<div>Hi Ron,</div>
<div> </div>
<div>Thanks a lot for your reply. The 9P solution looks cool, but my requirement is that the guest should not see these variables</div>
<div>values itself. Sorry for not being clear. </div>
<div> </div>
<div>My requirement is that the guest issues a request to the host and the host uses these variables and does some manipulation </div>
<div>to satisfy the guests's request. Basically, since the guest cannot see these variables, it should "ask" the host to perform actions
<div>on its behalf since the host can only see those "special" variables.</div>With 9P, though the in-kernel server will have those values, the guest could still see their values by say Cat'ing the file.</div>
<div> </div>
<div>I was under the impression that I could add a new hypercall, in which the host does these extra manipulations using those</div>
<div>variables (stored in the host's memory address space) and make the guest call these hypercalls to get the desired result. </div>
<div>Basically I want to exploit the memory address isolation provided by VMMs between guests and host. </div>
<div>So in this case, the "special" variables are only in the address space of the host and not the guest.</div>
<div> </div>
<div>Please let me know if my understanding/approach is correct.</div>
<div> </div>
<div>Thanks and Regards,</div>
<div>Sujit<br><br> </div>
<div><span class="gmail_quote">On 10/25/07, <b class="gmail_sendername">ron minnich</b> <<a href="mailto:rminnich@gmail.com">rminnich@gmail.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">On 10/25/07, Sujit Sanjeev <<a href="mailto:sujit771@gmail.com">sujit771@gmail.com</a>> wrote:<br><br>
> 1. Store some data (variable or constant) in a host protected or hypervisor<br>> protected memory area, maybe in a page by itself.<br><br>you don't need to worry about this 'page' thing if there is not issue
<br>of guest access.<br><br>><br>> 2. If the guest needs the value of this variable, it must make a hypercall<br>> and the host must return the value. For this I would like to add a new<br>> hypercall.<br>> Basically, I don't want the guest getting direct access to that
<br>> variable, i.e. it should not be stored in the guest's memory address space.<br><br><br>You might look at a 9p server for this purpose. You could create an<br>in-kernel server that manages these variables. The variables can be
<br>exported to the guest over a 9p-based virtio connection. The guest<br>can mount that 9p connection somewhere in its file system. These<br>variables thus end up looking like a file system tree to the guest;<br>reading a variable can look like cat'ing a file. See Luchos' mods for
<br>recent lguest support for in-kernel 9p servers. You could set up a<br>virtio server for your variables.<br><br>Just, please, don't<br>1. use XML as a data format<br>2. recreate the Xen store. The Xen store, while it seemed a good idea,
<br>is a whole collection of lessons on what not to do.<br><br>ron<br></blockquote></div><br>