search for: kvmi_num_events

...#include <linux/types.h> +#include <asm/kvmi.h> enum { KVMI_VERSION = 0x00000001 }; enum { + KVMI_EVENT = 0, + KVMI_GET_VERSION = 1, KVMI_VM_CHECK_COMMAND = 2, KVMI_VM_CHECK_EVENT = 3, @@ -23,6 +26,8 @@ enum { }; enum { + KVMI_EVENT_UNHOOK = 0, + KVMI_NUM_EVENTS }; @@ -69,4 +74,12 @@ struct kvmi_vm_get_info_reply { __u32 padding[3]; }; +struct kvmi_event { + __u16 size; + __u16 vcpu; + __u8 event; + __u8 padding[3]; + struct kvmi_event_arch arch; +}; + #endif /* _UAPI__LINUX_KVMI_H */ diff --git a/tools/testing/selftests/kvm/x86_64/kvmi_test.c b/t...

...MMANDS KVMI_NUM_MESSAGES + struct kvm_introspection { struct kvm_arch_introspection arch; struct kvm *kvm; @@ -16,6 +18,9 @@ struct kvm_introspection { struct socket *sock; struct task_struct *recv; + + DECLARE_BITMAP(cmd_allow_mask, KVMI_NUM_COMMANDS); + DECLARE_BITMAP(event_allow_mask, KVMI_NUM_EVENTS); }; #ifdef CONFIG_KVM_INTROSPECTION @@ -27,6 +32,8 @@ void kvmi_destroy_vm(struct kvm *kvm); int kvmi_ioctl_hook(struct kvm *kvm, void __user *argp); int kvmi_ioctl_unhook(struct kvm *kvm); +int kvmi_ioctl_command(struct kvm *kvm, void __user *argp); +int kvmi_ioctl_event(struct kvm *kvm,...

...ca49167f70 100644 --- a/virt/kvm/introspection/kvmi.c +++ b/virt/kvm/introspection/kvmi.c @@ -12,6 +12,7 @@ #define KVMI_MSG_SIZE_ALLOC (sizeof(struct kvmi_msg_hdr) + KVMI_MSG_SIZE) static DECLARE_BITMAP(Kvmi_always_allowed_commands, KVMI_NUM_COMMANDS); +static DECLARE_BITMAP(Kvmi_known_events, KVMI_NUM_EVENTS); static struct kmem_cache *msg_cache; @@ -51,15 +52,28 @@ bool kvmi_is_command_allowed(struct kvm_introspection *kvmi, u16 id) return id < KVMI_NUM_COMMANDS && test_bit(id, kvmi->cmd_allow_mask); } +bool kvmi_is_known_event(u8 id) +{ + return id < KVMI_NUM_EVENTS &&a...

...--git a/include/linux/kvmi_host.h b/include/linux/kvmi_host.h index 180e26335a8f..41b22af771fb 100644 --- a/include/linux/kvmi_host.h +++ b/include/linux/kvmi_host.h @@ -22,6 +22,8 @@ struct kvm_introspection { DECLARE_BITMAP(cmd_allow_mask, KVMI_NUM_COMMANDS); DECLARE_BITMAP(event_allow_mask, KVMI_NUM_EVENTS); + DECLARE_BITMAP(vm_event_enable_mask, KVMI_NUM_EVENTS); + atomic_t ev_seq; }; diff --git a/include/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h index e74240aff5b7..da9bf30ae513 100644 --- a/include/uapi/linux/kvmi.h +++ b/include/uapi/linux/kvmi.h @@ -15,12 +15,13 @@ enum { }; enum {...

