search for: kvmi_get

..._MEM_SLOTS_NUM)]; +}; + +#endif /* _ASM_X86_KVMI_HOST_H */ diff --git a/arch/x86/kvm/kvmi.c b/arch/x86/kvm/kvmi.c index 97c72cdc6fb0..d7b9201582b4 100644 --- a/arch/x86/kvm/kvmi.c +++ b/arch/x86/kvm/kvmi.c @@ -91,6 +91,12 @@ void kvmi_arch_setup_event(struct kvm_vcpu *vcpu, struct kvmi_event *ev) kvmi_get_msrs(vcpu, event); } +bool kvmi_arch_pf_event(struct kvm_vcpu *vcpu, gpa_t gpa, gva_t gva, + u8 access) +{ + return KVMI_EVENT_ACTION_CONTINUE; /* TODO */ +} + int kvmi_arch_cmd_get_vcpu_info(struct kvm_vcpu *vcpu, struct kvmi_get_vcpu_info_reply *rpl) { @@ -102,3 +108,42 @@ int kvmi_ar...

...static void __kvmi_unhook(struct kvm *kvm) { struct kvm_introspection *kvmi = KVMI(kvm); + wait_for_completion_killable(&kvm->kvmi_complete); kvmi_sock_put(kvmi); } @@ -242,8 +252,23 @@ int kvmi_ioctl_unhook(struct kvm *kvm) return 0; } +struct kvm_introspection * __must_check kvmi_get(struct kvm *kvm) +{ + if (refcount_inc_not_zero(&kvm->kvmi_ref)) + return kvm->kvmi; + + return NULL; +} + +void kvmi_put(struct kvm *kvm) +{ + if (refcount_dec_and_test(&kvm->kvmi_ref)) + complete(&kvm->kvmi_complete); +} + static int __kvmi_hook(struct kvm *kvm,...

On 09/08/19 17:59, Adalbert Laz?r wrote: > +void kvmi_handle_requests(struct kvm_vcpu *vcpu) > +{ > + struct kvmi *ikvm; > + > + ikvm = kvmi_get(vcpu->kvm); > + if (!ikvm) > + return; > + > + for (;;) { > + int err = kvmi_run_jobs_and_wait(vcpu); > + > + if (err) > + break; > + } > + > + kvmi_put(vcpu->kvm); > +} > + Using kvmi_run_jobs_and_wait from two places (here and kvmi_send_event) is...

...gt; + * Make sure all the KVM/KVMI structures are linked and no pointer > + * is read as NULL after the reference count has been set. > + */ > + smp_mb__before_atomic(); This is an smp_wmb(), not an smp_mb__before_atomic(). Add a comment that it pairs with the refcount_inc_not_zero in kvmi_get. > + refcount_set(&kvm->kvmi_ref, 1); > + > @@ -57,8 +183,27 @@ void kvmi_destroy_vm(struct kvm *kvm) > if (!ikvm) > return; > > + /* trigger socket shutdown - kvmi_recv() will start shutdown process */ > + kvmi_sock_shutdown(ikvm); > + > kvmi_put(kv...

...ns(vcpu->kvm, action, "CR"); + } + + return ret; +} + +bool kvmi_cr_event(struct kvm_vcpu *vcpu, unsigned int cr, + unsigned long old_value, unsigned long *new_value) +{ + struct kvm_introspection *kvmi; + bool ret = true; + + if (old_value == *new_value) + return true; + + kvmi = kvmi_get(vcpu->kvm); + if (!kvmi) + return true; + + if (is_event_enabled(vcpu, KVMI_EVENT_CR)) + ret = __kvmi_cr_event(vcpu, cr, old_value, new_value); + + kvmi_put(vcpu->kvm); + + return ret; +} + +bool kvmi_cr3_intercepted(struct kvm_vcpu *vcpu) +{ + struct kvm_introspection *kvmi; + bool ret; +...

