On Sat, Aug 29, 2015 at 10:44:17PM +0300, Elazar Leibovich wrote: > Oh, and the idea of the KVM patch is, for each physical HW bp, add a > relevant entry in the spt, and set the hardware breakpoint > there. This is assuming KVM HW bp works like I think they do.
I'm not sure I follow what you are trying to do. But assuming you are working on a guest OS where some code running in guest context is modifying the page tables, assuming you always see the same PTE or the same range of PTEs being modified, I would just set the PTE mapping that PTE page to RO in KVM and wait for the inevitable exit. The stack trace should then point to the culprit. This crude but simple technique has served me well while writing nom (my operating system). Several time when it hadn't, it turned out that my network adapter was DMA'ing directly into memory it wasn't supposed to. Cheers, Muli _______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
