Last active
August 16, 2022 12:46
-
-
Save kruxmeier/eb4becb7ba5c16192274f6fce3a47309 to your computer and use it in GitHub Desktop.
enable hardware performance counters in WSL2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| REM open cmd.exe as admin to run this | |
| REM Creates a patched vmwp.exe replacing these bytes: | |
| REM 0F B6 43 64 41 89 47 64 0F B6 43 65 41 89 47 68 0F B6 43 66 41 89 47 6C 0F B6 43 67 41 89 47 70 | |
| REM 41 C7 47 64 01 00 00 00 41 C7 47 68 01 00 00 00 41 C7 47 6C 01 00 00 00 41 C7 47 70 01 00 00 00 | |
| REM Enables PMU, LBR, PEBS, IPT | |
| cd %TEMP% | |
| copy %windir%\system32\vmwp.exe . | |
| @REM version with Intel Processor Trace | |
| wsl bash -c "sed -i 's#\x0F\xB6\x43\x64\x41\x89\x47\x64\x0F\xB6\x43\x65\x41\x89\x47\x68\x0F\xB6\x43\x66\x41\x89\x47\x6C\x0F\xB6\x43\x67\x41\x89\x47\x70#\x41\xC7\x47\x64\x01\x00\x00\x00\x41\xC7\x47\x68\x01\x00\x00\x00\x41\xC7\x47\x6C\x01\x00\x00\x00\x41\xC7\x47\x70\x01\x00\x00\x00#g' vmwp.exe" | |
| @REM version without Intel Processor Trace | |
| @REM wsl bash -c "sed -i 's#\x0F\xB6\x43\x64\x41\x89\x47\x64\x0F\xB6\x43\x65\x41\x89\x47\x68\x0F\xB6\x43\x66\x41\x89\x47\x6C#\x41\xC7\x47\x64\x01\x00\x00\x00\x41\xC7\x47\x68\x01\x00\x00\x00\x41\xC7\x47\x6C\x01\x00\x00\x00#g' vmwp.exe" | |
| wsl --shutdown | |
| @REM taskkill /F /IM vmwp.exe | |
| @REM taskkill /F /IM vmmem | |
| takeown /F %windir%\system32\vmwp.exe /A | |
| icacls %windir%\system32\vmwp.exe /grant Administrators:F | |
| icacls %windir%\system32\vmwp.exe /grant Administratoren:F | |
| move /Y %windir%\system32\vmwp.exe %windir%\system32\vmwp.exe.bak | |
| move /Y vmwp.exe %windir%\system32 | |
| wsl bash -c "echo 'Patch successfully applied'" |
I was able to find out that the script essentially patches a part of the ProcessorManager::InitProperties function, but I am not able to understand how one can find the right object offsets to update.
Just putting it here for reference if anyone else ends up with the same questions I had.
I found that ProcessorManager has getter functions which I can use to find the offsets that have to be set to 1.
- ProcessorManager::IsEnablePerfmonIpt
- ProcessorManager::IsEnablePerfmonPmu
- ProcessorManager::IsEnablePerfmonLbr
- ProcessorManager::IsEnablePerfmonPebs
This should hopefully be of help if I need to edit the patch in the future.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
No the code changed.