|0.2.0-beta7||Jul 24, 2022|
|0.2.0-beta2||Mar 18, 2022|
|0.2.0-beta1||Feb 14, 2022|
|0.1.1||Sep 8, 2020|
|0.0.0||Sep 1, 2020|
#7 in #memflow
memflow's KVM connector
This is a connector for Linux kernel based virtual machines (KVMs), which by utilizing a kernel module directly maps all VM memory. This provides an effortless way to run memflow on all KVM based VMs (not just QEMU), and with highest performance.
This connector requires the memflow module to be present (to access
/dev/memflow interface), and have appropriate permissions to access the interface.
For development purposes, it is possible to
chmod o+rw /dev/memflow to gain access, but it is a security risk.
create_connector accepts a single, optional, argument - PID. This PID will be passed to the
memflow module to select which VM monitor to target, or can be omitted to pick the first found one.