qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] kill /destroy a VM - help

From: Stefan Hajnoczi
Subject: Re: [Qemu-devel] kill /destroy a VM - help
Date: Thu, 6 Mar 2014 11:22:45 +0100
User-agent: Mutt/1.5.21 (2010-09-15) 
On Wed, Mar 05, 2014 at 06:35:18PM +0200, Alexander Binun wrote:
> Now we encountered yet one problem: Our security module (which is a LKM) 
> performs security check and, when suspecting malicious activity at a VCPU,  
> must suspend or even kill this VM. The problem is: how to suspend/kill a VCPU 
> ?
> 
> We have taken the following approach: 
>     1. Accessing the VM list (struct list_head vms_list ) through the 
> kallsyms interface 
>     2. Iterating through VMs, reaching every VCPU (as a structure struct 
> kvm_vcpu *vcpu)
>     3. Running security check on every such structure. That is we were 
> seeking for a function like cpu_reset(struct kvm_vcpu*vcpu)
> 
> The following "reset funtions" were so far tried (taken from kvm_host.h)
>    1. kvm_vcpu_uninit and kvm_x86_ops->vcpu_free. These cause the whole 
> system (both host and guest OSs) hang.
>    2. kvm_vcpu_reset and kvm_arch_vcpu_free lead to the linker error  
> "Warning! Function undefined". 
> 
> Which "reset function" could you recommend ?

The simplest thing to kill a VM is to send SIGTERM to the QEMU process
(the process that contains the vcpu thread).

Stefan
reply via email to
[Prev in Thread] Current Thread [Next in Thread]