DragonFly kernel List (threaded) for 2009-06
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
Hi folks,
I am working on additional security mechanisms for the dragonfly vkernel and I want to monitor all in-memory copies (like intel asm "mov" and its derivates) of a running vproc in order to check if the vproc is allowed to copy data to the resp. memory segment.
My first approach was to use a technique similar to the implementation used in the emulation of the modified bit in the vkernel: If a vproc request a mapping for a page, the hostkernel disallows writes in the pagetable entry that it instantiates. Afterwards, during handling the resulting pagefault, the permissions of the resp. page should be checked.
I think it is obvious that this approach consumes significantly more time to handle every single memory copy of a vproc as a pagefault. Do you have any idea to monitor in-memory copies without such a performance overhead? As far as I know, there are some Linux binary analysis tools (like "Valgrind") wich could be used for memory- monitoring of a given process. Are there any similar approaches for the dragonfly vkernel which I could use?
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
vproc memory monitoring
| From: | Pablo Graubner <graubner@xxxxxxxxxxxxxxxxxxxxxxxxx> |
| Date: | Tue, 9 Jun 2009 14:03:43 +0200 |
Hi folks,
I am working on additional security mechanisms for the dragonfly vkernel and I want to monitor all in-memory copies (like intel asm "mov" and its derivates) of a running vproc in order to check if the vproc is allowed to copy data to the resp. memory segment.
My first approach was to use a technique similar to the implementation used in the emulation of the modified bit in the vkernel: If a vproc request a mapping for a page, the hostkernel disallows writes in the pagetable entry that it instantiates. Afterwards, during handling the resulting pagefault, the permissions of the resp. page should be checked.
I think it is obvious that this approach consumes significantly more time to handle every single memory copy of a vproc as a pagefault. Do you have any idea to monitor in-memory copies without such a performance overhead? As far as I know, there are some Linux binary analysis tools (like "Valgrind") wich could be used for memory- monitoring of a given process. Are there any similar approaches for the dragonfly vkernel which I could use?
Greetings, Pablo
- Follow-Ups:
- Re: vproc memory monitoring
- From: "Simon 'corecode' Schubert" <corecode@fs.ei.tum.de>
- Re: vproc memory monitoring
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]