ksm icon indicating copy to clipboard operation
ksm copied to clipboard
verified publisher icon asamy

read_vmcs(GUEST_CR3) error

Open sctb512 opened this issue 6 years ago • 0 comments

Type of this issue (please specify)

  • [ ] This is a bug in the upstream tree as-is unmodified.
  • [ ] This is a support matter (i.e. your own modified tree)
  • [x] This is a technical question

System information

  1. CPU: inrel core i5-6200u
  2. Kernel: linux
  3. Kernel version: 3.16.0-23-generic

Issue description

I want to execute read_vmcs(GUEST_CR3), but it occurs errors. I want to creat a model for EPT translating. what should i do? Thanks.

open_device(); do_ioctl(dev, KSM_IOCTL_SUBVERT, NULL, 0); do_ioctl(dev, KSM_MY_EPT_START, NULL, 0); do_ioctl(dev, KSM_MY_EPT_HANDLE, NULL, 0); ......

case KSM_MY_EPT_HANDLE: ...... cr3 = vmcs_read(GUEST_CR3);

For Linux

  • ksmlinux.ko and ksmlinux.o
  • Stack dump from dmesg or kernel panic [ 1113.715543] ksm: CPU 1: ksm_open: open() from a.out [ 1113.716271] ksm: CPU 1: ksm_ioctl: ioctl from a.out: cmd(0x00004B02) [ 1113.843726] ksm: CPU 0: vcpu_run: cpu[0]: vmxon succeed. [ 1113.845012] ksm: CPU 0: __ksm_init_cpu: systemd-udevd: Started: 1 [ 1114.003092] ksm: CPU 1: vcpu_run: cpu[1]: vmxon succeed. [ 1114.003866] ksm: CPU 1: __ksm_init_cpu: a.out: Started: 1 [ 1114.003904] ksm: CPU 1: ksm_ioctl: ioctl ret: 0 [ 1114.005308] ksm: CPU 1: ksm_ioctl: ioctl from a.out: cmd(0x00004B0E) [ 1114.005315] ksm: CPU 1: ksm_my_ept_start: ksm_my_ept_starting!! [ 1114.005327] ksm: CPU 1: ksm_ioctl: ioctl ret: -22 [ 1114.005338] ksm: CPU 1: ksm_ioctl: ioctl from a.out: cmd(0x00004B10) [ 1114.005339] ksm: CPU 1: ksm_my_ept_handle: vcpu activate is 2 [ 1114.006281] invalid opcode: 0000 [#1] SMP [ 1114.006604] Modules linked in: linux_ksm(OE) vmhgfs(OE) vmw_vsock_vmci_transport vsock kvm_intel kvm crct10dif_pclmul crc32_pclmul ghash_clmulni_intel vmw_balloon aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd snd_ens1371 snd_ac97_codec ac97_bus gameport snd_pcm snd_seq_midi snd_seq_midi_event snd_rawmidi serio_raw snd_seq snd_seq_device vmwgfx snd_timer ttm drm_kms_helper snd drm soundcore vmw_vmci i2c_piix4 shpchp bnep rfcomm bluetooth 6lowpan_iphc mac_hid parport_pc ppdev lp parport hid_generic usbhid hid psmouse mptspi mptscsih ahci libahci mptbase e1000 scsi_transport_spi pata_acpi vmw_pvscsi vmxnet3 [last unloaded: linux_ksm] [ 1114.006886] CPU: 1 PID: 6901 Comm: a.out Tainted: G OE 3.16.0-23-generic #31-Ubuntu [ 1114.006888] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 05/19/2017 [ 1114.006893] task: ffff8800362c5bb0 ti: ffff880008d9c000 task.ti: ffff880008d9c000 [ 1114.006895] RIP: 0010:[] [] ksm_my_ept_handle+0x30/0x54 [linux_ksm] [ 1114.006924] RSP: 0018:ffff880008d9feb0 EFLAGS: 00000282 [ 1114.006925] RAX: 0000000000000032 RBX: ffffffffffffffea RCX: 0000000000006802 [ 1114.006927] RDX: 0000000000000007 RSI: 0000000000000046 RDI: 0000000000000246 [ 1114.006928] RBP: ffff880008d9feb0 R08: 0000000000000845 R09: 0000000000000082 [ 1114.006932] R10: 00007fd9aa68e6a0 R11: 796d5f6d736b203a R12: 0000000000000000 [ 1114.006933] R13: ffff8800584566b8 R14: 0000000000004b10 R15: 0000000000000000 [ 1114.006935] FS: 00007fd9aa89e740(0000) GS:ffff88007c620000(0000) knlGS:0000000000000000 [ 1114.006937] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1114.006938] CR2: 00007fd9aa8b5000 CR3: 0000000077c6f000 CR4: 00000000003407e0 [ 1114.006999] Stack: [ 1114.007001] ffff880008d9fed0 ffffffffc05d6133 ffff8800362c61a0 ffff880078d53600 [ 1114.007006] ffff880008d9ff38 ffffffff811f4bc8 ffff8800164bc600 ffff88007c634800 [ 1114.007008] ffff8800164bc600 0000000000000001 ffff880008d9ff60 ffffffff8178294d [ 1114.007010] Call Trace: [ 1114.007020] [] ksm_ioctl+0x93/0x260 [linux_ksm] [ 1114.007062] [] do_vfs_ioctl+0x2c8/0x4a0 [ 1114.007104] [] ? __schedule+0x39d/0x890 [ 1114.007107] [] SyS_ioctl+0x81/0xa0 [ 1114.007113] [] system_call_fastpath+0x1a/0x1f [ 1114.007115] Code: 55 8b 0f 48 c7 c2 10 d6 5d c0 48 c7 c7 50 e2 5d c0 31 c0 48 89 e5 65 8b 34 25 84 b0 00 00 e8 74 f8 19 c1 b9 02 68 00 00 0f 78 c9 <0f> 96 c0 48 c7 c2 10 d6 5d c0 48 c7 c7 80 e2 5d c0 31 c0 65 8b [ 1114.007140] RIP [] ksm_my_ept_handle+0x30/0x54 [linux_ksm] [ 1114.007144] RSP [ 1114.007237] ---[ end trace 66246c1b37ae79a0 ]--- [ 1114.010532] ksm: CPU 1: ksm_release: release() from a.out

Expected Behavior

read cr3 of guest and translate EPT from gva to hpa.

sctb512 avatar Oct 12 '19 07:10 sctb512