Generating Log of Guest Physical Addresses from a Kernel Function and Perform Analysis at Runtime

Sahibzada Irfanullah irfan.gomalian at gmail.com
Tue Sep 24 06:10:59 EDT 2019


Dear All,

I have asked this question previously, but some people told me to explain
what I really want to do. First of all, I am completely naïve andnewbie in
the kernel development.

I am trying to develop my own program that generate the log of guest
physical addresses by trying to save the contents of "gpa" variable (which
is present in the handle_ept_violation()functino in vmx.c ) into my file. I
have found one sample code online (which uses filp_open(), filp_close(),
kernel_read(), and kernel_write() functions), this code is working in the
kernel space as a kernel module, but not working for my task in the
handle_ept_voilation().

My actual goal is to generate log of physical addresses for different
applications by writing them into the file, and then perform some analysis
at runtime in this function by reading the logs from the log file.
Furthermore, I want a file which size can dynamically grow as the size of
log increases.

I know that reading/writing in a kernel is not a good idea, but due to
nature of the task, I have to this.

Thank you very much for your help.
-- 
Regards,

*Mr. Irfanullah*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20190924/06255435/attachment.html>


More information about the Kernelnewbies mailing list