XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender

The Linux Foundation
The Linux FoundationDirector, Open Source Solutions at Citrix
Memories of a VM Funk Mihai Donțu, Engineering Manager, Bitdefender
Outline • 4.12 statistics • VMI on AMD • The 'Windows 10 RS4' event • The A/D bits conundrum • #VE / VMFUNC statistics with Citrix Hypervisor 8.0 • Intel Sub-Page Permission (SPP)
4.12 Statistics • Xen releases since 2017's summit: 4.9, 4.10, 4.11, 4.12 • 68 patches, 45 in 4.12 alone • 5 developers: Adrian Pop, Alexandru Isăilă, Petre Pîrcălabu, Răzvan Cojocaru, Vlad Ioan Topan
VMI on AMD • Basic vm_event support done • All PT-walks trigger a write NPT #PF • No Intel MTF-like support • Realtime-VMI is essentialy a "no-go"
The 'Windows 10 RS4' event • Huge slowdown due to frequent PT modifications • Worked-around with a tiny in-guest filter (injected) • Proper solution: #VE agent • 64bit only
The A/D bits conundrum • We need to emulate A/D bit updates • There are three methods: • Optimistic (PTE-level): • If accessed is unset, set it • If accessed is set, set dirty if PTE is writable • Using the emulator: perform a full guest PT walk and update A/D according to the current instruction • Single-step via MTF
• #VE / VMFUNC statistics with Citrix Hypervisor 8.0 Firefox Chrome Opening multiple pages in multiple tabs (Y: seconds)
• Intel Sub-Page Permission (SPP) • Controlled by VMCS and EPTE[61] • Write protection only • Sub-page size: 128 bytes • Protect OS structures smaller than 4K • Mostly read-only but live in pages written often • Typical candidates (Windows): driver objects, IDT, HAL dispatch table
Q & A
Thank you!
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
1 of 11

XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender

Download to read offline
Software

This talk is a follow-up to our Summit 2017 presentation in which we covered our plans for Intel VMFUNC and #VE, as well as related use-cases. This year, we will provide a report on what we have accomplished in Xen 4.12, and what remains to be addressed. We will also give a brief status update of VMI on AMD hardware. The session will end with some real-world numbers of the Hypervisor Introspection solution running on Citrix Hypervisor 8.0 with #VE enabled.

The Linux Foundation
The Linux FoundationDirector, Open Source Solutions at Citrix

Recommended

Zero footprint guest memory introspection from xen by
Zero footprint guest memory introspection from xenZero footprint guest memory introspection from xen
Zero footprint guest memory introspection from xenBitdefender Enterprise
3.5K views37 slides
Windows Server 2008 R2 by
Windows Server 2008 R2Windows Server 2008 R2
Windows Server 2008 R2Olav Reitan
716 views35 slides
Solutions to reduce Total Cost of Setup (TCS) and simplify your life! - #iJac... by
Solutions to reduce Total Cost of Setup (TCS) and simplify your life! - #iJac...Solutions to reduce Total Cost of Setup (TCS) and simplify your life! - #iJac...
Solutions to reduce Total Cost of Setup (TCS) and simplify your life! - #iJac...Andrea Fontana
1.1K views21 slides
ROBOT and Banking on IBM i with Kevin Aker by
ROBOT and Banking on IBM i with Kevin AkerROBOT and Banking on IBM i with Kevin Aker
ROBOT and Banking on IBM i with Kevin AkerHelpSystems
680 views20 slides
Windows 8 fuzz by
Windows 8 fuzzWindows 8 fuzz
Windows 8 fuzzOlav Tvedt
636 views18 slides
Don't just go IP - Go IT by
Don't just go IP - Go ITDon't just go IP - Go IT
Don't just go IP - Go ITKieran Kunhya
277 views29 slides

