On Thu, Sep 20, 2018 at 3:55 PM Razvan Cojocaru <rcojoc...@bitdefender.com> wrote: > > On 9/20/18 5:42 PM, George Dunlap wrote: > > I do have a question about your proposed use case. You're running > > this in 'mixed' mode, right, and using the altp2m to hide a secure bit > > of code from the operating system? What's to stop a rogue operating > > system that doesn't want to be introspected from calling > > HVMOP_altp2m_vcpu_enable_notify with INVALID_GFN to disable this? > > Nothing, but we're not running this in mixed mode. :) > We're after 'external', for the very same reasons you've mentioned. > > Everything important is done in dom0-only. If there's something to be > done that the in-guest agent would like, it has to ask the introspection > agent in dom0 via VMCALL events.
OK, got it, thanks. -George _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
