[Lguest] Kprobes module makes lguest crash when inserted

Tue Sep 11 16:54:40 EST 2007

On Tue, 2007-09-11 at 15:07 +0900, Alexandre Courbot wrote:
> Hello Rusty, thanks for your reply!
> 
> >         Yes, I'm not surprised it fails.  We don't support debug register
> > manipulation in the guest.  Not for any particularly good reason, mind
> > you, I just never got around to it and you're the first person to want
> > it.
> >
> > It's not that hard to do, but it requires some understanding of debug
> > registers.  Anyone with an Intel manual can implement it (a new
> > hypercall plus some sanity checking plus restoring debug registers
> > before entering the guest).
> 
> Allright, I see. So maybe I could have a look at this stuff then - I'm
> neither a kernel expert nor do I know much about debug registers, but
> maybe with the proper documentation I could come with something.
> Lguest by itself is rather compact and well documented, which would
> help a lot. Do you think that would be realistic in a reasonable
> amount of time, or would it require more experience?

No, it should be straight forward if you do it one piece at a time.
Intel's manuals are on their web site (you want System Programming Guide
Part 2, Chapter 18 Debugging and Performance Monitoring).

The process would look like this:

1) Add hypercalls LHCALL_SET_DEBUGREG(regnum, val) and
   LHCALL_GET_DEBUGREG(regnum).

2) Hook them into the get_debugreg and set_debugreg entries in
   paravirt_ops.

3) Add a debugregs[8] array into struct lguest, and make the hypercalls
   set and get them.

4) Sanity check what they put in those registers.  Registers 0 to 3 are
   breakpoint addresses (don't let them put switcher addresses here!). 
   Register 7 is the control register: see arch/i386/kernel/ptrace.c to
   see how the kernel checks it from userspace.

5) In copy_in_guest_info(), set the debug reg 7 to 0 to disable all
   breakpoints, then set debug regs 0-3 from debugregs[].

6) In the switcher, set reg 7 to what guest expects (it has to be in the
   switcher, otherwise the guest might cause a breakpoint in the host). 
   This might be a bit tricky, but perhaps you can put it on top of the
   stack?

7) When the guest flips back, if the trap is a debug trap, save the
   debug reg 6 (the status register).

Then add optimizations to taste...

Cheers!
Rusty.