Date: Tue, 18 Dec 2018 11:37:12 +0100 From: Alexander Lochmann <alexander.lochmann@tu-dortmund.de> To: Konstantin Belousov <kostikbel@gmail.com> Cc: freebsd-stable@freebsd.org, Horst Schirmeier <horst.schirmeier@tu-dortmund.de> Subject: Re: Address Collision using i386 4G/4G Memory Split Message-ID: <2821cfb3-887a-00ef-9f47-e5a7151fe562@tu-dortmund.de> In-Reply-To: <20181218103202.GF60291@kib.kiev.ua> References: <38ad0d50-c776-9deb-d56b-db8db548cefc@tu-dortmund.de> <20181218052738.GZ60291@kib.kiev.ua> <40f4db11-84cb-9b8d-2eb5-5882ad01d1d8@tu-dortmund.de> <20181218100159.GE60291@kib.kiev.ua> <24cb941b-1d27-1621-f437-18ed3b22cc7d@tu-dortmund.de> <20181218103202.GF60291@kib.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --smIHIHBY1RuG8mufHe1TxmkJaPlS5fiSn Content-Type: multipart/mixed; boundary="fhDLXLY1lyXHjsi8i8xyntzsZggzK1Ntn"; protected-headers="v1" From: Alexander Lochmann <alexander.lochmann@tu-dortmund.de> To: Konstantin Belousov <kostikbel@gmail.com> Cc: freebsd-stable@freebsd.org, Horst Schirmeier <horst.schirmeier@tu-dortmund.de> Message-ID: <2821cfb3-887a-00ef-9f47-e5a7151fe562@tu-dortmund.de> Subject: Re: Address Collision using i386 4G/4G Memory Split References: <38ad0d50-c776-9deb-d56b-db8db548cefc@tu-dortmund.de> <20181218052738.GZ60291@kib.kiev.ua> <40f4db11-84cb-9b8d-2eb5-5882ad01d1d8@tu-dortmund.de> <20181218100159.GE60291@kib.kiev.ua> <24cb941b-1d27-1621-f437-18ed3b22cc7d@tu-dortmund.de> <20181218103202.GF60291@kib.kiev.ua> In-Reply-To: <20181218103202.GF60291@kib.kiev.ua> --fhDLXLY1lyXHjsi8i8xyntzsZggzK1Ntn Content-Type: text/plain; charset=utf-8 Content-Language: de-DE Content-Transfer-Encoding: quoted-printable On 18.12.18 11:32, Konstantin Belousov wrote: > On Tue, Dec 18, 2018 at 11:22:53AM +0100, Alexander Lochmann wrote: >> >>>> Some context: We are doing VM-based tracing in the FreeBSD kernel. F= or >>>> that, we observe parts of the kernel memory (allocations, accesses,.= =2E.). >>>> Before 12.0 we simply knew that kernel addresses that we logged were= >>>> unique. Moreover, when a memory access to a region of interest happe= ned >>>> we knew that could only be kernel memory. >>>> We know have to ensure that we only record memory accesses that happ= en >>>> within the kernel. >>>> Our approach is to record the kernels value for the CR3 register, an= d >>>> record memory accesses if the CR3 registers holds the aforementioned= value. >>> You must use CPL to see if the current operation mode is user or kern= el. >>> If user, nothing should be done (this would avoid vm86). If kernel, y= ou >>> need to compare current %cr3 with IdlePTD (IdlePTDP for PAE case). >>> >> Thanks for the advice! We'll include that in our toolchain. >> Do you use PLs other than 0(=3Dkernel) and 3(=3Duser)? > No, only 0 and 3. But be careful with vm86 (I am not sure how your VM > reports it to your instrumentation). >=20 Ok. Thx! - Alex --=20 Technische Universit=C3=A4t Dortmund Alexander Lochmann PGP key: 0xBC3EF6FD Otto-Hahn-Str. 16 phone: +49.231.7556141 D-44227 Dortmund fax: +49.231.7556116 http://ess.cs.tu-dortmund.de/Staff/al --fhDLXLY1lyXHjsi8i8xyntzsZggzK1Ntn-- --smIHIHBY1RuG8mufHe1TxmkJaPlS5fiSn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEElhZsUHzVP0dbkjCRWT7tBbw+9v0FAlwYzdgACgkQWT7tBbw+ 9v0kMA/+NQZ4V3Y+eN6ct9rPsHDCYtJlghN2OYQn+hhmL5nm8OGYwJ74Cs27O257 5Mc55X1WKoeAxPyNZNT8t+0irzEESJ18VX98obwnLEBJ93D1Rj/AdoR4OOVuyakp T3sNj4JauSP0xaUbHiLm5ij/2c0k5rKQaI+NpGEZhYkXaEdol5ffZjjGJ8O/SM3d xcT9K4rIfPyt1eQmIn9yOnlwZb8j0jCn+vqKBcZtQbApttap3kgeAKI1dh6JfP0l qfiR2EYiz0Rp2gJ0rltkCzqSmwX2oaCnnB/d/duIJezCSMkjXbRTl0jPeZTkdlvY t+VT4t5gsSvaMnnz8rGV76poSO0oEJlevrz2k1rXrqE7yY8sEDizmrRjxnEu8BKZ zDjBqSdahT/ZGkQcGkpWniJLaOx6uA5N45drXUnjoiYYjIza0mS/4WhHtPE7BD2M Ij7sCJL5gYua1p35bhfzT4Zga5++dRkMTLr1ACq4wSYWUwUmZc7qQBVOAJ5E+wB6 tQwbbyIDOLxyZn5lEvnZ600Rsc+9n6jTHajIezBuMoQ+xsAkqm1j8jv596xcnJ24 8CP/0BwkFZTK8fRMQRBQ9BathSfvo+fVws0L1NDuF8nLN4AK3S1dxy/F3pV6Pl+F caAvlfB71IDiice91EYQleXMe33bd54crMfj0dmzEdl+65XTTCQ= =UDOb -----END PGP SIGNATURE----- --smIHIHBY1RuG8mufHe1TxmkJaPlS5fiSn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2821cfb3-887a-00ef-9f47-e5a7151fe562>