More Related Content

Similar to XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender

ISBG 2015 - Challenge accepted: IBM Cloud onboarding & Upgrades to IBM Notes ... by
ISBG 2015 - Challenge accepted: IBM Cloud onboarding & Upgrades to IBM Notes ...ISBG 2015 - Challenge accepted: IBM Cloud onboarding & Upgrades to IBM Notes ...
ISBG 2015 - Challenge accepted: IBM Cloud onboarding & Upgrades to IBM Notes ...Christoph Adler
427 views28 slides
foreman_provision – Infrastructure as code by
foreman_provision – Infrastructure as codeforeman_provision – Infrastructure as code
foreman_provision – Infrastructure as codeinovex GmbH
1.4K views31 slides
Why Integrating IBM Z into ServiceNow and Splunk Is So Important by
Why Integrating IBM Z into ServiceNow and Splunk Is So ImportantWhy Integrating IBM Z into ServiceNow and Splunk Is So Important
Why Integrating IBM Z into ServiceNow and Splunk Is So ImportantPrecisely
86 views35 slides
Presentation design - key concepts and approaches for designing your deskto... by
Presentation design - key concepts and approaches for designing your deskto...Presentation design - key concepts and approaches for designing your deskto...
Presentation design - key concepts and approaches for designing your deskto...xKinAnx
369 views41 slides
.NET Core Summer event 2019 in Brno, CZ - .NET Core Networking stack and perf... by
.NET Core Summer event 2019 in Brno, CZ - .NET Core Networking stack and perf....NET Core Summer event 2019 in Brno, CZ - .NET Core Networking stack and perf...
.NET Core Summer event 2019 in Brno, CZ - .NET Core Networking stack and perf...Karel Zikmund
227 views21 slides
Criteo Labs Infrastructure Tech Talk Meetup Nov. 7 by
Criteo Labs Infrastructure Tech Talk Meetup Nov. 7Criteo Labs Infrastructure Tech Talk Meetup Nov. 7
Criteo Labs Infrastructure Tech Talk Meetup Nov. 7Shuo LI
230 views100 slides

Similar to XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender(20)

