Alpar Torok [...] > > On really new kvms this is no longer true, you can now load a snapshot saved > on a processor from another vendor.
I am really happy to hear that, another good thing about the latest release is that loadvm from console works. Previously Win XP BSOD-ed. [..] In deed, this solves the problem. With kvm 88 ONLY if the -cpu athlon,vendorId=AuthenticAMD option is present, the virtual cpu shows up indeed as an AMD, and the executable runs as expected. In KVM 77 the option seems to have no effect. An interesting thing is that the sample that didn't run in a VM hosted on Intel, runs fine, no matter what the host architecture is as long as -cpu athlon,vendorId=AuthenticAMD OR -cpu core2duo,vendor=GenuineIntel is passed. This makes me think that by default some processor parameters are different that they would be in real hardware. It is thus possible that the malicious executable performs VM detection (but fails if run on AMD host). I will see how KVM behaves with this option when other executables are tested, but i think that setting this option for a sand-box is recommended (it might affect live migration, but i am not interested in that). -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
