Vmmap
kernel_vmmap_mode = pwndbg.config.add_param('kernel-vmmap', 'page-tables', 'the method to get vmmap information when debugging via QEMU kernel', help_docstring="kernel-vmmap can be:\npage-tables - read /proc/$qemu-pid/mem to parse kernel page tables to render vmmap\nmonitor - use QEMU's `monitor info mem` to render vmmap\nnone - disable vmmap rendering; useful if rendering is particularly slow\n\nNote that the page-tables method will require the QEMU kernel process to be on the same machine and within the same PID namespace. Running QEMU kernel and GDB in different Docker containers will not work. Consider running both containers with --pid=host (meaning they will see and so be able to interact with all processes on the machine).\n", param_class=pwndbg.lib.config.PARAM_ENUM, enum_sequence=['page-tables', 'monitor', 'none']) module-attribute ¶
monitor_info_mem_not_warned = True module-attribute ¶
QemuMachine ¶
Bases: Machine
file = os.open(f'/proc/{self.pid}/mem', os.O_RDONLY) instance-attribute ¶
pid = QemuMachine.get_qemu_pid() instance-attribute ¶
__del__() ¶
__init__() ¶
get_qemu_pid() staticmethod ¶
read_physical_memory(physical_address, length) ¶
read_register(register_name) ¶
search_pids_for_file(pids, filename) staticmethod ¶
kernel_vmmap() ¶
kernel_vmmap_via_monitor_info_mem() ¶
Returns Linux memory maps information by parsing monitor info mem output from QEMU kernel GDB stub. Works only on X86/X64/RISC-V as this is what QEMU supports.
Consider using the kernel_vmmap_via_page_tables method as it is probably more reliable/better.
See also: https://github.com/pwndbg/pwndbg/pull/685 (TODO: revisit with future QEMU versions)