[vbox-dev] IDT kernel patching
albert
skarbat at gmail.com
Wed Oct 8 10:43:36 GMT 2008
Greetings all,
My apologies if this is not the correct newsgroup for the following
question:
I am patiently migrating the rr0d kernel debugger (
http://rr0d.droids-corp.org/)
to run smoothly inside a windows xp guest. The host system is a Debian
running virtualbox 1.6.2.
Video direct memory access seems to be partially fine, but the biggest
problem seems to be the interrupt table patching.
It would appear that Virtualbox doesn't like anybody from touching the
kernel supervisor arena,
even from ring 0. Is this a limitation of the software? Or is the debugger
really doing something nasty?
The debugger code calls the mnemonic sidt to obain the base address to the
IDT (which works fine) and then patches several entries to get control over
certain interrupts (int 0, 3, 13 and a few others)
During this operation, I get the following entries in the virtualbox log
file:
FATAL ERROR: trpmgcShadowIDTWriteHandler: eip=F4226AD2
pvFault=F700F468 pvRange=F700F450
CheckPageFault: write to hypervisor region f700f46c
FATAL ERROR: trpmgcShadowIDTWriteHandler: eip=F4226AF3
pvFault=F700F46C pvRange=F700F450
Any suggestions greatly appreciated.
cheers,
albert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.virtualbox.org/pipermail/vbox-dev/attachments/20081008/e59d0fa9/attachment.html>
More information about the vbox-dev
mailing list