Future/hypervisor
1
0
Fork 0
mirror of https://github.com/momo5502/hypervisor.git synced 2025-04-16 12:32:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix formatting

Browse Source
This commit is contained in:
momo5502 2022-04-23 22:45:56 +02:00
parent 90e2c262ad
commit 965dd3a5bc
20 changed files with 177 additions and 164 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.editorconfig Normal file
View File

@ -0,0 +1,10 @@
[*.{cpp,hpp}]
end_of_line = crlf
insert_final_newline = true
indent_style = tab
indent_size = 4
trim_trailing_whitespace = true
charset = utf-8
brace_style = next_line
namespace_indentation = all
cpp_indent_namespace_contents = true

5
src/driver/assembly.hpp
View File

@ -1,8 +1,8 @@
#pragma once
#include "std_include.hpp"
extern "C" {
extern "C"
{
void _sldt(uint16_t* ldtr);
void _ltr(uint16_t tr);
void _str(uint16_t* tr);
@ -15,5 +15,4 @@ void __invept(size_t type, invept_descriptor* descriptor);
[[ noreturn ]] void vm_launch();
[[ noreturn ]] void vm_exit();
[[ noreturn ]] void restore_context(CONTEXT* context);
}

2
src/driver/driver_main.cpp
View File

@ -16,7 +16,7 @@ public:
{
this->sleep_notification(type);
})
, irp_(driver_object, DEV_NAME, DOS_DEV_NAME)
, irp_(driver_object, DEV_NAME, DOS_DEV_NAME)
{
debug_log("Driver started\n");
}

12
src/driver/ept.cpp
View File

@ -49,13 +49,13 @@ namespace vmx
if (mtrr_data[i].enabled != FALSE)
{
mtrr_data[i].physical_address_min = mtrr_base.page_frame_number *
MTRR_PAGE_SIZE;
MTRR_PAGE_SIZE;
unsigned long bit{};
_BitScanForward64(&bit, mtrr_mask.page_frame_number * MTRR_PAGE_SIZE);
mtrr_data[i].physical_address_max = mtrr_data[i].
physical_address_min +
(1ULL << bit) - 1;
physical_address_min +
(1ULL << bit) - 1;
}
}
}
@ -198,7 +198,7 @@ namespace vmx
this->epml4[0].write_access = 1;
this->epml4[0].execute_access = 1;
this->epml4[0].page_frame_number = memory::get_physical_address(&this->epdpt) /
PAGE_SIZE;
PAGE_SIZE;
// --------------------------
@ -232,7 +232,7 @@ namespace vmx
{
this->epde[i][j].page_frame_number = (i * 512) + j;
this->epde[i][j].memory_type = mtrr_adjust_effective_memory_type(
mtrr_data, this->epde[i][j].page_frame_number * 2_mb, MEMORY_TYPE_WRITE_BACK);
mtrr_data, this->epde[i][j].page_frame_number * 2_mb, MEMORY_TYPE_WRITE_BACK);
}
}
}
@ -366,7 +366,7 @@ namespace vmx
if (translation_hint)
{
physical_address = translation_hint->physical_base_address + ADDRMASK_EPT_PML1_OFFSET(
reinterpret_cast<uint64_t>(destination));
reinterpret_cast<uint64_t>(destination));
}
else
{

6
src/driver/ept.hpp
View File

@ -63,7 +63,8 @@ namespace vmx
void initialize();
void install_hook(const void* destination, const void* source, size_t length, ept_translation_hint* translation_hint = nullptr);
void install_hook(const void* destination, const void* source, size_t length,
ept_translation_hint* translation_hint = nullptr);
void disable_all_hooks() const;
void handle_violation(guest_context& guest_context) const;
@ -95,6 +96,7 @@ namespace vmx
void split_large_page(uint64_t physical_address);
void install_page_hook(void* destination, const void* source, size_t length, ept_translation_hint* translation_hint = nullptr);
void install_page_hook(void* destination, const void* source, size_t length,
ept_translation_hint* translation_hint = nullptr);
};
}

