Windows Driver-Virtual Machine virtual serial port dual-machine debugging, serial port dual-Machine
======================================Copyright Notice======================================
Copyright statement: original articles are not reprinted
Please contact me through "contact email (wlsandwho@foxmail.com)" in the announcement on the right
Do not use academic references.
Do not use for commercial publishing, commercial printing, commercial reference, or other commercial purposes.
This article is occasionally revised and improved.
Link: http://www.cnblogs.com/wlsandwho/p/4856272.html
Shame wall: http://www.cnblogs.com/wlsandwho/p/4206472.html
========================================================== ====================================
I tried to buy an 8 GB memory stick (more than 2014 million records in 500) and made up my mind to implement a 64-bit system. Finally, I can open zhan (zhan) I learned something about jing.
========================================================== ====================================
Hardware environment:
CPU i3-4150 (barely enough, can have money to get E3, 8 frame mysterious addition can not be underestimated .)
Memory 2 + 2 + 8 (so capricious. I have to buy an 8 GB package in the future, because it is well received .)
Hard Disk ssd + hdd
========================================================== ====================================
Software environment:
Windows 7 64
VM VMware Workstation10.0.2 build-1744117
Virtual serial port VSPD
Casual serial port debugging Assistant
========================================================== ====================================
I decided to perform development and testing on all virtual machines. (Attackers can directly use their computers and a virtual machine to perform driver development and related tests .)
========================================================== ====================================
Install the virtual serial port (I used this ). Add Serial Port 2 and serial port 4. Be sure to restart your computer.
Create two virtual machines, one as the Development Virtual Machine and the other as the test virtual machine. Each disk is allocated with 30 GB hard drive and 2 GB memory. Development virtual machines are stored in SSD, and test virtual machines are stored in HDD.
Add a serial port for the VM.
In the Development Virtual Machine, select Serial 2 to send data.
You can receive data from the test virtual machine.
========================================================== ====================================
The above only indicates that the serial port is available, but additional settings are required for debugging of two virtual machines.
========================================================== ====================================
Set the testing virtual machine to the debugging mode:
1. Check the loaders.
2. Back up the current loader (which can be directly configured for backup) for normal (non-debugging) startup .)
3. Enable "debugging" and "start debugging"
4. Check the debugging settings first.
It is found that the serial port is 1 and the baud rate is 115200.
Because the serial port 2 is configured during the test with the serial port assistant, you need to change it here. (When my virtual machine is installed, the default Serial Port 1 and Serial Port 3 are provided. When a new serial port is added to the virtual machine, the serial port 2 is automatically used. Of course, you can change the serial port name, which is similar to changing the drive letter .)
5. Modify debugging settings
Note that you must set the baud rate at the same time, otherwise the configuration of the baud rate will be lost. (If you don't believe it, try it yourself .)
6. Check the debugging settings.
The Virtual Machine is configured.
========================================================== ====================================
The following is a virtual machine for development.
1. Install VS2013 + WDK8.1 or VS2015 + WDK7.1.
The advantage of the first configuration is that it is written on the official Microsoft page and can be used to create various driver projects. The disadvantage is that there is no command line environment in the Start Menu, in addition, it is not applicable to various books. The advantage of the second configuration is of course that the command line environment can be used to match the current book.
Therefore, I have developed two virtual machines. Currently, I first use the one from VS2015 + WDK7.1.
(WDK8.1 can be installed after WDK7.1 is installed, but there is no project in VS2015 that can be used to create a driver. This test is not a lie! I don't know if there will be any problems .)
2. Set the target of the WinDbg shortcut and set some parameters for it.
The command in "target (T)" in the image is:
1 "C:\Program Files\Windows Kits\8.1\Debuggers\x86\windbg.exe" -b -k com:port=2,baud=115200
If you do not set a shortcut, you can do it. However, it doesn't make any practical sense to knock on the same command line in the CMD with the administrator privilege every time.
3 It is said that the symbol table should be set for WinDbg. Press Ctrl + S to enter SRV * C: \ symbolcache * http://msdl.microsoft.com/download/symbols
The Development Virtual Machine is also configured.
========================================================== ====================================
Next, you need to debug the system on your own machine.
Test Virtual Machine:
Execute the net start and net stop commands in sequence.
The Development Virtual opportunity triggers the set int 3 interrupt when testing the virtual machine to run net start.
In this case, when you add a breakpoint to the uninstall program, the breakpoint can be triggered when the test virtual machine runs net stop.
The code for testing the driver "HelloDriver" and other small files are attached below.
1 #include <ntddk.h>
2
3 VOID DriverUnload (PDRIVER_OBJECT pDriverObj)
4 {
5 DbgPrint ("Goodbye Driver!");
6}
7
8 NTSTATUS DriverEntry (PDRIVER_OBJECT pDriverObj, PUNICODE_STRING pUnicodeStrPath)
9 {
10 #if DBG
11 _asm int 3
12 #endif
13 DbgPrint ("Hello Driver!");
14
15 pDriverObj-> DriverUnload = DriverUnload;
16
17 return STATUS_SUCCESS;
18}
makefile
1! IF 0
2 This file is created by WLS.
3! ENDIF
4! INCLUDE $ (NTMAKEENV) \ makefile.def
SOURCES file
1 TARGETNAME = HelloDriver
2 TARGETTYPE = DRIVER
3 SOURCES = HelloDriver.c