[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] possible to do analysis at instruction level?

Do you just want to see what the guest was doing?

If so, you might look at a rather obscure debugging feature of the
processors called "Branch Trace Store" (BTS).  Basically you set up
some registers to point to an area of memory, and every time the cpu
executes a branch, the BTS microcode will write the source and
destination of those branches into the buffer.  When the buffer
reaches a certain threshold, it will generate an exception, and the
store can be emptied.

You'd have to do your own modifications to Xen to deal with this.  I
have some ancient (~2006) code I could give you for inspiration, but
you're still going to need to basically implement the whole thing from
scratch.

Let me know if you want the code, and I'll give you a pointer to it.
(Very much "as-is, caveat emptor" at this point.)

 -George

On Thu, Jul 7, 2011 at 4:20 AM, John Liu <bradevuu@xxxxxxxxx> wrote:
> Hi,
>
> I'm going to use XEN to do some security analysis.
>
> In the context of VMX(or SVM), it is possible to do analysis at
> instruction level? for example, intercept call/jmp, mov etc.  For
> virtualization tools which use binary translation, we are able to do
> that. In XEN, it's still possible?  I assume the nature of
> para-virtualization and VMX does not provide such mechanism(users are
> allowed to register new vm_exit events?).   Modify compiler(or guest
> OS) to generate vm_exit for particular instructions? even that it
> cannot work for HVM.  Maybe for API-level, things are easier..
>
> The motivation to do instruction-level analysis is OS level info such
> as page table is coarse-grained.
>
> I really appreciate your suggestions and help.
>
> Best,
> Liu
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel
>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.