On 11 February 2016 at 05:11, Ren Kimura <rkx1209...@gmail.com> wrote: > I have a question about activation of kvm. > > Is there any way to enable/disable kvm at qemu runtime?
Yes, the command line is -enable-kvm. (We default to not using KVM.) > It should be useful for sandbox tools like DECAF or TEMU, > because some malware use VT-x information to detect these. Beware that you should not regard emulated QEMU as being capable of containing malware within its sandbox -- the emulator code has not been audited and we don't consider it a security boundary[*]. (In contrast, there is a security boundary for KVM and a guest should be unable to escape a KVM VM.) [*] In other words, if a TCG (emulated) guest can do bad things to the host that's a bug, but it's not a security bug. And it is very likely that at least some such bugs exist in the emulation code. thanks -- PMM