[panda-users] Understanding plugins
Igor R
boost.lists at gmail.com
Sat Mar 7 16:19:31 EST 2015
Hello,
Just a couple a basic question about PANDA plugins:
* When running a plugin with a "live" execution (i.e. not a replay),
is it legitimate to change CPU registers and memory contents from
within plugin callbacks?
* IUUC, a plugin is system-wide, eg. its callbacks are invoked for
every instruction being executed in the guest, both in kernel and user
modes, right? Is it possible to distinguish between modes within a
callback? Is it possible to know in which process' context we are?
* Is it possible to start (stop) recording from within
PANDA_CB_INSN_EXEC callback, so that the recording would begin (end)
at the instruction, which is going to be executed?
Thanks!
More information about the panda-users
mailing list