> -----Original Message----- > From: kvm-owner@xxxxxxxxxxxxxxx [mailto:kvm-owner@xxxxxxxxxxxxxxx] On > Behalf Of Raindog > Sent: Tuesday, December 15, 2009 2:25 AM > To: kvm@xxxxxxxxxxxxxxx > Subject: debugging windows guests > > Hello, > > I am researching KVM as a malware analysis platform and had some > questions about debugging the guest OS. In my case I intend to use > windows guests. So my questsions are as follows: > > Questions: > > 1. What instrumentation facilities are their available? [YV] http://www.linux-kvm.org/page/WindowsGuestDrivers/GuestDebugging > > 2. Is it possible to extend the debugging interface so that debugging > is > more transparent to the guest OS? IE: there is still a limit of 4 HW > breakpoints (which makes me wonder why a LIST is used for them...) > > 3. I'm not finding any published API for interfacing with > KVM/KQEMU/QEMU > at a low level, for example, for writing custom tracers, etc. Is there > one? Or is there something similar? > > > Bugs: > > 1. I hit a bug w/ instruction logging using a RAM based temp folder. If > I ran w/ the following command line: > (Version info: QEMU PC emulator version 0.10.50 (qemu-kvm-devel-88)) > > qemu-system-x86_64 -hda debian.img -enable-nesting -d in_asm > > It would successfully log to the tmp log file, but obviously, KVM would > be disabled. > > If I use sudo, it won't log to the file, is this a known issue? > > 2. -enable-nesting on AMD hardware using a xen guest OS causes xen to > GPF somewhere in svm_cpu_up. Is nesting supposed to work w/ Xen based > guests? > > > -- > To unsubscribe from this list: send the line "unsubscribe kvm" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
