Feasibility Study of Building a User-Mode Native Windows NT VMM
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Binary and Hexadecimal
Binary and Hexadecimal Binary and Hexadecimal Introduction This document introduces the binary (base two) and hexadecimal (base sixteen) number systems as a foundation for systems programming tasks and debugging. In this document, if the base of a number might be ambiguous, we use a base subscript to indicate the base of the value. For example: 45310 is a base ten (decimal) value 11012 is a base two (binary) value 821716 is a base sixteen (hexadecimal) value Why do we need binary? The binary number system (also called the base two number system) is the native language of digital computers. No matter how elegantly or naturally we might interact with today’s computers, phones, and other smart devices, all instructions and data are ultimately stored and manipulated in the computer as binary digits (also called bits, where a bit is either a 0 or a 1). CPUs (central processing units) and storage devices can only deal with information in this form. In a computer system, absolutely everything is represented as binary values, whether it’s a program you’re running, an image you’re viewing, a video you’re watching, or a document you’re writing. Everything, including text and images, is represented in binary. In the “old days,” before computer programming languages were available, programmers had to use sequences of binary digits to communicate directly with the computer. Today’s high level languages attempt to shield us from having to deal with binary at all. However, there are a few reasons why it’s important for programmers to understand the binary number system: 1. -
The First Attempt Our Next Attempt Conclusion
Dr. Henry Neeman, Director of Oscer Chris Franklin, Computer Science undergrad, IT employee Dr. Horst Severini, Associate Director for Remote & Heterogeneous Computing Joshua Alexander, Computer Engineering undergrad, IT employee What is Condor®? The first attempt ® Condor is a program developed by the University of Wisconsin to allow desktop computers to The initial solution we devised was to install VMWare® within a native Linux install, and then to install Windows inside VMWare®. The steps harness idle time to perform computationally intensive operations. See were: “http://www.cs.wisc.edu/condor/” for more information about Condor®. 1. Install Linux as the native host operating system Why do you need it? 2. Install Condor inside Linux 3. Install VMWare® inside Linux ® Condor® provides free computing cycles for scientific and research use, which extends current 4. Install Windows inside VMWare super-computing resources by adding additional computing time. We installed this solution on approximately 200 lab computers across OU’s campus during the summer of 2005. During testing, we noticed a significant performance decrease using Windows inside VMWare®. To alleviate this problem, we changed VMWare® to use raw disk mode. This mode significantly increased disk performance inside VMWare®. If this is so simple, why can’t I just install it? Once we deployed VMWare® in the labs, several more issues appeared: ® Most scientific and research programs are designed for Linux, but most desktops are running • CD/DVD Burning from inside VMWare did -
Virtual Environment for Ipv6 Analysis
Virtual Environment for IPv6 Analysis ____________________________ Ricardo Alexander Saladrigas Advisor: Dr. Anna Calveras Barcelona DEDICATION To my parents, for giving me opportunities of immeasurable value and supporting me and my farfetched ideas. To my near family, for their accumulated efforts of improving our collective life. And to Maria Alexandra Siso, Robert Baumgartner, Alyssa Juday and Marc Ramirez for keeping me sane. i ACKNOWLEDGMENTS I extend my gratitude to everyone that has made my work possible. I express my thanks to the communities of VirtualBox, StackOverflow, ServerFault and Ubuntu Help as well as the Reddit communities for Linux and Networking for answering all my technical questions in detail and without prejudice I would like to thank Dr Anna Calveras for her guidance and patience. ii RESUMEN Nuestro objetivo fue la creación de una red compuesta de máquinas virtuales conectadas de forma específica a través de interfaces virtuales y con una seria de protocolos pre configurados que permiten la fácil creación de túneles IPv6 y traductores IPv6 a IPv4. Esta red les permitirá a profesores y estudiantes analizar y observar trafico IPv6 real sin la necesidad de una red física. La red está compuesta de múltiples Máquinas Virtuales Ubuntu y una Máquina Virtual Windows 7. La red puede ser fácilmente instalada en un ordenador corriendo Ubuntu o una distribución basada en Ubuntu. Un USB arrancable fue desarrollado para usar la red en un ordenador sin la necesidad de una instalación o de un sistema operativo especifico. Todas las máquinas virtuales Linux pueden fácilmente ser controladas a través de una terminal sin necesidad de clave utilizando una serie de scripts. -
Exposing Native Device Apis to Web Apps
Exposing Native Device APIs to Web Apps Arno Puder Nikolai Tillmann Michał Moskal San Francisco State University Microsoft Research Microsoft Research Computer Science One Microsoft Way One Microsoft Way Department Redmond, WA 98052 Redmond, WA 98052 1600 Holloway Avenue [email protected] [email protected] San Francisco, CA 94132 [email protected] ABSTRACT language of the respective platform, HTML5 technologies A recent survey among developers revealed that half plan to gain traction for the development of mobile apps [12, 4]. use HTML5 for mobile apps in the future. An earlier survey A recent survey among developers revealed that more than showed that access to native device APIs is the biggest short- half (52%) are using HTML5 technologies for developing mo- coming of HTML5 compared to native apps. Several dif- bile apps [22]. HTML5 technologies enable the reuse of the ferent approaches exist to overcome this limitation, among presentation layer and high-level logic across multiple plat- them cross-compilation and packaging the HTML5 as a na- forms. However, an earlier survey [21] on cross-platform tive app. In this paper we propose a novel approach by using developer tools revealed that access to native device APIs a device-local service that runs on the smartphone and that is the biggest shortcoming of HTML5 compared to native acts as a gateway to the native layer for HTML5-based apps apps. Several different approaches exist to overcome this running inside the standard browser. WebSockets are used limitation. Besides the development of native apps for spe- for bi-directional communication between the web apps and cific platforms, popular approaches include cross-platform the device-local service. -
Cloud Native Trail Map 2
1. CONTAINERIZATION • Commonly done with Docker containers • Any size application and dependencies (even PDP-11 code running on an emulator) can be containerized • Over time, you should aspire towards splitting suitable applications and writing future functionality as microservices CLOUD NATIVE TRAIL MAP 2. CI/CD • Setup Continuous Integration/Continuous Delivery (CI/CD) so The Cloud Native Landscape l.cncf.io that changes to your source code automatically result in a new has a large number of options. This Cloud container being built, tested, and deployed to staging and Native Trail Map is a recommended process eventually, perhaps, to production for leveraging open source, cloud native • Setup automated rollouts, roll backs and testing technologies. At each step, you can choose • Argo is a set of Kubernetes-native tools for a vendor-supported offering or do it yourself, deploying and running jobs, applications, and everything after step #3 is optional workflows, and events using GitOps based on your circumstances. 3. ORCHESTRATION & paradigms such as continuous and progressive delivery and MLops CNCF Incubating APPLICATION DEFINITION HELP ALONG THE WAY • Kubernetes is the market-leading orchestration solution • You should select a Certified Kubernetes Distribution, 4. OBSERVABILITY & ANALYSIS Hosted Platform, or Installer: cncf.io/ck A. Training and Certification • Helm Charts help you define, install, and upgrade • Pick solutions for monitoring, logging and tracing Consider training offerings from CNCF even the most complex Kubernetes application • Consider CNCF projects Prometheus for monitoring, and then take the exam to become a Fluentd for logging and Jaeger for Tracing Certified Kubernetes Administrator or a • For tracing, look for an OpenTracing-compatible Certified Kubernetes Application Developer implementation like Jaeger cncf.io/training CNCF Graduated CNCF Graduated B. -
Rockbox User Manual