...events(vm); unhook_introspection(vm); } diff --git a/virt/kvm/introspection/kvmi.c b/virt/kvm/introspection/kvmi.c index f128b1407c84..5af6ea041035 100644 --- a/virt/kvm/introspection/kvmi.c +++ b/virt/kvm/introspection/kvmi.c @@ -59,6 +59,16 @@ bool kvmi_is_known_event(u8 id) return id < KVMI_NUM_EVENTS && test_bit(id, Kvmi_known_events); } +bool kvmi_is_known_vm_event(u8 id) +{ + return id < KVMI_NUM_EVENTS && test_bit(id, Kvmi_known_vm_events); +} + +static bool is_vm_event_enabled(struct kvm_introspection *kvmi, int event) +{ + return test_bit(event, kvmi->vm_event_enab...

...t a/include/linux/kvmi_host.h b/include/linux/kvmi_host.h index 49e68777a390..da621d83cd94 100644 --- a/include/linux/kvmi_host.h +++ b/include/linux/kvmi_host.h @@ -36,6 +36,8 @@ struct kvm_vcpu_introspection { struct kvmi_vcpu_reply reply; bool waiting_for_reply; + + DECLARE_BITMAP(ev_mask, KVMI_NUM_EVENTS); }; struct kvm_introspection { diff --git a/include/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h index 2eb1e5b20d53..745503fb7378 100644 --- a/include/uapi/linux/kvmi.h +++ b/include/uapi/linux/kvmi.h @@ -18,16 +18,17 @@ enum { KVMI_EVENT_REPLY = 0, KVMI_EVENT = 1, - K...

...+ bool ss_owner; Why is single-stepping mutually exclusive across all vCPUs? Does that always have to be the case? > + bool ss_requested; > + > struct list_head job_list; > spinlock_t job_lock; > > @@ -151,6 +154,15 @@ struct kvmi { > DECLARE_BITMAP(event_allow_mask, KVMI_NUM_EVENTS); > DECLARE_BITMAP(vm_ev_mask, KVMI_NUM_EVENTS); > > +#define SINGLE_STEP_MAX_DEPTH 8 > + struct { > + gfn_t gfn; > + u8 old_access; > + u32 old_write_bitmap; > + } ss_context[SINGLE_STEP_MAX_DEPTH]; > + u8 ss_level; > + atomic_t ss_active; Good opportunity for...

...lude/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h index 2a4cc8c41465..348a9a551091 100644 --- a/include/uapi/linux/kvmi.h +++ b/include/uapi/linux/kvmi.h @@ -49,6 +49,7 @@ enum { KVMI_EVENT_BREAKPOINT = 3, KVMI_EVENT_CR = 4, KVMI_EVENT_TRAP = 5, + KVMI_EVENT_XSETBV = 6, KVMI_NUM_EVENTS }; diff --git a/tools/testing/selftests/kvm/x86_64/kvmi_test.c b/tools/testing/selftests/kvm/x86_64/kvmi_test.c index 105adf75a68d..0569185a7064 100644 --- a/tools/testing/selftests/kvm/x86_64/kvmi_test.c +++ b/tools/testing/selftests/kvm/x86_64/kvmi_test.c @@ -22,6 +22,8 @@ #define VCPU_ID...

...-git a/include/linux/kvmi_host.h b/include/linux/kvmi_host.h index 4e77a0227c08..180e26335a8f 100644 --- a/include/linux/kvmi_host.h +++ b/include/linux/kvmi_host.h @@ -21,6 +21,8 @@ struct kvm_introspection { DECLARE_BITMAP(cmd_allow_mask, KVMI_NUM_COMMANDS); DECLARE_BITMAP(event_allow_mask, KVMI_NUM_EVENTS); + + atomic_t ev_seq; }; #ifdef CONFIG_KVM_INTROSPECTION @@ -34,6 +36,7 @@ int kvmi_ioctl_hook(struct kvm *kvm, void __user *argp); int kvmi_ioctl_unhook(struct kvm *kvm); int kvmi_ioctl_command(struct kvm *kvm, void __user *argp); int kvmi_ioctl_event(struct kvm *kvm, void __user *argp); +...

