On Thu, Jul 13, 2017 at 08:37:07AM +0300, Mihai Donțu wrote: > Hi Konrad, > > On Wed, 2017-07-12 at 10:09 -0400, Konrad Rzeszutek Wilk wrote: > > On Fri, Jul 07, 2017 at 05:34:15PM +0300, Adalbert Lazar wrote: > > > The following patch adds the documentation for an introspection subsystem for > > > KVM (KVMi). It details the purpose and the use case that has shaped the > > > proposed API/ABI, as well as the wire protocol. > > > > > > During the discussion that has developed around our previous RFC patchset a > > > number of TODO-s have been highlighted: > > > > > > * the integration in qemu: a socket-based protocol used to initiate the > > > connection with an introspection tool and then passes control to KVM, the > > > in-kernel mechanism taking over from there; > > > > > > * the integration of the SPT-handling mechanism into the KVM MMU; > > > > > > * the elaboration of a set of policies and a mechanism to better control > > > this feature; > > > > > > One bit of code that has passed (maybe) unnoticed in the RFC is a new > > > function added to Linux' mm called vm_replace_page() which, much like KSM's > > > replace_page(), gets two processes to share a page (read-write, no-COW): > > > > > > https://marc.info/?l=kvm&m=149762056518799&w=2 > > > > > > This is used to quickly scan and patch the guest software. > > > > > > The patch following this cover letter does not yet address the points above > > > but aims to clear with the community the overall ABI/API, with a focus on > > > x86. > > > > Are there thoughts on making this work with libvmi? Or would this > > interface be used by a paid product? > > We have not looked at how we would go about adding support for this API > in libvmi, but a quick look tells me a driver shouldn't be that hard to > write. OK. Asking as the libvmi interface is quite fantastic. It has the drivers for VMWare, Xen, and others - and a pretty cool library to do most of the introspection through simple application linking to it. And more importantly (to me at least), it does allow academia to test different ideas. > > We are, however, looking at publishing the sources for a small library > called libkvmi that would expose an easy-to-use interface and on top of > which we will add support for KVM VMI in: > > https://github.com/razvan-cojocaru/libbdvmi And thoughts of testing API that will be part of KVM test unit? > > Other than that, the major user will indeed be a commercial product > that, right now, uses Xen's VMI infrastructure: > > https://citrixready.citrix.com/bitdefender/bitdefender-hypervisor-introspection.html > > Thanks, > > > > v2: > > > - add documentation and ABI [Paolo, Jan] > > > - drop all the other patches for now [Paolo] > > > - remove KVMI_GET_GUESTS, KVMI_EVENT_GUEST_ON, KVMI_EVENT_GUEST_OFF, > > > and let libvirt/qemu handle this [Stefan, Paolo] > > > - change the license from LGPL to GPL [Jan] > > > - remove KVMI_READ_PHYSICAL and KVMI_WRITE_PHYSICAL (not used anymore) > > > - make the interface a little more consistent > > > > > > Adalbert Lazar (1): > > > kvm: Add documentation and ABI/API header for VM introspection > > > > > > Documentation/virtual/kvm/kvmi.rst | 985 +++++++++++++++++++++++++++++++++++++ > > > include/uapi/linux/kvmi.h | 310 ++++++++++++ > > > 2 files changed, 1295 insertions(+) > > > create mode 100644 Documentation/virtual/kvm/kvmi.rst > > > create mode 100644 include/uapi/linux/kvmi.h > > > > > -- > Mihai Donțu >