The Rockbox Manual for Ipod Classic rockbox.org December 27, 2020 2 Rockbox https://www.rockbox.org/ Open Source Jukebox Firmware Rockbox and this manual is the collaborative effort of the Rockbox team and its contributors. See the appendix for a complete list of contributors. c 2003–2020 The Rockbox Team and its contributors, c 2004 Christi Alice Scarborough, c 2003 José Maria Garcia-Valdecasas Bernal & Peter Schlenker. Version 3.15p10. Built using pdfLATEX. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sec- tions, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation License”. The Rockbox manual (version 3.15p10) Ipod Classic Contents 3 Contents 1. Introduction 12 1.1. Welcome..................................... 12 1.2. Getting more help............................... 12 1.3. Naming conventions and marks........................ 13 2. Installation 14 2.1. Before Starting................................. 14 2.2. Installing Rockbox............................... 15 2.2.1. Automated Installation........................ 15 2.2.2. Manual Installation.......................... 17 2.2.3. Finishing the install.......................... 19 2.2.4. Enabling Speech Support (optional)................. 19 2.3. Running Rockbox................................ 19 2.4. Updating Rockbox............................... 19 2.5. Uninstalling Rockbox............................. 20 2.5.1. Automatic Uninstallation....................... 20 2.5.2. Manual Uninstallation......................... 20 2.6. Troubleshooting................................. 20 3. Quick Start 21 3.1. Basic Overview................................. 21 3.1.1. The player’s controls.......................... 21 3.1.2. Turning the player on and off.................... -
Comparison of Platform Virtual Machines - Wikipedia
Comparison of platform virtual machines - Wikipedia... http://en.wikipedia.org/wiki/Comparison_of_platform... Comparison of platform virtual machines From Wikipedia, the free encyclopedia The table below compares basic information about platform virtual machine (VM) packages. Contents 1 General Information 2 More details 3 Features 4 Other emulators 5 See also 6 References 7 External links General Information Name Creator Host CPU Guest CPU Bochs Kevin Lawton any x86, AMD64 CHARON-AXP Stromasys x86 (64 bit) DEC Alphaserver CHARON-VAX Stromasys x86, IA-64 VAX x86, x86-64, SPARC (portable: Contai ners (al so 'Zones') Sun Microsystems (Same as host) not tied to hardware) Dan Aloni helped by other Cooperati ve Li nux x86[1] (Same as parent) developers (1) Denal i University of Washington x86 x86 Peter Veenstra and Sjoerd with DOSBox any x86 community help DOSEMU Community Project x86, AMD64 x86 1 of 15 10/26/2009 12:50 PM Comparison of platform virtual machines - Wikipedia... http://en.wikipedia.org/wiki/Comparison_of_platform... FreeVPS PSoft (http://www.FreeVPS.com) x86, AMD64 compatible ARM, MIPS, M88K GXemul Anders Gavare any PowerPC, SuperH Written by Roger Bowler, Hercul es currently maintained by Jay any z/Architecture Maynard x64 + hardware-assisted Hyper-V Microsoft virtualization (Intel VT or x64,x86 AMD-V) OR1K, MIPS32, ARC600/ARC700, A (can use all OVP OVP Imperas [1] [2] Imperas OVP Tool s x86 (http://www.imperas.com) (http://www.ovpworld compliant models, u can write own to pu OVP APIs) i Core Vi rtual Accounts iCore Software -
Defeating Kernel Native API Hookers by Direct Kiservicetable Restoration
Defeating Kernel Native API Hookers by Direct KiServiceTable Restoration Tan Chew Keong Vice-President SIG2 www.security.org.sg IT Security... the Gathering. By enthusiasts for enthusiasts! Outline • User-space API calls and Native APIs • Redirecting the execution path of Native APIs • Locating and restoring the KiServiceTable • Defeating Native API hooking rootkits and security tools. IT Security... the Gathering. By enthusiasts for enthusiasts! User-space API calls • User-space Win32 applications requests for system services by calling APIs exported by various DLLs. • For example, to write to an open file, pipe or device, the WriteFile API, exported by kernel32.dll is used. IT Security... the Gathering. By enthusiasts for enthusiasts! User-space API calls • WriteFile API will in turn call the native API NtWriteFile/ZwWriteFile that is exported by ntdll.dll • In ntdll.dll, both NtWriteFile and ZwWriteFile points to the same code. • Actual work is actually performed in kernel- space, hence NtWriteFile/ZwWritefile in ntdll.dll contains only minimal code to transit into kernel code using software interrupt INT 0x2E IT Security... the Gathering. By enthusiasts for enthusiasts! User-space API calls • In Win2k, NtWriteFile/ZwWriteFile in ntdll.dll disassembles to MOV EAX, 0EDh LEA EDX, DWORD PTR SS:[ESP+4] INT 2E RETN 24 • 0xED is the system service number that will be used to index into the KiServiceTable to locate the kernel function that handles the call. IT Security... the Gathering. By enthusiasts for enthusiasts! User-space API calls Application WriteFile() kernel32.dll Nt/ZwWriteFile() mov eax, system service num ntdll.dll lea edx, pointer to parameters int 0x2E ntoskrnl.exe NtWriteFile() IT Security.. -
X86 Assembly Language Reference Manual
