search for: kvm_req_introspect

...9/08/19 17:59, Adalbert Laz?r wrote: > + prepare_to_swait_exclusive(&vcpu->wq, &wait, > + TASK_INTERRUPTIBLE); > + > + if (kvm_vcpu_check_block(vcpu) < 0) > + break; > + > + waited = true; > + schedule(); > + > + if (kvm_check_request(KVM_REQ_INTROSPECTION, vcpu)) { > + do_kvmi_work = true; > + break; > + } > + } > > - waited = true; > - schedule(); > + finish_swait(&vcpu->wq, &wait); > + > + if (do_kvmi_work) > + kvmi_handle_requests(vcpu); > + else > + break; > } Is this...

From: Mihai Don?u <mdontu at bitdefender.com> The introspection requests (KVM_REQ_INTROSPECTION) are checked before entering guest or when the vCPU is halted. Signed-off-by: Mihai Don?u <mdontu at bitdefender.com> Co-developed-by: Mircea C?rjaliu <mcirjaliu at bitdefender.com> Signed-off-by: Mircea C?rjaliu <mcirjaliu at bitdefender.com> Co-developed-by: Adalbert Laz?r &...

From: Mihai Don?u <mdontu at bitdefender.com> The introspection requests (KVM_REQ_INTROSPECTION) are checked by any introspected vCPU in two places: * on its way to guest - vcpu_enter_guest() * when halted - kvm_vcpu_block() In kvm_vcpu_block(), we check to see if there are any introspection requests during the swait loop, handle them outside of swait loop and start swait again. Sig...

...is "waiting_for_reply". The overall structure of the jobs code is confusing. The same function kvm_run_jobs_and_wait is an infinite loop before and gets a "break" later. It is also not clear why kvmi_job_wait is called through a job. Can you have instead just kvm_run_jobs in KVM_REQ_INTROSPECTION, and something like this instead when sending an event: int kvmi_wait_for_reply(struct kvm_vcpu *vcpu) { struct kvmi_vcpu *ivcpu = IVCPU(vcpu); while (ivcpu->waiting_for_reply) { kvmi_run_jobs(vcpu); err = swait_event_killable(*wq, !ivcpu->waiting_for_reply || !list_empty(...

...not covered by a memslot, which caused an EPT violation that got > turned in mmu_set_spte() into a MMIO request that required emulation. > Unfortunatelly, the emulator tripped, exited to userspace and the VM > was aborted. Okay, this makes sense. Maybe you want to handle KVM_REQ_INTROSPECTION in vcpu_run rather than vcpu_enter_guest? Paolo

Every vCPU has a lock-protected list in which (mostly) the receiving worker places the jobs that has to be done by the vCPU once it is kicked (KVM_REQ_INTROSPECTION) out of guest. A job is defined by a "do" function, a "free" function and a pointer (context). Co-developed-by: Nicu?or C??u <ncitu at bitdefender.com> Signed-off-by: Nicu?or C??u <ncitu at bitdefender.com> Signed-off-by: Adalbert Laz?r <alazar at bitdefender...

...vmi_acquire_ss(struct kvm_vcpu *vcpu) +{ + struct kvmi_vcpu *ivcpu = IVCPU(vcpu); + struct kvmi *ikvm = IKVM(vcpu->kvm); + + if (ivcpu->ss_owner) + return true; + + if (atomic_cmpxchg(&ikvm->ss_active, false, true) != false) + return false; + + kvm_make_all_cpus_request(vcpu->kvm, KVM_REQ_INTROSPECTION | + KVM_REQUEST_WAIT); + + ivcpu->ss_owner = true; + + return true; +} + +static bool kvmi_run_ss(struct kvm_vcpu *vcpu, gpa_t gpa, u8 access) +{ + struct kvmi *ikvm = IKVM(vcpu->kvm); + u8 old_access, new_access; + u32 old_write_bitmap; + gfn_t gfn = gpa_to_gfn(gpa); + int err; + + k...

...ruct kvmi_vcpu *ivcpu = IVCPU(vcpu); > + struct kvmi *ikvm = IKVM(vcpu->kvm); > + > + if (ivcpu->ss_owner) > + return true; > + > + if (atomic_cmpxchg(&ikvm->ss_active, false, true) != false) > + return false; > + > + kvm_make_all_cpus_request(vcpu->kvm, KVM_REQ_INTROSPECTION | > + KVM_REQUEST_WAIT); > + > + ivcpu->ss_owner = true; > + > + return true; > +} > + > +static bool kvmi_run_ss(struct kvm_vcpu *vcpu, gpa_t gpa, u8 access) > +{ > + struct kvmi *ikvm = IKVM(vcpu->kvm); > + u8 old_access, new_access; > + u32 old_w...

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VM-s (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VM-s (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place

...I_VCPU_SINGLESTEP [Mathieu] - extend KVMI_VM_SET_PAGE_ACCESS with the 'visible' option - improve KVMI_VM_GET_MAX_GFN (skip read-only, invalid or non-user memslots) - add KVMI_VM_CONTROL_CLEANUP [Tamas, Mathieu] - add KVMI_VCPU_GET_XCR and KVMI_VCPU_SET_XSAVE (SSE emulation) - move KVM_REQ_INTROSPECTION in the range of arch-independent requests - better split of x86 vs arch-independent code - cover more error codes with tools/testing/selftests/kvm/x86_64/kvmi_test.c - remove more error messages and close the introspection connection when an error code can't be sent back or it does...

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place