From: "Adalbert Lazăr" <alazar@bitdefender.com>
To: kvm@vger.kernel.org
Cc: virtualization@lists.linux-foundation.org,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Sean Christopherson" <sean.j.christopherson@intel.com>,
"Ștefan Șicleru" <ssicleru@bitdefender.com>,
"Nicușor Cîțu" <ncitu@bitdefender.com>,
"Adalbert Lazăr" <alazar@bitdefender.com>
Subject: [RFC PATCH v7 63/78] KVM: introspection: add KVMI_VM_GET_MAX_GFN
Date: Fri, 7 Feb 2020 20:16:21 +0200 [thread overview]
Message-ID: <20200207181636.1065-64-alazar@bitdefender.com> (raw)
In-Reply-To: <20200207181636.1065-1-alazar@bitdefender.com>
From: Ștefan Șicleru <ssicleru@bitdefender.com>
The introspection tool can use this to set access restrictions for a
wide range of guest addresses.
Signed-off-by: Ștefan Șicleru <ssicleru@bitdefender.com>
Co-developed-by: Nicușor Cîțu <ncitu@bitdefender.com>
Signed-off-by: Nicușor Cîțu <ncitu@bitdefender.com>
Signed-off-by: Adalbert Lazăr <alazar@bitdefender.com>
---
Documentation/virt/kvm/kvmi.rst | 20 +++++++++++++++++++
include/uapi/linux/kvmi.h | 6 ++++++
.../testing/selftests/kvm/x86_64/kvmi_test.c | 12 +++++++++++
virt/kvm/introspection/kvmi_int.h | 1 +
virt/kvm/introspection/kvmi_msg.c | 14 +++++++++++++
5 files changed, 53 insertions(+)
diff --git a/Documentation/virt/kvm/kvmi.rst b/Documentation/virt/kvm/kvmi.rst
index 9a902a94ed28..c1badcde1662 100644
--- a/Documentation/virt/kvm/kvmi.rst
+++ b/Documentation/virt/kvm/kvmi.rst
@@ -735,6 +735,26 @@ order to be notified about the effective injected expection.
* -KVM_EBUSY - another *KVMI_VCPU_INJECT_EXCEPTION* command was issued and no
corresponding *KVMI_EVENT_TRAP* (if enabled) has been provided yet.
+16. KVMI_VM_GET_MAX_GFN
+-----------------------
+
+:Architecture: all
+:Versions: >= 1
+:Parameters: none
+:Returns:
+
+::
+
+ struct kvmi_error_code;
+ struct kvmi_vm_get_max_gfn_reply {
+ __u64 gfn;
+ };
+
+Provides the maximum GFN allocated to the VM by walking through all
+memory slots allocated by KVM, considering all address spaces indicated
+by KVM_ADDRESS_SPACE_NUM. Stricly speaking, the returned value refers
+to the first inaccessible GFN, next to the maximum accessible GFN.
