(1)使用virt-manager --trace-libvirt --debug可以输出virt-manager的调试信息。

Linux:~ # virt-manager --trace-libvirt --debug
[Thu, 22 Oct 2015 13:54:08 virt-manager 6124] DEBUG (cli:246) Launched with command line: /usr/share/virt-manager/virt-manager --trace-libvirt --debug
[Thu, 22 Oct 2015 13:54:08 virt-manager 6124] DEBUG (virt-manager:153) virt-manager version: 1.2.1
[Thu, 22 Oct 2015 13:54:08 virt-manager 6124] DEBUG (virt-manager:154) virtManager import: <module 'virtManager' from '/usr/share/virt-manager/virtManager/__init__.pyc'>
[Thu, 22 Oct 2015 13:54:08 virt-manager 6124] DEBUG (virt-manager:157) Libvirt tracing requested
[Thu, 22 Oct 2015 13:54:08 virt-manager 6124] DEBUG (module_trace:66) wrapfunc <function _dispatchEventHandleCallback at 0x7ff4391fc050> _dispatchEventHandleCallback
[Thu, 22 Oct 2015 13:54:08 virt-manager 6124] DEBUG (module_trace:66) wrapfunc <function _dispatchEventTimeoutCallback at 0x7ff4391fc0c8> _dispatchEventTimeoutCallback
[Thu, 22 Oct 2015 13:54:08 virt-manager 6124] DEBUG (module_trace:66) wrapfunc <function _eventInvokeHandleCallback at 0x7ff439251ed8> _eventInvokeHandleCallback
[Thu, 22 Oct 2015 13:54:08 virt-manager 6124] DEBUG (module_trace:66) wrapfunc <function _eventInvokeTimeoutCallback at 0x7ff439251f50> _eventInvokeTimeoutCallback


Linux:~ # virt-manager --trace-libvirt --debug > log.txt 2>&1

(2)通过virsh输出Guest OS日志:

Linux:~ # virsh
Welcome to virsh, the virtualization interactive terminal.

Type:  'help' for help with commands
       'quit' to quit

virsh # list
 Id    Name                           State
 0     Domain-0                       running
 3     sles11sp4-i686                 running

virsh # console 3
Connected to domain sles11sp4-i686
Escape character is ^]
[    0.000000] Reserving virtual address space above 0xf5800000
[    0.000000] Initializing cgroup subsys cpuset
[    0.000000] Initializing cgroup subsys cpu
[    0.000000] Linux version 3.0.101-63-xen (geeko@buildhost) (gcc version 4.3.4 [gcc-4_3-branch revision 152973] (SUSE Linux) ) #1 SMP Tue Jun 23 16:02:31 UTC 2015 (4b89d0c)


*NIX & Hacking —— 第10期



Some of git internals


A History of Linux Kernel Module Signing
Linux Kernel Hacking Talk


Using the KVM API


Linux Networking, Tracing and IO Visor, a New Systems Performance Tool for a Distributed World


Syscall table reference tool for several arch(Linux x86/64,ARM,IA64,Winx86/64,OSX BSD & more)


A vim Tutorial and Primer


A Primer on Disassembling Function Calls and Understanding Stack Frames in x86
Advanced x86: Introduction to BIOS & SMM

Easter Egg

Awesome Open Source Documents
Closing a door


libvirt提供了一个用来管理虚拟机的抽象层。它包含如下部分:一组C API;各种编程语言的绑定;一个daemon进程(libvirtd)和一个命令行工具(virsh)。结构如下图所示:




今天才知道SLES(SUSE Linux Enterprise Server)SLES SP(SUSE Linux Enterprise Server Service Package)是不同的版本,SLES相当于主版本(major version),而SLES SP则相当于基于主版本发布的小版本(minor version)。参见wiki百科

SUSE Linux Enterprise Server (SLES) is a Linux-based operating system developed by SUSE. It is designed for servers, mainframes, and workstations but can be installed on desktop computers for testing as well. Major versions are released at an interval of 3–4 years, while minor versions (called “Service Packs”) are released about every 18 months. SUSE Linux Enterprise products, including SUSE Linux Enterprise Server, receive more intense testing than the openSUSE community product, with the intention that only mature, stable versions of the included components will make it through to the released enterprise product. SLES 11 SP4 was released July 16th, 2015, which is developed from a common code base with SUSE Linux Enterprise Desktop and other SUSE Linux Enterprise products.


linux-6fj5:/ # cat /etc/issue

Welcome to SUSE Linux Enterprise Server 11 SP4  (x86_64) - Kernel \r (\l).

