For my thesis work I study virtualization and I was interested in trying out the vmitools project with a Windows 7 guest. Unfortunately I found the installation instructions a little difficult but I eventually muddled my way through. Below are my instructions but comment up if you need any clarifications!
- Install Ubuntu 12.04.
- Install Xen.
There are very good instructions by David Euler on his tutorial Setup your cloud server in 3 minutes with Xen 4.1 on Ubuntu 11.10. - Download and compile vmitools from git.
I checked out the version from the git repository as it seemed more current and adequately stable. The installation instructions in the README were mostly correct but I had to install a few extra packages:
sudo apt-get install automake libtool checkThe basic procedure was what you might expect:
./autogen.sh
./configure
makeI didn’t install the tools and this seems fine for now. - Create a Xen guest with whatever Windows OS you want.
The Ubuntu supported Virtual Machine Manager GUI is fantastic and I didn’t need instructions. I used Windows 7 SP1 and named it win7-i386-xen. This name is important for later so make sure you don’t use any weird characters that don’t work easily with your shell. - Collect the configuration constants.
This is where I was in the weeds for a few whiles. There are many methods for getting the offsets but I found using WinDbg to be the quickest. I would have preferred to use the scripts included in the git repo but I couldn’t get them to work nearly as fast.
Install WinDbg using the instructions here.Turn on debug in your Windows 7 instance that you installed in step 4. One easy way to do this is to turn on the guest, open a cmd prompt with administrative privileges, and typebcdedit /set debug on
Then reboot.
Open WinDbg and create a local debug session as shown here. Make sure you open WinDbg with Administrative privileges (on the right click menu) or else this won’t work!
Configure the WinDbg symbol stores (File->Symbol File Path), make sure to select reload:
srv*C:\symbols*http://msdl.microsoft.com/downloads/symbols
Dump the EPROCESS table and record the entries for UniqueProcessId and ActiveProcessLinks.
dt _eprocess
For me UniqueProcessId was oxb4 and ActiveProcessLinks was 0xb8. Reload the symbol store (!reload) if this doesn’t work.
Dump the KPROCESS table and record the entry for DirectoryTableBase.
dt _kprocess
For me DirectoryTableBase was ox18.
Create the configuration file in ~/etc/libvmi.conf, substituting my values with the values you just recorded and the name of the vm you created in step 4:
win7-i386-xen { ostype = "Windows"; win_tasks = 0xb8; win_pdbase = 0x18; win_pid = 0xb4; } - Create the libvmi configuration file.
Create the configuration file in ~/etc/libvmi.conf, substituting my values with the values you just recorded and the name of the vm you created in step 4:win7-i386-xen { ostype = "Windows"; win_tasks = 0xb8; win_pdbase = 0x18; win_pid = 0xb4; } - Test the installation with the process list example.
cd your host command line into in the vmitools/examples directory. Then run:sudo ./process-list win7-i386-xen
You should get a list of active process id’s in the guest. You can verify these by opening the Windows Process Explorer (ctrl-alt-delete in the Virtual Machine Manager GUI Send Key menu) and you may need to view->select columns and select “pid” in the Process Explorer.
CONGRATULATIONS! If you made it this far you probably deserve a big cup of coffee. I hope that this was helpful. If it was, please let me know below.
Links:
One Response to vmitools Setup Instructions