[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] using debug registers in hypervisor to intercept access to a function inside HVM

>>> On 29.07.12 at 01:41, LL <nl_bluesky@xxxxxxxxx> wrote:
> I'd like to be able to trap one particular system call invoked in an HVM 
> Windows machine using the Xen hypervisor. I am familiar with Ether 
> implementation that traps all system calls but I am only interested in 
> intercepting 1 system call so Ether mplementation would add unnecessary 
> overhead. My solution to the problem is to set DR01 with the address of the 
> system call (obtained from the SSDT table) and to set DR07 with global flag, 
> which will result in INT1 exception. I looked at the vmx.c code and it 
> apprear INT1 in my setup should be trapped in the  vmx_vmexit_handler() 
> routine under "case TRAP_debug". Unfortunately, I never get inside "case 
> TRAP_debug". I tried setting the DR0 and DR07 registers in the vmx_save_dr() 
> routine as well as on each CR3 context switch but no luck so far in trapping 
> the system call. What am I missing in my implementation?

For one I don't see the connection between system calls and the
SSDT. And even if there was one, the SSDT (as a firmware
resource) would provide physical addresses, whereas debug
registers match virtual ones (and iirc Windows has no a priori
correlation between physical and virtual addresses).


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.