.../kvm/kvmi_int.h +++ b/virt/kvm/kvmi_int.h @@ -126,6 +126,9 @@ struct kvmi_vcpu { DECLARE_BITMAP(high, KVMI_NUM_MSR); } msr_mask; + bool ss_owner; + bool ss_requested; + struct list_head job_list; spinlock_t job_lock; @@ -151,6 +154,15 @@ struct kvmi { DECLARE_BITMAP(event_allow_mask, KVMI_NUM_EVENTS); DECLARE_BITMAP(vm_ev_mask, KVMI_NUM_EVENTS); +#define SINGLE_STEP_MAX_DEPTH 8 + struct { + gfn_t gfn; + u8 old_access; + u32 old_write_bitmap; + } ss_context[SINGLE_STEP_MAX_DEPTH]; + u8 ss_level; + atomic_t ss_active; + struct { bool initialized; atomic_t enabled; @@ -224,6 +236,7...

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place

...ndif /* _UAPI__LINUX_KVMI_H */ diff --git a/virt/kvm/kvmi_int.h b/virt/kvm/kvmi_int.h index 76119a4b69d8..157f765fb34d 100644 --- a/virt/kvm/kvmi_int.h +++ b/virt/kvm/kvmi_int.h @@ -85,6 +85,8 @@ struct kvmi { DECLARE_BITMAP(cmd_allow_mask, KVMI_NUM_COMMANDS); DECLARE_BITMAP(event_allow_mask, KVMI_NUM_EVENTS); + + bool cmd_reply_disabled; }; /* kvmi_msg.c */ diff --git a/virt/kvm/kvmi_msg.c b/virt/kvm/kvmi_msg.c index 6fe04de29f7e..ea5c7e23669a 100644 --- a/virt/kvm/kvmi_msg.c +++ b/virt/kvm/kvmi_msg.c @@ -9,6 +9,7 @@ #include "kvmi_int.h" static const char *const msg_IDs[] = { + [KVM...

...llow_mask); +} + +static int handle_check_event(struct kvm_introspection *kvmi, + const struct kvmi_msg_hdr *msg, const void *_req) +{ + const struct kvmi_vm_check_event *req = _req; + int ec = 0; + + if (req->padding1 || req->padding2) + ec = -KVM_EINVAL; + else if (req->id >= KVMI_NUM_EVENTS) + ec = -KVM_EINVAL; + else if (!is_event_allowed(kvmi, req->id)) + ec = -KVM_EPERM; + + return kvmi_msg_vm_reply(kvmi, msg, ec, NULL, 0); +} + /* * These commands are executed by the receiving thread/worker. */ static int(*const msg_vm[])(struct kvm_introspection *, const struct...

...lude/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h index 70d5a67badef..3ea4882ac469 100644 --- a/include/uapi/linux/kvmi.h +++ b/include/uapi/linux/kvmi.h @@ -47,6 +47,7 @@ enum { KVMI_EVENT_BREAKPOINT = 3, KVMI_EVENT_CR = 4, KVMI_EVENT_TRAP = 5, + KVMI_EVENT_XSETBV = 6, KVMI_NUM_EVENTS }; diff --git a/tools/testing/selftests/kvm/x86_64/kvmi_test.c b/tools/testing/selftests/kvm/x86_64/kvmi_test.c index 2852e6894e81..299f4d29d0d6 100644 --- a/tools/testing/selftests/kvm/x86_64/kvmi_test.c +++ b/tools/testing/selftests/kvm/x86_64/kvmi_test.c @@ -21,6 +21,8 @@ #define VCPU_ID...

...ude/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h index c6c5019ccf85..37c51e64d22c 100644 --- a/include/uapi/linux/kvmi.h +++ b/include/uapi/linux/kvmi.h @@ -59,6 +59,7 @@ enum { KVMI_EVENT_DESCRIPTOR = 7, KVMI_EVENT_MSR = 8, KVMI_EVENT_PF = 9, + KVMI_EVENT_SINGLESTEP = 10, KVMI_NUM_EVENTS }; @@ -199,4 +200,9 @@ struct kvmi_event_pf { __u32 padding3; }; +struct kvmi_event_singlestep { + __u8 failed; + __u8 padding[7]; +}; + #endif /* _UAPI__LINUX_KVMI_H */ diff --git a/tools/testing/selftests/kvm/x86_64/kvmi_test.c b/tools/testing/selftests/kvm/x86_64/kvmi_test.c index 090cb7a...

...ude/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h index bc515237612a..040049abd450 100644 --- a/include/uapi/linux/kvmi.h +++ b/include/uapi/linux/kvmi.h @@ -63,6 +63,7 @@ enum { KVMI_EVENT_DESCRIPTOR = 7, KVMI_EVENT_MSR = 8, KVMI_EVENT_PF = 9, + KVMI_EVENT_SINGLESTEP = 10, KVMI_NUM_EVENTS }; @@ -236,4 +237,9 @@ struct kvmi_event_pf { __u32 padding3; }; +struct kvmi_event_singlestep { + __u8 failed; + __u8 padding[7]; +}; + #endif /* _UAPI__LINUX_KVMI_H */ diff --git a/tools/testing/selftests/kvm/x86_64/kvmi_test.c b/tools/testing/selftests/kvm/x86_64/kvmi_test.c index 0803d7e...

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place

...ific diff --git a/include/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h index 05535a7d9313..20e2f154ab88 100644 --- a/include/uapi/linux/kvmi.h +++ b/include/uapi/linux/kvmi.h @@ -39,6 +39,7 @@ enum { enum { KVMI_EVENT_UNHOOK = 0, KVMI_EVENT_PAUSE_VCPU = 1, + KVMI_EVENT_HYPERCALL = 2, KVMI_NUM_EVENTS }; diff --git a/tools/testing/selftests/kvm/x86_64/kvmi_test.c b/tools/testing/selftests/kvm/x86_64/kvmi_test.c index fa23ca0ed0d7..ef4e33e92fff 100644 --- a/tools/testing/selftests/kvm/x86_64/kvmi_test.c +++ b/tools/testing/selftests/kvm/x86_64/kvmi_test.c @@ -48,6 +48,7 @@ struct vcpu_worker_dat...

...ntrospection tool uses a command or enables an +event which is disallowed. + Unhooking --------- diff --git a/include/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h index dbf63ad0862f..6c7600ed4564 100644 --- a/include/uapi/linux/kvmi.h +++ b/include/uapi/linux/kvmi.h @@ -65,4 +65,17 @@ enum { KVMI_NUM_EVENTS }; +#define KVMI_MSG_SIZE (4096 - sizeof(struct kvmi_msg_hdr)) + +struct kvmi_msg_hdr { + __u16 id; + __u16 size; + __u32 seq; +}; + +struct kvmi_error_code { + __s32 err; + __u32 padding; +}; + #endif /* _UAPI__LINUX_KVMI_H */ diff --git a/virt/kvm/kvmi.c b/virt/kvm/kvmi.c index dc64f975998f.....

...VMI_EVENT_MSR = 2, + KVMI_EVENT_XSETBV = 3, + KVMI_EVENT_BREAKPOINT = 4, + KVMI_EVENT_HYPERCALL = 5, + KVMI_EVENT_PF = 6, + KVMI_EVENT_TRAP = 7, + KVMI_EVENT_DESCRIPTOR = 8, + KVMI_EVENT_CREATE_VCPU = 9, + KVMI_EVENT_PAUSE_VCPU = 10, + KVMI_EVENT_SINGLESTEP = 11, + + KVMI_NUM_EVENTS +}; + +#endif /* _UAPI__LINUX_KVMI_H */ diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 585845203db8..90e432d225ab 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -51,6 +51,7 @@ #include <linux/slab.h> #include <linux/sort.h> #include <linux/bsearch.h&gt...