+
Events
======
diff --git a/include/uapi/linux/kvmi.h b/include/uapi/linux/kvmi.h
index fcbb19020c70..70d5a67badef 100644
--- a/include/uapi/linux/kvmi.h
+++ b/include/uapi/linux/kvmi.h
@@ -35,6 +35,8 @@ enum {
KVMI_VCPU_CONTROL_CR = 15,
KVMI_VCPU_INJECT_EXCEPTION = 16,
+ KVMI_VM_GET_MAX_GFN = 17,
+
KVMI_NUM_MESSAGES
};
@@ -130,6 +132,10 @@ struct kvmi_vcpu_control_events {
__u32 padding2;
};
+struct kvmi_vm_get_max_gfn_reply {
+ __u64 gfn;
+};
+
struct kvmi_event {
__u16 size;
__u16 vcpu;
diff --git a/tools/testing/selftests/kvm/x86_64/kvmi_test.c b/tools/testing/selftests/kvm/x86_64/kvmi_test.c
index 6c9d1f3f927c..2852e6894e81 100644
--- a/tools/testing/selftests/kvm/x86_64/kvmi_test.c
+++ b/tools/testing/selftests/kvm/x86_64/kvmi_test.c
@@ -1229,6 +1229,17 @@ static void test_cmd_vcpu_inject_exception(struct kvm_vm *vm)
disable_vcpu_event(vm, KVMI_EVENT_BREAKPOINT);
}
+static void test_cmd_vm_get_max_gfn(void)
+{
+ struct kvmi_vm_get_max_gfn_reply rpl;
+ struct kvmi_msg_hdr req;
+
+ test_vm_command(KVMI_VM_GET_MAX_GFN, &req, sizeof(req),
+ &rpl, sizeof(rpl));
+
+ DEBUG("max_gfn: 0x%llx\n", rpl.gfn);
+}
+
static void test_introspection(struct kvm_vm *vm)
{
setup_socket();
@@ -1252,6 +1263,7 @@ static void test_introspection(struct kvm_vm *vm)
test_event_breakpoint(vm);
test_cmd_vcpu_control_cr(vm);
test_cmd_vcpu_inject_exception(vm);
+ test_cmd_vm_get_max_gfn();
unhook_introspection(vm);
}
diff --git a/virt/kvm/introspection/kvmi_int.h b/virt/kvm/introspection/kvmi_int.h
index 9784477db46c..65a5801f143c 100644
--- a/virt/kvm/introspection/kvmi_int.h
+++ b/virt/kvm/introspection/kvmi_int.h
@@ -37,6 +37,7 @@
| BIT(KVMI_VM_CHECK_EVENT) \
| BIT(KVMI_VM_CONTROL_EVENTS) \
| BIT(KVMI_VM_GET_INFO) \
+ | BIT(KVMI_VM_GET_MAX_GFN) \
| BIT(KVMI_VM_READ_PHYSICAL) \
| BIT(KVMI_VM_WRITE_PHYSICAL) \
| BIT(KVMI_VCPU_GET_INFO) \
diff --git a/virt/kvm/introspection/kvmi_msg.c b/virt/kvm/introspection/kvmi_msg.c
index 8d77e6a7794d..94fab70b56fa 100644
--- a/virt/kvm/introspection/kvmi_msg.c
+++ b/virt/kvm/introspection/kvmi_msg.c
@@ -23,6 +23,7 @@ static const char *const msg_IDs[] = {
[KVMI_VM_CHECK_EVENT] = "KVMI_VM_CHECK_EVENT",
[KVMI_VM_CONTROL_EVENTS] = "KVMI_VM_CONTROL_EVENTS",
[KVMI_VM_GET_INFO] = "KVMI_VM_GET_INFO",
+ [KVMI_VM_GET_MAX_GFN] = "KVMI_VM_GET_MAX_GFN",
[KVMI_VM_READ_PHYSICAL] = "KVMI_VM_READ_PHYSICAL",
[KVMI_VM_WRITE_PHYSICAL] = "KVMI_VM_WRITE_PHYSICAL",
[KVMI_VCPU_CONTROL_CR] = "KVMI_VCPU_CONTROL_CR",
@@ -336,6 +337,18 @@ static int handle_pause_vcpu(struct kvm_introspection *kvmi,
return kvmi_msg_vm_reply(kvmi, msg, err, NULL, 0);
}
+static int handle_vm_get_max_gfn(struct kvm_introspection *kvmi,
+ const struct kvmi_msg_hdr *msg,
+ const void *req)
+{
+ struct kvmi_vm_get_max_gfn_reply rpl;
+
+ memset(&rpl, 0, sizeof(rpl));
+ rpl.gfn = kvm_get_max_gfn(kvmi->kvm);
+
+ return kvmi_msg_vm_reply(kvmi, msg, 0, &rpl, sizeof(rpl));
+}
+
/*
* These commands are executed by the receiving thread/worker.
