search for: kvm_introspection_hook

Displaying 15 results from an estimated 15 matches for "kvm_introspection_hook".

2020 Feb 07
0
[RFC PATCH v7 38/78] KVM: introspection: add permission access ioctls
...ct kvm *kvm, void __user *argp); +int kvmi_ioctl_event(struct kvm *kvm, void __user *argp); #else diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 09132d8dd3e5..e2de987b5d8f 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1563,6 +1563,14 @@ struct kvm_introspection_hook { #define KVM_INTROSPECTION_HOOK _IOW(KVMIO, 0xc3, struct kvm_introspection_hook) #define KVM_INTROSPECTION_UNHOOK _IO(KVMIO, 0xc4) +struct kvm_introspection_feature { + __u32 allow; + __s32 id; +}; + +#define KVM_INTROSPECTION_COMMAND _IOW(KVMIO, 0xc5, struct kvm_introspection_feature) +#d...
2019 Aug 09
0
[RFC PATCH v6 02/92] kvm: introspection: add basic ioctls (hook/unhook)
The connection of the introspection socket with the introspection tool is initialized by userspace/QEMU. Once the handshake is done, the file descriptor is passed to KVMi using the KVM_INTROSPECTION_HOOK ioctl. A new thread will be created to handle/dispatch all introspection commands or replies to introspection events. This thread will finish when the socket is closed by userspace (eg. when the guest is restarted) or by the introspection tool. The uuid member of struct kvm_introspection is used to...
2020 Feb 07
0
[RFC PATCH v7 48/78] KVM: introspection: handle vCPU introspection requests
...) +{ + if (refcount_inc_not_zero(&kvm->kvmi_ref)) + return kvm->kvmi; + + return NULL; +} + +void kvmi_put(struct kvm *kvm) +{ + if (refcount_dec_and_test(&kvm->kvmi_ref)) + complete(&kvm->kvmi_complete); +} + static int __kvmi_hook(struct kvm *kvm, const struct kvm_introspection_hook *hook) + { struct kvm_introspection *kvmi = KVMI(kvm); @@ -266,6 +291,7 @@ static int kvmi_recv_thread(void *arg) */ kvmi_sock_shutdown(kvmi); + kvmi_put(kvmi->kvm); return 0; } @@ -293,9 +319,18 @@ int kvmi_hook(struct kvm *kvm, const struct kvm_introspection_hook *hook) if (...
2020 Jul 21
0
[PATCH v9 44/84] KVM: introspection: add KVMI_EVENT_UNHOOK
...--------------- + +:Capability: KVM_CAP_INTROSPECTION +:Architectures: x86 +:Type: vm ioctl +:Parameters: none +:Returns: 0 on success, a negative value on error + +Errors: + + ====== ============================================================ + EFAULT the VM is not introspected yet (use KVM_INTROSPECTION_HOOK) + ENOENT the socket (passed with KVM_INTROSPECTION_HOOK) had an error + ENOENT the introspection tool didn't subscribed + to this type of introspection event (unhook) + ====== ============================================================ + +This ioctl is used to infor...
2020 Feb 07
0
[RFC PATCH v7 59/78] KVM: introspection: restore the state of #BP interception on unhook
...return 0; } +static bool ready_to_hook(struct kvm *kvm) +{ + struct kvm_vcpu *vcpu; + int i; + + if (kvm->kvmi) + return false; + + kvm_for_each_vcpu(i, vcpu, kvm) + if (kvmi_arch_vcpu_introspected(vcpu)) + return false; + + return true; +} + int kvmi_hook(struct kvm *kvm, const struct kvm_introspection_hook *hook) { struct kvm_introspection *kvmi; @@ -331,7 +348,7 @@ int kvmi_hook(struct kvm *kvm, const struct kvm_introspection_hook *hook) mutex_lock(&kvm->kvmi_lock); - if (kvm->kvmi) { + if (!ready_to_hook(kvm)) { err = -EEXIST; goto out; } @@ -793,7 +810,11 @@ void kvmi_ha...
2020 Feb 07
0
[RFC PATCH v7 43/78] KVM: introspection: add KVMI_EVENT_UNHOOK
...VENT_UNHOOK, KVMI_EVENT_CR, etc.) +4.126 KVM_INTROSPECTION_PREUNHOOK + +Capability: KVM_CAP_INTROSPECTION +Architectures: x86 +Type: vm ioctl +Parameters: none +Returns: 0 on success, a negative value on error +Errors: + EFAULT: the introspection is not enabled + the socket (passed with KVM_INTROSPECTION_HOOK) had an error + ENOENT: the introspection tool didn't subscribed + to this type of introspection event (unhook). + +This ioctl is used to inform that the current VM is +paused/suspended/migrated/etc. + +KVM should send an 'unhook' introspection event to the introspection too...
