[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] improve emulation correctness
|
From: |
Dmitry Poletaev |
|
Subject: |
Re: [Qemu-devel] [PATCH] improve emulation correctness |
|
Date: |
Mon, 28 Apr 2014 18:32:03 +0400 |
I'm understand your position.
But why in TCG undefined flags obviously change to zero in some cases?
For example:
af = 0; /* undefined */
It is not a part of Intel specification, what reason was apply that convention?
28.04.2014, 17:49, "Peter Maydell" <address@hidden>:
> On 28 April 2014 14:41, Dmitry Poletaev <address@hidden> wrote:
>
>> Let's imagine we analyse a program(may be a malware) and so
>> run it in emulator. Malware can execute that test and understand
>> that it run in an emulator. After that malware can make decision,
>> that someone analyse it and alter its behavior with a view to
>> make analysis more complicated.
>
> I understand this theory. I think it's misguided to think that
> it's possible to avoid the problem.
>
>> So it makes sense to apply that patch.
>
> I disagree with this, because we can never make QEMU behave
> exactly identically to the hardware (timing effects, weird
> choices of QEMU devices, etc). We cannot offer this guarantee,
> so there is no point in attempting to make changes purely
> to try to provide the guarantee in some areas.
>
> (Just to pick a fairly easy way guest malware can
> detect QEMU TCG, it can run timing tests that probe for
> the size of L1 cache by looking for the point where memory
> access time falls off a cliff. QEMU will never be able to
> emulate caches with the same sort of memory timing profile.)
>
> thanks
> -- PMM