2
src/driver/finally.hpp
View File

@ -50,6 +50,6 @@ namespace utils
finally(F&& f) noexcept
{
return final_action<typename std::remove_cv<typename std::remove_reference<F>::type>::type>(
std::forward<F>(f));
std::forward<F>(f));
}
}

23
src/driver/hypervisor.cpp
View File

@ -60,9 +60,9 @@ namespace
_sldt(&special_registers.ldtr);
}
// This absolutely needs to be inlined. Otherwise the stack might be broken upon restoration
// See: https://github.com/ionescu007/SimpleVisor/issues/48
#define capture_cpu_context(launch_context) \
// This absolutely needs to be inlined. Otherwise the stack might be broken upon restoration
// See: https://github.com/ionescu007/SimpleVisor/issues/48
#define capture_cpu_context(launch_context) \
cpature_special_registers((launch_context).special_registers);\
RtlCaptureContext(&(launch_context).context_frame);
@ -250,17 +250,17 @@ void enter_root_mode_on_cpu(vmx::state& vm_state)
basic_register.flags = launch_context->msr_data[0].QuadPart;
if (basic_register.vmcs_size_in_bytes > static_cast<uint64_t>(PAGE_SIZE))
{
throw std::runtime_error("VMCS exceeds page size");
throw std::runtime_error("VMCS exceeds page size");
}
if (basic_register.memory_type != static_cast<uint64_t>(MEMORY_TYPE_WRITE_BACK))
{
throw std::runtime_error("VMCS memory type must be write-back");
throw std::runtime_error("VMCS memory type must be write-back");
}
if (basic_register.must_be_zero)
{
throw std::runtime_error("Must-be-zero bit is not zero :O");
throw std::runtime_error("Must-be-zero bit is not zero :O");
}
ia32_vmx_ept_vpid_cap_register ept_vpid_cap_register{};
@ -293,23 +293,22 @@ void enter_root_mode_on_cpu(vmx::state& vm_state)
if (__vmx_on(&launch_context->vmx_on_physical_address))
{
throw std::runtime_error("Failed to execute vmx_on");
throw std::runtime_error("Failed to execute vmx_on");
}
auto destructor = utils::finally([]
{
__vmx_off();
__vmx_off();
});
if (__vmx_vmclear(&launch_context->vmcs_physical_address))
{
throw std::runtime_error("Failed to clear vmcs");
}
if (__vmx_vmptrld(&launch_context->vmcs_physical_address))
{
throw std::runtime_error("Failed to load vmcs");
throw std::runtime_error("Failed to load vmcs");
}
destructor.cancel();
@ -672,13 +671,13 @@ void hypervisor::enable_core(const uint64_t system_directory_table_base)
if (!is_virtualization_supported())
{
throw std::runtime_error("VMX not supported on this core");
throw std::runtime_error("VMX not supported on this core");
}
vm_state->launch_context.launched = false;
vm_state->launch_context.system_directory_table_base = system_directory_table_base;
// Must be inlined here, otherwise the stack is broken
// Must be inlined here, otherwise the stack is broken
capture_cpu_context(vm_state->launch_context);
if (!vm_state->launch_context.launched)

9
src/driver/hypervisor.hpp
View File

@ -19,7 +19,8 @@ public:
bool is_enabled() const;
bool install_ept_hook(const void* destination, const void* source, size_t length, vmx::ept_translation_hint* translation_hint = nullptr);
bool install_ept_hook(const void* destination, const void* source, size_t length,
vmx::ept_translation_hint* translation_hint = nullptr);
void disable_all_ept_hooks() const;
static hypervisor* get_instance();
@ -35,8 +36,10 @@ private:
void allocate_vm_states();
void free_vm_states();
bool try_install_ept_hook_on_core(const void* destination, const void* source, size_t length, vmx::ept_translation_hint* translation_hint = nullptr);
void install_ept_hook_on_core(const void* destination, const void* source, size_t length, vmx::ept_translation_hint* translation_hint = nullptr);
bool try_install_ept_hook_on_core(const void* destination, const void* source, size_t length,
vmx::ept_translation_hint* translation_hint = nullptr);
void install_ept_hook_on_core(const void* destination, const void* source, size_t length,
vmx::ept_translation_hint* translation_hint = nullptr);
vmx::state* get_current_vm_state() const;
};