ISBG 2015 - Challenge accepted: IBM Cloud onboarding & Upgrades to IBM Notes ... by Christoph Adler
ISBG 2015 - Challenge accepted: IBM Cloud onboarding & Upgrades to IBM Notes ...ISBG 2015 - Challenge accepted: IBM Cloud onboarding & Upgrades to IBM Notes ...
ISBG 2015 - Challenge accepted: IBM Cloud onboarding & Upgrades to IBM Notes ...
Christoph Adler427 views
foreman_provision – Infrastructure as code by inovex GmbH
foreman_provision – Infrastructure as codeforeman_provision – Infrastructure as code
foreman_provision – Infrastructure as code
inovex GmbH1.4K views
Why Integrating IBM Z into ServiceNow and Splunk Is So Important by Precisely
Why Integrating IBM Z into ServiceNow and Splunk Is So ImportantWhy Integrating IBM Z into ServiceNow and Splunk Is So Important
Why Integrating IBM Z into ServiceNow and Splunk Is So Important
Precisely86 views
Presentation design - key concepts and approaches for designing your deskto... by xKinAnx
Presentation design - key concepts and approaches for designing your deskto...Presentation design - key concepts and approaches for designing your deskto...
Presentation design - key concepts and approaches for designing your deskto...
xKinAnx369 views
.NET Core Summer event 2019 in Brno, CZ - .NET Core Networking stack and perf... by Karel Zikmund
.NET Core Summer event 2019 in Brno, CZ - .NET Core Networking stack and perf....NET Core Summer event 2019 in Brno, CZ - .NET Core Networking stack and perf...
.NET Core Summer event 2019 in Brno, CZ - .NET Core Networking stack and perf...
Karel Zikmund227 views
Criteo Labs Infrastructure Tech Talk Meetup Nov. 7 by Shuo LI
Criteo Labs Infrastructure Tech Talk Meetup Nov. 7Criteo Labs Infrastructure Tech Talk Meetup Nov. 7
Criteo Labs Infrastructure Tech Talk Meetup Nov. 7
Shuo LI230 views
DNUG 2017 - IBM Notes Performance Boost - Reloaded by Christoph Adler
DNUG 2017 - IBM Notes Performance Boost - ReloadedDNUG 2017 - IBM Notes Performance Boost - Reloaded
DNUG 2017 - IBM Notes Performance Boost - Reloaded
Christoph Adler172 views
DotNext 2017 in Moscow - .NET Core Networking stack and Performance -- Karel ... by Karel Zikmund
DotNext 2017 in Moscow - .NET Core Networking stack and Performance -- Karel ...DotNext 2017 in Moscow - .NET Core Networking stack and Performance -- Karel ...
DotNext 2017 in Moscow - .NET Core Networking stack and Performance -- Karel ...
Karel Zikmund373 views
PTC Windchill ESI 9.x Architecture by Gandhavalla Informatics Pvt Ltd.
PTC Windchill ESI 9.x ArchitecturePTC Windchill ESI 9.x Architecture
PTC Windchill ESI 9.x Architecture
Gandhavalla Informatics Pvt Ltd.2.7K views
Time to build and test results 3x faster - how we did it by Aurélien Pupier
Time to build and test results 3x faster - how we did itTime to build and test results 3x faster - how we did it
Time to build and test results 3x faster - how we did it
Aurélien Pupier1K views
Time to build and test results 3x faster - how we did it by Bonitasoft
Time to build and test results 3x faster - how we did itTime to build and test results 3x faster - how we did it
Time to build and test results 3x faster - how we did it
Bonitasoft1.2K views
Introduction to Core 4 by simonjj
Introduction to Core 4Introduction to Core 4
Introduction to Core 4
simonjj359 views
InfiniBox z pohledu zákazníka by MarketingArrowECS_CZ
InfiniBox z pohledu zákazníkaInfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníka
MarketingArrowECS_CZ630 views
Windows 10 Creators Update: what’s on tap for business users - Ionut Balan by ITCamp
Windows 10 Creators Update: what’s on tap for business users - Ionut BalanWindows 10 Creators Update: what’s on tap for business users - Ionut Balan
Windows 10 Creators Update: what’s on tap for business users - Ionut Balan
ITCamp1.2K views
Deskpool making vdi cost effective for smb by DongLiwu
Deskpool making vdi cost effective for smbDeskpool making vdi cost effective for smb
Deskpool making vdi cost effective for smb
DongLiwu2K views
The Best of MMS 2013 by C/D/H Technology Consultants
The Best of MMS 2013The Best of MMS 2013
The Best of MMS 2013
C/D/H Technology Consultants1.6K views
7 reasons why video conferencing world will never by TrueConf
7 reasons why video conferencing world will never7 reasons why video conferencing world will never
7 reasons why video conferencing world will never
TrueConf1.7K views
"Vision for All?," a Presentation from Intel by Edge AI and Vision Alliance
"Vision for All?," a Presentation from Intel"Vision for All?," a Presentation from Intel
"Vision for All?," a Presentation from Intel
Edge AI and Vision Alliance307 views
What's New in Hyper-V 2016 - Thomas Maurer by ITCamp
What's New in Hyper-V 2016 - Thomas MaurerWhat's New in Hyper-V 2016 - Thomas Maurer
What's New in Hyper-V 2016 - Thomas Maurer
ITCamp6K views
Presentation by joelvivekbandi
PresentationPresentation
Presentation
joelvivekbandi239 views

More from The Linux Foundation

ELC2019: Static Partitioning Made Simple by
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleThe Linux Foundation
4.1K views33 slides
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ... by
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...The Linux Foundation
1K views17 slides
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu... by
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...The Linux Foundation
1K views19 slides
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op... by
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...The Linux Foundation
819 views24 slides
XPDDS19 Keynote: Unikraft Weather Report by
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportThe Linux Foundation
923 views58 slides
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E... by
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...The Linux Foundation
941 views17 slides

More from The Linux Foundation(20)