*/
@@ -346,6 +359,7 @@ static int(*const msg_vm[])(struct kvm_introspection *,
[KVMI_VM_CHECK_EVENT] = handle_check_event,
[KVMI_VM_CONTROL_EVENTS] = handle_vm_control_events,
[KVMI_VM_GET_INFO] = handle_get_info,
+ [KVMI_VM_GET_MAX_GFN] = handle_vm_get_max_gfn,
[KVMI_VM_READ_PHYSICAL] = handle_read_physical,
[KVMI_VM_WRITE_PHYSICAL] = handle_write_physical,
[KVMI_VCPU_PAUSE] = handle_pause_vcpu,
next prev parent reply other threads:[~2020-02-07 18:17 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-07 18:15 [RFC PATCH v7 00/78] VM introspection Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 01/78] sched/swait: add swait_event_killable_exclusive() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 02/78] export kill_pid_info() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 03/78] KVM: add new error codes for VM introspection Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 04/78] KVM: add kvm_vcpu_kick_and_wait() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 05/78] KVM: add kvm_get_max_gfn() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 06/78] KVM: doc: fix the hypercall numbering Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 07/78] KVM: x86: add kvm_arch_vcpu_get_regs() and kvm_arch_vcpu_get_sregs() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 08/78] KVM: x86: add kvm_arch_vcpu_set_regs() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 09/78] KVM: x86: avoid injecting #PF when emulate the VMCALL instruction Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 10/78] KVM: x86: add .bp_intercepted() to struct kvm_x86_ops Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 11/78] KVM: x86: add .control_cr3_intercept() " Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 12/78] KVM: x86: add .cr3_write_intercepted() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 13/78] KVM: x86: add .control_desc_intercept() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 14/78] KVM: x86: add .desc_intercepted() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 15/78] KVM: x86: export .msr_write_intercepted() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 16/78] KVM: x86: use MSR_TYPE_R, MSR_TYPE_W and MSR_TYPE_RW with AMD code too Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 17/78] KVM: svm: pass struct kvm_vcpu to set_msr_interception() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 18/78] KVM: vmx: pass struct kvm_vcpu to the intercept msr related functions Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 19/78] KVM: x86: add .control_msr_intercept() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 20/78] KVM: x86: vmx: use a symbolic constant when checking the exit qualifications Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 21/78] KVM: x86: save the error code during EPT/NPF exits handling Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 22/78] KVM: x86: add .fault_gla() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 23/78] KVM: x86: add .spt_fault() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 24/78] KVM: x86: add .gpt_translation_fault() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 25/78] KVM: x86: add .control_singlestep() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 26/78] KVM: x86: export kvm_arch_vcpu_set_guest_debug() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 27/78] KVM: x86: extend kvm_mmu_gva_to_gpa_system() with the 'access' parameter Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 28/78] KVM: x86: export kvm_inject_pending_exception() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 29/78] KVM: x86: export kvm_vcpu_ioctl_x86_get_xsave() Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 30/78] KVM: x86: page track: provide all page tracking hooks with the guest virtual address Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 31/78] KVM: x86: page track: add track_create_slot() callback Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 32/78] KVM: x86: page_track: add support for preread, prewrite and preexec Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 33/78] KVM: x86: wire in the preread/prewrite/preexec page trackers Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 34/78] KVM: x86: intercept the write access on sidt and other emulated instructions Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 35/78] KVM: x86: disable gpa_available optimization for fetch and page-walk NPF/EPT violations Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 36/78] KVM: introduce VM introspection Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 37/78] KVM: introspection: add hook/unhook ioctls Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 38/78] KVM: introspection: add permission access ioctls Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 39/78] KVM: introspection: add the read/dispatch message function Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 40/78] KVM: introspection: add KVMI_GET_VERSION Adalbert Lazăr