2020 Feb 07
0
[RFC PATCH v7 40/78] KVM: introspection: add KVMI_GET_VERSION
...t_cmd_get_version(); unhook_introspection(vm); } diff --git a/virt/kvm/introspection/kvmi.c b/virt/kvm/introspection/kvmi.c index 706372e9e56a..8597b6ef0cfb 100644 --- a/virt/kvm/introspection/kvmi.c +++ b/virt/kvm/introspection/kvmi.c @@ -76,6 +76,8 @@ alloc_kvmi(struct kvm *kvm, const struct kvm_introspection_hook *hook) BUILD_BUG_ON(sizeof(hook->uuid) != sizeof(kvmi->uuid)); memcpy(&kvmi->uuid, &hook->uuid, sizeof(kvmi->uuid)); + set_bit(KVMI_GET_VERSION, kvmi->cmd_allow_mask); + kvmi->kvm = kvm; return kvmi; @@ -299,6 +301,18 @@ int kvmi_ioctl_command(struct kvm *kv...
2020 Feb 07
0
[RFC PATCH v7 41/78] KVM: introspection: add KVMI_VM_CHECK_COMMAND and KVMI_VM_CHECK_EVENT
...t_cmd_check_event(); unhook_introspection(vm); } diff --git a/virt/kvm/introspection/kvmi.c b/virt/kvm/introspection/kvmi.c index 8597b6ef0cfb..8f8e18696794 100644 --- a/virt/kvm/introspection/kvmi.c +++ b/virt/kvm/introspection/kvmi.c @@ -77,6 +77,8 @@ alloc_kvmi(struct kvm *kvm, const struct kvm_introspection_hook *hook) memcpy(&kvmi->uuid, &hook->uuid, sizeof(kvmi->uuid)); set_bit(KVMI_GET_VERSION, kvmi->cmd_allow_mask); + set_bit(KVMI_VM_CHECK_COMMAND, kvmi->cmd_allow_mask); + set_bit(KVMI_VM_CHECK_EVENT, kvmi->cmd_allow_mask); kvmi->kvm = kvm; @@ -304,10 +306,14 @@...
2020 Jul 21
0
[PATCH v9 45/84] KVM: introspection: add KVMI_VM_CONTROL_EVENTS
...ic void free_kvmi(struct kvm *kvm) { bitmap_free(kvm->kvmi->cmd_allow_mask); bitmap_free(kvm->kvmi->event_allow_mask); + bitmap_free(kvm->kvmi->vm_event_enable_mask); kfree(kvm->kvmi); kvm->kvmi = NULL; @@ -116,9 +127,12 @@ alloc_kvmi(struct kvm *kvm, const struct kvm_introspection_hook *hook) kvmi->cmd_allow_mask = bitmap_zalloc(KVMI_NUM_COMMANDS, GFP_KERNEL); kvmi->event_allow_mask = bitmap_zalloc(KVMI_NUM_EVENTS, GFP_KERNEL); - if (!kvmi->cmd_allow_mask || !kvmi->event_allow_mask) { + kvmi->vm_event_enable_mask = bitmap_zalloc(KVMI_NUM_EVENTS, GFP_KERNEL);...
2020 Feb 07
78
[RFC PATCH v7 00/78] VM introspection
The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place
2020 Jul 21
87
[PATCH v9 00/84] VM introspection
The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place
2020 Jul 21
0
[PATCH v9 77/84] KVM: introspection: add KVMI_VM_SET_PAGE_ACCESS
...ee_kvmi(struct kvm *kvm) { bool restore_interception = KVMI(kvm)->cleanup_on_unhook; struct kvm_vcpu *vcpu; int i; + kvmi_clear_mem_access(kvm); + kvm_for_each_vcpu(i, vcpu, kvm) free_vcpui(vcpu, restore_interception); @@ -297,6 +333,10 @@ alloc_kvmi(struct kvm *kvm, const struct kvm_introspection_hook *hook) atomic_set(&kvmi->ev_seq, 0); + INIT_RADIX_TREE(&kvmi->access_tree, + GFP_KERNEL & ~__GFP_DIRECT_RECLAIM); + rwlock_init(&kvmi->access_tree_lock); + kvm_for_each_vcpu(i, vcpu, kvm) { int err = create_vcpui(vcpu); @@ -1010,3 +1050,135 @@ bool kvmi_enter...
2019 Aug 09
117
[RFC PATCH v6 00/92] VM introspection
The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VM-s (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place
2019 Aug 09
117
[RFC PATCH v6 00/92] VM introspection
The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VM-s (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place
2020 Jul 22
34
[RFC PATCH v1 00/34] VM introspection - EPT Views and Virtualization Exceptions
This patch series is based on the VM introspection patches (https://lore.kernel.org/kvm/20200721210922.7646-1-alazar at bitdefender.com/), extending the introspection API with EPT Views and Virtualization Exceptions (#VE) support. The purpose of this series is to get an initial feedback and to see if we are on the right track, especially because the changes made to add the EPT views are not small