如何在Linux中解码/ proc / pid / pagemap条目?

时间:2013-06-10 09:57:55

标签: linux linux-kernel memory-address

我试图破译如何使用/ proc / pid / pagemap来获取给定页面集的物理地址。假设从/ proc / pid / maps,我得到对应堆的虚拟地址afa2d000-afa42000。我的问题是如何使用此信息遍历页面映射文件,并找到对应于地址afa2d000-afa42000的物理页面框架。

/ proc / pid / pagemap条目是二进制格式。有没有工具可以帮助解析这个文件?

4 个答案:

答案 0 :(得分:3)

我希望这个链接会有所帮助。这是一个非常简单的工具,确定您需要访问的地址非常简单: http://fivelinesofcode.blogspot.com/2014/03/how-to-translate-virtual-to-physical.html

答案 1 :(得分:2)

试试这个 http://www.eqware.net/Articles/CapturingProcessMemoryUsageUnderLinux/ 它可以为您解析页面映射,例如,如果是虚拟地址 你感兴趣的是在0x055468的堆中: = 0004c000-0005a000 rw-p 00000000 00:00 0 [堆] :86000000000FD6D6 :0600000000000000
:0600000000000000
:86000000000FE921
:86000000000FE922
:0600000000000000
:86000000000FD5AD
:86000000000FD6D4
:86000000000FD5F8
:86000000000FD5FA => 9th

假设页面大小为4KB,并且 (0x055468 - 0x4c000)mod 4K = 9, 因此,页面的页面框架编号是第9页框架  ==> :86000000000FD5FA 所以物理pfn是0xFD5FA000(取最后55位和页面大小的时间) 加上偏移量:(0x055468 - 0x4c000 - 9 * 4K)= 0x468 ==>物理地址为0xFD5FA000 + 0x468 = 0xFD5FA468

答案 2 :(得分:2)

Linux内核文档

Linux内核文档描述格式:https://github.com/torvalds/linux/blob/v4.9/Documentation/vm/pagemap.txt 

* Bits 0-54  page frame number (PFN) if present
* Bits 0-4   swap type if swapped
* Bits 5-54  swap offset if swapped
* Bit  55    pte is soft-dirty (see Documentation/vm/soft-dirty.txt)
* Bit  56    page exclusively mapped (since 4.2)
* Bits 57-60 zero
* Bit  61    page is file-page or shared-anon (since 3.5)
* Bit  62    page swapped
* Bit  63    page present

C解析器功能

GitHub upstream 

#define _XOPEN_SOURCE 700
#include <fcntl.h> /* open */
#include <stdint.h> /* uint64_t  */
#include <stdlib.h> /* size_t */
#include <unistd.h> /* pread, sysconf */

typedef struct {
    uint64_t pfn : 54;
    unsigned int soft_dirty : 1;
    unsigned int file_page : 1;
    unsigned int swapped : 1;
    unsigned int present : 1;
} PagemapEntry;

/* Parse the pagemap entry for the given virtual address.
 *
 * @param[out] entry      the parsed entry
 * @param[in]  pagemap_fd file descriptor to an open /proc/pid/pagemap file
 * @param[in]  vaddr      virtual address to get entry for
 * @return 0 for success, 1 for failure
 */
int pagemap_get_entry(PagemapEntry *entry, int pagemap_fd, uintptr_t vaddr)
{
    size_t nread;
    ssize_t ret;
    uint64_t data;

    nread = 0;
    while (nread < sizeof(data)) {
        ret = pread(pagemap_fd, &data, sizeof(data),
                (vaddr / sysconf(_SC_PAGE_SIZE)) * sizeof(data) + nread);
        nread += ret;
        if (ret <= 0) {
            return 1;
        }
    }
    entry->pfn = data & (((uint64_t)1 << 54) - 1);
    entry->soft_dirty = (data >> 54) & 1;
    entry->file_page = (data >> 61) & 1;
    entry->swapped = (data >> 62) & 1;
    entry->present = (data >> 63) & 1;
    return 0;
}

使用它的示例可运行程序:

答案 3 :(得分:0)

如果人们希望从Rust执行此操作,我已添加了Rust实施,以便您轻松导航/proc/$pid/maps/proc/$pid/pagemaphttps://crates.io/crates/vm-info

相关问题
最新问题