Hello
I finally wrote a module and defined two new syscalls to get the PID
and the comm from the thread_info structure (well it's from the
task_struct contained in the thread_info one). The syscalls are
dynamically added in the sys_call_table.
My module works and in user mode i can call my syscalls with the
function syscall. However, it seems that this function is not defined
in Xen (it's in /usr/include/unistd.h).
How can i make that work ?
Do I have to add the module source in Xen and try to link it directly
into Xen and forget about my module ? But if i do so i will have
troubles again with the task_struct or thread_info, which is why i was
trying to do it through the module.
I'm getting out of ideas. Any clue ?
Thanks
Regards
Fred
Le Mon, 2 Feb 2009 10:52:21 +0100,
Frederic Beck <frederic.beck@xxxxxxxx> a écrit :
> Hello
>
> Le Sat, 31 Jan 2009 12:57:04 +0100,
> Bastian Blank <bastian@xxxxxxxxxxxx> a écrit :
>
> > On Thu, Jan 29, 2009 at 04:09:37PM +0100, Frederic Beck wrote:
> > > > Use the audit infrastructure within the Linux kernel.
> > > I took a quick look, audit should be running on the VM it self,
> >
> > It is part of the Linux kernel.
>
> Ok, so the one i was looking at does not seem to be the right one.
> I'll take a look in the kernel code then.
>
> > > as i will have different OS running in my VMs (Linux, windows...)
> > > I'm not sure that it will permit to do what i want.
> >
> > And AFAIK you won't be able to catch "syscalls" on HVM domains
> > anyway.
>
> Well, i thought it was possible, because when i'm running an HVM
> domain, if i print the values of the registers in do_guest_trap from
> xen-3.3.0/xen/arch/x86/traps.c it looks like syscalls.
>
> Maybe i misunderstood something here.
>
> The other solution i was thinking of is adding a module in the kernel
> which would integrate a new syscall whose role would be to get the
> info from the stack address and send it back to the hypervisor via an
> integer in a first time, then maybe later on via a more complex struct
> if i need more info.
>
> In that case, would the hypervisor be able to use that syscall of
> should i modify something more in the hypervisor ? (like creating an
> hypercall maybe ?) This is the parts of the Xen architecture i did not
> get integrally yet.
>
> Anyway, i'll take a look at the kernel audit first.
>
> Thanks for the help
>
> Regards
> Fred
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
Home