Hi Joanna, On Fri, Aug 31, 2012 at 10:54 AM, Joanna Rutkowska <joa...@invisiblethingslab.com> wrote: > Thanks Jon. I have had a few moments in my life when I really wished I > had access to such a CPU debugger, but ultimately never bought any ;)
I really only used it when I didn't know what I was doing, e.g., I had never manipulated a GDT or page tables before. It's such a painful debug cycle that it is soundly in the Plan B category. Plan A is to make small changes and test often. :) I keep telling myself that I'm going to add SKINIT / SENTER support to QEMU, but have never been able to make time. To the best of my knowledge these are still unimplemented there. > BTW, do you remember if that interposer allowed you to actually read the > CPU caches explicitly, e.g. even in case the Cache-As-Ram was enabled? It did allow reading caches, but I never tried it so early in the boot cycle as to confirm anything for cache-as-RAM. I would expect that it should work, but again, untried. If you've had success entering cache-as-RAM after the OS has already booted, I would be extremely interested in learning about that. :-) Cheers, -Jon ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
