From: "Mihai Donțu" <mdontu@bitdefender.com>
To: "Xiao Guangrong" <guangrong.xiao@gmail.com>,
"Adalber Lazăr" <alazar@bitdefender.com>,
kvm@vger.kernel.org
Cc: linux-mm@kvack.org, "Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Xiao Guangrong" <guangrong.xiao@linux.intel.com>
Subject: Re: [RFC PATCH v4 00/18] VM introspection
Date: Wed, 03 Jan 2018 16:32:10 +0200 [thread overview]
Message-ID: <1514989930.2751.33.camel@bitdefender.com> (raw)
In-Reply-To: <310d60aa-9979-cb73-058d-831ca6b98dfa@gmail.com>
On Wed, 2018-01-03 at 11:34 +0800, Xiao Guangrong wrote:
> On 12/19/2017 03:06 AM, Adalber Lazăr wrote:
> > From: Adalbert Lazar <alazar@bitdefender.com>
> >
> > This patch series proposes a VM introspection subsystem for KVM (KVMI).
> >
> > The previous RFC can be read here: https://marc.info/?l=kvm&m=150514457912721
> >
> > These patches were tested on kvm/master,
> > commit 43aabca38aa9668eee3c3c1206207034614c0901 (Merge tag 'kvm-arm-fixes-for-v4.15-2' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD).
> >
> > In this iteration we refactored the code based on the feedback received
> > from Paolo and others.
>
> I am thinking if we can define some check points in KVM where
> BPF programs are allowed to attach, then employ the policies
> in BPFs instead...
That would be a nice feature to have. For example, we could use it to
pre-filter the events (eg. drop EPT #PF events generated by A/D bit
updates). Also, sure, given how BPF has evolved in Linux these past few
years (see JIT) we could upload some pretty complex introspection
logic.
Regards,
--
Mihai Donțu
WARNING: multiple messages have this Message-ID (diff)
From: "Mihai Donțu" <mdontu@bitdefender.com>
To: "Xiao Guangrong" <guangrong.xiao@gmail.com>,
"Adalber Lazăr" <alazar@bitdefender.com>,
kvm@vger.kernel.org
Cc: linux-mm@kvack.org, "Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Xiao Guangrong" <guangrong.xiao@linux.intel.com>
Subject: Re: [RFC PATCH v4 00/18] VM introspection
Date: Wed, 03 Jan 2018 16:32:10 +0200 [thread overview]
Message-ID: <1514989930.2751.33.camel@bitdefender.com> (raw)
In-Reply-To: <310d60aa-9979-cb73-058d-831ca6b98dfa@gmail.com>
On Wed, 2018-01-03 at 11:34 +0800, Xiao Guangrong wrote:
> On 12/19/2017 03:06 AM, Adalber LazA?r wrote:
> > From: Adalbert Lazar <alazar@bitdefender.com>
> >
> > This patch series proposes a VM introspection subsystem for KVM (KVMI).
> >
> > The previous RFC can be read here: https://marc.info/?l=kvm&m=150514457912721
> >
> > These patches were tested on kvm/master,
> > commit 43aabca38aa9668eee3c3c1206207034614c0901 (Merge tag 'kvm-arm-fixes-for-v4.15-2' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD).
> >
> > In this iteration we refactored the code based on the feedback received
> > from Paolo and others.
>
> I am thinking if we can define some check points in KVM where
> BPF programs are allowed to attach, then employ the policies
> in BPFs instead...
That would be a nice feature to have. For example, we could use it to
pre-filter the events (eg. drop EPT #PF events generated by A/D bit
updates). Also, sure, given how BPF has evolved in Linux these past few
years (see JIT) we could upload some pretty complex introspection
logic.
