* Is that possible to virtualize a kernel module?
@ 2011-12-27 9:58 吴锐
2011-12-27 10:02 ` Avi Kivity
0 siblings, 1 reply; 3+ messages in thread
From: 吴锐 @ 2011-12-27 9:58 UTC (permalink / raw)
To: kvm
Hi,
I am currently do a project to detect malicious module. And I want to
use KVM, namely, using virtualization to achieve this?
Is that possible to virtualize a kernel module without a virtualized Linux?
For example, if I only want to virtualize a network device, the
network device still runs inside the kernel memory address space
without changing anything else.
The only difference is that the network device will run on VMX
non-root mode, while the kernel still run on VMX root mode.
Rui
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Is that possible to virtualize a kernel module?
2011-12-27 9:58 Is that possible to virtualize a kernel module? 吴锐
@ 2011-12-27 10:02 ` Avi Kivity
2011-12-29 3:00 ` Zhen-Hua Li
0 siblings, 1 reply; 3+ messages in thread
From: Avi Kivity @ 2011-12-27 10:02 UTC (permalink / raw)
To: 吴锐; +Cc: kvm
On 12/27/2011 11:58 AM, 吴锐 wrote:
> Hi,
>
> I am currently do a project to detect malicious module. And I want to
> use KVM, namely, using virtualization to achieve this?
> Is that possible to virtualize a kernel module without a virtualized Linux?
> For example, if I only want to virtualize a network device, the
> network device still runs inside the kernel memory address space
> without changing anything else.
> The only difference is that the network device will run on VMX
> non-root mode, while the kernel still run on VMX root mode.
>
What would be the point? the "virtualized" module can corrupt the
non-virtualized kernel's memory.
It may be technically possible (using vmx, but not kvm), but it's a lot
of work.
--
error compiling committee.c: too many arguments to function
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Is that possible to virtualize a kernel module?
2011-12-27 10:02 ` Avi Kivity
@ 2011-12-29 3:00 ` Zhen-Hua Li
0 siblings, 0 replies; 3+ messages in thread
From: Zhen-Hua Li @ 2011-12-29 3:00 UTC (permalink / raw)
To: Avi Kivity; +Cc: 吴锐, kvm
Do you mean that you want to run a kernel in another VM? I think it
is not possible.
I have checked it. In a qemu with kvm enabled,
# cat /proc/cpuinfo | grep ^flags
flags : fpu de pse tsc msr pae mce cx8 apic sep pge cmov mmx
fxsr sse sse2 up pni popcnt hypervisor
It does not have "VMX" in flags. That means the vm does not have vt support.
On Tue, Dec 27, 2011 at 6:02 PM, Avi Kivity <avi@redhat.com> wrote:
> On 12/27/2011 11:58 AM, 吴锐 wrote:
>> Hi,
>>
>> I am currently do a project to detect malicious module. And I want to
>> use KVM, namely, using virtualization to achieve this?
>> Is that possible to virtualize a kernel module without a virtualized Linux?
>> For example, if I only want to virtualize a network device, the
>> network device still runs inside the kernel memory address space
>> without changing anything else.
>> The only difference is that the network device will run on VMX
>> non-root mode, while the kernel still run on VMX root mode.
>>
>
> What would be the point? the "virtualized" module can corrupt the
> non-virtualized kernel's memory.
>
> It may be technically possible (using vmx, but not kvm), but it's a lot
> of work.
>
>
> --
> error compiling committee.c: too many arguments to function
>
> --
> To unsubscribe from this list: send the line "unsubscribe kvm" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-12-29 3:00 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-12-27 9:58 Is that possible to virtualize a kernel module? 吴锐
2011-12-27 10:02 ` Avi Kivity
2011-12-29 3:00 ` Zhen-Hua Li
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).