Hello Friends, My name is Alex Binun and I am a researcher in the group of Prof. Shlomi Dolev, Ben-Gurion University of the Negev, Israel, http://www.cs.bgu.ac.il/~dolev/. The group investigates security in virtualization environments and implements a prototype on the top of KVM. Searching for relevant stuff we (the group) ran into the page of Stefan , see his latest blog entry http://blog.vmsplice.net/search?updated-min=2013-01-01T00:00:00Z&updated-max=2014-01-01T00:00:00Z&max-results=5, and got your email.
Our first task is to trace the traffic between individual VMs and between VMs and the VMM (the KVM driver). So we are searching for proper places to insert "sniffer code". We suspect that some functions in qemu/hw/virtio should be targeted. And we will appreciate any hints on this places. Taking into account the efforts towards the standardization of virtual input/output mentioned by Stefan in his latest blog entry, the places for inserting traffic sniffers can be easily found. Great thanks in advance, Mark, Martin and Alex
