I just want to known how to get BIO information in C++. I tried following option but each one has its drawback.
From Registry: But I found some system where HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\BIOS is missing may be it is virtual machine.
Using WMI: But It is not necessary that WMI will run on all the systems, because in certain cases either the service is disabled or the WMI object is missing!!
I need one permanent solution that gives me BIO information in c++.
Trying to detect if you are in a virtual OS is done in various ways and depends on the virtualization software being used.
There are many different questions about this already on stackoverflow.
In no particular order, here are some articles, they cover a variety of the different virtualization pieces used:
Detect virtualized OS from an application?
detect if application running on virtual box
64-bit windows VMware detection
How to identify that you're running under a VM?
http://www.codeproject.com/Articles/9823/Detect-if-your-program-is-running-inside-a-Virtual
Whilst Salgar beat me to it, one of the more "safe" methods is to use the CPUID instruction, which generally works on modern VM's. I know that KVM, Microsoft and Xen uses a CPUID leaf around 0x40000000 that gives back "You are in a virtual machine". Not 100% sure if VMWare also supports the same one - on a "real" machine, these are reserved and not used.
Here's a page that discusses several options besides CPUID:
http://homepage.ntlworld.com/jonathan.deboynepollard/FGA/detecting-x86-virtual-machines.html
and there are several links for further reading.
Related
I'm trying to modify a Windows kernel-level disk driver to properly respond to updated control codes. For example, it only had a handler for the obsoleted IOCTL_DISK_GET_DRIVE_GEOMETRY control code, but not the newer IOCTL_DISK_GET_DRIVE_GEOMETRY_EX control code, so I added that.
Of course, I updated the driver to use all the new Windows structures and functions too, like the IoReadPartitionTableEx() function and the DRIVE_LAYOUT_INFORMATION_EX structure (I am trying to add GPT support to the driver). The issue is, when I use the disk driver, I can see (using DebugView) that Windows (I think it's Windows... perhaps it's something else...) is still sending the old IOCTL_DISK_GET_DRIVE_GEOMETRYcontrol code to my driver. I would like Windows to send the newer control codes to my driver. Is it even Windows that is sending these control codes? Is there perhaps some other layer between Windows and the driver that I'm just not yet aware of?
Is the driver supposed to somehow identify its "type" to Windows, so that Windows knows exactly how to "speak" to it? How does Windows know exactly which control codes to send to a particular driver? I've Googled around for answers to these (seemingly very basic) questions, and haven't found a clear answer, which leads me to believe that I've fundamentally misunderstood something about Windows drivers here. Does my question even make sense?
The OP has 5 questions (count based on number of question marks). Each of the following answers the questions in the same order as they were asked in OP.
To find out who is calling your driver with IOCTL_DISK_GET_DRIVE_GEOMETRY put a breakpoint on the handler for that IOCTL in your driver. When break occurs then look at the callstack. You'll see who called.
You'll actually have a layered set of callers. This will answer your question about layers.
Windows knows about your drivers capabilities in several different ways. If you have a miniport driver, then there is a minimal set of functionality that each type of miniport must implement.
In addition there are APIs to StorPort miniports can use to indicate optional capabilities. For example StorPortInitializePerfOpts is used to inform StorPort about various perf optimizations in StorPort miniports. To better answer this question please provide the type of driver that you have. In case you're not familiar with the various driver types, I suggest you read this from MS HW dev center. In fact you may want to read it anyway.
The question assumes Windows sends different control codes to different drivers based on some hypothetical driver attribute. However the model Windows uses is like that mentioned in the previous answer. There are base capabilities based on the driver model and then in some cases APIs to communicate capabilities. (In other cases it is up to the driver to indicate it doesn't support a particular operation.)
There is another aspect to the answer and that is Windows and non-Windows components are free to choose whatever control codes they want. So a 3rd party disk partitioning program could use the older geometry IOCTL, even though a newer one exists because it wants to be compatible with earlier versions of Windows. Or a Windows component (eg Storage Spaces) could use a newer IOCTL because it doesn't carry about backwards compatibility.
(This question is asking for an opinion, so this answer is my opinion). Assuming by "question" you mean "questions", then I'd say more or less. But if this is your first (or second) foray into Windows drivers, I again suggest reading the relevant MS documentation (linked above).
Finally, even though the OP doesn't ask directly, it sounds like there is a question "How do I test the IOCTL_DISK_GET_DRIVE_GEOMETRY_EX functionality I've added?". The simplest way, IMO, is to write a Win32 test program. To invoke and display this one IOCTL would only take 20 or so lines of code. Which would be easier and quicker then, say, scripting DISKPART or similar.
my question is "How to write a driver without WDK or DDK or ...?"
I googled it but i couldn't find any thing...
and i just want to do it for educational purpose
and i want to do it in windows 7
and i know c and assembly (but not pro in assembly)
Help is very much appreciated!
Writing a driver for ANY operating system requires knowledge about the OS kernel's driver structures and system calls and other behavior: this is what the DDK provides for you. Attempting to do this WITHOUT the DDK would be the same as attempting to re-implement all the kernel's driver structures and system calls from scratch.
Conceivably this could be done: practically it is not really possible, particularly for any mature operating system such as Windows 7.
If you meant driver that enables system to use some hardware - it is (virtually) not possible. The driver must interface somehow with the system, and that's what DDK is for.
But if you just want to access some device you have (eg. connected via COM, LPT or USB), you don't need any drivers except those for COM, LPT or USB (already in the system).
