On 24/04/2019 20:11, Mathieu Tarral wrote: > On Wednesday 24 April 2019 16:27, Nuernberger, Stefan <s...@amazon.de> wrote: > >> On Sun, 2019-04-21 at 22:26 +0000, Mathieu Tarral wrote: >> >>> Hi, >>> I'm having an issue with Xen's VMI subsystem. >>> My goal is to build a small debugger that can break at an >>> application's entrypoint >>> on Windows XP, when a new process is being created. >> There was an announcement a while back on this list of a more modern >> xen debugger for VMI purposes. Maybe you are more lucky with that one? >> >> https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/ja >> nuary/xendbg-a-full-featured-debugger-for-the-xen-hypervisor/ >> >> https://github.com/nccgroup/xendbg >> >> (I have not yet tried it, though.) > Yes, I heard of it via Tamas. > I actually contacted the developer and tried to see how we could work > together on the same project. > > He likes the idea of being hypervisor-agnostic, and being built upon an > abstraction layer. > > The reason he chooses not to use LibVMI was because of the lack of support > for Xen PV guests, IIRC.
The lack of support for PV guests is (amongst other things) a side effect of the vm_event ring registration API being HVM-specific. There is ongoing work from Bitdefender to move to a completely different mechanism which would be compatible with PV guests, after which basic support for breakpoints/etc ought to be easy (although PV guests will never be as fully featured as HVM guests, seeing as some of the VMI options are specific to using hardware non-root mode support). ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
