
> libxc doesn't have a stable interface, libxenforeignmemory OTOH is
> stable, so you should aim at using the later, or else you
> implementation might be tied to a specific Xen version.

Understood. Thanks.
Brett S.

>
> Roger.

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xen.org/xen-users
Reply | Threaded
Open this post in threaded view
|

Re: Reading a DomU's memory from Dom0 or Xen hypervisor

Brett Stahlman
In reply to this post by Roger Pau Monné-3
On Mon, Oct 9, 2017 at 4:35 AM, Roger Pau Monné <[hidden email]> wrote:

> On Fri, Oct 06, 2017 at 04:01:29PM +0000, Brett Stahlman wrote:
>> On Fri, Oct 6, 2017 at 3:51 AM, Roger Pau Monné <[hidden email]> wrote:
>> > On Thu, Oct 05, 2017 at 05:51:39PM +0000, Brett Stahlman wrote:
>> >> I'd like to be able to read specific memory locations within a DomU,
>> >> either by guest-physical or guest-virtual address, and I'm wondering
>> >> what the Xen-provided options in this area are. I've seen
>> >> documentation on "grant tables", but that mechanism seems tailored
>> >> towards communication between front and back-end drivers. All I want
>> >> to do is allow code in either Dom0 or the hypervisor itself to read
>> >> specific memory ranges within a specific DomU. I notice there's a
>> >> raw_copy_from_guest() function (guestcopy.c), which looks like it
>> >> could be useful. However, the hardcoding of "current->domain" in the
>> >> call to get_page_from_gva() leads me to suspect that it's intended for
>> >> use only in a hypercall. Is there a standard way to read memory from
>> >> an *arbitrary* guest, either using guest-physical or guest-virtual
>> >> addresses? If so, is it possible to do it from Dom0 without modifying
>> >> the Xen hypervisor?
>> >>
>> >> Links to relevant documentation or example source code would be
>> >> greatly appreciated...
>> >
>> > AFAICT you want to take a look at the foreignmemory library. It allows
>> > you to map DomU memory from Dom0 user-space [0].
>>
>> Hmm... Just noticed that the foreignmemory mapping code was factored
>> out of libxc and into libxenforeignmemory in commit 324869 (Xen 4.7).
>> So it looks like there was no alternative to the libxc functions until
>> fairly recently. I'll probably try using the libxenforeignmemory
>> functions (tools/libs/foreignmemory) directly, unless someone can give
>> me a reason to prefer the libxc wrapper...
>
> libxc doesn't have a stable interface, libxenforeignmemory OTOH is
> stable, so you should aim at using the later, or else you
> implementation might be tied to a specific Xen version.

Can you point me to documentation on building custom userspace apps
(and/or LKMs) against Xen libraries such as libxenforeignmemory?
(Alternatively, a link to an open source project that does it would be
helpful.) I'm thinking macros like CFLAGS_libxenforeignmemory (defined
in tools/Rules.mk) would be useful, but my initial attempt to include
Rules.mk from a makefile outside the Xen source tree resulted in an
error that led me to suspect that the file was meant to be used only
within the Xen build framework. Considered adding a C file under
components/apps/xen/xen-src/tools/misc and updating
tools/misc/Makefile accordingly, but monkeying around in the Xen
source tree didn't seem right...

Thanks,
Brett S.

>
> Roger.

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xen.org/xen-users
Reply | Threaded
Open this post in threaded view
|

Re: Reading a DomU's memory from Dom0 or Xen hypervisor

Roger Pau Monné-3
On Mon, Oct 09, 2017 at 10:54:18PM +0000, Brett Stahlman wrote:

> On Mon, Oct 9, 2017 at 4:35 AM, Roger Pau Monné <[hidden email]> wrote:
> > On Fri, Oct 06, 2017 at 04:01:29PM +0000, Brett Stahlman wrote:
> >> On Fri, Oct 6, 2017 at 3:51 AM, Roger Pau Monné <[hidden email]> wrote:
> >> > On Thu, Oct 05, 2017 at 05:51:39PM +0000, Brett Stahlman wrote:
> >> >> I'd like to be able to read specific memory locations within a DomU,
> >> >> either by guest-physical or guest-virtual address, and I'm wondering
> >> >> what the Xen-provided options in this area are. I've seen
> >> >> documentation on "grant tables", but that mechanism seems tailored
> >> >> towards communication between front and back-end drivers. All I want
> >> >> to do is allow code in either Dom0 or the hypervisor itself to read
> >> >> specific memory ranges within a specific DomU. I notice there's a
> >> >> raw_copy_from_guest() function (guestcopy.c), which looks like it
> >> >> could be useful. However, the hardcoding of "current->domain" in the
> >> >> call to get_page_from_gva() leads me to suspect that it's intended for
> >> >> use only in a hypercall. Is there a standard way to read memory from
> >> >> an *arbitrary* guest, either using guest-physical or guest-virtual
> >> >> addresses? If so, is it possible to do it from Dom0 without modifying
> >> >> the Xen hypervisor?
> >> >>
> >> >> Links to relevant documentation or example source code would be
> >> >> greatly appreciated...
> >> >
> >> > AFAICT you want to take a look at the foreignmemory library. It allows
> >> > you to map DomU memory from Dom0 user-space [0].
> >>
> >> Hmm... Just noticed that the foreignmemory mapping code was factored
> >> out of libxc and into libxenforeignmemory in commit 324869 (Xen 4.7).
> >> So it looks like there was no alternative to the libxc functions until
> >> fairly recently. I'll probably try using the libxenforeignmemory
> >> functions (tools/libs/foreignmemory) directly, unless someone can give
> >> me a reason to prefer the libxc wrapper...
> >
> > libxc doesn't have a stable interface, libxenforeignmemory OTOH is
> > stable, so you should aim at using the later, or else you
> > implementation might be tied to a specific Xen version.
>
> Can you point me to documentation on building custom userspace apps
> (and/or LKMs) against Xen libraries such as libxenforeignmemory?
> (Alternatively, a link to an open source project that does it would be
> helpful.) I'm thinking macros like CFLAGS_libxenforeignmemory (defined
> in tools/Rules.mk) would be useful, but my initial attempt to include
> Rules.mk from a makefile outside the Xen source tree resulted in an
> error that led me to suspect that the file was meant to be used only
> within the Xen build framework. Considered adding a C file under
> components/apps/xen/xen-src/tools/misc and updating
> tools/misc/Makefile accordingly, but monkeying around in the Xen
> source tree didn't seem right...