Regards,
--
Mihai DonE?u
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2018-01-03 14:32 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-18 19:06 [RFC PATCH v4 00/18] VM introspection Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 01/18] kvm: add documentation and ABI/API headers for the VM introspection subsystem Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 02/18] add memory map/unmap support for VM introspection on the guest side Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-21 21:17 ` Patrick Colp
2017-12-21 21:17 ` Patrick Colp
2017-12-22 10:44 ` Mircea CIRJALIU-MELIU
2017-12-22 14:30 ` Patrick Colp
2017-12-18 19:06 ` [RFC PATCH v4 03/18] kvm: x86: add kvm_arch_msr_intercept() Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 04/18] kvm: x86: add kvm_mmu_nested_guest_page_fault() and kvmi_mmu_fault_gla() Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-21 21:29 ` Patrick Colp
2017-12-21 21:29 ` Patrick Colp
2017-12-22 11:50 ` Mihai Donțu
2017-12-22 11:50 ` Mihai Donțu
2017-12-18 19:06 ` [RFC PATCH v4 05/18] kvm: x86: add kvm_arch_vcpu_set_regs() Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-21 21:39 ` Patrick Colp
2017-12-21 21:39 ` Patrick Colp
2017-12-22 9:29 ` alazar
2017-12-22 9:29 ` alazar
2017-12-18 19:06 ` [RFC PATCH v4 06/18] kvm: vmx: export the availability of EPT views Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 07/18] kvm: page track: add support for preread, prewrite and preexec Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-21 22:01 ` Patrick Colp
2017-12-21 22:01 ` Patrick Colp
2017-12-22 10:01 ` alazar
2017-12-22 10:01 ` alazar
2017-12-18 19:06 ` [RFC PATCH v4 08/18] kvm: add the VM introspection subsystem Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-22 7:34 ` Patrick Colp
2017-12-22 7:34 ` Patrick Colp
2017-12-22 14:11 ` Adalbert Lazăr
2017-12-22 14:11 ` Adalbert LazA?r
2017-12-22 15:12 ` Patrick Colp
2017-12-22 15:12 ` Patrick Colp
2017-12-22 15:51 ` alazar
2017-12-22 15:51 ` alazar
2017-12-22 16:26 ` Patrick Colp
2017-12-22 16:26 ` Patrick Colp
2017-12-22 16:02 ` Paolo Bonzini
2017-12-22 16:02 ` Paolo Bonzini
2017-12-22 16:18 ` Mircea CIRJALIU-MELIU
2017-12-22 16:35 ` Paolo Bonzini
2017-12-22 16:35 ` Paolo Bonzini
2017-12-22 16:09 ` Paolo Bonzini
2017-12-22 16:09 ` Paolo Bonzini
2017-12-22 16:34 ` Mircea CIRJALIU-MELIU
2017-12-18 19:06 ` [RFC PATCH v4 09/18] kvm: hook in " Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-22 16:36 ` Patrick Colp
2017-12-22 16:36 ` Patrick Colp
2017-12-18 19:06 ` [RFC PATCH v4 10/18] kvm: x86: handle the new vCPU request (KVM_REQ_INTROSPECTION) Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 11/18] kvm: x86: hook in the page tracking Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 12/18] kvm: x86: hook in kvmi_breakpoint_event() Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 13/18] kvm: x86: hook in kvmi_descriptor_event() Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 14/18] kvm: x86: hook in kvmi_cr_event() Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 15/18] kvm: x86: hook in kvmi_xsetbv_event() Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 16/18] kvm: x86: hook in kvmi_msr_event() Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 17/18] kvm: x86: handle the introspection hypercalls Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2017-12-18 19:06 ` [RFC PATCH v4 18/18] kvm: x86: hook in kvmi_trap_event() Adalber Lazăr
2017-12-18 19:06 ` Adalber Lazăr
2018-01-03 3:34 ` [RFC PATCH v4 00/18] VM introspection Xiao Guangrong
2018-01-03 3:34 ` Xiao Guangrong
2018-01-03 14:32 ` Mihai Donțu [this message]
2018-01-03 14:32 ` Mihai Donțu
2018-01-03 18:52 ` Adalbert Lazăr
2018-01-03 18:52 ` Adalbert Lazăr
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1514989930.2751.33.camel@bitdefender.com \
--to=mdontu@bitdefender.com \
--cc=alazar@bitdefender.com \
--cc=guangrong.xiao@gmail.com \
--cc=guangrong.xiao@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.