104
src/driver/irp.cpp
View File

@ -36,7 +36,7 @@ namespace
return STATUS_SUCCESS;
}
void apply_hook(const hook_request& request)
{
auto* buffer = new uint8_t[request.source_data_size];
@ -55,10 +55,10 @@ namespace
memcpy(buffer, request.source_data, request.source_data_size);
auto* hypervisor = hypervisor::get_instance();
if(!hypervisor)
if (!hypervisor)
{
throw std::runtime_error("Hypervisor not installed");
}
throw std::runtime_error("Hypervisor not installed");
}
thread::kernel_thread t([&translation_hints, r = request]
{
@ -74,7 +74,7 @@ namespace
const auto name = process_handle.get_image_filename();
if (name)
{
debug_log("Attaching to %s\n", name);
debug_log("Attaching to %s\n", name);
}
process::scoped_process_attacher attacher{process_handle};
@ -90,81 +90,81 @@ namespace
}
hypervisor->install_ept_hook(request.target_address, buffer, request.source_data_size,
translation_hints);
translation_hints);
}
void unhook()
{
const auto instance = hypervisor::get_instance();
if(instance)
if (instance)
{
instance->disable_all_ept_hooks();
}
}
void try_apply_hook(const PIO_STACK_LOCATION irp_sp)
void try_apply_hook(const PIO_STACK_LOCATION irp_sp)
{
if(irp_sp->Parameters.DeviceIoControl.InputBufferLength < sizeof(hook_request))
{
throw std::runtime_error("Invalid hook request");
}
if (irp_sp->Parameters.DeviceIoControl.InputBufferLength < sizeof(hook_request))
{
throw std::runtime_error("Invalid hook request");
}
const auto& request = *static_cast<hook_request*>(irp_sp->Parameters.DeviceIoControl.Type3InputBuffer);
memory::assert_readability(request.source_data, request.source_data_size);
memory::assert_readability(request.target_address, request.source_data_size);
const auto& request = *static_cast<hook_request*>(irp_sp->Parameters.DeviceIoControl.Type3InputBuffer);
memory::assert_readability(request.source_data, request.source_data_size);
memory::assert_readability(request.target_address, request.source_data_size);
apply_hook(request);
apply_hook(request);
}
void handle_irp(const PIRP irp)
void handle_irp(const PIRP irp)
{
irp->IoStatus.Information = 0;
irp->IoStatus.Status = STATUS_NOT_SUPPORTED;
irp->IoStatus.Information = 0;
irp->IoStatus.Status = STATUS_NOT_SUPPORTED;
const auto irp_sp = IoGetCurrentIrpStackLocation(irp);
const auto irp_sp = IoGetCurrentIrpStackLocation(irp);
if (irp_sp)
{
const auto ioctr_code = irp_sp->Parameters.DeviceIoControl.IoControlCode;
if (irp_sp)
{
const auto ioctr_code = irp_sp->Parameters.DeviceIoControl.IoControlCode;
switch (ioctr_code)
{
case HELLO_DRV_IOCTL:
debug_log("Hello from the Driver!\n");
break;
case HOOK_DRV_IOCTL:
try_apply_hook(irp_sp);
break;
case UNHOOK_DRV_IOCTL:
unhook();
break;
default:
debug_log("Invalid IOCTL Code: 0x%X\n", ioctr_code);
irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
break;
}
}
switch (ioctr_code)
{
case HELLO_DRV_IOCTL:
debug_log("Hello from the Driver!\n");
break;
case HOOK_DRV_IOCTL:
try_apply_hook(irp_sp);
break;
case UNHOOK_DRV_IOCTL:
unhook();
break;
default:
debug_log("Invalid IOCTL Code: 0x%X\n", ioctr_code);
irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
break;
}
}
}
_Function_class_(DRIVER_DISPATCH) NTSTATUS io_ctl_handler(
PDEVICE_OBJECT /*device_object*/, const PIRP irp)
PDEVICE_OBJECT /*device_object*/, const PIRP irp)
{
PAGED_CODE()
try
try
{
handle_irp(irp);
}
catch(std::exception& e)
handle_irp(irp);
}
catch (std::exception& e)
{
debug_log("Handling IRP failed: %s\n", e.what());
irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
}
catch(...)
debug_log("Handling IRP failed: %s\n", e.what());
irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
}
catch (...)
{
debug_log("Handling IRP failed\n");
irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
}
debug_log("Handling IRP failed\n");
irp->IoStatus.Status = STATUS_INVALID_DEVICE_REQUEST;
}
IoCompleteRequest(irp, IO_NO_INCREMENT);