The main user of libxenforeignmemory is QEMU. No, you shouldn't use
any of the Xen Makefiles, that's for internal use only.

I would expect that you need to include the header and link against
the library during the build process, but I'm no expert in user-space
libraries. There are .pc files for the libraries, so pkgconfig [0] can
probably help.

Roger.

[0] https://www.freedesktop.org/wiki/Software/pkg-config/

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xen.org/xen-users
Reply | Threaded
Open this post in threaded view
|

Re: Reading a DomU's memory from Dom0 or Xen hypervisor

Brett Stahlman
On Tue, Oct 10, 2017 at 2:23 AM, Roger Pau Monné <[hidden email]> wrote:

> On Mon, Oct 09, 2017 at 10:54:18PM +0000, Brett Stahlman wrote:
>> On Mon, Oct 9, 2017 at 4:35 AM, Roger Pau Monné <[hidden email]> wrote:
>> > On Fri, Oct 06, 2017 at 04:01:29PM +0000, Brett Stahlman wrote:
>> >> On Fri, Oct 6, 2017 at 3:51 AM, Roger Pau Monné <[hidden email]> wrote:
>> >> > On Thu, Oct 05, 2017 at 05:51:39PM +0000, Brett Stahlman wrote:
>> >> >> I'd like to be able to read specific memory locations within a DomU,
>> >> >> either by guest-physical or guest-virtual address, and I'm wondering
>> >> >> what the Xen-provided options in this area are. I've seen
>> >> >> documentation on "grant tables", but that mechanism seems tailored
>> >> >> towards communication between front and back-end drivers. All I want
>> >> >> to do is allow code in either Dom0 or the hypervisor itself to read
>> >> >> specific memory ranges within a specific DomU. I notice there's a
>> >> >> raw_copy_from_guest() function (guestcopy.c), which looks like it
>> >> >> could be useful. However, the hardcoding of "current->domain" in the
>> >> >> call to get_page_from_gva() leads me to suspect that it's intended for
>> >> >> use only in a hypercall. Is there a standard way to read memory from
>> >> >> an *arbitrary* guest, either using guest-physical or guest-virtual
>> >> >> addresses? If so, is it possible to do it from Dom0 without modifying
>> >> >> the Xen hypervisor?
>> >> >>
>> >> >> Links to relevant documentation or example source code would be
>> >> >> greatly appreciated...
>> >> >
>> >> > AFAICT you want to take a look at the foreignmemory library. It allows
>> >> > you to map DomU memory from Dom0 user-space [0].
>> >>
>> >> Hmm... Just noticed that the foreignmemory mapping code was factored
>> >> out of libxc and into libxenforeignmemory in commit 324869 (Xen 4.7).
>> >> So it looks like there was no alternative to the libxc functions until
>> >> fairly recently. I'll probably try using the libxenforeignmemory
>> >> functions (tools/libs/foreignmemory) directly, unless someone can give
>> >> me a reason to prefer the libxc wrapper...
>> >
>> > libxc doesn't have a stable interface, libxenforeignmemory OTOH is
>> > stable, so you should aim at using the later, or else you
>> > implementation might be tied to a specific Xen version.
>>
>> Can you point me to documentation on building custom userspace apps
>> (and/or LKMs) against Xen libraries such as libxenforeignmemory?
>> (Alternatively, a link to an open source project that does it would be
>> helpful.) I'm thinking macros like CFLAGS_libxenforeignmemory (defined
>> in tools/Rules.mk) would be useful, but my initial attempt to include
>> Rules.mk from a makefile outside the Xen source tree resulted in an
>> error that led me to suspect that the file was meant to be used only
>> within the Xen build framework. Considered adding a C file under
>> components/apps/xen/xen-src/tools/misc and updating
>> tools/misc/Makefile accordingly, but monkeying around in the Xen
>> source tree didn't seem right...
>
> The main user of libxenforeignmemory is QEMU. No, you shouldn't use
> any of the Xen Makefiles, that's for internal use only.
>
> I would expect that you need to include the header and link against
> the library during the build process, but I'm no expert in user-space
> libraries. There are .pc files for the libraries, so pkgconfig [0] can
> probably help.

Ok. I had actually tried this approach, but I guess there's some sort
of conflict between the Xen headers (included by xenforeignmemory.h)
and my cross-compiler toolchain. I'm attempting to build Xen as part
of a larger system that uses Petalinux, which likely introduces its
own set of idiosyncrasies. Will keep digging, and will see whether
anyone on a more petalinux-focused mailing list has any suggestions...

Thanks,
Brett S.

>
> Roger.
>
> [0] https://www.freedesktop.org/wiki/Software/pkg-config/

_______________________________________________
Xen-users mailing list
[hidden email]
https://lists.xen.org/xen-users