[BitVisor-devel-en:72] How about handling MMIO

[Jin Seongwook]

Hello,

I wonder about handling MMIO in bitvisor.
I've read the bitvisor paper "BitVisor: A thin hypervisor for enforcing I/O
Device Security".
In the paper, "MMIOs can be intercepted by using shadow paging".
I think that if you try to intercept MMIOs, you have to use shadow paging,
not hardware assisted paging (e.g. NPT, EPT).
Is is right?

Actually I thought that bitvisor can handle MMIO with NPT. Because Nested
Paging Fault(NPF) can intercept MMIO.
So I read codes from VM exiting handle to accesing MMIO page, like
svm_exit_code() --> do_npf() --> svm_paging_npf() --> svm_np_pagefault()
--> mmio_access_page().
I expect that mmio_access_page() calls a registered MMIO handler but
mmio_access_page just processes CPU emulation.
The reason intercepts MMIO access is to process something (e.g. checking,
logging or monitoring) before CPU emulation.
Is it right?

BTW, If you don't mind, could you explain how to capture the events to
start DMA transfer in bitvisor briefly?

Thanks,

Seongwook Jin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.bitvisor.org/archives/bitvisor-devel-en/attachments/20160315/c5b16593/attachment.html>