> -----Original Message----- > From: kvm-ppc-owner@xxxxxxxxxxxxxxx [mailto:kvm-ppc- > owner@xxxxxxxxxxxxxxx] On Behalf Of Avi Kivity > Sent: Tuesday, December 14, 2010 9:18 PM > To: Yoder Stuart-B08248 > Cc: Hollis Blanchard; Alexander Graf; kvm-ppc@xxxxxxxxxxxxxxx > Subject: Re: re-writing on powerpc > > On 12/14/2010 05:45 PM, Yoder Stuart-B08248 wrote: > > > -----Original Message----- > > > From: Avi Kivity [mailto:avi@xxxxxxxxxx] > > > Sent: Tuesday, December 14, 2010 2:49 AM > > > To: Hollis Blanchard > > > Cc: Yoder Stuart-B08248; Alexander Graf; kvm-ppc@xxxxxxxxxxxxxxx > > > Subject: Re: re-writing on powerpc > > > > > > On 12/13/2010 07:17 PM, Hollis Blanchard wrote: > > > >> Rewriting is dangerous if the guest is unaware of it. As soon > > > as > > it > > > >> is made aware of it, it might as well actually do it in the > > > best > > way > > > >> that suits it. > > > > > > > > Can you list some examples of dangerous scenarios? > > > > > > > > > > - guest checksums own kernel pages > > > - clever compiler reuses code for constant pool > > > - guest patches itself (a la linux alternatives), surprised when it > > sees a > > > different instruction > > > - guest jits own kernel code (like Singularity), gets confused when > > > it reads back something it didn't write > > > > One possible solution to hiding rewriting from guest if it must be > > hidden is to mark patched pages as execute only. If a guest reads a > > patched page, the hypervisor can fix up the read. > > > > Yes. Something that is common to all the problems above is "using code > as data". > > However, execute only would only affect the page's mapping, not the page > itself, yes? So if the page has another mapping, this doesn't work. > But KVM would be aware of guest page mappings, so access permissions for any particular mapping can be controlled by KVM. -Varun -- To unsubscribe from this list: send the line "unsubscribe kvm-ppc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
