Hi Grzegorz,
I am working with HVM domain. Also, I forgot to mention in my previous email
that I am setting debug register DR0 using set_debugreg with the value of next
instruction so that I could trap on that. The way I am setting debug register
with the next instruction value is
next-eip = regs->eip + __get_instruction_length().
Still, I am not seeing it working.
Thanks,
Abhinav
--- On Tue, 24/6/08, Grzegorz Miłoś <gm281@xxxxxxxxx> wrote:
> From: Grzegorz Miłoś <gm281@xxxxxxxxx>
> Subject: Re: [Xen-devel] Question related to Single-step execution and
> Emulation
> To: abhinavs_iitkgp@xxxxxxxxxxx
> Cc: "xen-devel" <xen-devel@xxxxxxxxxxxxxxxxxxx>
> Date: Tuesday, 24 June, 2008, 2:51 PM
> Are you working with an HVM or PV domain?
> Gr(z)egor(z)
>
> >
> > Hi all,
> >
> >
> > I am trying to perform single-stepping and instruction
> emulation both in Xen-3.2.1. I am using the following
> approach:
> >
> > First, I mark a guest page "not present"
> inside the shadow page table so that I could intercept any
> operation that involves this page. When the guest tries to
> access that page, it faults and control goes to Xen
> (sh_page_fault function). There, I emulate that operation
> and return the control to guest to execute next
> instruction. I could get my first part working.
> >
> > In the second part after emulating the instruction
> inside Xen, I want to perform single-step execution from
> next instruction onwards so that I could monitor further
> execution of guest from that point.
> >
> > To achieve that I did following: After emulating an
> instruction inside Xen and before sending the control back
> to guest OS, I set the EFLAGS's trap bit set by doing
> following operation:
> >
> > regs->eflag |= X86_EFLAGS_TF
> >
> > And return the control from sh_page_fault function by
> saying "return EFAULT_FIXED".
> >
> > My understanding is that with this flag set when guest
> completes the execution of the next instruction, it traps to
> Xen with exit reason TRAP_debug and do_debug handler should
> be invoked inside x86/traps.c. From there, again I set
> X86_EFLAGS_TF flag to get guest trapped for next
> instruction and so on. When i want it to be end I will set
> X86_EFLAGS_RF flag.
> >
> > However, when I perform above-mentioned procedure I
> get to see a message "Trace/breakpoint trap" in
> my guest OS only once and my do_debug or
> (debugger_trap_entry method with vector = Trap_debug) does
> not get invoked at all inside Xen. Since trap is not coming
> into Xen, I am not able to get the control after execution
> of instructions.
> >
> > It seems like with my above-described method, I am
> injecting TRAP_debug exception for the instruction that I
> emulate inside the Xen. And, eflag is not set in the
> context of next instruction that will be executed inside
> the guest, which should trap with debug exception.
>
> >
> >
> > It would be great if someone could explain me what i
> am doing wrong here and if yes what would be the right
> approach to perform single-step execution in Xen.
> >
> >
> > Thanks in advance.
> >
> > Regards,
> > Abhinav
> >
> >
> >
> > Explore your hobbies and interests. Go to
> http://in.promos.yahoo.com/groups/
> >
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@xxxxxxxxxxxxxxxxxxx
> > http://lists.xensource.com/xen-devel
> >
Unlimited freedom, unlimited storage. Get it now, on
http://help.yahoo.com/l/in/yahoo/mail/yahoomail/tools/tools-08.html/
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
Home