UEFI Emulation debugging with gdb doesn't work at latest version of qiling

[kimg00n]

UEFI emulation debugging in qiling v1.4.4 doesn't work but v1.4.3 work

• I'm still a beginner at qiling, so I don't know qiling well, but UEFI debugging doesn't work in the latest version of qiling.
• My environment
  • Python 3.8.10
  • WSL2 Ubuntu 20.04

Sample Code

from qiling import *
from qiling.const import QL_VERBOSE

ql = Qiling(["TcgPlatformSetupPolicy_body.efi"], ".", env = "nvram.pickle", verbose=QL_VERBOSE.DEFAULT)
ql.debugger = True
ql.run()

normal behavior

[=]     DXE heap at 0x04000000
[=]     DXE stack at 0x0507fff0
[=]     Global tables:
[=]      | gST   0x04000000
[=]      | gBS   0x04000078
[=]      | gRT   0x040001f0
........
[=]     Running from 0x00100320 of TcgPlatformSetupPolicy_body.efi
[=]     gdb> stopped at entry point: 0x100320
[=]     gdb> listening on 127.0.01:9999

In latest version

[=]     DXE heap at 0x04000000
[=]     DXE stack at 0x0507fff0
[=]     Global tables:
[=]      | gST   0x04000000
[=]      | gBS   0x04000078
[=]      | gRT   0x040001f0
[=]      | gDS   0x04000278
.....
[=]     Running from 0x00100320 of TcgPlatformSetupPolicy_body.efi
Traceback (most recent call last):
  File "test.py", line 6, in <module>
    ql.run()
  File "/home/kimg00n/.local/lib/python3.8/site-packages/qiling/core.py", line 561, in run
    debugger = debugger(self)
  File "/home/kimg00n/.local/lib/python3.8/site-packages/qiling/debugger/gdb/gdb.py", line 109, in __init__
    self.ql.add_fs_mapper(r'/proc/42000/maps',  QlFsMappedCallable(QlProcFS.self_map, self.ql.mem))
  File "/home/kimg00n/.local/lib/python3.8/site-packages/qiling/core.py", line 656, in add_fs_mapper
    self.os.fs_mapper.add_fs_mapping(ql_path, real_dest)
AttributeError: 'QlOsUefi' object has no attribute 'fs_mapper'

[ckudera]

Same problem exists for MCU debugging:

Sample code

from qiling.core import Qiling
from qiling.extensions.mcu.stm32f4 import stm32f411

def test_mcu_gpio_stm32f411():
    ql = Qiling(["hello_gpioA.hex"], archtype="cortex_m", ostype="mcu", env=stm32f411)
    ql.debugger = "gdb:0.0.0.0:9999"  # enable qdb without options
    ql.run(count=10000)

if __name__ == "__main__":
    test_mcu_gpio_stm32f411()

Output

Traceback (most recent call last):
  File "/mnt/data/Temp/a/emulation/stm32f411_gpio_hook.py", line 22, in <module>
    test_mcu_gpio_stm32f411()
  File "/mnt/data/Temp/a/emulation/stm32f411_gpio_hook.py", line 18, in test_mcu_gpio_stm32f411
    ql.run(count=10000)
  File "/mnt/data/Temp/a/emulation/qiling/core.py", line 561, in run
    debugger = debugger(self)
  File "/mnt/data/Temp/a/emulation/qiling/debugger/gdb/gdb.py", line 109, in __init__
    self.ql.add_fs_mapper(r'/proc/42000/maps',  QlFsMappedCallable(QlProcFS.self_map, self.ql.mem))
  File "/mnt/data/Temp/a/emulation/qiling/core.py", line 656, in add_fs_mapper
    self.os.fs_mapper.add_fs_mapping(ql_path, real_dest)
AttributeError: 'QlOsMcu' object has no attribute 'fs_mapper'

[elicn]

Thanks for reporting that.
I'll let you know when there is a fix ready.

[wtdcode]

Looks like related to my code XD

I could post a fix for this if you haven't worked on it @elicn

[elicn]

@wtdcode, no I haven't worked on it yet.
It basically needs to tell whether the OS has a file system (which is done somewhere in the init stage).
I was thinking about making it a "floating" file content that may float or be bound to a file based on whether there is a filesystem.

Anyway, didn't do anything besides thinking (:
If you are going to work on it, let me know so we don't duplicate our efforts.

[elicn]

@kimg00n, @ckudera
The issue should have been resolved with this fix; please pull the latest dev branch and let me know whether the problem persists.

[kimg00n]

@elicn It seems to be working properly. Thank you for the update. I hope there will be a new version with an update soon.

[Sunxingzhezhexingsun]

@kimg00n, @ckudera The issue should have been resolved with this fix; please pull the latest dev branch and let me know whether the problem persists.

Hello,I clone with --branch dev, but I still run into the same problem.

    ql = Qiling(["./lzx_uefi/bin/MyHelloWorldApp.efi"], "./lzx_uefi/", env=env, verbose=QL_VERBOSE.DEBUG)
    # ql = Qiling(["./lzx_uefi/bin/TcgPlatformSetupPolicy"], "./lzx_uefi/", env=env, verbose=QL_VERBOSE.DEBUG)
    ql.debugger = True
    ql.run()

error:

[=]     Running from 0x00100558 of ./lzx_uefi/bin/MyHelloWorldApp.efi
Traceback (most recent call last):
  File "d:/Work/Qiling Framework/qiling/lzx_uefi/hello.py", line 25, in <module>
    ql.run()
  File "C:\Python38\lib\site-packages\qiling\core.py", line 561, in run
    debugger = debugger(self)
  File "C:\Python38\lib\site-packages\qiling\debugger\gdb\gdb.py", line 109, in __init__
    self.ql.add_fs_mapper(r'/proc/42000/maps',  QlFsMappedCallable(QlProcFS.self_map, self.ql.mem))
  File "C:\Python38\lib\site-packages\qiling\core.py", line 656, in add_fs_mapper
    self.os.fs_mapper.add_fs_mapping(ql_path, real_dest)
AttributeError: 'QlOsUefi' object has no attribute 'fs_mapper'

[kimg00n]

@Sunxingzhezhexingsun Did you have manually installing qiling dev branch??
If you doesn't do manually install do this

git clone -b dev https://github.com/qilingframework/qiling
cd qiling
sudo pip3 install . 

[elicn]

A quicker approach would be specifying the Qiling repo you want to use:
PYTHONPATH=/path/to/qiling/ python3 my_script.py

[Sunxingzhezhexingsun]

@Sunxingzhezhexingsun Did you have manually installing qiling dev branch?? If you doesn't do manually install do this

git clone -b dev https://github.com/qilingframework/qiling
cd qiling
sudo pip3 install . 

@kimg00n I did miss pip install, thanks for your intructions !!!