Fun new virt tools: virt-dmesg and virt-uname

About 4 years ago I wrote some code that peeks into the memory of guests, reads out the kernel, and finds out useful stuff: symbols, process tables, kernel messages, network interfaces and so on. Actually I should say at this point you can already do this using the excellent crash tool, and if you have the debuginfo for all your guest kernels, you should use that tool. My code was trying to be more ambitious, because it heuristically examined the kernel memory, guessing the location of various structures.

Well, that code was not so successful. Heuristics only take you so far when you’re looking at something as complex and variable as the process table. One day I hope to make a big breakthrough to make it all possible.

Nevertheless, some things worked quite well: it was actually pretty easy to snoop out the kernel symbols, and once you’ve got those some of the more static kernel structures are easily accessible.

For the past few days I’ve been working on two tools derived from that.

virt-dmesg shows you the kernel messages from a running Linux virtual machine:

# virt-dmesg F14x64 | tail -5
<6>[   11.609206] lo: Disabled Privacy Extensions
<6>[   11.634902] ip6_tables: (C) 2000-2006 Netfilter Core Team
<6>[   15.286998] eth0: link up, 100Mbps, full-duplex, lpa 0x05E1
<7>[   21.898345] mtrr: no MTRR for f0000000,100000 found
<7>[   25.714129] eth0: no IPv6 routers present

virt-uname shows the utsname structure:

# virt-uname Fedora14
Linux f14x64.home.annexia.org 2.6.35.11-83.fc14.x86_64 #1 SMP
Mon Feb 7 07:06:44 UTC 2011 x86_64 (none)

The main page for virt-dmesg and virt-uname is here, and there is also a git repository.

You will need a bunch of patches against libvirt to make it work. I have updated libvirt in Rawhide with all the required patches, and without that version of libvirt it definitely won’t work at all.

It works for many, but not all, guests that I’ve tried. The main problem is with guests that don’t enable the full kallsyms feature. If the guest doesn’t have all of the kernel configuration options below enabled, then you may have to fall back to dumping out the kernel and grepping through it with “strings”.

CONFIG_KALLSYMS=y
CONFIG_KALLSYMS_ALL=y
CONFIG_KALLSYMS_EXTRA_PASS=y

virt-uname

# virt-uname CentOS5x32
Guest            System name      
CentOS5x32       Linux centos5x32.home.annexia.org 2.6.18-128.7.1.el5 #1 SMP Mon Aug 24 08:20:55 EDT 2009 i686 
# virt-uname CentOS5x32 --csv
Guest,System name
CentOS5x32,Linux centos5x32.home.annexia.org 2.6.18-128.7.1.el5 #1 SMP Mon Aug 24 08:20:55 EDT 2009 i686

The query is done over an authenticated and encrypted SNMPv3 connection into the guest. This requires that the guest is running snmpd, but the end game here would be to have snmpd installed routinely, with a minimal config that only answers localhost connections which are properly encrypted with the key known only by the host and the guest.

Code here, and previous discussion.

Edit:

# virt-uptime CentOS5x32
Guest            Uptime
CentOS5x32       3 hours, 16:33.96
# virt-ping 
Guest            Status           
CentOS5x32       ok               

virt-ifconfig

Today I finished off a tool which everyone has been asking for, virt-ifconfig – list the IP addresses of your virtual machines:

# virt-ifconfig
Guest                Iface   Family  IP address
CentOS5x32           eth0    inet    192.168.122.17
CentOS5x32           eth0    inet6   fe80::5652:ff:fe3c:7611

You can grab some very experimental source code from this repository.

Next up will be: virt-ps, virt-uname, virt-route, virt-dmesg, and more …