search for: singlestepping

From: Nicu?or C??u <ncitu at bitdefender.com> This event is sent after each instruction when the singlestep has been enabled for a vCPU. Signed-off-by: Nicu?or C??u <ncitu at bitdefender.com> Co-developed-by: Adalbert Laz?r <alazar at bitdefender.com> Signed-off-by: Adalbert Laz?r <alazar at bitdefender.com> --- Documentation/virt/kvm/kvmi.rst | 31

From: Nicu?or C??u <ncitu at bitdefender.com> This command is extremely useful for debuggers. Signed-off-by: Nicu?or C??u <ncitu at bitdefender.com> Co-developed-by: Adalbert Laz?r <alazar at bitdefender.com> Signed-off-by: Adalbert Laz?r <alazar at bitdefender.com> --- Documentation/virt/kvm/kvmi.rst | 31 ++++++ arch/x86/kvm/kvmi.c

From: Nicu?or C??u <ncitu at bitdefender.com> This event is sent when the current instruction has been single stepped with or without success. Signed-off-by: Nicu?or C??u <ncitu at bitdefender.com> Co-developed-by: Adalbert Laz?r <alazar at bitdefender.com> Signed-off-by: Adalbert Laz?r <alazar at bitdefender.com> --- Documentation/virt/kvm/kvmi.rst | 28

From: ?tefan ?icleru <ssicleru at bitdefender.com> The introspection tool will use these new fields to check the hardware support before using the related introspection commands. Signed-off-by: ?tefan ?icleru <ssicleru at bitdefender.com> Signed-off-by: Adalbert Laz?r <alazar at bitdefender.com> --- Documentation/virt/kvm/kvmi.rst | 6 ++++--

This is used by the introspection tool to check the hardware support for single step. Signed-off-by: Adalbert Laz?r <alazar at bitdefender.com> --- Documentation/virt/kvm/kvmi.rst | 13 ++++++++++++- arch/x86/include/uapi/asm/kvmi.h | 5 +++++ arch/x86/kvm/kvmi.c | 5 +++++ include/uapi/linux/kvmi.h | 1 +

I'm running libvirt 1.0.1 and qemu 1.3. I see the following error of libvirtd startup: 2013-01-19 04:51:06.183+0000: 1459: error : virCommandWait:2287 : internal error Child process (LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin HOME=/ /usr/bin/kvm -help) unexpected exit status 1 This is indeed what the return code seems to be for that command. This this just a

...n current parts, the hypervisor can set up debug facilities on behalf of the guest (or behind its back) as the DR state is unencrypted, but that attempting to intercept #DB will redirect to #VC inside the guest and cause fun. (Also spare a thought for 32bit kernels which have to cope with userspace singlestepping the SYSENTER path with every #DB turning into #VC.) >> Besides that, I am not a fan of delegating problems I already see coming >> to future-Joerg and future-Peter, but if at all possible deal with them >> now and be safe later. > Well, we could just say no :-) At some point i...

From: Marian Rotariu <marian.c.rotariu at gmail.com> The introspection tool uses this function to check the hardware support for VMFUNC, which can be used either to singlestep vCPUs on a unprotected EPT view or to use #VE in order to filter out VM-exits caused by EPT violations. Signed-off-by: Marian Rotariu <marian.c.rotariu at gmail.com> Co-developed-by: ?tefan ?icleru <ssicleru

...hypervisor can set up debug > facilities on behalf of the guest (or behind its back) as the DR state > is unencrypted, but that attempting to intercept #DB will redirect to > #VC inside the guest and cause fun. (Also spare a thought for 32bit > kernels which have to cope with userspace singlestepping the SYSENTER > path with every #DB turning into #VC.) What do you mean 32-bit? 64-bit kernels have exactly the same problem. At least the stack is okay, though. Anyway, since I'm way behind on this thread, here are some thoughts: First, I plan to implement actual precise recursion dete...

From: Marian Rotariu <marian.c.rotariu at gmail.com> The introspection tool uses this function to check the hardware support for EPT switching, which can be used either to singlestep vCPUs on a unprotected EPT view or to use #VE in order to avoid filter out VM-exits caused by EPT violations. Signed-off-by: Marian Rotariu <marian.c.rotariu at gmail.com> Co-developed-by: ?tefan ?icleru

This patch series is based on the VM introspection patches (https://lore.kernel.org/kvm/20200721210922.7646-1-alazar at bitdefender.com/), extending the introspection API with EPT Views and Virtualization Exceptions (#VE) support. The purpose of this series is to get an initial feedback and to see if we are on the right track, especially because the changes made to add the EPT views are not small

This helps the introspection tool with the VGA to GPA translations without the need to monitor the guest page tables. Signed-off-by: Adalbert Laz?r <alazar at bitdefender.com> --- Documentation/virt/kvm/kvmi.rst | 31 +++++++++++++++++++ arch/x86/kvm/kvmi.c | 4 +++ include/uapi/linux/kvmi.h | 9 ++++++

From: ?tefan ?icleru <ssicleru at bitdefender.com> The introspection tool uses this function to check the hardware support for EPT switching, which can be used either to singlestep vCPUs on a unprotected EPT view or to use #VE in order to avoid filter out VM-exits caused by EPT violations. Signed-off-by: ?tefan ?icleru <ssicleru at bitdefender.com> Signed-off-by: Adalbert Laz?r

I tried running qemu-system-x86_64 -help" command manually. But it seems that it work normally. Here is the output. Kindly guide me. spanhal1@seclab2:/usr/bin$ qemu-system-x86_64 -help QEMU emulator version 1.2.0 (qemu-kvm-1.2.0), Copyright (c) 2003-2008 Fabrice Bellard usage: qemu-system-x86_64 [options] [disk_image] 'disk_image' is a raw hard disk image for IDE hard disk 0

From: Marian Rotariu <marian.c.rotariu at gmail.com> The introspection tool uses this function to check the hardware support for EPT switching, which can be used either to singlestep vCPUs on a unprotected EPT view or to use #VE in order to avoid filter out VM-exits caused by EPT violations. Signed-off-by: Marian Rotariu <marian.c.rotariu at gmail.com> Co-developed-by: ?tefan ?icleru

On Tue, Jun 23, 2020 at 01:50:14PM +0200, Peter Zijlstra wrote: > If SNP is the sole reason #VC needs to be IST, then I'd strongly urge > you to only make it IST if/when you try and make SNP happen, not before. It is not the only reason, when ES guests gain debug register support then #VC also needs to be IST, because #DB can be promoted into #VC then, and as #DB is IST for a reason,

Hello, I''m interested in using the mem_event API (or it''s LibVMI wrapper), but I''m interested in capturing write events anywhere in a domU guest''s memory, _and_ not just once for each page write, but every time a page is being written to. To this end, I''ve looked at the xen-access.c example, where at first all the pages are being monitored:

Hi guys, I am new to QEMU-KVM, libvmi and libvirt stuff. Libvmi uses libvirt. I am trying to to run process-list example of libvmi and getting error as below. It seems that this error may be due to libvirt as it is not able to find domain. I seek your kind help on below error: spanhal1@seclab2:~/KVMModule/libvmi-0.10.1$ sudo ./examples/process-list ubuntu libvir: QEMU error : Domain not found:

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place

The KVM introspection subsystem provides a facility for applications running on the host or in a separate VM, to control the execution of other VM-s (pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.), alter the page access bits in the shadow page tables (only for the hardware backed ones, eg. Intel's EPT) and receive notifications when events of interest have taken place