On 04/08/2016 13:18, Mihai Donțu wrote: > The model we're aiming is: on a KVM host, out of the N running VM-s, one > has special privileges allowing it to manipulate the memory and vCPU > state of the others. We call that special VM an SVA (Security Virtual > Appliance) and it uses a channel (much like the one found on Xen - > evtchn) and a set of specific VMCALL-s to: > > * receive notifications from the host when a new VM is > created/destroyed > * manipulate the EPT of a specific VM > * manipulate the vCPU state of a specific VM (GPRs) > * manipulate the memory of a specific VM (insert code) No special VMs and hypercalls, please. Xen is a microkernel at its core, KVM is not. Just run a process on the host. I'm not very convinced of manipulating the EPT page tables directly. There must be some higher-level abstraction. For example, KVM has recently grown a new in-kernel interface to track dirty pages, and if anything you should export that one as ioctls, and make QEMU use the ioctls. > Obviously we've tried the userspace / qemu approach since it would have > made development _much_ easier, but it's simply not "performant" enough. That reminds me of kdbus. Without having even stated what the requirements are, "it's slow" is dogma rather than fact. Even more so if the client is proprietary and hidden behind a black-box "appliance". vhost-user is performant enough for line-speed packet processing. It's obviously not the same thing as VM memory introspection, but it's a logical suggestion. Paolo -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
