分类
KSM -x64 hypervisor

Ksm开源Vt项目分析 序

Purpose
Unlike other hypervisors (e.g. KVM, XEN, etc.), KSM’s purpose is not to run other Operating Systems, instead, KSM can be used as an extra layer of protection to the existing running OS. This type of virtualization is usually seen in Anti-viruses, or sandboxers or even Viruses. KSM also supports nesting, that means it can emulate other hardware-assisted virtualization tools (VT-x).

Features:
IDT Shadowing
EPT violation #VE (enabled only when support is present)
EPTP switching VMFUNC (if not available natively, it will be emulated using a VMCALL)
Builtin Userspace physical memory sandboxer (Optional)
Builtin Introspection engine (Optional)
APIC virtualization (Experimental, do not use)
VMX Nesting (Experimental, do not use)

Supported Kernels:
Windows NT kernel (7/8/8.1/10)
Linux kernel (tested under 3.16, 4.8.13 and mainline)

Requirements
An Intel processor (with VT-x and EPT support)
A working C compiler (GCC or Microsoft compiler aka CL are supported)
这份代码的作者参考了KVM和XEN 很多地方写的比较专业,代码方面用了一些比较新的特性 所以对一些老的CPU支持不是很好,最低支持到4代U xeon系列 不清楚.
我准备开坑写几章来分析这一份代码。
GitHub地址:Ksm
2017/5/25写序.

0 0 vote
文章评分

由FAKE

Через тернии к звездам,
через радость и слезы
Мы проложим дорогу

Subscribe
提醒
guest
你的昵称 用于分别你是谁
你的电子邮箱 用于被回复时通知
0 评论
Inline Feedbacks
View all comments