There's really no way to do this without using the driver kits - Microsoft is legally bound by the US Government Dept. of Justice decrees from providing OS access to anybody (even their own devs) via privileged/non-published APIs.
You need to know what the WDK or DDK do and recreate it. You'll be pushing special values into special registers, responding to special interrupts...etc.
LOT'S of work ahead for you.
Good luck!
I know nothing about Windows internals but Andrew Tridgell did a talk on reverse engineering Windows drivers using LD_Preload. He didn't use any driver kits or the like
I also know nothing about the Window's dynamic linker (I'm pretty sure Windows doesn't use .so's) but his technique of running Windows through a virtual machine (he used virtual box) under Linux should work.
You can see more details here http://lwn.net/Articles/425714/
Reverse engineering an existing driver should give you a good start towards writing your own.
If you mean driver as in a driver that works under a specific operating system such as Win7, then naturally you need a development kit such as WDK unless you want to re-invent the wheel.
It's like developing a game without using a framework, or developing Android Apps without using Android SDK. It's possible but a very very hard task which could be done easily using a development kit such as WDK.
EDIT: If you really want to go deep into the code that handles drivers, you can create a driver with DDK and then use reverse engineering to take a look at the code at low-level and see how it interacts with CPU for handling the hardware.
I'd like to know if there's a way to learn the number of physical CPU-s of a host computer when my code is running inside a VM.
I'm looking for C++/assembly solutions that run in Windows and under VmWare (workstation/esxi) and HyperV. Sorry for the very vague question but after several searches, I'm not sure if this is possible to do inside the virtual machine.
The very concept of VM is that your code (even your OS) do not know that they are sharing resources.
So in first intance, no. The only possible workaround would be if the VM provided it explicity (I am thinking of VMWare Tools, yet I do not know if they offer an API for you).
I have developed an application with c++ on Vista. It works OK. But Now I want to be sure that it works on XP, on Windows 7, and later may be on some types of linux. What good methods do developers use for this task?
There is no substitute for actually running it on the platform itself. If you cannot afford to have separate machines dedicated to each platform then you need to:
Partition the disk(s) on a single machine and install each O/S in its own partition, and multi-boot between them.
Use virtualization software like VMWare or VirtualBox (free!) to set-up each O/S under your host O/S
If your application make little or no use of graphics (or other) hardware then the latter option is a real possibility; if it does use this hardware extensively then you have little choice but to go for the former option.
I use vmware. You can also use VBox or something similar. If you use visual studio along with vmware workstation you can even remote debug your application running in the VMWare.
Obviously keeping to the standard in C++ helps for portability to linux.
go and get a virtual machine player and have functionnal virtual machines for each OS you will test.
Execute the same unitary test scenarii on all the virtual machines.
Don't hesitate to focuss on what may be implemented differently on each plateform:
Save/Load dialogs
Remote communication
Drag'n'Drop
that's what come to my mind, there maybe thousands of other issues.
Anything really really low level (with inline asm code for eample) may be impacted by OS change.
I am researching ideas for a PhD project.
One of my thoughts is writing a hypervisor (or bare metal) (?) so I could run multiple OS's without use of a true host operating system. Example I get a menu of some type of options to start operating systems, view what the 'console' of what is going on in an OS that is already running. Reboot OS's, install a new one, etc.
So no host OS, just a small app that controls everything.
Conceptually how does one think about doing this?
I have a MacBook. I should be able to modify what the EFI boots. Maybe start with a very minimal Linux LIve implementation and scale it really, really far back?
Is it possible to use Darwin and scale it very far back?
Your idea as stated is not an original contribution to the science.
My advice is to review Xen and the general hypervisor literature, dating back to the '60s &
'70s when IBM invented it.
I'm certain there is room for improvement and original ideas there.
In terms of actually writing a hypervisor, you should review Wikipedia first, as it gives a good brief on virtualization.
Here is a historical summary, including some seminal citations: http://www.kernelthread.com/publications/virtualization/. Note the first citation is from 1959!
Scaling back an existing desktop/server OS seems like a poor choice. OTOH, rather than redo everything, it may be useful to start with an embedded RTOS such as ecos or L4 to draw some features from. Additionally, some code could possibly be re-used from QEMU.
If I were doing it, I would focus on hardware virtualization using VT-x and AMD-V ignore dynamic recompilation (unless was to be the focus of your work).
Also, it seems to me that it would be a good idea to already be able to write operating systems enough to make some small test operating systems that can boot on bare hardware to use for testing the hypervisor under development.
BTW, if scaling back an existing OS was a good strategy, I think it would work best on Linux or one of the major BSDs. Using Darwin is likely asking for pain.
Scaling back an existing OS to develop a hypervisor seems an unlikely approach.
Definitely have a look at some of the existing open source hypervisor project out there.
If you are interesting in reading about how they work and how you might approach writing
one then you could try:
Virtual Machines by Smith & Mair.
The Definitive Guide to the Xen Hypervisor by Chisnall.
If you are going to write it from scratch, and you are targeting the x86 family of processors then you are going to have to get your hands dirty with virtualization instructions (eg. Intel VT-x). And this will be with pure assembly language, or at best inline assembly. You are talking real low level stuff here.
If you are interested in computer communication and hypervisiors what about cross OS communication [it would be cheaper than trying to connect via normal TCP/IP sockets.
ESX is essentially a scaled-back Linux install - with a host of other goodies added: so your basic premise is decent.
However, for a PhD project, it sounds too broad: you should focus on something smaller.