From nobody Wed Nov 5 16:41:02 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=virtuozzo.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1535546765469499.5340852681991; Wed, 29 Aug 2018 05:46:05 -0700 (PDT) Received: from localhost ([::1]:42929 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fuzrH-0007fj-NY for importer@patchew.org; Wed, 29 Aug 2018 08:46:03 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:60495) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fuzp9-0006PJ-0S for qemu-devel@nongnu.org; Wed, 29 Aug 2018 08:43:52 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fuznl-00031T-An for qemu-devel@nongnu.org; Wed, 29 Aug 2018 08:42:28 -0400 Received: from mail-eopbgr40138.outbound.protection.outlook.com ([40.107.4.138]:19424 helo=EUR03-DB5-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fuznl-0002zG-1A for qemu-devel@nongnu.org; Wed, 29 Aug 2018 08:42:25 -0400 Received: from vp-pc.sw.ru (185.231.240.5) by DB7PR08MB3611.eurprd08.prod.outlook.com (2603:10a6:10:4a::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1080.17; Wed, 29 Aug 2018 12:42:23 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtuozzo.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ckweS43SNqDNmsQtVP1aDLlDzG8i8zi/9xVwmlB4KEI=; b=iGWntMyieJ9GkBZ9WjGhhnP9wTweSGjV/6b8nf3F45MpIf4Vunpf3qxapjUId5uILSaiNF6x6UyZqWj88NwKIhadOQdv5wFqIBmqFT7/ud92y1HNlBwv5XYnKDddHBOEP3oN4qiAx6dEQjLEiLPIdtNdruqkgreQQtg0vHW2Dig= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=viktor.prutyanov@virtuozzo.com; From: Viktor Prutyanov To: qemu-devel@nongnu.org Date: Wed, 29 Aug 2018 15:41:26 +0300 Message-Id: <1535546488-30208-4-git-send-email-viktor.prutyanov@virtuozzo.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1535546488-30208-1-git-send-email-viktor.prutyanov@virtuozzo.com> References: <1535546488-30208-1-git-send-email-viktor.prutyanov@virtuozzo.com> MIME-Version: 1.0 X-Originating-IP: [185.231.240.5] X-ClientProxiedBy: AM5PR0102CA0003.eurprd01.prod.exchangelabs.com (2603:10a6:206::16) To DB7PR08MB3611.eurprd08.prod.outlook.com (2603:10a6:10:4a::13) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 1aba4bc5-30a9-4d89-d471-08d60dacde8d X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989137)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:DB7PR08MB3611; X-Microsoft-Exchange-Diagnostics: 1; DB7PR08MB3611; 3:yvtvf8XEJW6gRcZC6I6P0vubzT4Tc0yO0BFPO+vhU2Jc33r2prSn3vf0cHvrBC4ggCJAck7sRrya+uvq2K7ebpVdO2cRVCi7g4tBTy6jv4eoZoI6+7FtTEDZPh3s9cnPYklHPIzypN3mAElBvjL+IXQT6Hz0lo2RLWPhMkxOTMki+HpjH7xpyJzxy17RHdq62KBMBhjkg+NyULqOL2h8yj2Xo9LEucKrIoZC59Tv4qrdp/kIcjJtAZaBmsDr4lOa; 25:pTXOzC8Kh5CzkI7VoCcsRhfKH22kp7aBrrWMoilU0UBbHal0lF0sgGBcSgQcgL1wemSxeDPThMy01GaF1UOpv/+Xs9kHl0/sRPqhghs1HwDApo6G4NQ/VC33J2pOtmjnUF+0U1P6Kp4B19DA9jB2oA4tqRx41t+fvzK0pykHK9CArichy3Evw4fsIg8hP7EnsogtzkMTf3jd42PTNa9auoIwQpMbRjRZrpESkGCvjU1BFc5mI+pE1i8+2lq3xxmiC+RBt/yhGZNcHHS/NsNmKffgJZWA7WByiU5+TZvgBf6nNwjzSaTN53/OSI9gEGoByjlL0DCJaYW72/lpP+mkyA==; 31:TWs2IDoH1vQU2cNo283wZcn1rU83a78mSBZA1X4NUsmlB24E6FzkLlFn5oOa0gssFFCDSBIQRN9X3kaBB/xQFp+mn8kQV6kV1E/ukGULMvh9g1lY7Z3bgVowKMyda6MxcQFY3Yp5SDuUWh6lD9rJL2Szurrp6qZ0OWfOxIS0vJ56hnyQ6uujnI0PahFimDF3yRvO4xrQzcyx198q6HqU7pZo54b+fz7BT9NqCz0uoP0= X-MS-TrafficTypeDiagnostic: DB7PR08MB3611: X-Microsoft-Exchange-Diagnostics: 1; DB7PR08MB3611; 20:VVEsx9m6oCkmdYPOC1ICXwj6Gckl4sOr2BeW5GFWrf5BCLD8llnK35303U/MPXVs5vcu9e53NLUWz2DugBKwHxoMTAM8C16RcfmgZzhIqrc7rpeuB8TXkaOMI0b8lLTjxnKaI21E7CSv33DxLTIG8WiAZE8gxImtCQ7BtD1opPoG7lTK8wLhsGq1Q869NJwkK53k0L3fUGJPuhJz/yEsv0/J4dA+W/cZsU/HKPNL7c2ZM9+I2gdi1BLamHo18ajEuBvkc+cckua6o81vt//DW6TuoEQBIaSQNpRFUkm4FR+sKNQ0+YD7U89EyH0IRQ370XeFilPilEGqd6jsCJ4CCsQayEBE3TTTVC/GvarINqDk+DqSbdfNkGmix0WVnqqy6w4qSXcpIOF4KJvmjC/l4/3ws4XyRsFR0NQtMJ41Dj5ectJ9I2rmtCsxpmoBUVSKa5k/xNMZ8lvSzG8FdX2SIFLuWCcLv9JAtdG37coHznvsD326cp6PveiDBkWNr356; 4:suQyiv6y4/5HikdEu4Z6ln5Tj3xNro8VEVMl0ysptFSHRSAgTrG4wjiWyi+JjyBE64KLmgkKc8eDh+bqver7jz5HU6zzILm8+MnLUOq6XMXB1YSwM0UXTnI86kN8JWkngaUpqe7xBVv4DobK7KjIcs6J3YiO8ism9UXSM67SxoO2hBk0MadhhcnSVof3/YLG/nkfcDOYziBcJKYRKr3SYc0Yt7CT1G1B4E+q4I0X82k3I7KRXIsBDduyV6BgMx7CJqEKxfuIFZqpU/j5b7Lz7Q== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(3231311)(944501410)(52105095)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123562045)(20161123560045)(20161123564045)(201708071742011)(7699016); SRVR:DB7PR08MB3611; BCL:0; PCL:0; RULEID:; SRVR:DB7PR08MB3611; X-Forefront-PRVS: 077929D941 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(39840400004)(396003)(136003)(346002)(376002)(366004)(189003)(199004)(51416003)(97736004)(14444005)(5660300001)(105586002)(50226002)(25786009)(76176011)(4326008)(386003)(6506007)(6512007)(68736007)(53416004)(6486002)(2906002)(52116002)(69596002)(53936002)(107886003)(8676002)(36756003)(81156014)(48376002)(8936002)(50466002)(16586007)(956004)(81166006)(2361001)(6916009)(446003)(478600001)(2616005)(11346002)(86362001)(3846002)(486006)(26005)(186003)(316002)(16526019)(476003)(305945005)(106356001)(47776003)(66066001)(6116002)(44832011)(2351001)(7736002)(16060500001); DIR:OUT; SFP:1102; SCL:1; SRVR:DB7PR08MB3611; H:vp-pc.sw.ru; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: None (protection.outlook.com: virtuozzo.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DB7PR08MB3611; 23:Bynj4FCkYRCeCQSi8WlGPL7qO7N6enUfI9G0k5OC8?= =?us-ascii?Q?7oOJTnD0sBkkzDgKtYDRUQAXbx+6skL6WQPS9EPKoOcPjJrU1Fui7fzBxUIK?