Comments (2)
The shadow page where the traps are also part of the guest memory at a magic offset. The magic offset while not advertised via e820/efi memory map would still be accessible by a guest that knows where to look. So the guard2 rwx trap is to protect the shadow page from being accessed via the magic offset and keep it only accessible through the remapped gfn.
from drakvuf.
Thank you, Tamas! I now understand that the original page under current gfn will be swapped with remapped one. So the r/w trap is actually placed on remapped page.
from drakvuf.
Related Issues (20)
- Error in running windows7-sp1.json HOT 6
- Request - add support for MSI files
- What IDE should be used for drakvuf? HOT 1
- Hooks on nested functions are broken HOT 2
- mount /dev/mapper/vg0-win7 to /mnt error HOT 2
- vmi-win-guid name out print is NULL
- Virtualization problem
- interception specify process
- Format code with clang-format and clang-tidy HOT 1
- apimon doesn't work after 9/1's commit HOT 3
- Plugin etwmon startup failed! HOT 2
- Unable to control mouse in Win7 when drakvuf is running HOT 1
- [LIBHOOK] makes the xen virtual machine hang HOT 8
- How to automated batch analysis HOT 1
- trace powershell behavior with apimon
- drakvuf meson and ninja-injector linking build errors HOT 4
- How to exit a running drakvuf HOT 1
- How to obtain the value of a handle
- Injector sometimes hangs while injecting commands into explorer HOT 3
- avx instruction not support HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from drakvuf.