On Fri, Jun 21, 2013 at 12:16 PM, Lluís Vilanova <vilan...@ac.upc.edu>wrote:
> Basim Baig writes: > > > Hello, > > I am currently working on a project where I aim to log every memory > access made > > by a virtual machine running inside of QEMU (for analyzing kernel > behavior). My > > initial approach is to possibly hook into the QEMU mmu implementation > and find > > the place where the guest->host page translation or lookup is done. In > this way > > I can know any pages accessed by the guest (This is only the first level. > > Eventually I would want to get logging at pointer granularity). I have > been > > reading through the source code and online documentations for a week now > to get > > a general sense of the qemu internals and codebase. > > > I just wanted some advice on what direction I should head to (or who I > can talk > > to) If I really want to get into depth of how I can make significant > changes to > > qemu memory management and mmu subsystem. > > This might provide what you're asking (event 'vmem'): > > https://projects.gso.ac.upc.edu/projects/qemu-dbi/wiki Hey, the link is broken for me for some reason. I looked at the cached google copy though and it looks really promising. If I get this straight, I can only add the changes you made for the "vmem" event to trace all possible memory accesses made by the guest? Also I have another question, should I expect it to work with current version of QEMU or is this only compatible with an older version? Thanks, Basim > > > > Lluis > > -- > "And it's much the same thing with knowledge, for whenever you learn > something new, the whole world becomes that much richer." > -- The Princess of Pure Reason, as told by Norton Juster in The Phantom > Tollbooth > >
