From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mihai =?UTF-8?Q?Don=C8=9Bu?= Subject: Re: [RFC PATCH v2 0/1] VM introspection Date: Thu, 13 Jul 2017 08:37:07 +0300 Message-ID: <1499924227.2110.340.camel@bitdefender.com> References: <20170707143416.11195-1-alazar@bitdefender.com> <20170712140938.GC2415@localhost.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit Cc: kvm@vger.kernel.org, Paolo Bonzini , Radim =?UTF-8?Q?Kr=C4=8Dm=C3=A1=C5=99?= , Jan Kiszka , Stefan Hajnoczi , Adalbert Lazar To: Konrad Rzeszutek Wilk Return-path: Received: from mx01.bbu.dsd.mx.bitdefender.com ([91.199.104.161]:41780 "EHLO mx01.bbu.dsd.mx.bitdefender.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751081AbdGMFhP (ORCPT ); Thu, 13 Jul 2017 01:37:15 -0400 Received: from smtp02.buh.bitdefender.net (smtp.bitdefender.biz [10.17.80.76]) by mx-sr.buh.bitdefender.com (Postfix) with ESMTP id 6913C7FBD3 for ; Thu, 13 Jul 2017 08:37:13 +0300 (EEST) In-Reply-To: <20170712140938.GC2415@localhost.localdomain> Sender: kvm-owner@vger.kernel.org List-ID: Hi Konrad, On Wed, 2017-07-12 at 10:09 -0400, Konrad Rzeszutek Wilk wrote: > On Fri, Jul 07, 2017 at 05:34:15PM +0300, Adalbert Lazar wrote: > > The following patch adds the documentation for an introspection subsystem for > > KVM (KVMi). It details the purpose and the use case that has shaped the > > proposed API/ABI, as well as the wire protocol. > > > > During the discussion that has developed around our previous RFC patchset a > > number of TODO-s have been highlighted: > > > >  * the integration in qemu: a socket-based protocol used to initiate the > >    connection with an introspection tool and then passes control to KVM, the > >    in-kernel mechanism taking over from there; > > > >  * the integration of the SPT-handling mechanism into the KVM MMU; > > > >  * the elaboration of a set of policies and a mechanism to better control > >    this feature; > > > > One bit of code that has passed (maybe) unnoticed in the RFC is a new > > function added to Linux' mm called vm_replace_page() which, much like KSM's > > replace_page(), gets two processes to share a page (read-write, no-COW): > > > > https://marc.info/?l=kvm&m=149762056518799&w=2 > > > > This is used to quickly scan and patch the guest software. > > > > The patch following this cover letter does not yet address the points above > > but aims to clear with the community the overall ABI/API, with a focus on > > x86. > > Are there thoughts on making this work with libvmi? Or would this > interface be used by a paid product? We have not looked at how we would go about adding support for this API in libvmi, but a quick look tells me a driver shouldn't be that hard to write. We are, however, looking at publishing the sources for a small library called libkvmi that would expose an easy-to-use interface and on top of which we will add support for KVM VMI in: https://github.com/razvan-cojocaru/libbdvmi Other than that, the major user will indeed be a commercial product that, right now, uses Xen's VMI infrastructure: https://citrixready.citrix.com/bitdefender/bitdefender-hypervisor-introspection.html Thanks, > > v2: > >   - add documentation and ABI [Paolo, Jan] > >   - drop all the other patches for now [Paolo] > >   - remove KVMI_GET_GUESTS, KVMI_EVENT_GUEST_ON, KVMI_EVENT_GUEST_OFF, > >     and let libvirt/qemu handle this [Stefan, Paolo] > >   - change the license from LGPL to GPL [Jan] > >   - remove KVMI_READ_PHYSICAL and KVMI_WRITE_PHYSICAL (not used anymore) > >   - make the interface a little more consistent > > > > Adalbert Lazar (1): > >   kvm: Add documentation and ABI/API header for VM introspection > > > >  Documentation/virtual/kvm/kvmi.rst | 985 +++++++++++++++++++++++++++++++++++++ > >  include/uapi/linux/kvmi.h          | 310 ++++++++++++ > >  2 files changed, 1295 insertions(+) > >  create mode 100644 Documentation/virtual/kvm/kvmi.rst > >  create mode 100644 include/uapi/linux/kvmi.h > > -- Mihai Donțu