ELC2019: Static Partitioning Made Simple by The Linux Foundation
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
The Linux Foundation4.1K views
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ... by The Linux Foundation
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
The Linux Foundation1K views
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu... by The Linux Foundation
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
The Linux Foundation1K views
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op... by The Linux Foundation
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
The Linux Foundation819 views
XPDDS19 Keynote: Unikraft Weather Report by The Linux Foundation
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
The Linux Foundation923 views
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E... by The Linux Foundation
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
The Linux Foundation941 views
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx by The Linux Foundation
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
The Linux Foundation5.7K views
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys... by The Linux Foundation
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
The Linux Foundation635 views
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng... by The Linux Foundation
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
The Linux Foundation5.2K views
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... by The Linux Foundation
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
The Linux Foundation5.2K views
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix by The Linux Foundation
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
The Linux Foundation431 views
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd by The Linux Foundation
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
The Linux Foundation500 views
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant... by The Linux Foundation
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
The Linux Foundation457 views
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D by The Linux Foundation
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
The Linux Foundation526 views
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems by The Linux Foundation
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
The Linux Foundation814 views
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven... by The Linux Foundation
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
The Linux Foundation455 views
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib... by The Linux Foundation
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
The Linux Foundation366 views
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr... by The Linux Foundation
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
The Linux Foundation672 views
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE by The Linux Foundation
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
The Linux Foundation1.5K views
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security by The Linux Foundation
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information SecurityXPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
XPDDS19: Implementing AMD MxGPU - Jonathan Farrell, Assured Information Security
The Linux Foundation381 views

Recently uploaded

Agile 101 by
Agile 101Agile 101
Agile 101John Valentino
9 views20 slides
Page Object Model by
Page Object ModelPage Object Model
Page Object Modelartembondar5
6 views5 slides
Using Qt under LGPL-3.0 by
Using Qt under LGPL-3.0Using Qt under LGPL-3.0
Using Qt under LGPL-3.0Burkhard Stubert
13 views11 slides
Programming Field by
Programming FieldProgramming Field
Programming Fieldthehardtechnology
6 views9 slides
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated... by
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...TomHalpin9
6 views29 slides
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with... by
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...sparkfabrik
8 views46 slides

Recently uploaded(20)

