On 11 August 2015 at 13:53, Igor R <boost.li...@gmail.com> wrote: > Reading ttbr0 worked for me on ARM, reading cr3 worked on x86. > Now I'm looking for a similar thing on MIPS. I.e. I need a pointer to the > process' translation table - something that can be compared to task->mm->pgd > (after virt2phys conversion). > I'd appreciate any idea!
I would start by looking at how the guest kernel finds this information (which registers it reads, etc). Then you can look at where QEMU stores the state information which those registers correspond to. -- PMM