Linux kernel 笔记 (33)——“debugfs“简介


debugfs is a simple to use RAM-based file system specially designed for debugging purposes. It exists as a simple way for kernel developers to make information available to user space. Unlike /proc, which is only meant for information about a process, or sysfs, which has strict one-value-per-file rules, debugfs has no rules at all. Developers can put any information they want there.

debugfs是一个用于调试目的,简单的,基于内存的文件系统。kernel的信息可以输出到debugfs中,这样方便user space程序查看和使用。



mount -t debugfs none /sys/kernel/debug



Lua笔记(24)—— tonumber和tostring


> print("10" + 30)
> print(10 .. 30)


> print(tonumber("10") + 30)
> print(tostring(10) .. tostring(30))



> print(type(10 .. ""))



(1)Binary writing

Binary writing has the nice benefit that it allows most of the virtual environment to run in userspace, but imposes a performance penalty.
The binary rewriting approach requires that the instruction stream be scanned by the virtualization environment and privileged instructions identified. These are then rewritten to point to their emulated versions.

Binary writing的核心之处在于把privileged instructions重写。


Rather than dealing with problematic instructions, paravirtualization systems like Xen simply ignore them.

If a guest system executes an instruction that doesn’t trap while inside a paravirtualized environment, then the guest has to deal with the consequences. Conceptually, this is similar to the binary rewriting approach, except that the rewriting happens at compile time (or design time), rather than at runtime.

The environment presented to a Xen guest is not quite the same as that of a real x86 system. It is sufficiently similar, however, in that it is usually a fairly simple task to port an operating system to Xen.

From the perspective of an operating system, the biggest difference is that it runs in ring 1 on a Xen system, instead of ring 0. This means that it cannot perform any privileged instructions. In order to provide similar functionality, the hypervisor exposes a set of hypercalls that correspond to the instructions.



Paravirtualization核心之处在于hypervisor提供hypercallsGuest OS,以弥补其不能使用privileged instructions

(3)Hardware-Assisted Virtualization

Now, both Intel and AMD have added a set of instructions that makes virtualization considerably easier for x86. AMD introduced AMD-V, formerly known as Pacifica, whereas Intel’s extensions are known simply as (Intel) Virtualization Technology (IVT or VT). The idea behind these is to extend the x86 ISA to make up for the shortcomings in the existing instruction set. Conceptually, they can be thought of as adding a “ring -1” above ring 0, allowing the OS to stay where it expects to be and catching attempts to access the hardware directly. In implementation, more than one ring is added, but the important thing is that there is an extra privilege mode where a hypervisor can trap and emulate operations that would previously have silently failed.

IVT adds a new mode to the processor, called VMX. A hypervisor can run in VMX mode and be invisible to the operating system, running in ring 0. When the CPU is in VMX mode, it looks normal from the perspective of an unmodified OS. All instructions do what they would be expected to, from the perspective of the guest, and there are no unexpected failures as long as the hypervisor correctly performs the emulation.

A set of extra instructions is added that can be used by a process in VMX root mode. These instructions do things like allocating a memory page on which to store a full copy of the CPU state, start, and stop a VM. Finally, a set of bitmaps is defined indicating whether a particular interrupt, instruction, or exception should be passed to the virtual machine’s OS running in ring 0 or by the hypervisor running in VMX root mode.

Hardware-Assisted Virtualization(也称之为HVMHardware Virtual Machine),可以运行unmodified OS,其核心之处在于CPU层面提供了新的privilege mode和指令集来支持虚拟化。

The Definitive Guide to the Xen Hypervisor

Linux kernel 笔记 (32)——“make“和”make modules“


After the kernel configuration is set—however you do it—you can build it with a single command:
$ make
Unlike kernels before 2.6, you no longer need to run make dep before building the kernel—the dependency tree is maintained automatically.You also do not need to specify a specific build type, such as bzImage, or build modules separately, as you did in old versions.The default Makefile rule will handle everything.

也就是在2.6版本以后的Linux kernel中,执行makemake all命令即包含了make modules。也可参加这个帖子