50
src/driver/memory.cpp
View File

@ -107,41 +107,43 @@ namespace memory
bool prope_for_read(const void* address, const size_t length, const uint64_t alignment)
{
__try
{
ProbeForRead(const_cast<volatile void*>(address), length, static_cast<ULONG>(alignment));
return true;
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
return false;
}
__try
{
ProbeForRead(const_cast<volatile void*>(address), length, static_cast<ULONG>(alignment));
return true;
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
return false;
}
}
void assert_readability(const void* address, const size_t length, const uint64_t alignment)
{
if(!prope_for_read(address, length, alignment)) {
throw std::runtime_error("Access violation");
}
if (!prope_for_read(address, length, alignment))
{
throw std::runtime_error("Access violation");
}
}
bool prope_for_write(const void* address, const size_t length, const uint64_t alignment)
{
__try
{
ProbeForWrite(const_cast<volatile void*>(address), length, static_cast<ULONG>(alignment));
return true;
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
return false;
}
__try
{
ProbeForWrite(const_cast<volatile void*>(address), length, static_cast<ULONG>(alignment));
return true;
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
return false;
}
}
void assert_writability(const void* address, const size_t length, const uint64_t alignment)
{
if (!prope_for_write(address, length, alignment)) {
throw std::runtime_error("Access violation");
}
if (!prope_for_write(address, length, alignment))
{
throw std::runtime_error("Access violation");
}
}
}

2
src/driver/new.hpp
View File

@ -18,4 +18,4 @@ void operator delete[](void* ptr, size_t);
void operator delete[](void* ptr);
void operator delete(void* ptr, size_t, std::align_val_t);
void operator delete[](void* ptr, size_t, std::align_val_t);
void operator delete[](void* ptr, size_t, std::align_val_t);

