On Thu, 6 Jul 2006 16:46:40 -0400
Daniel Serpell <address@hidden> wrote:
> But there is a way to detect virtual machines under x86, see
> http://invisiblethings.org/papers/redpill.html
>
> But if you run qemu without direct instruction copying, it won't
> work (and qemu will run slower), because qemu will correctly
> emulate the unprivileged instructions.
Out of interest, sidt returns limit:base 07ff:c0372000 on my
host, and 07ff:f0050000 on a linux guest with kqemu, and 07ff:c04b5000
on the same linux guest without kqemu, which illustrates the point.
I used the following code:
#include <stdio.h>
int main(int argc, char **argv) {
unsigned char idtr[6];
__asm__ ("sidt %0" : "=m" (*&idtr));
fprintf(stdout,
"IDTR: limit %2.2x%2.2x base %2.2x%2.2x%2.2x%2.2x\n",
idtr[1],idtr[0],idtr[5],idtr[4],idtr[3],idtr[2]);
}
which doesn't need executable heap (my kernel is PaX-enabled), unlike
the redpill version, but is gcc-specific.
--
Kevin F. Quinn
_______________________________________________
Qemu-devel mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/qemu-devel