Xen: Pagefault

Cargo.toml

@@ -15,7 +15,7 @@ crate-type = ["cdylib", "lib"]
 
 [features]
 # Xen driver
-xen = ["xenctrl", "xenstore", "xenforeignmemory", "libc"]
+xen = ["xenctrl", "xenstore", "xenforeignmemory", "libc", "xenevtchn", "xenvmevent-sys"]
 # KVM driver
 kvm = ["kvmi"]
 # VirtualBox driver
@@ -28,17 +28,20 @@ hyper-v = ["winapi", "widestring", "ntapi", "vid-sys"]
 log = "0.4.8"
 env_logger = "0.7.1"
 libc = { version = "0.2.58", optional = true }
-xenctrl = { git = "https://github.com/Wenzel/xenctrl", optional = true }
+xenctrl = { git = "https://github.com/arnabcs17b006/xenctrl", branch = "pagefault",  optional = true }
 xenstore = { git = "https://github.com/Wenzel/xenstore", optional = true }
 xenforeignmemory = { git = "https://github.com/Wenzel/xenforeignmemory", optional = true }
 kvmi = { version = "0.2.1", optional = true }
+xenevtchn = { git = "https://github.com/arnabcs17b006/xenevtchn", branch = "event-notification", optional = true}
+xenvmevent-sys = { git = "https://github.com/Wenzel/xenvmevent-sys", optional = true}
 fdp = { git = "https://github.com/Wenzel/fdp", optional = true }
 winapi = { version = "0.3.8", features = ["tlhelp32", "winnt", "handleapi", "securitybaseapi"], optional = true }
 widestring = { version = "0.4.0", optional = true }
 ntapi = { version = "0.3.3", optional = true }
 vid-sys = { version = "0.3.0", features = ["deprecated-apis"], optional = true }
 bitflags = "1.2.1"
 cty = "0.2.1"
+nix = "0.18.0"
 
 [dev-dependencies]
 ctrlc = "3.1.3"

examples/cr-events.rs

@@ -42,10 +42,11 @@ fn toggle_cr_intercepts(drv: &mut Box<dyn Introspectable>, vec_cr: &Vec<CrType>,
         let intercept = InterceptType::Cr(*cr);
         let status_str = if enabled { "Enabling" } else { "Disabling" };
         println!("{} intercept on {:?}", status_str, cr);
-        for vcpu in 0..drv.get_vcpu_count().unwrap() {
-            drv.toggle_intercept(vcpu, intercept, enabled)
-                .expect(&format!("Failed to enable {:?}", cr));
-        }
+        //for vcpu in 0..drv.get_vcpu_count().unwrap() {
+        let vcpu = 0;
+        drv.toggle_intercept(vcpu, intercept, enabled)
+            .expect(&format!("Failed to enable {:?}", cr));
+        //}
     }
 
     drv.resume().expect("Failed to resume VM");
@@ -101,7 +102,7 @@ fn main() {
     // listen
     let mut i: u64 = 0;
     while running.load(Ordering::SeqCst) {
-        let event = drv.listen(1000).expect("Failed to listen for events");
+        let event = drv.listen(10).expect("Failed to listen for events");
         match event {
             Some(ev) => {
                 let (cr_type, new, old) = match ev.kind {
@@ -120,8 +121,8 @@ fn main() {
                     "[{}] {} - {}:    old value: 0x{:x}    new value: 0x{:x}",
                     ev_nb_output, vcpu_output, cr_output, old, new
                 );
-                drv.reply_event(ev, EventReplyType::Continue)
-                    .expect("Failed to send event reply");
+                // drv.reply_event(ev, EventReplyType::Continue)
+                //   .expect("Failed to send event reply");
                 i = i + 1;
             }
             None => println!("No events yet..."),

examples/mem-events.rs

@@ -6,11 +6,9 @@ use std::sync::Arc;
 use std::time::Instant;
 
 use microvmi::api::{
-    Access, DriverInitParam, EventReplyType, EventType, InterceptType, Introspectable,
+    Access, DriverInitParam, EventReplyType, EventType, InterceptType, Introspectable, PAGE_SIZE,
 };
 
-const PAGE_SIZE: usize = 4096;
-
 fn parse_args() -> ArgMatches<'static> {
     App::new(file!())
         .version("0.1")
@@ -25,7 +23,7 @@ fn toggle_pf_intercept(drv: &mut Box<dyn Introspectable>, enabled: bool) {
     let intercept = InterceptType::Pagefault;
     let status_str = if enabled { "Enabling" } else { "Disabling" };
     println!("{} memory events", status_str);
-    for vcpu in 0..drv.get_vcpu_count().unwrap() {
+    for vcpu in 0..1 {
         drv.toggle_intercept(vcpu, intercept, enabled)
             .expect(&format!("Failed to enable page faults"));
     }
@@ -39,7 +37,6 @@ fn main() {
     let matches = parse_args();
 
     let domain_name = matches.value_of("vm_name").unwrap();
-
     // set CTRL-C handler
     let running = Arc::new(AtomicBool::new(true));
     let r = running.clone();
@@ -61,11 +58,11 @@ fn main() {
 