...t kvm_introspection *qemu) +{ + struct kvmi *ikvm; + + ikvm = kzalloc(sizeof(*ikvm), GFP_KERNEL); + if (!ikvm) + return false; + + memcpy(&ikvm->uuid, &qemu->uuid, sizeof(ikvm->uuid)); + + ikvm->kvm = kvm; + kvm->kvmi = ikvm; + + return true; +} + struct kvmi * __must_check kvmi_get(struct kvm *kvm) { if (refcount_inc_not_zero(&kvm->kvmi_ref)) @@ -27,10 +45,13 @@ struct kvmi * __must_check kvmi_get(struct kvm *kvm) static void kvmi_destroy(struct kvm *kvm) { + kfree(kvm->kvmi); + kvm->kvmi = NULL; } static void kvmi_release(struct kvm *kvm) { + kvmi_so...

...ions > + */ > + > +#include <linux/kernel.h> > +#include <linux/types.h> > + > +#define KVMI_VERSION 0x00000001 > + > +enum { > + KVMI_EVENT_REPLY = 0, > + KVMI_EVENT = 1, > + > + KVMI_FIRST_COMMAND = 2, > + > + KVMI_GET_VERSION = 2, > + KVMI_CHECK_COMMAND = 3, > + KVMI_CHECK_EVENT = 4, > + KVMI_GET_GUEST_INFO = 5, > + KVMI_GET_VCPU_INFO = 6, > + KVMI_PAUSE_VCPU = 7, > + KVMI_CONTROL_VM_EVENTS = 8, > + KVMI_CONTROL_EVENTS = 9, &gt...

...I_H +#define _UAPI__LINUX_KVMI_H + +/* + * KVMI structures and definitions + */ + +#include <linux/kernel.h> +#include <linux/types.h> + +#define KVMI_VERSION 0x00000001 + +enum { + KVMI_EVENT_REPLY = 0, + KVMI_EVENT = 1, + + KVMI_FIRST_COMMAND = 2, + + KVMI_GET_VERSION = 2, + KVMI_CHECK_COMMAND = 3, + KVMI_CHECK_EVENT = 4, + KVMI_GET_GUEST_INFO = 5, + KVMI_GET_VCPU_INFO = 6, + KVMI_PAUSE_VCPU = 7, + KVMI_CONTROL_VM_EVENTS = 8, + KVMI_CONTROL_EVENTS = 9, + KVMI_CONTROL_CR = 10, + K...

...ool done_waiting(struct kvm_vcpu *vcpu) @@ -1572,6 +1580,141 @@ int kvmi_cmd_pause_vcpu(struct kvm_vcpu *vcpu, bool wait) return 0; } +void kvmi_stop_ss(struct kvm_vcpu *vcpu) +{ + struct kvmi_vcpu *ivcpu = IVCPU(vcpu); + struct kvm *kvm = vcpu->kvm; + struct kvmi *ikvm; + int i; + + ikvm = kvmi_get(kvm); + if (!ikvm) + return; + + if (unlikely(!ivcpu->ss_owner)) { + kvmi_warn(ikvm, "%s\n", __func__); + goto out; + } + + for (i = ikvm->ss_level; i--;) + kvmi_set_gfn_access(kvm, + ikvm->ss_context[i].gfn, + ikvm->ss_context[i].old_access, + ikvm-&g...

...pu *ivcpu = IVCPU(vcpu); + int err = 0; + + for (;;) { + kvmi_run_jobs(vcpu); + + if (ivcpu->killed) { + err = -1; + break; + } + + kvmi_add_job(vcpu, kvmi_job_wait, NULL, NULL); + } + + return err; +} + +void kvmi_handle_requests(struct kvm_vcpu *vcpu) +{ + struct kvmi *ikvm; + + ikvm = kvmi_get(vcpu->kvm); + if (!ikvm) + return; + + for (;;) { + int err = kvmi_run_jobs_and_wait(vcpu); + + if (err) + break; + } + + kvmi_put(vcpu->kvm); +} + int kvmi_cmd_control_vm_events(struct kvmi *ikvm, unsigned int event_id, bool enable) { diff --git a/virt/kvm/kvmi_int.h b/virt...

