- bareflank cpuid / version
- hypercall_vmi_op__{set,get}_e820_memory_map
Bareflank will need the concept of domain names:
- hypercall_vmi_op__get_domid_from_name
- hypercall_vmi_op__get_name_from_domid
- hypercall_vmi_op__pause_domid
- hypercall_vmi_op__resume_domid
- hypercall_vmi_op__translate_v2p (called on self during EPT remapping)
- hypercall_vmi_op__map_pa (EPT remapping)
TODO: This part needs more work.
- hypercall_vmi_op__wait_for_event_or_timeout
- hypercall_vmi_op__event_capabilities
- hypercall_vmi_op__enable_event
- hypercall_vmi_op__disable_event
Event support for:
- register based events ( load / store )
- CR0
- CR3
- CR4
- MSR registers
- IDTR
- LDTR
- GDTR
- TR
- EPT based memory access ( read / write / execute )
- MTF based singlestep
- interrupt events (e.g., INT3)
- debug exceptions (e.g. hardware breakpoints and singlestepping)
- CPUID events
Note that the Xen driver in LibVMI also support xenstore events.
- hypercall_vmi_op__get_register_{rax,rbx,...}
- hypercall_vmi_op__set_register_{rax,rbx,...}
Basically all registers implemented in intel_x64/vcpu.h but also some MSR and control registers. The important ones are:
- ia32_kernel_gs_base
- ia32_lstar
- ia32_cstar
- ia32_efer
- idt_base
- cr0
- cr3
- cr4
- xcr0
- cs_base
- shadow_gs
- fs_base
Once we know how we're going to handle large data for LTS of the ABI:
- hypercall_vmi_op__get_registers
- hypercall_vmi_op__set_registers