89
src/driver/nt_ext.hpp
View File

@ -1,7 +1,8 @@
#pragma once
#ifdef __cplusplus
extern "C" {
extern "C"
{
#endif
// ----------------------------------------
@ -12,9 +13,9 @@ _IRQL_requires_min_(PASSIVE_LEVEL)
_IRQL_requires_same_
VOID
KeGenericCallDpc(
_In_ PKDEFERRED_ROUTINE Routine,
_In_opt_ PVOID Context
);
_In_ PKDEFERRED_ROUTINE Routine,
_In_opt_ PVOID Context
);
// ----------------------------------------
@ -23,8 +24,8 @@ _IRQL_requires_(DISPATCH_LEVEL)
_IRQL_requires_same_
VOID
KeSignalCallDpcDone(
_In_ PVOID SystemArgument1
);
_In_ PVOID SystemArgument1
);
// ----------------------------------------
@ -33,8 +34,8 @@ _IRQL_requires_(DISPATCH_LEVEL)
_IRQL_requires_same_
LOGICAL
KeSignalCallDpcSynchronize(
_In_ PVOID SystemArgument2
);
_In_ PVOID SystemArgument2
);
// ----------------------------------------
@ -44,13 +45,13 @@ _IRQL_requires_max_(DISPATCH_LEVEL)
NTKERNELAPI
_When_(return != NULL, _Post_writable_byte_size_ (NumberOfBytes)) PVOID
MmAllocateContiguousNodeMemory(
_In_ SIZE_T NumberOfBytes,
_In_ PHYSICAL_ADDRESS LowestAcceptableAddress,
_In_ PHYSICAL_ADDRESS HighestAcceptableAddress,
_In_opt_ PHYSICAL_ADDRESS BoundaryAddressMultiple,
_In_ ULONG Protect,
_In_ NODE_REQUIREMENT PreferredNode
);
_In_ SIZE_T NumberOfBytes,
_In_ PHYSICAL_ADDRESS LowestAcceptableAddress,
_In_ PHYSICAL_ADDRESS HighestAcceptableAddress,
_In_opt_ PHYSICAL_ADDRESS BoundaryAddressMultiple,
_In_ ULONG Protect,
_In_ NODE_REQUIREMENT PreferredNode
);
#endif
// ----------------------------------------
@ -59,8 +60,8 @@ NTSYSAPI
VOID
NTAPI
RtlCaptureContext(
_Out_ PCONTEXT ContextRecord
);
_Out_ PCONTEXT ContextRecord
);
// ----------------------------------------
@ -78,34 +79,34 @@ typedef struct _KAPC_STATE
NTKERNELAPI
VOID
KeStackAttachProcess(
__inout PEPROCESS PROCESS,
__out PRKAPC_STATE ApcState
);
__inout PEPROCESS PROCESS,
__out PRKAPC_STATE ApcState
);
// ----------------------------------------
NTKERNELAPI
VOID
KeUnstackDetachProcess(
__in PRKAPC_STATE ApcState
);
__in PRKAPC_STATE ApcState
);
// ----------------------------------------
NTKERNELAPI
NTSTATUS
PsLookupProcessByProcessId(
IN HANDLE ProcessId,
OUT PEPROCESS* Process
);
IN HANDLE ProcessId,
OUT PEPROCESS* Process
);
// ----------------------------------------
NTKERNELAPI
PVOID
PsGetProcessSectionBaseAddress(
__in PEPROCESS Process
);
__in PEPROCESS Process
);
// ----------------------------------------
@ -113,16 +114,16 @@ NTKERNELAPI
PPEB
NTAPI
PsGetProcessPeb(
IN PEPROCESS Process
);
IN PEPROCESS Process
);
// ----------------------------------------
// ----------------------------------------
NTKERNELAPI
PCSTR
PsGetProcessImageFileName(
__in PEPROCESS Process
);
__in PEPROCESS Process
);
// ----------------------------------------
@ -130,18 +131,18 @@ __kernel_entry NTSYSCALLAPI
NTSTATUS
NTAPI
NtCreateFile(
_Out_ PHANDLE FileHandle,
_In_ ACCESS_MASK DesiredAccess,
_In_ POBJECT_ATTRIBUTES ObjectAttributes,
_Out_ PIO_STATUS_BLOCK IoStatusBlock,
_In_opt_ PLARGE_INTEGER AllocationSize,
_In_ ULONG FileAttributes,
_In_ ULONG ShareAccess,
_In_ ULONG CreateDisposition,
_In_ ULONG CreateOptions,
_In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
_In_ ULONG EaLength
);
_Out_ PHANDLE FileHandle,
_In_ ACCESS_MASK DesiredAccess,
_In_ POBJECT_ATTRIBUTES ObjectAttributes,
_Out_ PIO_STATUS_BLOCK IoStatusBlock,
_In_opt_ PLARGE_INTEGER AllocationSize,
_In_ ULONG FileAttributes,
_In_ ULONG ShareAccess,
_In_ ULONG CreateDisposition,
_In_ ULONG CreateOptions,
_In_reads_bytes_opt_(EaLength) PVOID EaBuffer,
_In_ ULONG EaLength
);
#ifdef __cplusplus
}

