Skip to content

Allow TCG plugins to read memory

Goal

As used API and impact is different, this issue is separate from reading registers one.

Technical details

At this point, TCG plugins can get a glimpse of the addresses accessed during the execution by using qemu_plugin_register_vcpu_mem_cb(insn, vcpu_haddr, QEMU_PLUGIN_CB_NO_REGS, rw, NULL); but no way to understand what exactly lies at these addresses.

Adding a new kind of callback and/or the API function to allow reading the memory accessed from that callback handler would make the plugins much more powerful for practical use.

Additional information

  • include/qemu/plugin.h
  • include/qemu/qemu-plugin.h
  • plugin/api.c

PANDA implemented this already (not sure if this solution is acceptable for the mainline QEMU): https://github.com/qemu/qemu/commit/72c661a7f141ab41fbce5e95eb3593b69f40e246

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information