x86 Assembly Language Reference Manual Part No: 817–5477–11 March 2010 Copyright ©2010 Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related software documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are “commercial computer software” or “commercial technical data” pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms setforth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle USA, Inc., 500 Oracle Parkway, Redwood City, CA 94065. -
Design of the RISC-V Instruction Set Architecture
Design of the RISC-V Instruction Set Architecture Andrew Waterman Electrical Engineering and Computer Sciences University of California at Berkeley Technical Report No. UCB/EECS-2016-1 http://www.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-1.html January 3, 2016 Copyright © 2016, by the author(s). All rights reserved. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission. Design of the RISC-V Instruction Set Architecture by Andrew Shell Waterman A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor David Patterson, Chair Professor Krste Asanovi´c Associate Professor Per-Olof Persson Spring 2016 Design of the RISC-V Instruction Set Architecture Copyright 2016 by Andrew Shell Waterman 1 Abstract Design of the RISC-V Instruction Set Architecture by Andrew Shell Waterman Doctor of Philosophy in Computer Science University of California, Berkeley Professor David Patterson, Chair The hardware-software interface, embodied in the instruction set architecture (ISA), is arguably the most important interface in a computer system. Yet, in contrast to nearly all other interfaces in a modern computer system, all commercially popular ISAs are proprietary. -
Undocumented Windows NT
Part Undocumented Windows NT CHAPTER 6 Hooking Windows NT System Services CHAPTER 7 Adding New System Services to the Windows NT Kernel CHAPTER 8 Local Procedure Call CHAPTER 9 Hooking Software Interrupts CHAPTER 10 Adding New Software Interrupts CHAPTER 11 Portable Executable File Format Chapter 6 T N s Window g Hookin s Service m Syste R CHAPTE S THI N I + Looking at system services under various operating systems + Examining the need for hooking system services s hook f o s type g Implementin + THIS CHAPTER DISCUSSES hooking Windows NT system services. Before we begin, let's first review what we mean by a system service. A system service refers to a set of functions (primitive or elaborate) provided by the operating system. Application programming interfaces (APIs) enable developers to call several system services, di- c dynami a f o m for e th n i s API s provide m syste g operatin e Th . indirectly r o y rectl link library (DLL) or a static compiler library. These APIs are often based on system d base y directl e ar s call I AP e th f o e Som . system g operatin e th y b d provide s service m syste e multipl g jlepene makin som n do d an , service m syste g correspondin a n o . services m syste o t s call y an e mak t no y ma s call I AP e th f o e som , Also . calls e servic In short, you do not need a one-to-one mapping between API functions and system services. -
Windows Internals for .NET Developers
Windows Internals for .NET Developers Pavel Yosifovich @zodiacon [email protected] Agenda •Windows Architecture and .NET •Jobs •Threads •Kernel Objects •Windows Runtime •Summary 2 About Me • Developer, Trainer, Author and Speaker • Co-author: Windows Internals 7th edition, Part 1 (2017) • Author: WPF Cookbook (2012), Mastering Windows 8 C++ App Development (2013) • Pluralsight author • Author of several open-source tools (http://github.com/zodiacon) • Blogs: http://blogs.microsoft.co.il/pavely, https://scorpiosoftware.net/ 3 Windows Architecture Overview Subsystem System Service Process User Processes Processes Processes (CSRSS.exe) CLR / .NET FCL Subsystem DLLs NTDLL.DLL User Mode Executive Kernel Mode Win32k.Sys Device Drivers Kernel Hardware Abstraction Layer (HAL) Hyper-V Hypervisor Kernel Mode (hypervisor context) 4 .NET Today •Part of Windows • Fully supported •User mode only • Kernel mode CLR/.NET possible (e.g. “Singularity”) •Not a complete wrapper over the Windows API • Opportunities to extend and optimize •What about .NET Core? 5 Windows Numeric Versions • Windows NT 4 (4.0) // get version... • Windows 2000 (5.0) if(version.Major >= 5 && version.Minor >= 1) { // XP or later: good to go!? • Windows XP (5.1) } • Windows Server 2003, 2003 R2 (5.2) • Windows Vista, Server 2008 (6.0) • Windows 7, Server 2008 R2 (6.1) • Windows 8, Server 2012 (6.2) • Windows 8.1, Server 2012 R2 (6.3) By default, reported as 6.2 • Windows 10, Server 2016 (10.0) By default, reported as 6.2 6 Windows Versions 7 Windows Subsystem APIs • Windows API (“Win32”)