On Fri, Nov 28, 2014 at 04:17:10PM -0800, Jidong Xiao wrote: > Hi, > > I notice that Qemu supports dump virtual memory of Guest OS. As this > page suggests: > > ======== > http://doc.opensuse.org/products/draft/SLES/SLES-kvm_sd_draft/cha.qemu.monitor.html > > To save the content of the virtual machine memory to a disk or console > output, use the following commands: > > memsave addr size filename > > Saves virtual memory dump starting at addr of size size to file filename > > pmemsave addr size filename > > Saves physical memory dump starting at addr of size size to file filename > ========= > > I understand that hypervisors certainly know the physical memory of > virtual machine, but how does it know the virtual memory of the Guest > OS? I think the hypervisor has no semantic knowledge of the Guest OS, > and such knowledge should be different for different OS (e.g., Windows > vs Linux), so I am really surprised that Qemu can dump the virtual > memory of the Guest OS. Can someone kindly give me some explanation? > Thank you very much!! It's different for each *architecture*, but not for each OS. For example on x86 it starts by reading the CR* control registers, and then the page tables (see target-i386/helper.c: x86_cpu_get_phys_page_debug). Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com libguestfs lets you edit virtual machines. Supports shell scripting, bindings from many languages. http://libguestfs.org -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
