admin/MiniVisorPkg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update documents

Browse Source
This commit is contained in:
Satoshi Tanda
2020-02-22 19:54:32 -08:00
parent 791486327d
commit c0a21eb857
13 changed files with 115 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
Sources/HostMain.c
View File

@@ -331,6 +331,13 @@ HandleCrAccess (
if (currentCr0.PagingEnable != newCr0.PagingEnable)
{
SwitchGuestPagingMode(newCr0);
//
// For demonstration with VMware. On bare-metal, delay because of
// this logging may lead to failure of AP start up.
//
//LOG_INFO("Processor #%d switching to the long mode",
// GuestContext->Contexts->ProcessorNumber);
}
break;
case VMX_EXIT_QUALIFICATION_REGISTER_CR4:
@@ -452,7 +459,20 @@ HandleExceptionOrNmi (
((UINT32)GuestContext->StackBasedRegisters->Rdx == (UINT32)0xffffffff) &&
((UINT32)GuestContext->StackBasedRegisters->R8 == (UINT32)-1))
{
LOG_DEBUG("KeInitAmd64SpecificState triggered #DE. Ignoring it.");
UINT64 ntoskrnlBase;
//
// Just as an example of how to access the guest virtual address, search
// the base address of the NT kernel and print it out.
//
ntoskrnlBase = FindImageBase(GuestContext, GuestContext->VmcsBasedRegisters.Rip);
if (ntoskrnlBase != 0)
{
LOG_INFO("Found ntoskrnl.exe at %016llx", ntoskrnlBase);
}
LOG_INFO("KeInitAmd64SpecificState triggered #DE");
LOG_INFO("Skipping main PatchGuard initialization.");
isKeInitAmd64SpecificStateCalled = TRUE;
AdvanceGuestInstructionPointer(GuestContext);
goto Exit;
@@ -480,6 +500,12 @@ HandleInitSignal (
{
UNREFERENCED_PARAMETER(GuestContext);
//
// For demonstration with VMware. On bare-metal, delay because of this logging
// may lead to failure of AP start up.
//
//LOG_INFO("Starting up processor #%d", GuestContext->Contexts->ProcessorNumber);
//
// Simply put the processor into the "wait-for-SIPI" state.
//

38
Sources/HostUtils.c
View File

@@ -11,6 +11,7 @@
#include "Logger.h"
#include "ExtendedPageTables.h"
#include "Utils.h"
#include "MemoryAccess.h"
/*!
@brief Dumps the segment access rights value.
@@ -413,3 +414,40 @@ AdjustGuestCr4 (
{
return AdjustCr4(Cr4);
}
_Use_decl_annotations_
UINT64
FindImageBase (
GUEST_CONTEXT* GuestContext,
UINT64 GuestVirtualAddress
)
{
//
// Starting with the 1MB aligned address, and search up IMAGE_DOS_SIGNATURE
// every 1MB.
//
for (UINT64 imageBase = (GuestVirtualAddress & ~(0x10000 - 1));
/**/;
imageBase -= 0x10000)
{
BOOLEAN ok;
UINT16 contents;
MEMORY_ACCESS_ERROR_INFORMATION errorInfo;
ok = ReadGuestVirtualAddress(GuestContext->Contexts->MemoryAccessContext,
TRUE,
imageBase,
&contents,
sizeof(contents),
&errorInfo);
if (ok == FALSE)
{
return 0;
}
if (contents == 0x5A4D)
{
return imageBase;
}
}
}

17
Sources/HostUtils.h
View File

@@ -215,3 +215,20 @@ CR4
AdjustGuestCr4 (
_In_ CR4 Cr4
);
/*!
@brief Find the base address of the image to which the specified address belongs.
@param[in] GuestContext - The pointer to the guest context.
@param[in] GuestVirtualAddress - The guest virtual address to find its image
base.
@return The base address of the image to which GuestVirtualAddress belongs, or
0 on error.
*/
UINT64
FindImageBase (
_In_ GUEST_CONTEXT* GuestContext,
_In_ UINT64 GuestVirtualAddress
);

10
Sources/MiniVisor.c
View File

@@ -802,6 +802,11 @@ SetupVmcs (
_sgdt(&gdtr);
__sidt(&idtr);
//
// Intercept #DB. This is purely for demonstration and can be removed.
//
exceptionBitmap = (1 << DivideError);
//
// VM-entry and -exit controls define how processor should operate on
// VM-entry and exit. The following configurations are to achieve that:
@@ -845,7 +850,9 @@ SetupVmcs (
// instructions. Those instructions are used in Windows 10. If those are
// not set, attempt to execute them causes #UD, which results in a bug
// check. VPID is enabled, which could lead to better performance for free
// by not flushing all TLB on every VM-exit. Finally, to enable EPT as well.
// by not flushing all TLB on every VM-exit. Finally, to enable EPT and
// unrestricted guest which are required for the UEFI hypervisor to handle
// the real-mode guest.
//
primaryProcBasedControls.Flags = 0;
primaryProcBasedControls.UseMsrBitmaps = TRUE;
@@ -915,7 +922,6 @@ SetupVmcs (
VmxWrite(VMCS_CTRL_EPT_POINTER, VpContext->EptContext.EptPointer.Flags);
/* 32-Bit Control Fields */
exceptionBitmap = (1 << DivideError);
VmxWrite(VMCS_CTRL_EXCEPTION_BITMAP, exceptionBitmap);
VmxWrite(VMCS_CTRL_PIN_BASED_VM_EXECUTION_CONTROLS, pinBasedControls.Flags);
VmxWrite(VMCS_CTRL_PROCESSOR_BASED_VM_EXECUTION_CONTROLS, primaryProcBasedControls.Flags);

4
Sources/MiniVisor.vcxproj
View File

@@ -56,9 +56,8 @@
<IncludePath>$(SolutionDir)Include;$(Edk2Dir)MdePkg\Include;$(Edk2Dir)MdePkg\Include\X64</IncludePath>
<LibraryPath>$(SolutionDir)Libs</LibraryPath>
<TargetExt>.efi</TargetExt>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)'=='UEFI'">
<TargetName>$(ProjectName)Dxe</TargetName>
<PostBuildEventUseInBuild>false</PostBuildEventUseInBuild>
</PropertyGroup>
<ItemDefinitionGroup>
<ClCompile>
@@ -91,6 +90,7 @@
</PreLinkEvent>
<PostBuildEvent>
<Command Condition="'$(Configuration)'=='UEFI'">copy /y $(OutDir)$(TargetName)$(TargetExt) D:\</Command>
<Message Condition="'$(Configuration)'=='UEFI'">Copy the build output to the USB drive. Useful for compile and test interation.</Message>
</PostBuildEvent>
</ItemDefinitionGroup>
<ItemGroup>

1
Sources/Platform/EFI/EfiLogger.h
View File

@@ -7,6 +7,7 @@
@copyright Copyright (c) 2020 - , Satoshi Tanda. All rights reserved.
*/
#pragma once
#include "../../Logger.h"
/*!