On 5/10/19 12:31 AM, Andrew Cooper wrote: > What we'll have to do is end up in a position where we can have some > real %dr settings given by the VMI agent, and some shadow %dr settings > which the guest interacts with. Also I should warn you at this point > that, because of how the registers work, It will not be possible to have > guest-shadowed %dr functioning at the same time as VMI-provided %dr > settings. > > I guess the main usecase here is simply hiding from the guest kernel > that debugging activities are in use, and we are ok to break the real > use of gdb/other inside the guest? Razvan/Tamas: As your the > maintainers, it is your call, ultimately.
What worries me here is that in that case it becomes easier for a rogue application inside the guest to figure out that the guest's being monitored, if I understand things correctly. Of course, a dom0 introspection agent may choose to simply not subscribe to DR events, and thus not alter the current flow at all, which makes things better. Thanks, Razvan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
