6 Modifying QEMU for Basic Instrumentation

In this chapter, we will see how to adapt QEMU and use Avatar2 and PANDA (an ad-hoc version of QEMU that interfaces nicely with Avatar2) to add a new architecture (https://i.blackhat.com/USA-20/Wednesday/us-20-Hernandez-Emulating-Samsungs-Baseband-For-Security-Testing.pdf). Also part of this work was explored by Marina Caro and Ádrian Hacar Sobrino in their BSc final projects. We will describe a basic process to add a new central processing unit (CPU) to QEMU and start to see some universal asynchronous receiver-transmitter (UART) output. We will add a CPU and check some UART output of an unknown (a baseband firmware) because such CPU and peripherals are the basics to develop an emulator for a real-time ...

Get Fuzzing Against the Machine now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Fuzzing Against the Machine by Antonio Nappa, Eduardo Blázquez

6

Modifying QEMU for Basic Instrumentation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly