search for: off_bitmap

...equested, nbits); + else + bitmap_andnot(dest, dest, requested, nbits); + +out: + mutex_unlock(&kvm->kvmi_lock); + + return err; +} + +int kvmi_ioctl_event(struct kvm *kvm, void __user *argp) +{ + DECLARE_BITMAP(requested, KVMI_NUM_EVENTS); + DECLARE_BITMAP(known, KVMI_NUM_EVENTS); + size_t off_bitmap; + bool allow; + int err; + int id; + + err = kvmi_ioctl_get_feature(argp, &allow, &id, requested); + if (err) + return err; + + bitmap_from_u64(known, KVMI_KNOWN_EVENTS); + bitmap_and(requested, requested, known, KVMI_NUM_EVENTS); + + off_bitmap = offsetof(struct kvm_introspection, event_...

...sted, known, KVMI_NUM_COMMANDS); + if (!allow) { + DECLARE_BITMAP(always_allowed, KVMI_NUM_COMMANDS); + + if (id == KVMI_GET_VERSION) + return -EPERM; + + set_bit(KVMI_GET_VERSION, always_allowed); + + bitmap_andnot(requested, requested, always_allowed, + KVMI_NUM_COMMANDS); + } + off_bitmap = offsetof(struct kvm_introspection, cmd_allow_mask); return kvmi_ioctl_feature(kvm, allow, requested, off_bitmap, diff --git a/virt/kvm/introspection/kvmi_int.h b/virt/kvm/introspection/kvmi_int.h index 46ba90cb5e66..947af4615fa5 100644 --- a/virt/kvm/introspection/kvmi_int.h +++ b/virt/kvm/in...

...ND, kvmi->cmd_allow_mask); set_bit(KVMI_VM_CHECK_EVENT, kvmi->cmd_allow_mask); + atomic_set(&kvmi->ev_seq, 0); + kvmi->kvm = kvm; return kvmi; @@ -324,3 +326,31 @@ int kvmi_ioctl_command(struct kvm *kvm, void __user *argp) return kvmi_ioctl_feature(kvm, allow, requested, off_bitmap, KVMI_NUM_COMMANDS); } + +static bool kvmi_unhook_event(struct kvm_introspection *kvmi) +{ + int err; + + err = kvmi_msg_send_unhook(kvmi); + + return !err; +} + +int kvmi_ioctl_preunhook(struct kvm *kvm) +{ + struct kvm_introspection *kvmi; + int err = 0; + + mutex_lock(&kvm->kvmi_l...

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place