search for: kvmi_err

...introspection commands (eg. KVMI_GET_GUEST_INFO) and dispatch to vCPUs the vCPU introspection commands (eg. KVMI_GET_REGISTERS) and the replies to vCPU events. The vCPU threads will reply to vCPU introspection commands without the help of the receiving worker. Because of the command header (struct kvmi_error_code) used in any command reply, this worker could respond to any unsupported/disallowed command with an error code. This thread will end when the socket is closed (signaled by userspace/QEMU or the introspection tool) or on the first API error (eg. wrong message size). Signed-off-by: Adalbert...

...d(struct kvm_vcpu *vcpu, void *ctx) +{ + struct kvmi_vcpu_cmd_job *job = ctx; + size_t id = job->msg->hdr.id; + int err; + + job->vcpu = vcpu; + + err = msg_vcpu[id](job, &job->msg->hdr, job->msg + 1); + + if (err) { + struct kvm_introspection *kvmi = KVMI(vcpu->kvm); + + kvmi_err(kvmi, + "%s: cmd id: %zu (%s), err: %d\n", __func__, + id, id2str(id), err); + kvmi_sock_shutdown(kvmi); + } +} + +static void kvmi_free_ctx(void *_ctx) +{ + const struct kvmi_vcpu_cmd_job *ctx = _ctx; + + kvmi_msg_free(ctx->msg); + kfree(ctx); +} + +static int kvmi_msg_queue_to...

...the socket. This simplifies the receiver loop and avoids +the reconstruction of messages on the other side. + +The wire protocol uses the host native byte-order. The introspection tool +must check this during the handshake and do the necessary conversion. + +A command reply begins with:: + + struct kvmi_error_code { + __s32 err; + __u32 padding; + } + +followed by the command specific data if the error code ``err`` is zero. + +The error code -KVM_ENOSYS is returned for unsupported commands. + +The error code -KVM_EPERM is returned for disallowed commands (see **Hooking**). + +The error code is relat...

...nked and no pointer + * is read as NULL after the reference count has been set. + */ + smp_mb__before_atomic(); + refcount_set(&kvm->kvmi_ref, 1); + + mutex_unlock(&kvm->lock); + + ikvm->recv = kthread_run(kvmi_recv, ikvm, "kvmi-recv"); + if (IS_ERR(ikvm->recv)) { + kvmi_err(ikvm, "Unable to create receiver thread!\n"); + err = PTR_ERR(ikvm->recv); + goto err_recv; + } + + return 0; + +err_recv: + /* + * introspection has oficially started since reference count has been + * set (and some event handlers may have already acquired it), but + * without th...

...(ikvm, gfn, &old_access, &old_write_bitmap); + /* likely was removed from radix tree due to rwx */ + if (err) { + kvmi_warn(ikvm, "%s: gfn 0x%llx not found in the radix tree\n", + __func__, gfn); + return true; + } + + if (ikvm->ss_level == SINGLE_STEP_MAX_DEPTH - 1) { + kvmi_err(ikvm, "single step limit reached\n"); + return false; + } + + ikvm->ss_context[ikvm->ss_level].gfn = gfn; + ikvm->ss_context[ikvm->ss_level].old_access = old_access; + ikvm->ss_context[ikvm->ss_level].old_write_bitmap = old_write_bitmap; + ikvm->ss_level++; + + new_a...

..._vcpu *vcpu; + int i; + + kvm_for_each_vcpu(i, vcpu, kvm) + kvmi_vcpu_kill(SIGTERM, vcpu); +} + +void kvmi_handle_common_event_actions(struct kvm *kvm, + u32 action, const char *str) +{ + switch (action) { + case KVMI_EVENT_ACTION_CRASH: + kvmi_vm_shutdown(kvm); + break; + + default: + kvmi_err(KVMI(kvm), "Unsupported action %d for event %s\n", + action, str); + } +} + static void kvmi_vcpu_pause_event(struct kvm_vcpu *vcpu) { struct kvm_vcpu_introspection *vcpui = VCPUI(vcpu); + u32 action; atomic_dec(&vcpui->pause_requests); - /* to be implemented */ + + acti...

...introspection is built in kernel). + +2. KVMI_CONTROL_CMD_RESPONSE +---------------------------- + +:Architectures: all +:Versions: >= 1 +:Parameters: + +:: + + struct kvmi_control_cmd_response { + __u8 enable; + __u8 now; + __u16 padding1; + __u32 padding2; + }; + +:Returns: + +:: + struct kvmi_error_code + +Enables or disables the command replies. By default, all commands need +a reply. + +If `now` is 1, the command reply is enabled/disabled (according to +`enable`) starting with the current command. For example, `enable=0` +and `now=1` means that the reply is disabled for this command too,...

...itmap); > + /* likely was removed from radix tree due to rwx */ > + if (err) { > + kvmi_warn(ikvm, "%s: gfn 0x%llx not found in the radix tree\n", > + __func__, gfn); > + return true; > + } > + > + if (ikvm->ss_level == SINGLE_STEP_MAX_DEPTH - 1) { > + kvmi_err(ikvm, "single step limit reached\n"); > + return false; > + } > + > + ikvm->ss_context[ikvm->ss_level].gfn = gfn; > + ikvm->ss_context[ikvm->ss_level].old_access = old_access; > + ikvm->ss_context[ikvm->ss_level].old_write_bitmap = old_write_bitmap; &g...

...ure(kvm, allow, requested, off_bitmap, + KVMI_NUM_COMMANDS); +} diff --git a/virt/kvm/introspection/kvmi_int.h b/virt/kvm/introspection/kvmi_int.h index 01451d573788..c5cf40d03d68 100644 --- a/virt/kvm/introspection/kvmi_int.h +++ b/virt/kvm/introspection/kvmi_int.h @@ -16,6 +16,10 @@ #define kvmi_err(kvmi, fmt, ...) \ kvm_info("%pU ERROR: " fmt, &kvmi->uuid, ## __VA_ARGS__) +#define KVMI_KNOWN_EVENTS 0 + +#define KVMI_KNOWN_COMMANDS 0 + #define KVMI(kvm) ((struct kvm_introspection *)((kvm)->kvmi)) /* kvmi_msg.c */ diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main....

...f (useful) + memcpy(expected->data, reply + 1, useful); + + if (useful < expected->size) + memset((char *)expected->data + useful, 0, + expected->size - useful); + + expected->action = reply->action; + expected->error = 0; + +out: + + if (unlikely(expected->error)) + kvmi_err(ikvm, "Invalid event %d/%d reply seq %x/%x size %u min %zu expected %zu padding %u,%u\n", + reply->event, reply->action, + msg->seq, expected->seq, + msg->size, common, + common + expected->size, + reply->padding1, + reply->padding2); + + ivcpu-&g...

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VM-s (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VM-s (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place