尝试从task_struct读取进程的寄存器值 [英] Trying to read register values of a process from task_struct
问题描述
目前,我能够找到所编写程序的寄存器值,但无法找到其他进程的寄存器值.
Currently I'm able to find the register values for the program which was written, but not for other processes.
到目前为止,我写的是:
What I have written so far is is:
#include <linux/sched.h>
struct task_struct *task_list;
for_each_process(task_list){
register int* pc asm("%pc");
register int mar asm("%mar");
register int mdr asm("%mdr");
register int cir asm("%cir");
register int acc asm("%acc");
register int ir asm("%ir");
register int eax asm("%eax");
register int ebx asm("%ebx");
register int ecx asm("%ecx");
register int edx asm("%edx");
register int ip asm("%ip");
register int esp asm("%esp");
register int ebp asm("%ebp");
register int esi asm("%esi");
register int edi asm("%edi");
register int of asm("%of");
register int df asm("%df");
register int _if asm("%if");
register int tf asm("%tf");
register int sf asm("%sf");
register int zf asm("%zf");
register int af asm("%af");
register int pf asm("%pf");
register int cf asm("%cf");
}
I realize I need to use task_list and point to an element within the struct here, but I cannot seem to locate which element contains the registers.
推荐答案
您可以使用 task_pt_regs()宏从 task_struct 访问寄存器.它产生一个指向 struct pt_regs 的指针(
You can access the registers from a task_struct using the macro task_pt_regs(). It yields a pointer to a struct pt_regs (definition) which is the saved copy of all the thread's registers from when it entered the kernel.
例如:
struct task_struct *t = /* find the one you want */ ;
unsigned long tasks_eax = task_pt_regs(t)->ax;
请注意,尽管有名称,但 ax 成员是完整的32位 eax 寄存器(在x86-32上)或64位 rax 注册(在x86-64上).
Note despite the name, the ax member is the full 32-bit eax register (on x86-32) or 64-bit rax register (on x86-64).
另请参阅:
