I'm reading the VProbe documentation, but consider only virtual machines instrumentation. Can i instrument the ESXI hypervisor, in order to intercept calls from/to VMkernel?
What are you looking to do? If you share some details or an example, perhaps someone can help.
Hi virtualirfan, for example, in the context of esxi hypervisor, i need to intercept all driver API (vmklinux or native) calls related to a read/write syscall. Is it possible?
You have to know the entry function name if it's a standard vmkernel function. Might also work for a VMware driver. Are you the driver author? If so, look at the VMware driver guide on how to inject your driver symbols in.
To trace a function, do this:
$ vprobe -t World_Switch
Enter: World_Switch
Enter: World_Switch
Enter: World_Switch
Exit: World_Switch retval = 0x41221d265000
Exit: World_Switch retval = 0x412241ce5000
Exit: World_Switch retval = 0x412214925000
Let me know if you need more.
Thanks a lot! I'm not a driver author. Where can i find that VMware driver guide? Is it possible, for example, to probe function calls related to a specific context, e.g. storage subsystem? Finally, vprobe allows to read (or maybe write) target variables at function entry point?