[Lguest] probing the guest os kernel code ?
Rusty Russell
rusty at rustcorp.com.au
Wed Dec 16 09:34:19 EST 2009
On Wed, 9 Dec 2009 08:08:38 pm dylan wrote:
> Rusty Russell 写道:
> > On Wed, 25 Nov 2009 06:01:04 pm dylan wrote:
> >
> >> I want to collect informations about guest os,so i probing the guest os
> >> code using kprobe.
> >> First, I run a guest os(linux-2.6.31) using lguest, and insmod the
> >> fellow module--the code is as follows.
> >>
> >> @%@%> insmod /home/lguest_kprobe_example.ko
> >> [ 11.592410] Planted kprobe at c0163430
> >>
> >> Results is right above,but when I run command "dmeg" to view the print
> >> information,the results are fellows:
> >>
> >> @%@%> dmesg
> >> [ 85.056197] pre_handler1: p->addr = 0xc0163430, ip = c0163431, flags =
> >> 0x286
> >> [ 85.056249] pre_handler2: p->symbol_name=do_fork, p->opcode=85
> >> lguest: Bad address 0xc3a37c34
> >>
> >
> > I'm not surprised. We don't let the guest set debug registers or such. No
> > doubt the breakpoint instruction jumps to hyperspace.
> >
> > I've cc'd some kprobes people, in case they want to add debug register
> > support to lguest
> >
> > Cheers,
> > Rusty.
> >
> >
> Thank you for your answers,but I have some questions.
>
> I have perused the code of kprobes, especially the process of int3 exception ,debug exception and notifier mechanism.
> However, I have not found any places associated with debug registers about above problems.I find some snippets about my questions in kernel code.
Hmm, interesting. You might be right; I wonder why it doesn't work?
I'm not sure I'll get a chance to investigate this further, sorry. But I'd
be interested in what you find!
Thanks,
Rusty.
More information about the Lguest
mailing list