Prepare ept hooking

src/driver/ept.cpp

@@ -0,0 +1,13 @@
+#include "std_include.hpp"
+#include "ept.hpp"
+
+namespace vmx
+{
+	ept::ept()
+	{
+	}
+
+	ept::~ept()
+	{
+	}
+}

src/driver/ept.hpp

@@ -0,0 +1,16 @@
+#pragma once
+
+namespace vmx
+{
+	class ept
+	{
+	public:
+		ept();
+		~ept();
+
+		ept(ept&&) = delete;
+		ept(const ept&) = delete;
+		ept& operator=(ept&&) = delete;
+		ept& operator=(const ept&) = delete;
+	};
+}

src/driver/functional.hpp

@@ -23,9 +23,9 @@ namespace std
 			{
 			}
 
-			Result operator()(Args ... a) const override
+			Result operator()(Args ... args) const override
 			{
-				return f_(std::forward<Args>(a)...);
+				return f_(std::forward<Args>(args)...);
 			}
 
 			F f_;

src/driver/hypervisor.cpp

@@ -1094,7 +1094,7 @@ void hypervisor::free_vm_states()
 
 	for (auto i = 0u; i < this->vm_state_count_; ++i)
 	{
-		memory::free_aligned_memory(this->vm_states_[i]);
+		memory::free_aligned_object(this->vm_states_[i]);
 	}
 
 	delete[] this->vm_states_;

src/driver/memory.hpp

@@ -1,4 +1,5 @@
 #pragma once
+#include "type_traits.hpp"
 
 namespace memory
 {
@@ -12,12 +13,6 @@ namespace memory
 	_Must_inspect_result_
 	_IRQL_requires_max_(DISPATCH_LEVEL)
 
-	template <typename T>
-	T* allocate_aligned_object()
-	{
-		return static_cast<T*>(allocate_aligned_memory(sizeof(T)));
-	}
-
 	uint64_t get_physical_address(void* address);
 	void* get_virtual_address(uint64_t address);
 
@@ -29,4 +24,26 @@ namespace memory
 	void free_non_paged_memory(void* memory);
 
 	uint64_t query_process_physical_page(uint32_t process_id, void* address, uint8_t buffer[PAGE_SIZE]);
+
+	template <typename T, typename... Args>
+	T* allocate_aligned_object(Args ... args)
+	{
+		auto* object = static_cast<T*>(allocate_aligned_memory(sizeof(T)));
+		if (object)
+		{
+			new(object) T(std::forward<Args>(args)...);
+		}
+
+		return object;
+	}
+
+	template <typename T>
+	void free_aligned_object(T* object)
+	{
+		if (object)
+		{
+			object->~T();
+			free_aligned_memory(object);
+		}
+	}
 }

src/driver/new.cpp

@@ -53,6 +53,14 @@ void operator delete[](void* ptr)
 	memory::free_non_paged_memory(ptr);
 }
 
+void operator delete(void*, size_t, std::align_val_t)
+{
+}
+
+void operator delete[](void*, size_t, std::align_val_t)
+{
+}
+
 extern "C" void __std_terminate()
 {
 	KeBugCheckEx(DRIVER_VIOLATION, 14, 0, 0, 0);

src/driver/new.hpp

@@ -1,11 +1,21 @@
 #pragma once
 
+namespace std
+{
+	enum class align_val_t : size_t
+	{
+	};
+}
+
 void* operator new(size_t size);
 void* operator new[](size_t size);
 
-inline void* operator new(size_t, void* where);
+void* operator new(size_t, void* where);
 
 void operator delete(void* ptr, size_t);
 void operator delete(void* ptr);
 void operator delete[](void* ptr, size_t);
 void operator delete[](void* ptr);
+
+void operator delete(void* ptr, size_t, std::align_val_t);
+void operator delete[](void* ptr, size_t, std::align_val_t);

src/driver/vmx.hpp

@@ -1,4 +1,5 @@
 #pragma once
+#include "ept.hpp"
 
 #define _1GB                        (1 * 1024 * 1024 * 1024)
 #define _2MB                        (2 * 1024 * 1024)
@@ -54,8 +55,13 @@ namespace vmx
 	};
 
 	struct state
+	{
+		union
 		{
 			DECLSPEC_PAGE_ALIGN uint8_t stack_buffer[KERNEL_STACK_SIZE]{};
+			DECLSPEC_PAGE_ALIGN launch_context launch_context;
+		};
+
 		DECLSPEC_PAGE_ALIGN uint8_t msr_bitmap[PAGE_SIZE]{};
 		DECLSPEC_PAGE_ALIGN ept_pml4 epml4[EPT_PML4E_ENTRY_COUNT]{};
 		DECLSPEC_PAGE_ALIGN epdpte epdpt[EPT_PDPTE_ENTRY_COUNT]{};
@@ -63,7 +69,8 @@ namespace vmx
 
 		DECLSPEC_PAGE_ALIGN vmcs vmx_on{};
 		DECLSPEC_PAGE_ALIGN vmcs vmcs{};
-		DECLSPEC_PAGE_ALIGN launch_context launch_context{};
+
+		DECLSPEC_PAGE_ALIGN ept ept{};
 	};
 
 	struct gdt_entry