On Mon, Oct 08, 2012 at 04:15:57PM +0800, R wrote:
> Hi,
>
> I am a student. And my teacher told me to monitor every process in guest.
> So, I try to intercept every Cr3 access. However, if kvm is loaded
> with EPT enable, Acesses to Cr3 would not cause VM-exit.
Disable EPT by loading kvm-intel.ko module with enable_ept=0 parameter.
Then, CR3 accesses will trap.
> I modified the code to change vmcs configuration.
> To be specific, these functions are rewirted.
> static void ept_update_paging_mode_cr0(unsigned long *hw_cr0,
> unsigned long cr0,
> struct kvm_vcpu *vcpu)
> {
> ....
> } else if (!is_paging(vcpu)) {
> /* From nonpaging to paging */
> vmcs_write32(CPU_BASED_VM_EXEC_CONTROL,
> vmcs_read32(CPU_BASED_VM_EXEC_CONTROL) &
> - ~(CPU_BASED_CR3_LOAD_EXITING |
> + ~( // CPU_BASED_CR3_LOAD_EXITING|
> CPU_BASED_CR3_STORE_EXITING));
> ....
> }
>
> static __init int setup_vmcs_config(struct vmcs_config *vmcs_conf)
> {
> ...
> if (_cpu_based_2nd_exec_control & SECONDARY_EXEC_ENABLE_EPT) {
> /* CR3 accesses and invlpg don't need to cause VM Exits when EPT
> enabled */
> - _cpu_based_exec_control &= ~(CPU_BASED_CR3_LOAD_EXITING |
> + _cpu_based_exec_control &= ~( //
> CPU_BASED_CR3_LOAD_EXITING |
> CPU_BASED_CR3_STORE_EXITING |
> CPU_BASED_INVLPG_EXITING);
> ....
> }
>
> I though it can force every Cr3 access to be trapped with EPT enable.
> However, VM seems to fail to boot when it changes from nonpaging to
> paging.
> Do U guys have any idea? Or Can someone tell me how can I intercept
> Cr3 access and why can not it work?
>
> Thank U for answering.
>
> --
> Thanks
> Rui Wu
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
