From 1f418a1c4480cef90b8596ae17bdca9cc7ca1b88 Mon Sep 17 00:00:00 2001 From: Louis Burda Date: Fri, 27 Jan 2023 00:01:09 +0100 Subject: Added initial qemu-eviction and qemu-pagestep Qemu-eviction seems to get stuck somewhere, potentially in the VC-handler(?) since we use the active gfn after resuming execution. Added qemu-pagestep to show viability of page-stepping for later use. --- README | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'README') diff --git a/README b/README index 7d4767f..4980ca4 100644 --- a/README +++ b/README @@ -34,6 +34,9 @@ test/kvm-pagestep: which can be used to infer what the guest is doing and to begin fine-grained single-stepping. +test/qemu-pagestep: + Replicate result from kvm-pagestep on a qemu-based vm running debian. + test/qemu-eviction: Replicate result from kvm-eviction on a qemu-based vm running debian using a specially crafted guest program to signal when measurement @@ -48,6 +51,41 @@ test/qemu-poc: unmodified qemu-based linux guest. +modes +----- + +The kernel module employs a few different modes of tracking described +in more detail below: + +CPC_TRACK_FAULT_NO_RUN: + Tracks access to all guest pages and lets the guest page fault over and over + without untracking / handling any page faults. This results in a decent + baseline measurement when we dont want to step the vm. + +CPC_TRACK_EXIT_EVICTION: + Set apic timer such that for any reasonably short KVM_RUN no local apic + interrupts will occur to cause exits. Good for collecting PRIME+COUNT + measurements over a clean run to a "natural" exit such as KVM_EXIT_HLT. + +CPC_TRACK_PAGES: + Track execution of all guest pages. While the guest is running untrack + a single executable page at a time based on page-faults. Allows tracking + which guest pages are executed and how long using retired instructions. + +CPC_TRACK_STEPS_AND_FAULTS: + Track access to all guest pages and single-step guest exection. For each + step, collect all page-faults that needed to be handled to enable that + step. Allows tracking not only which sets were evicted but what gfns + were involved in the access. + +CPC_TRACK_STEPS_SIGNALLED: + Track execution of a specific set of guest pages and single-step guest + execution for only this set. A guest program makes a specific vmmcall + to signal when to start and stop tracking. When a page-fault signals + that the target pages were reached, single-stepping begins and the + target pages are retracked to detect when the pages are left. + + setup ----- -- cgit v1.2.3-71-gd317