     //Code snippet to get page fault
     let max_addr = drv.get_max_physical_addr().unwrap();
-
-    for cur_addr in (0..max_addr).step_by(PAGE_SIZE) {
+    //println!("max_gpfn: {}", max_addr>>PAGE_SHIFT);
+    for cur_addr in (0..max_addr).step_by(PAGE_SIZE as usize) {
         let mut access: Access = drv.get_page_access(cur_addr).unwrap();
         access &= !Access::X;
-        drv.set_page_access(cur_addr, access)
+        drv.set_page_access(cur_addr, !Access::X)
             .expect("failed to set page access");
     }
 
@@ -87,10 +84,10 @@ fn main() {
                 let mut page_access = drv.get_page_access(gpa).expect("Failed to get page access");
                 //setting the access bits in the page due to which page fault occurred
                 page_access |= pf_access;
-                drv.set_page_access(gpa, page_access)
+                drv.set_page_access(gpa, Access::RWX)
                     .expect("Failed to set page access");
-                drv.reply_event(ev, EventReplyType::Continue)
-                    .expect("Failed to send event reply");
+                //drv.reply_event(ev, EventReplyType::Continue)
+                //  .expect("Failed to send event reply");
                 i = i + 1;
             }
             None => println!("No events yet..."),

examples/msr-events.rs

@@ -109,17 +109,17 @@ fn main() {
         let event = drv.listen(1000).expect("Failed to listen for events");
         match event {
             Some(ev) => {
-                let (msr_type, new, old) = match ev.kind {
-                    EventType::Msr { msr_type, new, old } => (msr_type, new, old),
+                let (msr_type, value) = match ev.kind {
+                    EventType::Msr { msr_type, value } => (msr_type, value),
                     _ => panic!("not msr event"),
                 };
                 let msr_color = "blue";
                 let ev_nb_output = format!("{}", i).cyan();
                 let vcpu_output = format!("VCPU {}", ev.vcpu).yellow();
                 let msr_output = format!("0x{:x}", msr_type).color(msr_color);
                 println!(
-                    "[{}] {} - {}: old value: 0x{:x} new value: 0x{:x}",
-                    ev_nb_output, vcpu_output, msr_output, old, new
+                    "[{}] {} - {}: new value: 0x{:x}",
+                    ev_nb_output, vcpu_output, msr_output, value,
                 );
                 drv.reply_event(ev, EventReplyType::Continue)
                     .expect("Failed to send event reply");

examples/regs-dump.rs

@@ -33,7 +33,7 @@ fn main() {
 
     println!("pausing the VM");
     drv.pause().expect("Failed to pause VM");
-    let total_vcpu_count: u16 = drv.get_vcpu_count().expect("Failed to get vcpu count");
+    let total_vcpu_count: u16 = 1;
     for vcpu in 0..total_vcpu_count {
         println!("dumping registers on VCPU {}", vcpu);
         let regs = drv.read_registers(vcpu).expect("Failed to read registers");

src/api.rs

@@ -334,9 +334,7 @@ pub enum EventType {
         ///Type of model specific register
         msr_type: u32,
         /// new value after msr register has been intercepted by the guest.
-        new: u64,
-        /// old value before cr register has been intercepted by the guest.
-        old: u64,
+        value: u64,
     },
     ///int3 interception
     Breakpoint {
@@ -345,6 +343,7 @@ pub enum EventType {
         /// instruction length. Generally it should be one. Anything other than one implies malicious guest.
         insn_len: u8,
     },
+    ///Pagefault interception
     Pagefault {
         /// Virtual memory address of the guest
         gva: u64,

src/driver/kvm.rs

@@ -309,10 +309,9 @@ impl<T: KVMIntrospectable> Introspectable for Kvm<T> {
                         new,
                         old,
                     },
-                    KVMiEventType::Msr { msr_type, new, old } => EventType::Msr {
+                    KVMiEventType::Msr { msr_type, new, old: _ } => EventType::Msr {
                         msr_type,
-                        new,
-                        old,
+                        value: new,
                     },
                     KVMiEventType::Breakpoint {gpa, insn_len } =>  EventType::Breakpoint {
                         gpa,