= =?us-ascii?Q?XQLjliBP6i5bfoQCjwq/ABIFCAygdC7GSlGYpjfwcotdC2C/Fr0h3h1TniHF?= =?us-ascii?Q?ZZrGgkOVdh5mJKPMkB6iYtGHGrdC5ZPrOWihLPr9AJGyx7RFxvV36JF+i6R5?= =?us-ascii?Q?CjIunIyYBdeNQ3ZDzMDSIu49CG+btqbAN10WWGawfFEwpiHukwxTLc/bHgXw?= =?us-ascii?Q?i4ERbU0e9FVsqJY4b0ccI95qGqG+gTF/HhQRuhiLbW5uOkQmlh5uSUdifpxl?= =?us-ascii?Q?qRYMZagHc4m2z/TGoBQR1cboxzT4g7x9lfk7tqGXhmOrUls6dhVDrqHLRcxV?= =?us-ascii?Q?30AQMl2tqrtJ7vbJbfNqjV8oyj4f9Alba4bOCK2E7jiX4oJDTwSKzp6VQdhK?= =?us-ascii?Q?CKaoc8nd2sskXR1zp3abOZMV1qJTCjqT9kfbIf64TFSpm7atE3cPe7/tRrRX?= =?us-ascii?Q?A3t5uKM4ctfwIXtLlF6yjERkULPKKtC6IW4I//lqGGetNTJ7NisY+eWJbTMM?= =?us-ascii?Q?EsS6XjldMZgOWZD0Gr+IIV8mHw6LLg9NAwDdV4Z5pBROgD1C2B25qKexdkov?= =?us-ascii?Q?3uJOy52+8UzoTKdoQlkmLQIqujV7My/uxnhVRjd+9A+igqd4s5vTqT/cVc9n?= =?us-ascii?Q?OiE04kD7XTPsrCAnVM//dCGJMc1QBIlahFNypyDSu9yEz3Mcvbo45lEBTfTO?= =?us-ascii?Q?OR3d7oc0CiLy/jDEEDrqDHQDxLUjGKkhP4SDI7ZnW8+3YMtE/85FH6pRHCx+?= =?us-ascii?Q?ACNSzpxibdu0k8JOOe+1Wqs6Jw0xx/HEO/f0PC5D6XlqpMAhglhVuNU/mgUI?= =?us-ascii?Q?cKw+GRfo6RIVGQNtJa8LeAE74ayujUAmvKyimywp3cjII95aS2VeYNuROPHU?= =?us-ascii?Q?r/dhe1DECUaOfjp1kaE/8tV5ac+DjcilFP2Iu8Q8j45qDT+kmRkU+ZQG0xuA?= =?us-ascii?Q?TnLGqp5YhJwIK6ITpEUbLeyOY51RlWEZYotYKyoQjAVm+uizHFsksaeVfhId?= =?us-ascii?Q?qs2/EHv6NK3QuxK1DRiSIH3tSDxgA49r6yJi6rgRLO2Hy/KvgUb1Sz3KUAVC?= =?us-ascii?Q?0LLzJG8dTxR7ro/a5RxaFP7rlR9jgWP+hk/Hhthdwf+qNSzg7ae8VCeTUgeX?= =?us-ascii?Q?x4QIFwMiYhJbH0H2pwG9ZqXsBzxGgiYzs8ytKe/v1k0zRXTlDZ5oRBNT8eH4?= =?us-ascii?Q?qcbFJQiBqu04SpvXu1gMoJUq5GmJ234jo2QPIy11dOUsDkXk1arvrYuKpqiT?= =?us-ascii?Q?ovopxUTFHyUPeB9PCpzHI0=3D?= X-Microsoft-Antispam-Message-Info: c3bG2LhgX1xxdDzRaTI2yf/VN1y/CXCVxJq7NT6DhCEE2IF9pjuSjgeCMpG7BstIbmpzQrpBhGLwUPgIix1p6mPipUJylzlX2mP6LmtTtr0cSFlpG1Z+MrwdwmxwpIRuC3Jy6nwd6qKe2RTyn5QcwokOfcGoQOimu6iIdZetc8UNKosMjJ7hxk+t0pUQ05F6MQ4mgYZrqBJ5rBhcEDRAyud+ZamJpT7sUk5nr6ZaNqdh7gnn8LrheW/2LwMysgrFEr/mzpUeM9P4LMr4ghHb5HtNN1M+wG15xtOK2o5Cm8r7E9lTvh3d4jyAz2blFXOMevLEJI+FxvCTJND8iJ/T8HBfjiH3G+EJix/g7UIHO6g= X-Microsoft-Exchange-Diagnostics: 1; DB7PR08MB3611; 6:+hYLn/c2BodUSB7rC1TMAP+TZ6La0mGDUk4HlULNAUgZR8J6ppKNYsKsHIVipRsZz9l1e5tQrcnj7T3rMNhrLWatwAmqS15MSt76Grrpiac8Mgy8n78h0B+J4ABnWEB/F4kHx0rzpy56axxvV4cPHRe7F0UR8AVyv59riVtA300e5VCMPN0JwiR+BEmjdBfqtOALmXxs157XQj9SGBQ3b4ll/j8o5EQgNXB8kQFefrzhcQeVIjnbL0BpsgCNzlELMWu1xqCkPkqqiDrhUZxHwjfOnS6FNoSYqk8h8hF9+uaxfZAegO1PU3VmYO3/6CbnkN23ocr3Olc1c0TZpIhK7ubF9JiR+cvRA2yai+oWb8MYaRMO8akHeJKIx6cc0drk6h7lakLSPIv+PBNmbJmjxmd6ZOvO4XOPZwgyrs2CHbBgUiXQHYn0lGqXorjC83x834l1db6tRPGShHGZ+0Z8Mw==; 5:JE+KZ0xMtSiVgQkIh/1ZedTJtmt242Xnlw43PVEd1T2Q9j6662knRzNIwPZRw2ulVrxj6QBradKYPBrckH0SAe6i06NwIMsUGDWNgmFYjw08ZhF23YEfBiDKrVHWiF6n9yByz3Lz2Hx2YqKn8OLitbtDZTpgxoEyLdjqfUr3r5g=; 