Re: Setting hardware breakpoints in guest OS

[Avi Kivity <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>]

duck-j34lQMj1tz/QT0dZR+AlfA@public.gmane.org wrote:
> Can hardware breakpoints be set (and trapped, and handled) inside a guest
> OS (specifially Windows XP2)?
>
> I noticed the other day that software (malicious code, in fact) packed with
> the EXE compressor PELock won't run under QEMU+KVM. I guessed that this was
> because h/w breakpoints aren't being trapped. (The PELock incarnation used
> in this case relies on SEH and H/W breaks -- verifying that they take place
> correctly -- in its decryption code in order to try to make it harder to
> extract the original content from packed files.)
>
> A quick try with OllyDbg suggested that I wasn't able to provoke hardware
> traps in my own code, either. Olly allows me to specify a H/W breakpoint
> but I never seem to get control back at the desired address. INT 1 and INT
> 3 debugging work just fine (i.e. tracing and software breakpoints).
>
> Is this "one of those things" to do with virtualisation? QEMU+kqemu handles
> PELock files just fine.

While we tried to make debugging inside the guest work, this was never 
really tested, so it's likely broken.  I'll try to look at what it will 
take to make it work; I don't think there's much needed.

What hardware are you using?  If you have both AMD and Intel hardware, 
you might have better luck switching, since this is very subarch dependent.

-- 
Any sufficiently difficult bug is indistinguishable from a feature.


-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace