Overview
KVM-VMI
is a community aiming at providing Virtual Machine Introspection (VMI) support
to the KVM hypervisor.
Virtual Machine Introspection is a technology that aims to understand the guest’s execution context, solely based on the VM’s hardware state, for various purposes:
Debugging
Malware Analysis
Live-Memory Analysis
OS Hardening
Monitoring
Fuzzing
Repository structure
KVM-VMI
repository consists of multiple components:
kvm
: Linux’s Kernel-Based Virtual Machine kernel git tree, with VMI extensionsqemu
: QEMU emulator, with VMI extensionslibkvmi
: KVM Virtual Machine Introspection librarylibvmi
: fork of [LibVMI], the Simplified Virtual Machine Introspection Library, with an KVM driver integration based onKVM-VMI
vagrant
: a Vagrant based development environment to easily setupKVM-VMI
KVMi
The KVMi
refers to the new KVMi subsystem
, is a set of Virtual Machine Introspection
patches currently developed by Bitdefender for KVM.
The stable version available on master
is: KVMi-v7