Re: Difficulties to access guest memory in TCG plugins

[Alex Bennée]

Philippe Mathieu-Daudé <f4bug@amsat.org> writes:

> Cc'ing the maintainer: Alex.
>
> On 6/23/21 5:08 PM, Kevin Mambu wrote:
>> Hi, everyone,
>> I need to put in place a plugin which is able to modify memory for a
>> specific project, and until now I managed to do so using
>> cpu_memory_rw_debug().

Out of interest what is your use-case for this? The project has very
deliberately avoided adding such an API for writing memory for plugins
to avoid people attempting to bypass the GPL by doing things in plugins.

>> However, the function happens to fail at times, and when looking at the
>> source code of cpu_memory_rw_debug() on elixir, the issue seems to be
>> either the memory being locked by another part of QEMU code or some kind
>> of page fault.
>> My prior researches tend to put the blame on the RCU lock mechanism, and
>> I was wondering if there was another, fail-safe, function I could use to
>> access guest memory from my plug-in ?

I'm not surprised. If you look at tlb_plugin_lookup you'll see the
existing introspection code has to jump through some hoops to avoid race
conditions that can cause updates to the internal TLB status. If we
wanted to support reading values from memory that's probably doable -
but for writing it would be hard to do in an idempotent way.

>> 
>> Thank you in advance,
>> 
>> *Kévin Mambu*
>> Sent with ProtonMail <https://protonmail.com/> Secure Email.
>> 


-- 
Alex Bennée