Xen project Mailing List

Re: [Xen-devel] Problem with using Libvmi or xenaccess with xen

To: Steven Maresca <steve@xxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>

From: Mina Jafari <ai.minajafari@xxxxxxxxx>

Date: Tue, 9 Jul 2013 09:04:16 +0430

Delivery-date: Tue, 09 Jul 2013 04:34:46 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Steve,

So as you said, Libvmi can have access to memory of domu.yes? I'm just not sure about this, because when I'm using libvmi functions to access Memory of domu it returns failure.I thought it's because of illegal access.

Thanks

On Mon, Jul 8, 2013 at 7:05 PM, Steven Maresca <steve@xxxxxxxxxxxx> wrote:

On Mon, Jul 8, 2013 at 9:25 AM, Mina Jafari <ai.minajafari@xxxxxxxxx> wrote:

Hi all,
Can dom0 have enough privilege to access domu's kernel memory using Libvmi functions?

Libvmi use xenaccess functions in fact, and as it is a user space library I'm asking this.

I wanna read system call table of domu through dom0.

Thanks

Mina,

Use of LibVMI in this manner should provide the basic foundational components that you require: Domain 0 has implicit privilege to access domU memory as a consequence of being the privileged management domain, and LibVMI operations from dom0 should work without changes to your Xen configuration. I would recommend that you begin observation in dom0 as a path of least resistance.

It is possible to use LibVMI within a domU to examine other domUs, but only via a XSM policy. Such a policy must grant to the observing domU ability to invoke a variety of privileged operations upon the target domU. This is really only viable with Xen 4.3 and a recent kernel in the observing domU -- the XSM wiki page has more information.

Always keep in mind that you are inspecting untrusted, potentially malicious memory; be very cautious with the data LibVMI provides.

Steve

_______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel