This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] possible to do analysis at instruction level?

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] possible to do analysis at instruction level?
From: John Liu <bradevuu@xxxxxxxxx>
Date: Wed, 6 Jul 2011 23:20:55 -0400
Delivery-date: Wed, 06 Jul 2011 20:21:50 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=rd8AJGjV3XaXxGHLEOqXumWktEzYYo+UDMatsbZNunA=; b=tpYKflEuV1cRFKrkLP4bPn8pWMVV4LU5isL7EdR+ifh9qzniUnjH9qsI48wEkYGcuN ehMyTcXczmZLNxLYJ7TdqZsNkAa2IidVSIls3lV94nXK/WF9Bea4vI2Wxm674hhiz3WY CrcLYP4SdXlBpjdCa20JCaN7D9QOcRkHz9AsE=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx

I'm going to use XEN to do some security analysis.

In the context of VMX(or SVM), it is possible to do analysis at
instruction level? for example, intercept call/jmp, mov etc.  For
virtualization tools which use binary translation, we are able to do
that. In XEN, it's still possible?  I assume the nature of
para-virtualization and VMX does not provide such mechanism(users are
allowed to register new vm_exit events?).   Modify compiler(or guest
OS) to generate vm_exit for particular instructions? even that it
cannot work for HVM.  Maybe for API-level, things are easier..

The motivation to do instruction-level analysis is OS level info such
as page table is coarse-grained.

I really appreciate your suggestions and help.


Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>