[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] intercept and capture fast system call of linux

hi,
I want to intercept and capture fast  system call of linux. 
(1)I set GUEST_SYSENTER_EIP to   0xDDDDD0AE in vmx_vmexit_handlerand save the real value.
(2)When a fast syscall come,  I will caputue it in sh_page_fault.
(3) Then I set the real GUEST_SYSENTER_EIP(c0103ef0, ia32_sysenter_target) to GUEST_RIP.

But, I encounter Infinite loops as below. I always capture the same syscall.  
In sh_page_fault, I have successfully set c0103ef0 to GUEST_RIP.But I still capure a page fault , the GUEST_RIP is ddddd0ae.
why?

(XEN) MIT SYSCALL 7
(XEN) MITCTL: sh_page_fault syscall real_rip  ddddd0ae ddddd0ae   
(XEN) MITCTL: sh_page_fault syscall real_rip  ddddd0ae
(XEN) MITCTL: sh_page_fault syscall real_rip  c0103ef0
(XEN) MITCTL:vmx_set_sysenter_msrs GUEST_SYSENTER_EIP ddddd0ae 60
(XEN)  vmx_vmenter_helper MITCTL: sh_page_fault syscall real_rip  c0103ef0
(XEN) TRAP_page_fault
(XEN) MIT SYSCALL 7
(XEN) MITCTL: sh_page_fault syscall real_rip  ddddd0ae ddddd0ae
(XEN) MITCTL: sh_page_fault syscall real_rip  ddddd0ae
(XEN) MITCTL: sh_page_fault syscall real_rip  c0103ef0
(XEN) MITCTL:vmx_set_sysenter_msrs GUEST_SYSENTER_EIP ddddd0ae 60
(XEN)  vmx_vmenter_helper MITCTL: sh_page_fault syscall real_rip  c0103ef0
(XEN) TRAP_page_fault
(XEN) MIT SYSCALL 7







_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.