@rem @rem This script enables the NT debugger through KDNET for QEMU VirtIo. @rem @rem Author: Andrea Allievi @rem Last revision: 08th April 2023 @rem @echo off @rem @rem TODO: Modify the following 3 variables if you would like to change the @rem debug IP address, port and key. @rem Add a BUSPARAMS only if you want to override the automatic detection. @rem set DEBUG_IP=127.0.0.1 set DEBUG_PORT=65000 set DEBUG_KEY=1.2.3.4 set BUSPARAMS= rem Internal script configuration: set STORE=/v set TIMEOUT=10 set TARGET_GUID=%1 set BCD_COPY_COMMAND=bcdedit %STORE% /copy {default} /d "Debug Windows 11 QEMU" @echo off echo QEMU NT Debugging Script 1.0 echo This will enable the NT debugger through KDNET for QEMU (VirtIo Network interface). echo. rem Verify that the user has launched myself as Admin call :ConfirmAdmin if %ERRORLEVEL% NEQ 0 goto END echo Setting Boot Menu Policy and Timeout... bcdedit %STORE% /set {default} bootmenupolicy legacy >NUL if not %ERRORLEVEL% == 0 ( bcdedit %STORE% /default {current} >NUL bcdedit %STORE% /set {default} bootmenupolicy legacy >NUL ) bcdedit %STORE% /timeout %TIMEOUT% echo. echo Setting up the stage for network debugging... if not defined TARGET_GUID ( for /f "tokens=1-3 delims=={,}" %%I in ('%BCD_COPY_COMMAND%') do set TARGET_GUID={%%J} ) if not defined TARGET_GUID goto GuidError if "%TARGET_GUID%" == "{}" goto GuidError echo Target GUID: %TARGET_GUID% echo NT debugger target IP: %DEBUG_IP% - Port: %DEBUG_PORT% echo (Key: %DEBUG_KEY%) echo. echo Setting up Test Signing and Recovery policy... bcdedit %STORE% /set %TARGET_GUID% recoveryenabled No >NUL bcdedit %STORE% /set %TARGET_GUID% bootstatuspolicy ignoreallfailures >NUL bcdedit %STORE% /set %TARGET_GUID% nointegritychecks yes >NUL bcdedit %STORE% /set %TARGET_GUID% testsigning on >NUL if not %ERRORLEVEL% == 0 goto SecureBootError rem Set the default entry to the new one bcdedit %STORE% /default %TARGET_GUID% echo. rem AutoDetect the correct Bus parameters for the VirtIo network driver. if %PROCESSOR_ARCHITECTURE% equ ARM64 ( if not defined BUSPARAMS set BUSPARAMS=0.3.0 ) else ( if not defined BUSPARAMS set BUSPARAMS=0.4.0 ) echo Setting up the debugger... bcdedit %STORE% /dbgsettings NET HOSTIP:%DEBUG_IP% PORT:%DEBUG_PORT% KEY:%DEBUG_KEY% >NUL if defined BUSPARAMS ( bcdedit %STORE% /set {dbgsettings} busparams %BUSPARAMS% >NUL ) else ( echo Warning! Debugger busparams have not been set - NT debugger potentially unstable! ) bcdedit %STORE% /set %TARGET_GUID% debug ON >NUL bcdedit %STORE% /set %TARGET_GUID% bootdebug ON >NUL bcdedit %STORE% /set %TARGET_GUID% loadoptions "systemwatchdogpolicy=disabled" >NUL echo. echo The configuration of the debugger via KDNET succeeded! echo. choice /C YN /M "Would you like to Enable the JTAG break for the new BCD entry" if %ERRORLEVEL% == 1 ( bcdedit %STORE% /set %TARGET_GUID% enablejtagbreak on pause ) goto END :GuidError echo There was a problem while trying to create the new BCD entry. echo Unable to continue! echo. goto END :SecureBootError set SB_CHECK_COMMAND=powershell -Command Confirm-SecureBootUEFI echo. echo. echo Error! Unable to set Test siging On. This probably is caused by Secure Boot being enabled. echo Disable Secure Boot, reboot the workstation and then re-execute this script. echo. for /f "" %%G in ('%SB_CHECK_COMMAND%') do echo Auto-detected status of Secure Boot: %%G bcdedit %STORE% /delete %TARGET_GUID% >NUL bcdedit %STORE% /default {current} >NUL echo. :END exit /b %ERRORLEVEL% * * ConfirmAdmin() * * The function confirms that the user has executed the script with Administrative * privileges * :ConfirmAdmin net session >nul 2>&1 if %ERRORLEVEL% == 0 ( rem Success: Administrative permissions confirmed. ) else ( echo Error: This script MUST be executed with ADMIN privileges! echo. pause ) exit /b %ERRORLEVEL%