7:IBrFtqI5C47W1oJef02TmaV+7+7JJlpD4cvOPi/pcoc/03PoExWxM/S0cmVW6g4X3pobS8qIVI3MJADivspd9G5cncBP0s9bUFXbjEjdjbSc8rAjJU6X4OfTJSHf4BlL/JuyGg3Qxqno03pjl4QahttnBma6gnkOIbZ+Um3mIdjZGZf+vH7wlnP/kcewW+6iutRM/bFWQNp7AYU6qq2I1/CWITtlPt1E2acy/z7H8ZzFTFV7Zgber3k0BRNEJKQQ SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DB7PR08MB3611; 20:hJdPZW8MSxbbziQo3omkj9D58QteQix9sz/6p6uLcLMQtfh2R5fZWaCTEgU/kK3uN6LoY6bI6FoIslqB30cW743AxKRVpPvWd8UruGOAOsMYzsk++t+nZIuWTJOSrmIMShQWHnzQ7LVpszDkKGtNLDgL8pREgYIlmvONqDmzmPk= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Aug 2018 12:42:23.2314 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1aba4bc5-30a9-4d89-d471-08d60dacde8d X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR08MB3611 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 40.107.4.138 Subject: [Qemu-devel] [PATCH 3/5] contrib/elf2dmp: improve paging root selection X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: viktor.prutyanov@phystech.edu, armbru@redhat.com, dgilbert@redhat.com, Viktor Prutyanov , rkagan@virtuozzo.com, pbonzini@redhat.com, marcandre.lureau@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDMRC_1 RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Even if KERNEL_GS_BASEs are absent in QEMU CPU states, there is a chance to find suitable CR3 value from CPU which runs kernel task. Signed-off-by: Viktor Prutyanov --- contrib/elf2dmp/main.c | 56 +++++++++++++++++++++++++++++++++++++++---= ---- contrib/elf2dmp/qemu_elf.c | 16 +++++++++++-- contrib/elf2dmp/qemu_elf.h | 3 +++ 3 files changed, 65 insertions(+), 10 deletions(-) diff --git a/contrib/elf2dmp/main.c b/contrib/elf2dmp/main.c index eb11e66..62f08e0 100644 --- a/contrib/elf2dmp/main.c +++ b/contrib/elf2dmp/main.c @@ -188,17 +188,53 @@ static void win_context_init_from_qemu_cpu_state(WinC= ontext *ctx, *ctx =3D win_ctx; } =20 -static void fix_dtb(struct va_space *vs, QEMUCPUState *s) +/* + * Finds paging-structure hierarchy base, + * if previously set doesn't give access to kernel structures + */ +static int fix_dtb(struct va_space *vs, QEMU_Elf *qe) { - uint64_t Prcb =3D (s->gs.base >> 63) ? s->gs.base : s->kernel_gs_base; - void *prcb =3D va_space_resolve(vs, Prcb); + /* + * Firstly, test previously set DTB. + */ + if (va_space_resolve(vs, SharedUserData)) { + return 0; + } + + /* + * Secondly, find CPU which run system task. + */ + for (size_t i =3D 0; i < qe->state_nr; i++) { + QEMUCPUState *s =3D qe->state[i]; =20 - if (!prcb) { - va_space_set_dtb(vs, *(uint64_t *)va_space_resolve(vs, Prcb + 0x70= 00)); + if (is_system(s)) { + va_space_set_dtb(vs, s->cr[3]); + printf("DTB 0x%016lx has been found from CPU #%zu" + " as system task CR3\n", vs->dtb, i); + return !