[Qemu-devel] Catching system calls and PIDs in Qemu

[Ricardo Alves]

Need Help!

I am editing the Qemu source code to be able to catch every system call made by 
the guest OS and which processes do those system calls.

I catch the system calls in the "void do_interrupt(CPUState *env1)" 
(op_helper.c) function by accessing the exception index on the cpu environment 
(env->exception_index == 0x80) and inspecting the system call ID in the eax 
register.

The difficulty resides in finding the process that made the system call. Linux 
uses the thread_info struct to store process information. The method to find 
this struct location is to apply a mask to the esp register and I would get the 
struct pointer. In qemu I would just do this -- target_ulong pos = 
env->regs[R_ESP] & 0xFFFFE000.

The problem is that I don't know how to access the guest main memory. The qemu 
function I found to access memory was this one -- void 
cpu_physical_memory_rw(target_phys_addr_t addr, uint8_t *buf,int len, int 
is_write) (exec.c). But as far as I know (I could be wrong) this function 
receives a guest physical adress and the one I have is a guest virtual adress. 
Can anybody help me convert this guest virtual adress to a guest physical 
adress?

Thank you.