...0,141 @@ int kvmi_cmd_pause_vcpu(struct kvm_vcpu *vcpu, bool wait) > return 0; > } > > +void kvmi_stop_ss(struct kvm_vcpu *vcpu) > +{ > + struct kvmi_vcpu *ivcpu = IVCPU(vcpu); > + struct kvm *kvm = vcpu->kvm; > + struct kvmi *ikvm; > + int i; > + > + ikvm = kvmi_get(kvm); > + if (!ikvm) > + return; > + > + if (unlikely(!ivcpu->ss_owner)) { > + kvmi_warn(ikvm, "%s\n", __func__); > + goto out; > + } > + > + for (i = ikvm->ss_level; i--;) > + kvmi_set_gfn_access(kvm, > + ikvm->ss_context[i].gfn, >...

...on; + + action = kvmi_send_xsetbv(vcpu); + switch (action) { + case KVMI_EVENT_ACTION_CONTINUE: + break; + default: + kvmi_handle_common_event_actions(vcpu->kvm, action, "XSETBV"); + } +} + +void kvmi_xsetbv_event(struct kvm_vcpu *vcpu) +{ + struct kvm_introspection *kvmi; + + kvmi = kvmi_get(vcpu->kvm); + if (!kvmi) + return; + + if (is_event_enabled(vcpu, KVMI_EVENT_XSETBV)) + __kvmi_xsetbv_event(vcpu); + + kvmi_put(vcpu->kvm); +}

...- speed improvements (the penalty on web browsing actions is 50% lower, at least) Adalbert Laz?r (25): kvm: introspection: add basic ioctls (hook/unhook) kvm: introspection: add permission access ioctls kvm: introspection: add the read/dispatch message function kvm: introspection: add KVMI_GET_VERSION kvm: introspection: add KVMI_CONTROL_CMD_RESPONSE kvm: introspection: honor the reply option when handling the KVMI_GET_VERSION command kvm: introspection: add KVMI_CHECK_COMMAND and KVMI_CHECK_EVENT kvm: introspection: add KVMI_CONTROL_VM_EVENTS kvm: introspection: add a jobs...

...- speed improvements (the penalty on web browsing actions is 50% lower, at least) Adalbert Laz?r (25): kvm: introspection: add basic ioctls (hook/unhook) kvm: introspection: add permission access ioctls kvm: introspection: add the read/dispatch message function kvm: introspection: add KVMI_GET_VERSION kvm: introspection: add KVMI_CONTROL_CMD_RESPONSE kvm: introspection: honor the reply option when handling the KVMI_GET_VERSION command kvm: introspection: add KVMI_CHECK_COMMAND and KVMI_CHECK_EVENT kvm: introspection: add KVMI_CONTROL_VM_EVENTS kvm: introspection: add a jobs...

...MI_EVENT_ACTION_CONTINUE: + break; + default: + kvmi_handle_common_event_actions(vcpu->kvm, action, + "SINGLESTEP"); + } +} + +static void kvmi_singlestep_event(struct kvm_vcpu *vcpu, bool success) +{ + struct kvm_introspection *kvmi; + struct kvm *kvm = vcpu->kvm; + + kvmi = kvmi_get(kvm); + if (!kvmi) + return; + + if (is_event_enabled(vcpu, KVMI_EVENT_SINGLESTEP)) + __kvmi_singlestep_event(vcpu, success); + + kvmi_put(kvm); +} + +void kvmi_singlestep_done(struct kvm_vcpu *vcpu) +{ + kvmi_singlestep_event(vcpu, true); +} +EXPORT_SYMBOL(kvmi_singlestep_done); + +void kvmi_sin...

