|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Debugging the hypervisor
On 21/5/08 18:52, "Matthew Donovan" <matthew@xxxxxxxxxxxxxx> wrote: >> What do you require the IDT details for? > > We're working on a security service using VM introspection to monitor the > state of a running guest. We'd like to include the IDT as part of that > monitoring. > >> The right approach to obtain those details is to issue an hvm_save > hypercall and then >> parse the returned guest state to find the IDT details for each VCPU. I > can give >> yous ome more direction on this if that is what you need to be able to do. > > That would be great. Okay, then see xc_domain_hvm_getcontext() as defined in tools/libxc/xc_domain.c and provided by library libxenctrl. An example of its usage is in xc_domain_save.c -- first call is to get required size of the state buffer; second call fills the dynamically allocated buffer. Alternatively I think you can just make the buffer 'plenty big enough', e.g. 64kB. The contents of the state buffer is a set of state records, format you can probably work out after looking in xen/include/public/hvm/save.h and the arch-specific header file xen/include/public/arch-x86/hvm/save.h. You're looking for the hvm_hw_cpu structure, and the idt_base/idt_limit that it contains. You can then map pages of guest memory to walk its pagetables (based on cr0/cr3 values from the hvm_hw_cpu structure) and ultimately get a mapping of its IDT. And from there you can do what yoiu need to do... So overall it's a pretty involved operation to get at the IDT. Whether it's worthwhile depends on how badly you need it. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |