One more related idea...
If we detect a page has not been modified or
read recently (only executed), we could create
a hash list of the modified bytes, and return
the meta page and unmodified page to the
available page pool (heap).
On the next read/write (not execute), we could
rebuild the unmodified page from the modified+hash-table.
This let's us run execute only code with a price tag
of 1+ pages while still running virtualized code. The '+'
is the size of the hash-table.
The key is to store enough types of time-stamps.
Since we will receive exceptions upon various events,
it's easy to accumulate this info, such as:
- when a code page is read/written by guest
- when another piece of code is prescanned by the monitor
- when the code was last put into guest execution by
the monitor.
- when the page was first put into action
- maybe some stats like number of reads/writes to page by guest
and of course, other non time-stamp stuff like ring level
and segment size.
-Kevin
- Scan-before-execute code for FreeMWare Kevin P. Lawton
- Re: Scan-before-execute code for FreeMWare Ramon van Handel
- Re: Scan-before-execute code for FreeMWare Kevin P. Lawton
- Re: Scan-before-execute code for FreeMWare Kevin P. Lawton
- Re: Scan-before-execute code for FreeMWare Kevin P. Lawton
- Re: Scan-before-execute code for FreeMWare Kevin P. Lawton
- Re: Scan-before-execute code for FreeMWare Kevin P. Lawton
- Re: Scan-before-execute code for FreeMWare Kevin P. Lawton
- Re: Scan-before-execute code for FreeMWare Jeffrey B. Siegal
- Re: Scan-before-execute code for FreeMWare Ramon van Handel
- Re: Scan-before-execute code for FreeMWare Ramon van Handel
- Re: Scan-before-execute code for FreeMWare Kevin P. Lawton
- Re: Scan-before-execute code for FreeMWare Jens Nerche
- Re: Scan-before-execute code for FreeMWare Jens Nerche
- Re: Scan-before-execute code for FreeMW... Kevin P. Lawton
- Re: Scan-before-execute code for FreeMWare Ramon van Handel
- Re: Scan-before-execute code for FreeMWare Kevin P. Lawton
