如何检查vsdo变量?
问题描述:
我想检查一下vsyscall_gtod_data的内容(所有的时间保持clock_gettime()工作所需的相关信息)。如何检查vsdo变量?
我使用gdb进行单步通过__vdso_clock_gettime的汇编代码()和我看的以下部分:
0x00007ffff7ffaa71 <clock_gettime+129>: cmp eax,DWORD PTR [rbx]
0x00007ffff7ffaa73 <clock_gettime+131>: je 0x7ffff7ffaa47 <clock_gettime+87>
0x00007ffff7ffaa75 <clock_gettime+133>: jmp 0x7ffff7ffaa56 <clock_gettime+102>
0x00007ffff7ffaa77 <clock_gettime+135>: pause
0x00007ffff7ffaa79 <clock_gettime+137>: mov r12d,DWORD PTR [rbx]
=> 0x00007ffff7ffaa7c <clock_gettime+140>: test r12b,0x1
0x00007ffff7ffaa80 <clock_gettime+144>: jne 0x7ffff7ffaa77 <clock_gettime+135>
0x00007ffff7ffaa82 <clock_gettime+146>: mov eax,DWORD PTR [rip+0xffffffffffffd5fc] # 0x7ffff7ff8084
0x00007ffff7ffaa88 <clock_gettime+152>: mov DWORD PTR [rbp-0x1c],eax
0x00007ffff7ffaa8b <clock_gettime+155>: mov rax,QWORD PTR [rip+0xffffffffffffd61e] # 0x7ffff7ff80b0
0x00007ffff7ffaa92 <clock_gettime+162>: mov QWORD PTR [rsi],rax
0x00007ffff7ffaa95 <clock_gettime+165>: mov edx,DWORD PTR [rip+0xffffffffffffd5e9] # 0x7ffff7ff8084
0x00007ffff7ffaa9b <clock_gettime+171>: mov r10,QWORD PTR [rip+0xffffffffffffd616] # 0x7ffff7ff80b8
0x00007ffff7ffaaa2 <clock_gettime+178>: cmp edx,0x1
0x00007ffff7ffaaa5 <clock_gettime+181>: je 0x7ffff7ffabc0 <clock_gettime+464>
,我相信是用于下面的C代码的程序集(从Linux的4.8.0 /拱/ 86 /包含/ ASM/vgtod.h):
static inline unsigned gtod_read_begin(const struct vsyscall_gtod_data *s)
{
unsigned ret;
repeat:
ret = ACCESS_ONCE(s->seq);
if (unlikely(ret & 1)) {
cpu_relax();
goto repeat;
}
smp_rmb();
return ret;
}
(组装指令pause匹配cpu_relax())
据我了解struct vsyscall_gtod_data *s在rbx举行,地址在此指令读取:
mov r12d,DWORD PTR [rbx]
含义是,调试程序可以读取该地址,但是当我试图研究它在gdb我得到一个错误:
(gdb) x $rbx
0x7ffff7ff8080: Cannot access memory at address 0x7ffff7ff8080
(gdb)
任何有关正在发生的事情以及如何检查内存的想法?
答
我认为你正试图访问一个只有当你有“特权级别”0(操作系统级别)才能访问的内存位置。不要相信我的名字,几天前我在英特尔手册上看过它,所以我可能会弄错行话,但这个概念应该是正确的。
我不是100%确定这将足以sudo,但尝试不会伤害。我知道一些指令计数寄存器有类似的问题,如果您使用sudo,可以从用户空间访问它们。