Spent the night trying various inline assembly to attempt to detect when my application is running within a VM.
Couple of things to note: the web is full of really bad and really ***WRONG*** example code from people thinking they're being crafty. Some code is of course geared towards just Windows + VMWare, but there is a surprisingly large amount of example code calling things like SIDT and SGDT with just 2 bytes to store the result. I may not be an assembly programmer, but it doesn't take much Googling at AMD and Intel's sites to see that even at best-case when running in i386, it needs at least 6 bytes, while in AMD64 you'd need 10 bytes. I'm guessing things have progressed in the last few years, where some of the VM detection example code that made headlines when they were first discovered no longer applies...or perhaps only ever applied to VMWare? Things I tried include: - SIDT (aka "red pill" and "snoopy_doo") - SGDT (upper byte always 0xff for me, whether native or in VirtualBox) - SLDT (always returns zero for me, whether native or in VirtualBox) - STR (always returns 0x0040 whether native or in VirtualBox) I'm worried the only "solution" (and I use the term lightly) is to do something crazy like walking the PCI table or the DMI BIOS information looking for certain strings. Can someone recommend something better? Thanks in advance, Stéphane _______________________________________________ vbox-dev mailing list [email protected] http://vbox.innotek.de/mailman/listinfo/vbox-dev