2020-02-07 18:15 ` [RFC PATCH v7 41/78] KVM: introspection: add KVMI_VM_CHECK_COMMAND and KVMI_VM_CHECK_EVENT Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 42/78] KVM: introspection: add KVMI_VM_GET_INFO Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 43/78] KVM: introspection: add KVMI_EVENT_UNHOOK Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 44/78] KVM: introspection: add KVMI_VM_CONTROL_EVENTS Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 45/78] KVM: introspection: add KVMI_VM_READ_PHYSICAL/KVMI_VM_WRITE_PHYSICAL Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 46/78] KVM: introspection: add vCPU related data Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 47/78] KVM: introspection: add a jobs list to every introspected vCPU Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 48/78] KVM: introspection: handle vCPU introspection requests Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 49/78] KVM: introspection: handle vCPU commands Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 50/78] KVM: introspection: add KVMI_VCPU_GET_INFO Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 51/78] KVM: introspection: add KVMI_VCPU_PAUSE Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 52/78] KVM: introspection: add KVMI_EVENT_PAUSE_VCPU Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 53/78] KVM: introspection: add KVMI_VCPU_CONTROL_EVENTS Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 54/78] KVM: introspection: add KVMI_VCPU_GET_REGISTERS Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 55/78] KVM: introspection: add KVMI_VCPU_SET_REGISTERS Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 56/78] KVM: introspection: add KVMI_VCPU_GET_CPUID Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 57/78] KVM: introspection: add KVMI_EVENT_HYPERCALL Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 58/78] KVM: introspection: add KVMI_EVENT_BREAKPOINT Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 59/78] KVM: introspection: restore the state of #BP interception on unhook Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 60/78] KVM: introspection: add KVMI_VCPU_CONTROL_CR and KVMI_EVENT_CR Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 61/78] KVM: introspection: restore the state of CR3 interception on unhook Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 62/78] KVM: introspection: add KVMI_VCPU_INJECT_EXCEPTION + KVMI_EVENT_TRAP Adalbert Lazăr
2020-02-07 18:16 ` Adalbert Lazăr [this message]
2020-02-07 18:16 ` [RFC PATCH v7 64/78] KVM: introspection: add KVMI_EVENT_XSETBV Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 65/78] KVM: introspection: add KVMI_VCPU_GET_XSAVE Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 66/78] KVM: introspection: add KVMI_VCPU_GET_MTRR_TYPE Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 67/78] KVM: introspection: add KVMI_EVENT_DESCRIPTOR Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 68/78] KVM: introspection: restore the state of descriptor interception on unhook Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 69/78] KVM: introspection: add KVMI_VCPU_CONTROL_MSR and KVMI_EVENT_MSR Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 70/78] KVM: introspection: restore the state of MSR interception on unhook Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 71/78] KVM: introspection: add KVMI_VM_SET_PAGE_ACCESS Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 72/78] KVM: introspection: add KVMI_EVENT_PF Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 73/78] KVM: introspection: extend KVMI_GET_VERSION with struct kvmi_features Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 74/78] KVM: introspection: add KVMI_VCPU_CONTROL_SINGLESTEP Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 75/78] KVM: introspection: add KVMI_EVENT_SINGLESTEP Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 76/78] KVM: introspection: add KVMI_VCPU_TRANSLATE_GVA Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 77/78] KVM: introspection: emulate a guest page table walk on SPT violations due to A/D bit updates Adalbert Lazăr
2020-02-07 18:16 ` [RFC PATCH v7 78/78] KVM: x86: call the page tracking code on emulation failure Adalbert Lazăr
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200207181636.1065-64-alazar@bitdefender.com \
--to=alazar@bitdefender.com \
--cc=kvm@vger.kernel.org \
--cc=ncitu@bitdefender.com \
--cc=pbonzini@redhat.com \
--cc=sean.j.christopherson@intel.com \
--cc=ssicleru@bitdefender.com \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).