Re: [GIT PATCH] more Driver core patches for 2.6.19

[James Courtier-Dutton]

Duncan Sands wrote:
> > I'm really not convinced about the user-mode thing unless somebody can 
> > show me a good reason for it. Not just some "wouldn't it be nice" kind of 
> > thing. A real, honest-to-goodness reason that we actually _want_ to see 
> > used.
>
> Qemu?  It would be nice if emulators could directly drive hardware:
> useful for reverse engineering windows drivers for example.
>
> Duncan.

I have reverse engineered many windows drivers, and what you suggest is 
not at all helpful. For reverse engineering, one wants to see what is 
happening. I.e. capture all the IO, MMIO and DMA accesses.
Your suggestion bypasses this possibility.
For reverse engineering windows drivers, one puts breakpoints in the 
HAL.DLL code or replaces the HAL.DLL code with a debugging version of it 
 while actually running windows.

Your approach runs into problems.
e.g
There is a register on the card that sets the DMA base address, but you 
don't know which register this is. If you let the driver inside QEMU 
write to this register, it will write values suitable for the Virtual 
machine instead of values suitable to for host OS. The DMA transaction 
will write all over the wrong memory location resulting in CRASH.

One might be able to get round some of these problem with a combination 
of QEMU and a hacked up HAL.DLL, but it will be complicated.

James

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/