Displaying 10 results from an estimated 10 matches for "kvmi_tracked_gfn".
2019 Sep 10
1
[RFC PATCH v6 69/92] kvm: x86: keep the page protected if tracked by the introspection tool
...@ static bool reexecute_instruction(struct kvm_vcpu *vcpu, gva_t cr2,
> indirect_shadow_pages = vcpu->kvm->arch.indirect_shadow_pages;
> spin_unlock(&vcpu->kvm->mmu_lock);
>
> - if (indirect_shadow_pages)
> + if (indirect_shadow_pages
> + && !kvmi_tracked_gfn(vcpu, gpa_to_gfn(gpa)))
> kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa));
>
> return true;
> @@ -6322,7 +6323,8 @@ static bool reexecute_instruction(struct kvm_vcpu *vcpu, gva_t cr2,
> * and it failed try to unshadow page and re-enter the
> * guest to let CPU...
2019 Aug 13
1
[RFC PATCH v6 70/92] kvm: x86: filter out access rights only when tracked by the introspection tool
...2da..fd64cf1115da 100644
> --- a/arch/x86/kvm/mmu.c
> +++ b/arch/x86/kvm/mmu.c
> @@ -2660,6 +2660,9 @@ static void clear_sp_write_flooding_count(u64 *spte)
> static unsigned int kvm_mmu_page_track_acc(struct kvm_vcpu *vcpu, gfn_t gfn,
> unsigned int acc)
> {
> + if (!kvmi_tracked_gfn(vcpu, gfn))
> + return acc;
> +
> if (kvm_page_track_is_active(vcpu, gfn, KVM_PAGE_TRACK_PREREAD))
> acc &= ~ACC_USER_MASK;
> if (kvm_page_track_is_active(vcpu, gfn, KVM_PAGE_TRACK_PREWRITE) ||
>
If this patch is always needed, then the function should be named
somet...
2019 Aug 09
0
[RFC PATCH v6 69/92] kvm: x86: keep the page protected if tracked by the introspection tool
...kvm/x86.c
@@ -6311,7 +6311,8 @@ static bool reexecute_instruction(struct kvm_vcpu *vcpu, gva_t cr2,
indirect_shadow_pages = vcpu->kvm->arch.indirect_shadow_pages;
spin_unlock(&vcpu->kvm->mmu_lock);
- if (indirect_shadow_pages)
+ if (indirect_shadow_pages
+ && !kvmi_tracked_gfn(vcpu, gpa_to_gfn(gpa)))
kvm_mmu_unprotect_page(vcpu->kvm, gpa_to_gfn(gpa));
return true;
@@ -6322,7 +6323,8 @@ static bool reexecute_instruction(struct kvm_vcpu *vcpu, gva_t cr2,
* and it failed try to unshadow page and re-enter the
* guest to let CPU execute the instruction.
*...
2019 Aug 09
0
[RFC PATCH v6 70/92] kvm: x86: filter out access rights only when tracked by the introspection tool
.../arch/x86/kvm/mmu.c
index 65b6acba82da..fd64cf1115da 100644
--- a/arch/x86/kvm/mmu.c
+++ b/arch/x86/kvm/mmu.c
@@ -2660,6 +2660,9 @@ static void clear_sp_write_flooding_count(u64 *spte)
static unsigned int kvm_mmu_page_track_acc(struct kvm_vcpu *vcpu, gfn_t gfn,
unsigned int acc)
{
+ if (!kvmi_tracked_gfn(vcpu, gfn))
+ return acc;
+
if (kvm_page_track_is_active(vcpu, gfn, KVM_PAGE_TRACK_PREREAD))
acc &= ~ACC_USER_MASK;
if (kvm_page_track_is_active(vcpu, gfn, KVM_PAGE_TRACK_PREWRITE) ||
2019 Aug 09
0
[RFC PATCH v6 27/92] kvm: introspection: use page track
...nts, so must be called
+ * after kvmi_abort_events().
+ */
+ kvm_page_track_unregister_notifier(kvm, &ikvm->kptn_node);
+
+ /*
+ * This function uses kvm->mmu_lock so it's not allowed to be
+ * called under kvmi_put(). It can reach a deadlock if called
+ * from kvm_mmu_load -> kvmi_tracked_gfn -> kvmi_put.
+ */
+ kvmi_clear_mem_access(kvm);
+
/*
* At this moment the socket is shut down, no more commands will come
* from the introspector, and the only way into the introspection is
@@ -351,6 +640,8 @@ int kvmi_hook(struct kvm *kvm, const struct kvm_introspection *qemu)
goto...
2019 Aug 09
117
[RFC PATCH v6 00/92] VM introspection
The KVM introspection subsystem provides a facility for applications running
on the host or in a separate VM, to control the execution of other VM-s
(pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.),
alter the page access bits in the shadow page tables (only for the hardware
backed ones, eg. Intel's EPT) and receive notifications when events of
interest have taken place
2019 Aug 09
117
[RFC PATCH v6 00/92] VM introspection
The KVM introspection subsystem provides a facility for applications running
on the host or in a separate VM, to control the execution of other VM-s
(pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.),
alter the page access bits in the shadow page tables (only for the hardware
backed ones, eg. Intel's EPT) and receive notifications when events of
interest have taken place
2020 Jul 22
34
[RFC PATCH v1 00/34] VM introspection - EPT Views and Virtualization Exceptions
This patch series is based on the VM introspection patches
(https://lore.kernel.org/kvm/20200721210922.7646-1-alazar at bitdefender.com/),
extending the introspection API with EPT Views and Virtualization
Exceptions (#VE) support.
The purpose of this series is to get an initial feedback and to see if
we are on the right track, especially because the changes made to add
the EPT views are not small
2020 Feb 07
78
[RFC PATCH v7 00/78] VM introspection
The KVM introspection subsystem provides a facility for applications
running on the host or in a separate VM, to control the execution of
other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs,
MSRs etc.), alter the page access bits in the shadow page tables (only
for the hardware backed ones, eg. Intel's EPT) and receive notifications
when events of interest have taken place
2020 Jul 21
87
[PATCH v9 00/84] VM introspection
The KVM introspection subsystem provides a facility for applications
running on the host or in a separate VM, to control the execution of
other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs,
MSRs etc.), alter the page access bits in the shadow page tables (only
for the hardware backed ones, eg. Intel's EPT) and receive notifications
when events of interest have taken place