[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] using debug registers in hypervisor to intercept access to a function inside HVM

  • To: xen-devel@xxxxxxxxxxxxx
  • From: LL <nl_bluesky@xxxxxxxxx>
  • Date: Sat, 28 Jul 2012 16:41:30 -0700 (PDT)
  • Delivery-date: Sun, 29 Jul 2012 06:03:05 +0000
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Subject:To:MIME-Version:Content-Type; b=0vKh9IaVxNWK2RBIKOZySRhE1o8MHflpRs9mFXZZi2MWfeIrE/VHwKGhT/2m3fbc2IIsFuzkaUwoSbQLKUS8tOvhkeOEfSlYARLvHCVb/2EY3e0w3sMRUFLvcx/7gG0iDtupqT6s5x8ww/nHlUY3aeCaHsZ65O3NKM3lwloZUXI=;
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>


I'd like to be able to trap one particular system call invoked in an HVM Windows machine using the Xen hypervisor. I am familiar with Ether implementation that traps all system calls but I am only interested in intercepting 1 system call so Ether mplementation would add unnecessary overhead. My solution to the problem is to set DR01 with the address of the system call (obtained from the SSDT table) and to set DR07 with global flag, which will result in INT1 exception. I looked at the vmx.c code and it apprear INT1 in my setup should be trapped in the  vmx_vmexit_handler() routine under "case TRAP_debug". Unfortunately, I never get inside "case TRAP_debug". I tried setting the DR0 and DR07 registers in the vmx_save_dr() routine as well as on each CR3 context switch but no luck so far in trapping the system call. What am I missing in my implementation?

Thank you,

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.