Agile 101 by John Valentino
Agile 101Agile 101
Agile 101
John Valentino9 views
Page Object Model by artembondar5
Page Object ModelPage Object Model
Page Object Model
artembondar56 views
Using Qt under LGPL-3.0 by Burkhard Stubert
Using Qt under LGPL-3.0Using Qt under LGPL-3.0
Using Qt under LGPL-3.0
Burkhard Stubert13 views
Programming Field by thehardtechnology
Programming FieldProgramming Field
Programming Field
thehardtechnology6 views
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated... by TomHalpin9
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...
Dev-HRE-Ops - Addressing the _Last Mile DevOps Challenge_ in Highly Regulated...
TomHalpin96 views
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with... by sparkfabrik
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...
20231129 - Platform @ localhost 2023 - Application-driven infrastructure with...
sparkfabrik8 views
FIMA 2023 Neo4j & FS - Entity Resolution.pptx by Neo4j
FIMA 2023 Neo4j & FS - Entity Resolution.pptxFIMA 2023 Neo4j & FS - Entity Resolution.pptx
FIMA 2023 Neo4j & FS - Entity Resolution.pptx
Neo4j17 views
Gen Apps on Google Cloud PaLM2 and Codey APIs in Action by Márton Kodok
Gen Apps on Google Cloud PaLM2 and Codey APIs in ActionGen Apps on Google Cloud PaLM2 and Codey APIs in Action
Gen Apps on Google Cloud PaLM2 and Codey APIs in Action
Márton Kodok15 views
Keep by Geniusee
KeepKeep
Keep
Geniusee78 views
DRYiCE™ iAutomate: AI-enhanced Intelligent Runbook Automation by HCLSoftware
DRYiCE™ iAutomate: AI-enhanced Intelligent Runbook AutomationDRYiCE™ iAutomate: AI-enhanced Intelligent Runbook Automation
DRYiCE™ iAutomate: AI-enhanced Intelligent Runbook Automation
HCLSoftware6 views
MS PowerPoint.pptx by Litty Sylus
MS PowerPoint.pptxMS PowerPoint.pptx
MS PowerPoint.pptx
Litty Sylus7 views
Copilot Prompting Toolkit_All Resources.pdf by Riccardo Zamana
Copilot Prompting Toolkit_All Resources.pdfCopilot Prompting Toolkit_All Resources.pdf
Copilot Prompting Toolkit_All Resources.pdf
Riccardo Zamana16 views
FOSSLight Community Day 2023-11-30 by Shane Coughlan
FOSSLight Community Day 2023-11-30FOSSLight Community Day 2023-11-30
FOSSLight Community Day 2023-11-30
Shane Coughlan6 views
How Workforce Management Software Empowers SMEs | TraQSuite by TraQSuite
How Workforce Management Software Empowers SMEs | TraQSuiteHow Workforce Management Software Empowers SMEs | TraQSuite
How Workforce Management Software Empowers SMEs | TraQSuite
TraQSuite5 views
predicting-m3-devopsconMunich-2023.pptx by Tier1 app
predicting-m3-devopsconMunich-2023.pptxpredicting-m3-devopsconMunich-2023.pptx
predicting-m3-devopsconMunich-2023.pptx
Tier1 app7 views
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra... by Marc Müller
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra....NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra...
.NET Developer Conference 2023 - .NET Microservices mit Dapr – zu viel Abstra...
Marc Müller41 views
Introduction to Gradle by John Valentino
Introduction to GradleIntroduction to Gradle
Introduction to Gradle
John Valentino5 views
Understanding HTML terminology by artembondar5
Understanding HTML terminologyUnderstanding HTML terminology
Understanding HTML terminology
artembondar56 views
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI... by Marc Müller
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Dev-Cloud Conference 2023 - Continuous Deployment Showdown: Traditionelles CI...
Marc Müller42 views
EV Charging App Case by iCoderz Solutions
EV Charging App Case EV Charging App Case
EV Charging App Case
iCoderz Solutions9 views

XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender

  • 1. Memories of a VM Funk Mihai Donțu, Engineering Manager, Bitdefender
  • 2. Outline • 4.12 statistics • VMI on AMD • The 'Windows 10 RS4' event • The A/D bits conundrum • #VE / VMFUNC statistics with Citrix Hypervisor 8.0 • Intel Sub-Page Permission (SPP)
  • 3. 4.12 Statistics • Xen releases since 2017's summit: 4.9, 4.10, 4.11, 4.12 • 68 patches, 45 in 4.12 alone • 5 developers: Adrian Pop, Alexandru Isăilă, Petre Pîrcălabu, Răzvan Cojocaru, Vlad Ioan Topan
  • 4. VMI on AMD • Basic vm_event support done • All PT-walks trigger a write NPT #PF • No Intel MTF-like support • Realtime-VMI is essentialy a "no-go"
  • 5. The 'Windows 10 RS4' event • Huge slowdown due to frequent PT modifications • Worked-around with a tiny in-guest filter (injected) • Proper solution: #VE agent • 64bit only
  • 6. The A/D bits conundrum • We need to emulate A/D bit updates • There are three methods: • Optimistic (PTE-level): • If accessed is unset, set it • If accessed is set, set dirty if PTE is writable • Using the emulator: perform a full guest PT walk and update A/D according to the current instruction • Single-step via MTF
  • 7. • #VE / VMFUNC statistics with Citrix Hypervisor 8.0 Firefox Chrome Opening multiple pages in multiple tabs (Y: seconds)
  • 8. • Intel Sub-Page Permission (SPP) • Controlled by VMCS and EPTE[61] • Write protection only • Sub-page size: 128 bytes • Protect OS structures smaller than 4K • Mostly read-only but live in pages written often • Typical candidates (Windows): driver objects, IDT, HAL dispatch table