[panda-users] Use case questions

Andrew Fasano fasano at mit.edu
Thu Jul 1 10:36:26 EDT 2021 

Hi Kenneth,

These are some good questions. We're very interested in both improving
PANDA's support for additional architectures and updating PANDA to be based
on a newer version of QEMU.

For additional architectures that were supported in QEMU 2.9 (which PANDA
is currently forked from), it's not too bad to get them running with
PANDA's callbacks, but adding record and replay support is a fair amount of
work. We recently added partial AARCH64 support
<https://github.com/panda-re/panda/pull/845>where most callbacks and APIs
now work but we skipped record and replay. As you can see from the diff, it
wasn't too bad (most of the code changes are related to the OSI and
syscalls2 plugins).

However, there are some architectures only supported in newer QEMU versions
as well as a lot of improvements to QEMU since 2.9 was released, so we'd
love to get PANDA rebased on top of that. We have a github issue here
<https://github.com/panda-re/panda/issues/570> where we've been discussing
how to do such an upgrade. The issue has mostly gone stale though since
it's a pretty significant undertaking. We (MIT Lincoln Lab) have been
exploring ways to dedicate some resources towards tackling the work, but we
currently lack the funding for our ideal path forward. Hopefully that will
change later this year.

If you want to discuss with a wider audience, feel free to request an
invite to our slack channel <https://panda.re/invite.php> - that's much
more active than this mailing list.

Best,
Andrew

On Wed, Jun 30, 2021 at 12:43 PM Kenneth Adam Miller <
kennethadammiller at gmail.com> wrote:

> Much later version of *QEMU.
>
>
>
> On Thu, Jun 17, 2021 at 11:39 AM Kenneth Adam Miller <
> kennethadammiller at gmail.com> wrote:
>
>> Hello,
>>
>> I have a series of questions that relate to trying to satisfy a use case:
>> perform analysis using PANDA but on an architecture that isn't supported
>> directly by PANDA. In this scenario, the architecture is supported by a
>> much later version of PANDA.
>>
>> Would there be any way that a later version of QEMU could export LLVM or
>> the TCB for this version to import and use?
>>
>> How difficult would it be to take the PANDA extensions to QEMU and apply
>> them to a newer version of QEMU? I don't expect it would be easy, probably
>> would correspond to a new version of PANDA, and I'm sure people are working
>> hard behind the scenes.
>>
> _______________________________________________
> panda-users mailing list
> panda-users at mit.edu
> http://mailman.mit.edu/mailman/listinfo/panda-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/panda-users/attachments/20210701/281fd00d/attachment.html

More information about the panda-users mailing list