bitdefender / libkvmi Goto Github PK
View Code? Open in Web Editor NEWKVM Virtual Machine Introspection Library
License: GNU Lesser General Public License v3.0
KVM Virtual Machine Introspection Library
License: GNU Lesser General Public License v3.0
Hi,
would it be possible to have a branch with libkvmi for kvmi-v6 ?
this is the version that will be included in libvmi:
libvmi/libvmi#844
I'm writing the PR to use your repo:
https://github.com/KVM-VMI/libvmi/pull/32/files
thanks !
Is there any examples that capture system call events using libkvmi?
I've tried to use KVMI_VCPU_TRANSLATE_GVA to translate a user space gva to gpa, so that eventually I could read this memory. (I have a breakpoint at syscalls, and I'd like to read the filename, which pointer is in %edi/%esi.) However, KVM returns ~0, meaning that it's an UNMAPPED_GVA. Would you know why is that so?
The KVM source code has a comment that functions which read memory are "meant" for instructions fetching. However, I don't understand why that would matter. I try to perform address translation while the vcpu is executing, so I expected it to just work. I've seen that libvmi has code that performs page table lookup, so there must be a good reason behind it...
I'll be grateful for your insight.
Thank you.
make[2]: Entering directory `/__w/libvmi/libvmi/libkvmi/src'
/bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../include -I../include/linux/x86_64 -g -O2 -W -Wall -MT kvmi.lo -MD -MP -MF .deps/kvmi.Tpo -c -o kvmi.lo kvmi.c
libtool: compile: gcc -DHAVE_CONFIG_H -I. -I.. -I../include -I../include/linux/x86_64 -g -O2 -W -Wall -MT kvmi.lo -MD -MP -MF .deps/kvmi.Tpo -c kvmi.c -fPIC -DPIC -o .libs/kvmi.o
kvmi.c: In function 'handshake_done':
kvmi.c:625:9: warning: missing initializer for field 'struct_size' of 'struct kvmi_introspector2qemu' [-Wmissing-field-initializers]
struct kvmi_introspector2qemu intro = {};
^
In file included from kvmi.c:41:0:
../include/libkvmi.h:59:11: note: 'struct_size' declared here
uint32_t struct_size;
^
kvmi.c: In function 'kvmi_domain_close':
kvmi.c:1161:2: error: 'for' loop initial declarations are only allowed in C99 mode
for ( struct kvmi_dom_event *ev = dom->events; ev; ) {
^
kvmi.c:1161:2: note: use option -std=c99 or -std=gnu99 to compile your code
kvmi.c: In function 'kvmi_set_xsave':
kvmi.c:2561:9: warning: missing initializer for field 'id' of 'struct kvmi_msg_hdr' [-Wmissing-field-initializers]
struct kvmi_msg_hdr hdr = {};
^
In file included from ../include/libkvmi.h:25:0,
from kvmi.c:41:
../include/linux/kvmi.h:92:8: note: 'id' declared here
__u16 id;
^
kvmi.c:2562:9: warning: missing initializer for field 'vcpu' of 'struct kvmi_vcpu_hdr' [-Wmissing-field-initializers]
struct kvmi_vcpu_hdr vcpu_hdr = {};
^
In file included from ../include/libkvmi.h:25:0,
from kvmi.c:41:
../include/linux/kvmi.h:204:8: note: 'vcpu' declared here
__u16 vcpu;
^
make[2]: *** [kvmi.lo] Error 1
make[2]: Leaving directory `/__w/libvmi/libvmi/libkvmi/src'
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.