[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Publicity] [Xen-devel] The Bitdefender virtual machine introspection library is now on GitHub



> While LibVMI is great, and has been considered for the task, it has slightly different design
> goals: for best results, the user needs to use external Python tools to extract guest information,

I am assuming you refer to best results for LibVMI?

So I think for clarification before publishing this - LibVMI does not have a Python dependency. It has a Python wrapper around the C API that you can optionally build, install and use from Python apps.

The point you maybe referring to as extracting guest information is how the configuration for introspection is made. Indeed, that can be done with python tools such as pdbparse or Rekall - but it is not required. If you want to do introspection in a guest-OS agnostic way, you can (see http://libvmi.com/api/#macro_VMI_INIT_PARTIAL).
Â

> usesGlib for caching (which adds to client applicationsâ dependencies),

While LibVMI does link with glib no client application needs to link with glib.
Â
and it doesnât allow mapping
> of guest pages from userspace (so that we could write to them directly).

I wasn't sure what you mean by this. LibVMI does allow you to read/write entire pages from userspace.
Â

> Libbdvmi aims to provide a very efficient way of working with Xen to access guest information in an
> OS-agnostic manner:
I would also mention Libbdvmi in the "Weâre very happy to announce that th ..." paragraph, such that
the name can be referenced. And than maybe say: "In contrast, Libbdvmi ..." or something like it

On the bullet points you list: is it correct to say that Libbdvmi is more tightly integrated with the recent VMI-Xen work (and Xen in general) and smaller compared to LibVMI?

I have a branch of LibVMI that's up-to-date with the recent work on the Xen side - I'm just waiting till an RC comes out to push it. This branch should add support to most everything that Xen exposes at this point.
Â

That may lead someone to raise the question why you are not trying to upstream the functionality into LibVMI. You may want to tackle this upfront, in particular because we moved from mem-access (Xen) to LibVMI (generic) and now a more Xen specific variant.

I agree ;) I hope we can get what you need into LibVMI. The main thing that I see missing in LibVMI that's present in libbdvmi is the domain watcher to catch when a target domain is started or stopped. This I think could be added for sure.
Â
Not having followed this in detail, I was also wondering whether Libbdvmi a complete re-write or based on LibVMI.

Does not appear to be - LibVMI is in C, libbdvmi is in C++ to begin with. It's a more straight forward library for working with Xen and thus I would bet it being smaller as well. LibVMI has multiple abstraction layers to deal with different architectures (x86/ARM), OS's (Windows/Linux) and hypervisors (Xen/KVM).

Cheers,
Tamas

_______________________________________________
Publicity mailing list
Publicity@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.