Displaying 9 results from an estimated 9 matches for "kvmi_known_commands".
2020 Feb 07
0
[RFC PATCH v7 40/78] KVM: introspection: add KVMI_GET_VERSION
...sizeof(kvmi->uuid));
memcpy(&kvmi->uuid, &hook->uuid, sizeof(kvmi->uuid));
+ set_bit(KVMI_GET_VERSION, kvmi->cmd_allow_mask);
+
kvmi->kvm = kvm;
return kvmi;
@@ -299,6 +301,18 @@ int kvmi_ioctl_command(struct kvm *kvm, void __user *argp)
bitmap_from_u64(known, KVMI_KNOWN_COMMANDS);
bitmap_and(requested, requested, known, KVMI_NUM_COMMANDS);
+ if (!allow) {
+ DECLARE_BITMAP(always_allowed, KVMI_NUM_COMMANDS);
+
+ if (id == KVMI_GET_VERSION)
+ return -EPERM;
+
+ set_bit(KVMI_GET_VERSION, always_allowed);
+
+ bitmap_andnot(requested, requested, always_allowed,
+...
2020 Feb 07
0
[RFC PATCH v7 38/78] KVM: introspection: add permission access ioctls
...kvm, void __user *argp)
+{
+ DECLARE_BITMAP(requested, KVMI_NUM_COMMANDS);
+ DECLARE_BITMAP(known, KVMI_NUM_COMMANDS);
+ size_t off_bitmap;
+ bool allow;
+ int err;
+ int id;
+
+ err = kvmi_ioctl_get_feature(argp, &allow, &id, requested);
+ if (err)
+ return err;
+
+ bitmap_from_u64(known, KVMI_KNOWN_COMMANDS);
+ bitmap_and(requested, requested, known, KVMI_NUM_COMMANDS);
+
+ off_bitmap = offsetof(struct kvm_introspection, cmd_allow_mask);
+
+ return kvmi_ioctl_feature(kvm, allow, requested, off_bitmap,
+ KVMI_NUM_COMMANDS);
+}
diff --git a/virt/kvm/introspection/kvmi_int.h b/virt/kvm/introspection...
2019 Aug 09
0
[RFC PATCH v6 05/92] kvm: introspection: add KVMI_GET_VERSION
...on *qemu)
if (!ikvm)
return false;
+ set_bit(KVMI_GET_VERSION, ikvm->cmd_allow_mask);
+
memcpy(&ikvm->uuid, &qemu->uuid, sizeof(ikvm->uuid));
ikvm->kvm = kvm;
@@ -290,6 +292,18 @@ int kvmi_ioctl_command(struct kvm *kvm, void __user *argp)
bitmap_from_u64(known, KVMI_KNOWN_COMMANDS);
bitmap_and(requested, requested, known, KVMI_NUM_COMMANDS);
+ if (!allow) {
+ DECLARE_BITMAP(always_allowed, KVMI_NUM_COMMANDS);
+
+ if (id == KVMI_GET_VERSION)
+ return -EPERM;
+
+ set_bit(KVMI_GET_VERSION, always_allowed);
+
+ bitmap_andnot(requested, requested, always_allowed,
+...
2020 Feb 07
0
[RFC PATCH v7 41/78] KVM: introspection: add KVMI_VM_CHECK_COMMAND and KVMI_VM_CHECK_EVENT
...requested, requested, always_allowed,
KVMI_NUM_COMMANDS);
diff --git a/virt/kvm/introspection/kvmi_int.h b/virt/kvm/introspection/kvmi_int.h
index 947af4615fa5..feb83b8d0f12 100644
--- a/virt/kvm/introspection/kvmi_int.h
+++ b/virt/kvm/introspection/kvmi_int.h
@@ -22,6 +22,8 @@
#define KVMI_KNOWN_COMMANDS ( \
BIT(KVMI_GET_VERSION) \
+ | BIT(KVMI_VM_CHECK_COMMAND) \
+ | BIT(KVMI_VM_CHECK_EVENT) \
)
#define KVMI(kvm) ((struct kvm_introspection *)((kvm)->kvmi))
diff --git a/virt/kvm/introspection/kvmi_msg.c b/virt/kvm/introspection/kvmi_msg.c
index 81e42c65da16..b7da5cc7286f 100644
-...
2020 Feb 07
0
[RFC PATCH v7 43/78] KVM: introspection: add KVMI_EVENT_UNHOOK
...#define KVMI_MSG_SIZE_ALLOC (sizeof(struct kvmi_msg_hdr) + KVMI_MSG_SIZE)
-#define KVMI_KNOWN_EVENTS 0
+#define KVMI_KNOWN_VM_EVENTS ( \
+ BIT(KVMI_EVENT_UNHOOK) \
+ )
+#define KVMI_KNOWN_VCPU_EVENTS 0
+
+#define KVMI_KNOWN_EVENTS (KVMI_KNOWN_VM_EVENTS | KVMI_KNOWN_VCPU_EVENTS)
#define KVMI_KNOWN_COMMANDS ( \
BIT(KVMI_GET_VERSION) \
@@ -34,6 +39,7 @@ bool kvmi_sock_get(struct kvm_introspection *kvmi, int fd);
void kvmi_sock_shutdown(struct kvm_introspection *kvmi);
void kvmi_sock_put(struct kvm_introspection *kvmi);
bool kvmi_msg_process(struct kvm_introspection *kvmi);
+int kvmi_msg_send_u...
2020 Feb 07
0
[RFC PATCH v7 39/78] KVM: introspection: add the read/dispatch message function
...kvmi_int.h
+++ b/virt/kvm/introspection/kvmi_int.h
@@ -16,6 +16,8 @@
#define kvmi_err(kvmi, fmt, ...) \
kvm_info("%pU ERROR: " fmt, &kvmi->uuid, ## __VA_ARGS__)
+#define KVMI_MSG_SIZE_ALLOC (sizeof(struct kvmi_msg_hdr) + KVMI_MSG_SIZE)
+
#define KVMI_KNOWN_EVENTS 0
#define KVMI_KNOWN_COMMANDS 0
@@ -28,4 +30,9 @@ void kvmi_sock_shutdown(struct kvm_introspection *kvmi);
void kvmi_sock_put(struct kvm_introspection *kvmi);
bool kvmi_msg_process(struct kvm_introspection *kvmi);
+/* kvmi.c */
+void *kvmi_msg_alloc(void);
+void *kvmi_msg_alloc_check(size_t size);
+void kvmi_msg_free(void *...
2020 Feb 07
78
[RFC PATCH v7 00/78] VM introspection
The KVM introspection subsystem provides a facility for applications
running on the host or in a separate VM, to control the execution of
other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs,
MSRs etc.), alter the page access bits in the shadow page tables (only
for the hardware backed ones, eg. Intel's EPT) and receive notifications
when events of interest have taken place
2019 Aug 09
117
[RFC PATCH v6 00/92] VM introspection
The KVM introspection subsystem provides a facility for applications running
on the host or in a separate VM, to control the execution of other VM-s
(pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.),
alter the page access bits in the shadow page tables (only for the hardware
backed ones, eg. Intel's EPT) and receive notifications when events of
interest have taken place
2019 Aug 09
117
[RFC PATCH v6 00/92] VM introspection
The KVM introspection subsystem provides a facility for applications running
on the host or in a separate VM, to control the execution of other VM-s
(pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.),
alter the page access bits in the shadow page tables (only for the hardware
backed ones, eg. Intel's EPT) and receive notifications when events of
interest have taken place