Il 17/03/2014 12:54, Alexander Binun ha scritto:
Dear friends, great thanks!
To summarize: we are trying to monitor VCPU IDT changes that are done
by external parties (e.g. rootkits) and not by intra-KVM machinery.
Are there parameters that witness such changes ?
There is no way to intercept c
Dear friends, great thanks!
To summarize: we are trying to monitor VCPU IDT changes that are done by
external parties (e.g. rootkits) and not by intra-KVM machinery. Are there
parameters that witness such changes ?
Best Regards,
The KVM Israeli team
On Thu 13 Mar 17:15 2014 Paolo Bonzini
Il 13/03/2014 13:59, Alexander Binun ha scritto:
Dear Friends,
Thanks for your assistance!
We would like to ask you a question about the KVM internals.
Our module includes a timer which (once in every second) fetches the IDT value of
every online VCPU in the system using the kvm_x86_ops->g
Dear Friends,
Thanks for your assistance!
We would like to ask you a question about the KVM internals.
Our module includes a timer which (once in every second) fetches the IDT value
of every online VCPU in the system using the kvm_x86_ops->get_idt ; the code
looks like:
struct kvm_vc
