Skip to content
A fast, hackable and simple x64 VT-x hypervisor for Windows and Linux. Builtin userspace sandbox and introspection engine.
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Documentation remove uses of EMULATE_VMFUNC Feb 10, 2017
ksm compiler/msvc: re-enable some warnings and minor fixes Oct 22, 2017
tests vcpu: reduce host stack size to 2 pages May 26, 2017
um fix some misc stuff reported by coverity May 30, 2017
.gitattributes add .gitignore and .gitattributes Nov 15, 2016
.gitignore mm: improve handling of guest virtual addresses Jan 3, 2017
.travis.yml Revert ".travis.yml: use the MinGW build for coverity" May 25, 2017
ISSUE_TEMPLATE.md cleanups and fix #VE triggering once Jan 12, 2017
LICENSE add license Jul 29, 2016
Makefile compiler/msvc: re-enable some warnings and minor fixes Oct 22, 2017
Makefile.windows Makefile: vmx.S depends on some header files. Jun 2, 2017
README.md README: cleanup May 31, 2017
_config.yml
appveyor.yml appvecyor: include pdb in build Nov 12, 2017
bitmap.h
compiler.h compiler/msvc: re-enable some warnings and minor fixes Oct 22, 2017
epage.c ept: respect memory type May 30, 2017
exit.c vcpu, exit: fix for spectre/meltdown Feb 5, 2018
hotplug.c fix format specifiers Feb 1, 2017
introspect.c ept: respect memory type May 30, 2017
inttypes.h compiler: add inttypes Feb 2, 2017
ksm.c minor cleanup and remove useless field from mtrr structure Jul 27, 2017
ksm.h print: fix format specifier for cpu_nr() Aug 12, 2017
list.h
main_linux.c fix format specifiers Feb 1, 2017
main_nt.c
make_nonpagable.py make_nonpagable.py: minor improvement May 25, 2017
mm.c
mm.h fix MAX_FIXED_MTRR definition Jul 24, 2018
percpu.h percpu: cleanup and add CALL_DPC_ON_CPU Jan 21, 2017
print.c print: minor improvements May 20, 2017
resubv.c
sandbox.c fix format specifiers Feb 1, 2017
vcpu.c vcpu, exit: fix for spectre/meltdown Feb 5, 2018
vmx.S vmx.S: stack shadow space regression fix Jan 19, 2019
vmx.asm epage: use invvpid/invept for single context addresses Jan 21, 2017
vmx.h minor cleanup and remove useless field from mtrr structure Jul 27, 2017
x86.h ept: respect memory type May 30, 2017

README.md

ksm v1.6-dev Build Status Build Status Coverity Scan Build Status BountySource

A really simple and lightweight x64 hypervisor written in C for Intel processors.
KSM has a self-contained physical memory introspection engine and userspace physical memory virtualization which can be enabled at compiletime.

Currently, KSM runs on Windows and Linux kernels natively, and aims to support macOS by 2017, if you want to port KSM see Documentation/SPEC.rst for more information.

Note: You can find Windows 10 precompiled binaries here.

Purpose

Unlike other hypervisors (e.g. KVM, XEN, etc.), KSM's purpose is not to run other Operating Systems, instead, KSM can be used as an extra layer of protection to the existing running OS. This type of virtualization is usually seen in Anti-viruses, or sandboxers or even Viruses. KSM also supports nesting, that means it can emulate other hardware-assisted virtualization tools (VT-x).

Usage under Linux (+sandbox)

asciicast

Features

  • IDT Shadowing
  • EPT violation #VE (Disabled when unavailable - At least Broadwell required)
  • EPTP switching VMFUNC (Emulated when unavailable - At least Haswell required)
  • APIC virtualization (Experimental, do not use)
  • VMX Nesting (Experimental, do not use)
  • Builtin Userspace physical memory sandboxer (Optional)
  • Builtin Introspection engine (Optional)

Requirements

  • An Intel processor (with VT-x and EPT support)
  • A working C compiler (GCC or Microsoft compiler aka CL are supported)

Supported Kernels

  • Windows NT kernel (7/8/8.1/10)
  • Linux kernel (tested under 3.16, 4.8.13 and mainline)

Documentation

Module integration

Few modular examples are included to illustrate usage, those are:

  • epage.c - A shadow executale page hooking mechanism using multiple EPTP.
  • introspect.c - A small and stupid physical memory introspection engine using EPT.
  • sandbox.c - A small, incomplete and simple userspace physical memory sandbox.

See Documentation/BUILDING.rst on how to enable those modules while building.

Issues (bugs, features, etc.)

Feel free to use Github Issues, there is an Issue Template to help you file things as required.

References

  • Linux kernel (KVM)
  • HyperPlatform
  • XEN

License

GPL v2, see LICENSE file. Note that some code is thirdparty, respective licenses and/or copyright should be there, if you think otherwise, feel free to mail me.

You can’t perform that action at this time.