(va_space_resolve(vs, SharedUserData)); + } } =20 - assert(va_space_resolve(vs, Prcb)); - printf("DTB is 0x%016lx\n", vs->dtb); + /* + * Thirdly, use KERNEL_GS_BASE from CPU #0 as PRCB address and + * CR3 as [Prcb+0x7000] + */ + if (qe->has_kernel_gs_base) { + QEMUCPUState *s =3D qe->state[0]; + uint64_t Prcb =3D s->kernel_gs_base; + uint64_t *cr3 =3D va_space_resolve(vs, Prcb + 0x7000); + + if (!cr3) { + return 1; + } + + va_space_set_dtb(vs, *cr3); + printf("DirectoryTableBase =3D 0x%016lx has been found from CPU #0" + " as interrupt handling CR3\n", vs->dtb); + return !(va_space_resolve(vs, SharedUserData)); + } + + return 1; } =20 static int fill_header(WinDumpHeader64 *hdr, struct pa_space *ps, @@ -448,7 +484,11 @@ int main(int argc, char *argv[]) printf("CPU #0 CR3 is 0x%016lx\n", state->cr[3]); =20 va_space_create(&vs, &ps, state->cr[3]); - fix_dtb(&vs, state); + if (fix_dtb(&vs, &qemu_elf)) { + eprintf("Failed to find paging base\n"); + err =3D 1; + goto out_elf; + } =20 printf("CPU #0 IDT is at 0x%016lx\n", state->idt.base); =20 diff --git a/contrib/elf2dmp/qemu_elf.c b/contrib/elf2dmp/qemu_elf.c index f7b5ebd..d139db2 100644 --- a/contrib/elf2dmp/qemu_elf.c +++ b/contrib/elf2dmp/qemu_elf.c @@ -33,6 +33,11 @@ DIV_ROUND_UP((name_size), 4) + \ DIV_ROUND_UP((desc_size), 4)) * 4) =20 +int is_system(QEMUCPUState *s) +{ + return s->gs.base >> 63; +} + static char *nhdr_get_name(Elf64_Nhdr *nhdr) { return (char *)nhdr + ROUND_UP(sizeof(*nhdr), 4); @@ -76,13 +81,20 @@ static int init_states(QEMU_Elf *qe) return 1; } =20 + qe->has_kernel_gs_base =3D 1; + for (Elf64_Nhdr *nhdr =3D start; nhdr < end; nhdr =3D nhdr_get_next(nh= dr)) { if (!strcmp(nhdr_get_name(nhdr), QEMU_NOTE_NAME)) { QEMUCPUState *state =3D nhdr_get_desc(nhdr); =20 if (state->size < sizeof(*state)) { - eprintf("QEMU CPU state size %d doesn't match\n", state->s= ize); - return 1; + eprintf("CPU #%zu: QEMU CPU state size %u doesn't match\n", + cpu_nr, state->size); + /* + * We assume either every QEMU CPU state has KERNEL_GS_BAS= E or + * no one has. + */ + qe->has_kernel_gs_base =3D 0; } cpu_nr++; } diff --git a/contrib/elf2dmp/qemu_elf.h b/contrib/elf2dmp/qemu_elf.h index 2a28bb0..d85d655 100644 --- a/contrib/elf2dmp/qemu_elf.h +++ b/contrib/elf2dmp/qemu_elf.h @@ -31,12 +31,15 @@ typedef struct QEMUCPUState { uint64_t kernel_gs_base; } QEMUCPUState; =20 +int is_system(QEMUCPUState *s); + typedef struct QEMU_Elf { int fd; size_t size; void *map; QEMUCPUState **state; size_t state_nr; + int has_kernel_gs_base; } QEMU_Elf; =20 int QEMU_Elf_init(QEMU_Elf *qe, const char *filename); --=20 2.7.4