Interposition method suitable for hardware-assisted virtual machine

摘要

One embodiment of the present invention is a method of interposing operations in a computational system that includes a virtualization system executable on an underlying hardware processor that natively supports one or more instructions that transition between host and guest execution modes. The method includes introducing a hooked vector into a supervisor register block of the hardware processor, wherein the hooked vector displaces a system call handler vector otherwise set by a guest computation; read and write protecting at least the hooked vector containing portion of the supervisor register block; initiating execution of a code sequence of the guest computation on the hardware processor using one of the instructions that transition between the host and guest execution modes thereof, wherein the code sequence includes a system call and wherein upon initiation of the system call, the hardware processor transfers execution to a substitute handler in accordance with the hooked vector; and responsive to execution of the substitute handler, initiating a hooked operation and transferring control to the guest system call handler.

主权项

1. A method of interposing operations in a computational system that includes a virtualization system executable on an underlying hardware processor that natively supports one or more instructions that transition between host and guest execution modes, the method comprising:
introducing a hooked vector into a supervisor register block of the hardware processor, wherein the hooked vector displaces a system call handler vector otherwise set by a guest computation to activate a system call handler; read and write protecting at least the hooked vector containing portion of the supervisor register block by executing a protection mechanism that covers a system call vector containing portion of the supervisor register block, the protection mechanism hiding the hooked vector from the guest computation; initiating execution of a code sequence of the guest computation on the hardware processor using one of the instructions that transition between the host and guest execution modes thereof, wherein the code sequence includes a system call and wherein upon initiation of the system call, the hardware processor transfers execution to a substitute handler in accordance with the hooked vector, the substitute handler being introduced into the guest computation as a loadable kernel module; and responsive to execution of the substitute handler, initiating a hooked operation and transferring control to the system call handler.