使用GDB读取MSR [英] Using GDB to read MSRs

问题描述

在使用GDB调试程序时，是否有某种方法可以读取特定于x86-64模型的寄存器，尤其是IA32_FS_BASE和IA32_GS_BASE?

Is there some way to read the x86-64 model-specific registers, specifically IA32_FS_BASE and IA32_GS_BASE, while debugging a program using GDB?

使用像Intel的Pintool这样的动态工具包的解决方案更不可取，但还是一样.

Less preferable would be a solution using a dynamic instrumentation package like Intel's Pintool, but it would be appreciated all the same.

推荐答案

如果您不希望更改代码(或者如果代码不可用)，则可以通过以下方式执行类似于amdn的答案的操作.对arch_prctl的调用需要一个指向uint64_t的指针，为此，我使用该地址指向堆栈的空白部分(当前堆栈指针下方的8个字节).调用返回后，读取存储在该位置的8字节值.

If you prefer not changing your code (or if the code is not available) you could do something similar to amdn's answer in the following way. The call to arch_prctl requires a pointer to a uint64_t, for which I use the address to an empty portion of the stack (8 bytes below the current stack pointer). After the call returns, read the 8 byte value stored at the location.

使用的常量:ARCH_GET_FS = 0x1003，ARCH_GET_GS = 0x1004

Constants used: ARCH_GET_FS = 0x1003, ARCH_GET_GS = 0x1004

(gdb) p $rsp
$1 = (void *)0x7fffffffe6f0

(gdb) call arch_prctl(0x1003, $rsp - 0x8)    
$2 = 0 
(gdb) x /gx $rsp - 0x8
0x7fffffffe6e8: 0x00007ffff7fe0700   => IA32_FS_BASE

(gdb) call arch_prctl(0x1004, $rsp - 0x8)
$3 = 0 
(gdb) x /gx $rsp - 0x8
0x7fffffffe6e8: 0x0000000000000000   => IA32_GS_BASE

这篇关于使用GDB读取MSR的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！