4
src/driver/process.cpp
View File

@ -47,7 +47,7 @@ namespace process
bool process_handle::is_alive() const
{
if(!this->handle_)
if (!this->handle_)
{
return false;
}
@ -60,7 +60,7 @@ namespace process
uint32_t process_handle::get_id() const
{
if(!this->handle_)
if (!this->handle_)
{
return 0;
}

3
src/driver/sleep_callback.cpp
View File

@ -9,7 +9,7 @@ sleep_callback::sleep_callback(callback_function&& callback)
PCALLBACK_OBJECT callback_object{};
UNICODE_STRING callback_name = RTL_CONSTANT_STRING(L"\\Callback\\PowerState");
OBJECT_ATTRIBUTES object_attributes = RTL_CONSTANT_OBJECT_ATTRIBUTES(
&callback_name, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE);
&callback_name, OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE);
const auto _ = utils::finally([&callback_object]()
{
@ -52,6 +52,7 @@ void sleep_callback::dispatcher(const type type) const
}
_Function_class_(CALLBACK_FUNCTION)
void sleep_callback::static_callback(void* context, void* argument1, void* argument2)
{
if (!context || argument1 != reinterpret_cast<PVOID>(PO_CB_SYSTEM_STATE_LOCK))

2
src/driver/string.hpp
View File

@ -10,7 +10,7 @@ namespace string
char* get_va_buffer();
template<typename ...Args>
template <typename ...Args>
const char* va(const char* message, Args&&... args)
{
auto* buffer = get_va_buffer();

6
src/driver/type_traits.hpp
View File

@ -37,18 +37,16 @@ namespace std
// TEMPLATE FUNCTION forward
template <class _Ty>
inline
constexpr _Ty&& forward(
typename remove_reference<_Ty>::type& _Arg)
typename remove_reference<_Ty>::type& _Arg)
{
// forward an lvalue as either an lvalue or an rvalue
return (static_cast<_Ty&&>(_Arg));
}
template <class _Ty>
inline
constexpr _Ty&& forward(
typename remove_reference<_Ty>::type&& _Arg)
typename remove_reference<_Ty>::type&& _Arg)
{
// forward an rvalue as an rvalue
return (static_cast<_Ty&&>(_Arg));

4
src/driver/unique_ptr.hpp
View File

@ -73,9 +73,9 @@ namespace std
static constexpr auto is_array_type = is_array<T>::value;
T* pointer_{nullptr};
void delete_pointer()
void delete_pointer() const
{
if(is_array_type)
if (is_array_type)
{
delete[] this->pointer_;
}

5
src/runner/driver_device.cpp
View File

@ -9,8 +9,7 @@ driver_device::driver_device(const std::string& driver_device)
nullptr,
OPEN_EXISTING,
NULL,
nullptr
);
nullptr);
if (!this->device_)
{
@ -35,7 +34,7 @@ bool driver_device::send(const DWORD ioctl_code, const data& input, data& output
static_cast<DWORD>(output.size()),
&size_returned,
nullptr
) != FALSE;
) != FALSE;
if (success && size_returned < output.size())
{

1
src/runner/main.cpp
View File

@ -2,7 +2,6 @@
#include <conio.h>
#include "std_include.hpp"
#include "finally.hpp"
#include "driver.hpp"
#include "driver_device.hpp"

2
src/runner/native_handle.cpp
View File

@ -46,4 +46,4 @@ native_handle::operator HANDLE() const
native_handle::operator bool() const
{
return this->handle_ != INVALID_HANDLE_VALUE;
}
}