virtualbox原理构架分析文档格式.docx
《virtualbox原理构架分析文档格式.docx》由会员分享,可在线阅读,更多相关《virtualbox原理构架分析文档格式.docx(8页珍藏版)》请在冰豆网上搜索。
VMMR3DECL(int)PATMR3InstallPatch(PVMpVM,RTRCPTRpInstrGC,uint64_tflags){JumpbacktoguestifIF=1,elsefault;
BEGINPROCPATMJumpToGuest_IF1
PATMJumpToGuest_IF1_Start:
movdword[ss:
PATM_INTERRUPTFLAG],0
pushf
testdword[ss:
PATM_VMFLAGS],X86_EFL_IF
jnzPATMJumpToGuest_IF1_Safe
nop
;
IF=0->
unsafe,sofault
popf
PATM_INTERRUPTFLAG],1
PATM_INT3
PATMJumpToGuest_IF1_Safe:
IF=1->
wecansafelyjumpbacktotheoriginalinstruction
DB0xE9
PATMJumpToGuest_IF1_Jump:
DDPATM_JUMPDELTA
PATMJumpToGuest_IF1_End:
ENDPROCPATMJumpToGuest_IF1
Patchrecordforcallinstructions
PATM_JUMPDELTA在补丁代码生成时会被提换为虚拟机中被打补丁的下一条指令以PATM开头的标签都会在补丁代码生成时被替换成相应的地址或变量的值
全局定义类:
VBoxGlobal.h
1,虚拟化分类:
一,基于软件虚拟化:
1,解释执行;
2,扫描与修补技术3,BT技术qemu,vmware
二,硬件辅助虚拟化,
三,类/泛/半虚拟化(xen)
Ring0—ring3技术;
Vm.cpp
Gmm--GlobalMemoryManager,ring-3requestwrappers.
Em.cpp:
EM-ExecutionMonitor/Manager.
*executionloop(theouterloopbeinginEMR3ExecuteVM()).
*ExecuteVM.
*ThisfunctionisthemainloopoftheVM.Theemulationthread
*callsthisfunctionwhentheVMhasbeensuccessfullyconstructed
*andwe'
rereadyforexecutingtheVM.**ReturningfromthisfunctionmeansthattheVMisturnedoffor
*suspended(statealreadysaved)anddeconstructioninnextinline.
VMMR3DECL(int)EMR3ExecuteVM(PVMpVM,PVMCPUpVCpu){…………………………
VMEmt.cpp:
VirtualMachine,TheEmulationThread.
Theemulationthreadmainfunction,withVirtualCPUIDfordebugging.
intvmR3EmulationThreadWithId(RTTHREADThreadSelf,PUVMCPUpUVCpu,VMCPUIDidCpu){
PUVMpUVM=pUVCpu->
pUVM;
Startvm___>
intmain(intargc,char**argv,char**envp)
{for(inti=1;
i<
argc;
i++){/*NOTE:
thecheckheremustmatchthecorrespondingcheckforthe
*optionstostartaVMinhardenedmain.cppandVBoxGlobal.cppexactly,*otherwisetherewillbeweirderrormessages.*/
if(!
:
strcmp(argv[i],"
--startvm"
)
||!
-startvm"
))
returnTrustedMain(argc,argv,envp);
}---------------à
extern"
C"
DECLEXPORT(int)TrustedMain(intargc,char**argv,char**/*envp*/){
LogFlowFuncEnter();
rc=RTThreadCreate(&
thread,VMPowerUpThread,0,0,RTTHREADTYPE_MAIN_WORKER,0,"
PowerUp"
);
…rc=VMR3Create(1,NULL,setVMErrorCallback,NULL,vboxbfeConfigConstructor,NULL,&
gpVM);
if(RT_FAILURE(rc))
}------à
staticintvmR3CreateUVM(uint32_tcCpus,PCVMM2USERMETHODSpVmm2UserMethods,PUVM*ppUVM){………………………..
DECLCALLBACK(int)vmR3EmulationThread(RTTHREADThreadSelf,void*pvArgs){
PUVMCPUpUVCpu=(PUVMCPU)pvArgs;
}
-----------------à
/**
*Theemulationthreadmainfunction,withVirtualCPUIDfordebugging.
*/
intvmR3EmulationThreadWithId(RTTHREADThreadSelf,PUVMCPUpUVCpu,VMCPUIDidCpu){*Therequestloop.
rc=VINF_SUCCESS;
for(;
){/*
rc=EMR3ExecuteVM(pVM,pVCpu);
Log(("
vmR3EmulationThread:
EMR3ExecuteVM()->
rc=%Rrc,}}}/*forever*/}-------------------à
staticintemR3RemExecute(PVMpVM,PVMCPUpVCpu,bool*pfFFDone){Vmmr0.cpp--à
gvmmr0.cpp--à
SUPDrv.c----vbox-Pci.c---底层
(RTSemFastMutexCreate)
VMMRC.cpp*VMM-Raw-modeContext.
*CSAM-GuestOSCodeScanningandAnalysisManager
扫描主函数:
*ExecuteVM.**ThisfunctionisthemainloopoftheVM.Theemulationthread
rereadyforexecutingtheVM.
VMMR3DECL(int)EMR3ExecuteVM(PVMpVM,PVMCPUpVCpu)
{….}驱动文件执行扫描主函数:
intvmR3EmulationThreadWithId(RTTHREADThreadSelf,PUVMCPUpUVCpu,VMCPUIDidCpu){PUVMpUVM=pUVCpu->
{rc=EMR3ExecuteVM(pVM,pVCpu);
EMR3ExecuteVM()->
rc=%Rrc,enmVMState=%d\n"
rc,pVM->
enmVMState));
if(EMGetState(pVCpu)==EMSTATE_GURU_MEDITATION)
vmR3SetGuruMeditation(pVM);
}}
}/*forever*/}---EMR3ExecuteVM-----à
vmR3EmulationThreadWithId
vmR3EmulationThread-------------------à
RTThreadCreateF------------à
--vmR3CreateUVM-----à
VMR3Create-----à
VMPowerUpThread------à
RTThreadCreate---à
TrustedMain---à
main()(main.cpp*VBoxfrontends:
QtGUI("
VirtualBox"
):
*Themain()function)
另外还有:
*/
intmain(intargc,char**argv)(vboxbfe.cpp){returnTrustedMain(argc,argv,NULL);
}intmain(intargc,char**argv,char**envp)(vboxheadless.cpp){//initializeVBoxRuntime
intrc=RTR3InitAndSUPLib();
returnTrustedMain(argc,argv,envp);
}*StarttheemulationthreadsforallVMCPUs.
for(i=0;
cCpus;
i++){rc=RTThreadCreateF(&
pUVM->
aCpus[i].vm.s.ThreadEMT,vmR3EmulationThread,&
aCpus[i],_1M,
RTTHREADTYPE_EMULATION,RTTHREADFLAGS_WAITABLE,
cCpus>
1?
"
EMT-%u"
:
"
EMT"
i);
break;
*Executesone(orperhapsafewmore)instruction(s).**@returnsVBoxstatuscodesuitableforEM.*/
staticintemR3ExecuteInstructionWorker(PVMpVM,PVMCPUpVCpu,intrcGC,constchar*pszPrefix)
patch过程:
CPUMR3RawEnter(pVCpu,NULL);
----à
PATMRawEnter(pVM,pCtxCore);
---à
VMMR3DECL(int)PATMR3InstallPatch(PVMpVM,RTRCPTRpInstrGC,uint64_tflags)--à
staticintpatmDuplicateFunction(PVMpVM,RTRCPTRpInstrGC,PPATMPATCHRECpPatchRec,PPATMP2GLOOKUPRECpCacheRec)--à
intpatmPatchGenSetPIF(PVMpVM,PPATCHINFOpPatch,RTRCPTRpInstrGC)------à
size=patmPatchGenCode(pVM,pPatch,pPB,&
PATMSetPIFRecord,0,false);
----à
PATMSetPIFRecord--à
GLOBALNAMEPATMSetPIFRecord
RTCCPTR_DEFPATMSetPIF_Start
DD0
DDPATMSetPIF_End-PATMSetPIF_Start
DD1
DDPATM_INTERRUPTFLAG
DD0ffffh
intmain(intargc,char**argv)<
vboxbef,main.cpp……>
{returnTrustedMain(argc,argv,NULL);
}----à
DECLEXPORT(int)TrustedMain(intargc,char**argv,char**envp){---à
DECLCALLBACK(int)VMPowerUpThread(RTTHREADThread,void*pvUser)
{--à
-VMMR3DECL(int)VMR3Create(uint32_tcCpus,PCVMM2USERMETHODS..)<
Createsavirtualmachinebycallingthesuppliedconfigurationconstructor.**OnsuccessfulreturnedtheVMispowered,i.e.VMR3PowerOn()shouldbe
*calledtostarttheexecution.>
staticintvmR3CreateUVM(uint32_tcCpus,PCVMM2USERMETHODSpVmm2UserMethods,PUVM*ppUVM)<
vm.cpp>
{-----à
DECLCALLBACK(int)vmR3EmulationThread(RTTHREADThreadSelf,void*pvArgs){---à
intvmR3EmulationThreadWithId(RTTHREADThreadSelf,PUVMCPUpUVCpu,VMCPUIDidCpu)
*executionloop(theouterloopbeinginEMR3ExecuteVM()).>
{---à
intemR3ForcedActions(PVMpVM,PVMCPUpVCpu,intrc)
{----à
VMMR3DECL(int)TRPMR3InjectEvent(PVMpVM,PVMCPUpVCpu,TRPMEVENTenmEvent)
{------à
VMMR3DECL(int)CSAMR3CheckGates(PVMpVM,uint32_tiGate,uint32_tcGates){-----à
staticintCSAMR3AnalyseCallback(PVMpVM,DISCPUSTATE*pCpu,RCPTRTYPE(uint8_t*)pInstrGC,RCPTRTYPE(uint8_t*)pCurInstrGC,
PCSAMP2GLOOKUPRECpCacheRec,void*pUserData)
{----à
VMMR3DECL(int)PATMR3InstallPatch(PVMpVM,RTRCPTRpInstrGC,uint64_tflags){---à
VMMR3DECL(int)PATMR3PatchBlock(PVMpVM,RTRCPTRpInstrGC,R3PTRTYPE(uint8_t*)pInstrHC,
uint32_tuOpcode,uint32_tuOpSize,PPATMPATCHRECpPatchRec)
{---à
PATMClearInhibitIRQContIF0Record,0,false,&
callInfo);
--à
GLOBALNAMEPATMClearInhibitIRQContIF0Record
RTCCPTR_DEFPATMClearInhibitIRQContIF0_Start
DDPATMClearInhibitIRQContIF0_End-PATMClearInhibitIRQContIF0_StartDD11
DDPATM_INHIBITIRQADDR
DDPATM_VMFLAGS
DDPATM_VM_FORCEDACTIONS
DDPATM_TEMP_EAX
DDPATM_TEMP_ECX
DDPATM_TEMP_EDI
DDPATM_TEMP_RESTORE_FLAGS
DDPATM_PENDINGACTION
DDPATM_NEXTINSTRADDR
Privilege0patch0源代码二进制
SCANvboxdrvPrivilege1
patch1
patchn
dpPrivilegepatch
Os-image
VMMKERNEL
升级会员 