On 14/08/19 11:48, Adalbert Lazăr wrote: >> Why does closing the socket require destroying the kvmi object? E.g. can >> it be marked as defunct or whatever and only fully removed on a synchronous >> unhook from userspace? Re-hooking could either require said unhook, or >> maybe reuse the existing kvmi object with a new socket. > Will it be better to have the following ioctls? > > - hook (alloc kvmi and kvmi_vcpu structs) > - notify_imminent_unhook (send the KVMI_EVENT_UNHOOK event) > - unhook (free kvmi and kvmi_vcpu structs) Yeah, that is nice also because it leaves the timeout policy to userspace. (BTW, please change references to QEMU to "userspace"). Paolo
