From: Wei Liu <wei.liu2@citrix.com>
To: PREETI MISHRA <2013rcp9523@mnit.ac.in>
Cc: Xen-devel <xen-devel@lists.xenproject.org>,
Wei Liu <wei.liu2@citrix.com>
Subject: Re: Help in fixing a issue
Date: Fri, 5 Feb 2016 11:08:38 +0000 [thread overview]
Message-ID: <20160205110838.GV23178@citrix.com> (raw)
In-Reply-To: <CAMOnYFn2ZH+aN1XJT=MJtrz_GfbiwoSuwFkQMg1a-porTLRR=Q@mail.gmail.com>
Add back xen-devel, please use "reply-all" in the future.
And please don't top-post.
On Fri, Feb 05, 2016 at 10:01:57PM +1100, PREETI MISHRA wrote:
> Thanks for the reply,
>
> actually, I have a virtual machine in which some processes are running. I
> want to analysis their behavior using VMI at xen.
>
Have you checked out libvmi in this case?
> My tool has two components:i) xen patch running at hypervisor ii) analyzing
> component running at Dom0
>
> 1. Xen patch is responsible for collecting the system call information of a
> monitored process. It can be syscall no and process id.
> - how to take this information? //particularly i want to trap any
> execution of monitored programs.
> - how to store this information in buffer?
> -how to send alert to my another daemon (analyzing component)
> running in Dom0.
See xentrace / xenanalyze in xen.git.
> 2. On receiving alert, analyzing component perform analysis over the
> collected data.
> - how to send the buffer information (pid and system call no) to
> analyzing component?
>
Anyway, I'm not expert on this. I will let other people to have a look.
My gut feeling is that libvmi should be the way to go.
Wei.
next prev parent reply other threads:[~2016-02-05 11:08 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-05 10:15 Help in fixing a issue PREETI MISHRA
2016-02-05 10:48 ` Wei Liu
[not found] ` <CAMOnYFn2ZH+aN1XJT=MJtrz_GfbiwoSuwFkQMg1a-porTLRR=Q@mail.gmail.com>
2016-02-05 11:08 ` Wei Liu [this message]
2016-02-05 11:21 ` Wei Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160205110838.GV23178@citrix.com \
--to=wei.liu2@citrix.com \
--cc=2013rcp9523@mnit.ac.in \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).