虚拟地址到物理地址的转换
[英]Translation of virtual address to physical address
问题描述
I have a question of how can we translate the virtual address and get a mapping of that address to the physical memory location. 
我有一个问题,我们如何才能转换虚拟地址并获得该地址到物理内存位置的映射。
I have a Windows VM running on Qemu which is hosted on my Ubuntu Linux system. 我有一个运行在Qemu上的Windows VM,该Windows VM托管在我的Ubuntu Linux系统上。 I want to know how can we map programs running on Windows VM to a physical memory location on the host/Linux machine. 我想知道我们如何将Windows VM上运行的程序映射到主机/ Linux计算机上的物理内存位置。
How can we do this virtual to physical mapping? 我们如何进行虚拟到物理的映射?
Thanks and advance. 谢谢,提前。
1 个解决方案
解决方案1
1 已采纳 2017-02-17 23:31:45
how can we translate the virtual address and get a mapping of that address to the physical memory location.
In windows you can find physical address from virtual using kernel debugger "KD" (part of Windows SDK : https://msdn.microsoft.com/en-us/library/windows/hardware/ff539310(v=vs.85).aspx "Converting Virtual Addresses to Physical Addresses" or http://resources.infosecinstitute.com/translating-virtual-to-physical-address-on-windows-physical-addresses/ : 在Windows中,您可以使用内核调试器“ KD”( Windows SDK的一部分: https : //msdn.microsoft.com/en-us/library/windows/hardware/ff539310(v = vs.85))从虚拟中找到物理地址。 aspx “将虚拟地址转换为物理地址”或http://resources.infosecinstitute.com/translate-virtual-to-physical-address-on-windows-physical-addresses/ :
Address Conversion Using
!vtop.!vtop地址转换。 Suppose you are debugging a target computer on which the MyApp.exe process is running and you want to investigate the virtual address 0x0012F980.
In linux there is /proc/pid/pagemap file (where pid is process ip of target process - you should know that every process has own virtual-to-physical mapping), and there is post about pagemap parsing: http://fivelinesofcode.blogspot.ru/2014/03/how-to-translate-virtual-to-physical.html 在Linux中,有/proc/pid/pagemap文件(其中pid是目标进程的进程ip-您应该知道每个进程都有自己的虚拟到物理映射),并且有关于页面映射解析的文章: http:// fivelinesofcode .blogspot.ru / 2014/03 / how-to-translate-virtual-to-physical.html
I have a Windows VM running on Qemu which is hosted on my Ubuntu Linux system.
In your case there are two nested OS. 在您的情况下,有两个嵌套的OS。 There is some windows application in Windows OS. Windows操作系统中有一些Windows应用程序。 Windows OS thinks that it has some physical memory; Windows OS认为它具有一些物理内存。 but in fact it is emulation of physical memory by Qemu emulator. 但实际上它是Qemu仿真器对物理内存的仿真。
Qemu is (in simplest non-accelerated case) just one of user application in linux; Qemu(在最简单的非加速情况下)只是Linux中的用户应用程序之一; it has only virtual memory from Linux. 它只有Linux的虚拟内存。 So, memory which is emulated for Windows as physical (guest-physical) is actually host-virtual (but it is not 1-to-1 mapping, there is also qemu translation with some "memory-backend", which probably maps huge regions of guest-physical to host-virtual - http://blog.vmsplice.net/2016/01/qemu-internals-how-guest-physical-ram.html ; check also Print range of memory addresses in qemu ). 因此,在Windows中模拟为物理(客体物理)的内存实际上是主机虚拟的(但不是一对一映射,还有带有某些“内存后端”的qemu转换,它可能映射了很大的区域从访客虚拟主机到虚拟主机-http: //blog.vmsplice.net/2016/01/qemu-internals-how-guest-physical-ram.html ;还请检查qemu中的内存地址范围 )。
I want to know how can we map programs running on Windows VM to a physical memory location on the host/Linux machine.
Use Windows KD debugger to convert guest-virtual address from inner program to guest-physical address. 使用Windows KD调试器将来宾虚拟地址从内部程序转换为来宾物理地址。 Then use qemu command line to find, how qemu mapped guest-physical to virtual memory of qemu process (to host-virtual), get host-virtual address and convert it to host-physical with pagemap special file from 然后使用qemu命令行查找qemu如何将guest-physical映射到qemu进程的虚拟内存 (到host-virtual),获取host-virtual地址,并将其转换为带有pagemap特殊文件的host-physical。
/proc/`pidof qemu-system-x86_64`/pagemap
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.