flat assembler
Message board for the users of flat assembler.

Index > Projects and Ideas > See-thru emulator for reverse engineering/OS debugging?

Author
Thread Post new topic Reply to topic
Artlav



Joined: 23 Dec 2004
Posts: 188
Location: Moscow, Russia
Artlav 11 Feb 2010, 17:54
I just got a random idea - have anyone tried to make an x86 emulator, like Bochs, that runs on bare hardware and passes all i/o to the host and back while running a guest OS?

The code itself will occupy a block at the end of physical RAM, hiding it from the emulated os, that runs in actual memory. You can connect a debugger to it thru a serial port, or something, and stop or break the execution at any point, or log the io ports activity. That can be used for reverse engineering vendor hardware drivers, or just for OS debugging.

What kind of problems could there be?
I tried the concept successfully with VESA bios calls from custom PM OS, at least for that the speed does not matter. What about other hardware? Would it stand slow I/O?
Any architectural show-stoppers?

And, most importantly, was it done before, and does anyone need something like that?
Post 11 Feb 2010, 17:54
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20445
Location: In your JS exploiting you and your system
revolution 11 Feb 2010, 18:33
There are lots of emulators and VMs available. If you want to start a project in asm then that would be good. But if you are looking for a ready solution then why does Bochs not do what you want? What do you need extra?
Post 11 Feb 2010, 18:33
View user's profile Send private message Visit poster's website Reply with quote
Artlav



Joined: 23 Dec 2004
Posts: 188
Location: Moscow, Russia
Artlav 11 Feb 2010, 18:45
Because, Bochs runs in an OS.
I'm talking about an emulator that runs on nothing but bare hardware, and emulates nothing but the CPU.
I'm thinking of starting a project, and checking for reinvented bicycle scenario.
Post 11 Feb 2010, 18:45
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4624
Location: Argentina
LocoDelAssembly 11 Feb 2010, 19:00
Artlav, you probably want to check Nouveau, they have some tools to do hardware tracing.
Post 11 Feb 2010, 19:00
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20445
Location: In your JS exploiting you and your system
revolution 11 Feb 2010, 19:07
If you need to eliminate the OS the perhaps the way to go is to use a hypervisor. That way you can partition your memory so that the OS can't see or change your code and data.
Post 11 Feb 2010, 19:07
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.