Menu







NoirVisor Development Status Report by Nov 2019

2019-11-30 - Virtualization Technology

Again, I have not been updating my blog for three months. The reason is again that I am very busy. But during the three month, I, of course, did something: Implementation of NPT to SVM-Core. By now, the implementation is incomplete: only the identity mapping is completed.

An additional feature is the construction of Detour facility. This facility aims to provide interfaces of constructing inline hooks that will be concealed by memory virtualization. The construction is still in progress. Only finished implementations are locating kernel modules and kernel functions with thread-safe considerations.

Next step will be implementing the NPT-based stealth inline hook and the completion of Detour facility. By now, I have designed the algorithm and pushed to GitHub repository. Check it out: https://github.com/Zero-Tang/NoirVisor/blob/master/src/svm_core/readme.md#stealth-inline-hook-algorithm

By the way, thanks for raising issues. Issue #6 reminds me that the Detour facility could help NoirVisor be competitive in open-source market since it helps building inline hooks easily.

Another point is the CPUID caching architecture. I am stuck on it because my mind is messing around how to make things run efficiently. The very fundamental idea is to give each leaf a single dispatcher function. But details are confusing me. I will figure it out, but it might be done after the completion of the two points mentioned before.

Once upon a time, I chose BeaEngine for analyzing instruction length. Since the code is very large, I decided to choose LDE as replacement of BeaEngine, but I did not know what license it applied. The fact is that LDE is licensed under LGPL v3, and I do not have to change my MIT license, but left a copy of LGPL v3 text with it. However, something is problematic. BeatriX wrote binary code and put it into assembly file, so GitHub concludes that my code has lots of assembly. This is not good. I plan to compile LDE as static library so that LDE won’t be count as code of NoirVisor’s repository. This will be a simple job. Next commit might be including this only.

Anyway, the roadmap of NoirVisor remains a long way to go. I will keep on innovating and look forward to perfection.

Leave a Reply

Your email address will not be published. Required fields are marked *