Hello all, I have been looking through the internet and through the wiki, trying to find something which explains in details the available interfaces with which one might be able to insert some code to make some slight additions to Xen functionality. I am doing some research on the possibility of adding some extra functionality to Xen, and my supervisor has mentioned that these are things worth looking into (he called them modules / kernel modules). Is there a source of info which lists these tools please? Although I have spent today going through many pages and searching I could not find anything, although perhaps I was using some incorrect terms. All the best, Muhammed _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On Tue, 2011-12-20 at 23:02 +0000, Mustafa Aydin wrote:> Hello all, > > I have been looking through the internet and through the wiki, trying > to find something which explains in details the available interfaces > with which one might be able to insert some code to make some slight > additions to Xen functionality. I am doing some research on the > possibility of adding some extra functionality to Xen, and my > supervisor has mentioned that these are things worth looking into (he > called them modules / kernel modules). > > Is there a source of info which lists these tools please? Although I > have spent today going through many pages and searching I could not > find anything, although perhaps I was using some incorrect terms.The Xen hypervisor does not have any concept of kernel modules or runtime code modification / loading. The method by which you insert some code into or make some modification is to modify the hypervisor code directly. Perhaps if you explain your actual end goal you can be better advised. Or perhaps you/your supervisor are thinking of the dom0 guest operating system which may have a module loading system (e.g. Linux does). This is nothing to do with Xen though. Thanks, Ian.
Hi Ian, Thanks for the response.> Perhaps if you explain your actual end goal you can be better advised.What we are planning to do is to insert some code which can automatically utilise some instructions from forensics investigation tools (such as a command line tools like Sleuthkit), and to do this automatically upon starting up and shutdown / suspension of a virtual machine running on the Xen hypervisor in order to aid forensic investigations. Nothing complicated being added but we need to know exactly where we would need to put these commands. My understanding is that because this would be performed on the domain U guest operating systems this change would need to be at the hypervisor level rather than the dom 0. Could you advise on how to go about this please? What I have been looking for is anything which could help me to do this to Xen, such as a tutorial or a guide, and couldn''t find anything. All the best, Muhammed _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
On Wed, 2011-12-21 at 16:40 +0000, Muhammed Aydin wrote:> Hi Ian, > > Thanks for the response. > > > Perhaps if you explain your actual end goal you can be better > advised. > > What we are planning to do is to insert some code which can > automatically utilise some instructions from forensics investigation > tools (such as a command line tools like Sleuthkit), and to do this > automatically upon starting up and shutdown / suspension of a virtual > machine running on the Xen hypervisor in order to aid forensic > investigations. Nothing complicated being added but we need to know > exactly where we would need to put these commands. > > My understanding is that because this would be performed on the domain > U guest operating systems this change would need to be at the > hypervisor level rather than the dom 0. Could you advise on how to go > about this please? What I have been looking for is anything which > could help me to do this to Xen, such as a tutorial or a guide, and > couldn''t find anything.Without knowing the precise details for "some instructions from forensics investigation tools" I can''t say for sure but this sounds on the face of it like something which can be done from dom0 by using the usual privileged operations to examine guest state. Perhaps the "xenaccess" library (now apparently called LibVMI) will help you to achieve your goals. I believe this uses the Memory Access API added in Xen 4.1 although I''m not personally familiar with the specifics. There are no hooks for doing anything on domain startup/shutdown/suspend but the generic functionality of running something on these events seems like a plausibly useful generic addition to the xl toolstack (see tools/libxl). Ian.
Reasonably Related Threads
- Auditing a vm image - virt-diff - was: Read MBR and store in a file?
- Stupid --delete mistake
- Re: [PATCH 2/3] added icat API to retrieve deleted or inaccessible files
- Libguestfs as filesystem forensic tool
- [PATCH 0/3] added The Sleuth Kit and icat API for downloading inaccessible files