On Tue, Aug 2, 2016 at 10:11 AM, Julien Grall <julien.gr...@arm.com> wrote: > > > On 02/08/16 17:00, Tamas K Lengyel wrote: >> >> On Tue, Aug 2, 2016 at 1:38 AM, Julien Grall <julien.gr...@arm.com> wrote: >> Hi Julien, >> as I said our use-case is purely external so I don't have an actual >> use-case for anything being accessible from within the guest. However, >> I could imagine the gfn remapping be used to protect kernel memory >> areas against information disclosure by only switching to the >> accessible mapping >> when certain conditions are met. Also, I had been able to use >> mem_access from domUs with the use of XSM so I believe it would be >> possible for a domain to enable mem_access on itself that way and thus >> not having to implement #VE exactly the way x86 does and still have >> feature parity. > > > I believe that your suggestion does not currently work. memaccess will pause > the current vCPU whilst the introspection app will handle the access (see > p2m_mem_access_check). How can the guest handle the event if the vCPU has > been paused? >
True. Not in all cases though - there are async violations - but yea, that certainly could be a pain. Tamas _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
