In fact, my tool walks through paging data structures (entry by entry)
using the function "kvm_read_guest" (sorry i don't have my machine with
me right now to poste my code :-( ).
for example to read PDPTEs, I do something like this:
for(i = 0; i < 32; i= i + 8)
{
kvm_read_guest(kvm, cr3
On 01/12/2015 19:30, Yacine HEBBAL wrote:
> Hi all,
> I'm trying to build some tools on top of kvm in order to debug, monitor and
> reverse engineer the guest OS (ubuntu 12.04, 32 bits)
> One of my tools walks through (and prints) the guest paging data structures
> as following: cr3 -> pdpte -> p