...ds (but they can be disallowed by the device manager) :: KVMI_EVENT_PAUSE_VCPU + KVMI_EVENT_SINGLESTEP KVMI_EVENT_TRAP The VM events (e.g. *KVMI_EVENT_UNHOOK*) are controlled with @@ -1075,8 +1076,12 @@ Enables/disables singlestep for the selected vCPU. The introspection tool should use *KVMI_GET_VERSION*, to check if the hardware supports singlestep (see **KVMI_GET_VERSION**). +After every instruction, a *KVMI_EVENT_SINGLESTEP* event is sent +to the introspection tool. + :Errors: +* -KVM_EPERM - the *KVMI_EVENT_SINGLESTEP* event is disallowed * -KVM_EOPNOTSUPP - the hardware doesn&...

...new_value); + switch (action) { + case KVMI_EVENT_ACTION_CONTINUE: + break; + default: + kvmi_handle_common_event_actions(vcpu->kvm, action); + } +} + +void kvmi_xsetbv_event(struct kvm_vcpu *vcpu, u8 xcr, + u64 old_value, u64 new_value) +{ + struct kvm_introspection *kvmi; + + kvmi = kvmi_get(vcpu->kvm); + if (!kvmi) + return; + + if (is_event_enabled(vcpu, KVMI_EVENT_XSETBV)) + __kvmi_xsetbv_event(vcpu, xcr, old_value, new_value); + + kvmi_put(vcpu->kvm); +} diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index af987ad1a174..c3557a11817f 100644 --- a/arch/x86/kvm/x86.c +++...

...+-------------------------------- + +:Architectures: x86 (vmx) +:Versions: >= 1 +:Parameters: + +:: + + struct kvmi_vcpu_control_singlestep { + __u8 enable; + __u8 padding[7]; + }; + +:Returns: + +:: + + struct kvmi_error_code + +Enables/disables singlestep. + +The introspection tool can use *KVMI_GET_VERSION*, to check +if the hardware supports singlestep (see **KVMI_GET_VERSION**). + +:Errors: + +* -KVM_EOPNOTSUPP - the hardware doesn't support it +* -KVM_EINVAL - padding is not zero +* -KVM_EAGAIN - the selected vCPU can't be introspected yet + Events ====== diff --git a/arch/x86/...

.../kvmi.c @@ -828,3 +828,25 @@ void kvmi_post_reply(struct kvm_vcpu *vcpu) vcpui->have_delayed_regs = false; } } + +bool kvmi_hypercall_event(struct kvm_vcpu *vcpu) +{ + struct kvm_introspection *kvmi; + bool ret = false; + + if (!kvmi_arch_is_agent_hypercall(vcpu)) + return ret; + + kvmi = kvmi_get(vcpu->kvm); + if (!kvmi) + return ret; + + if (is_event_enabled(vcpu, KVMI_EVENT_HYPERCALL)) { + kvmi_arch_hypercall_event(vcpu); + ret = true; + } + + kvmi_put(vcpu->kvm); + + return ret; +} diff --git a/virt/kvm/introspection/kvmi_int.h b/virt/kvm/introspection/kvmi_int.h index 1b3d8958e...

...e; + ret = true; + break; + default: + kvmi_handle_common_event_actions(vcpu, action, "MSR"); + } + + return ret; +} + +bool kvmi_msr_event(struct kvm_vcpu *vcpu, struct msr_data *msr) +{ + struct kvmi *ikvm; + bool ret = true; + + if (msr->host_initiated) + return true; + + ikvm = kvmi_get(vcpu->kvm); + if (!ikvm) + return true; + + if (is_event_enabled(vcpu, KVMI_EVENT_MSR)) + ret = __kvmi_msr_event(vcpu, msr); + + kvmi_put(vcpu->kvm); + + return ret; +} + static void *alloc_get_registers_reply(const struct kvmi_msg_hdr *msg, const struct kvmi_get_registers *req...