ProtectedHv.h File Reference

Header files for protected hypervisor resources. More...

Go to the source code of this file.

Functions
VOID	ProtectedHvSetExceptionBitmap (VIRTUAL_MACHINE_STATE *VCpu, UINT32 IdtIndex)
	Set exception bitmap in VMCS.
VOID	ProtectedHvUnsetExceptionBitmap (VIRTUAL_MACHINE_STATE *VCpu, UINT32 IdtIndex)
	Unset exception bitmap in VMCS.
VOID	ProtectedHvResetExceptionBitmapToClearEvents (VIRTUAL_MACHINE_STATE *VCpu)
	Reset exception bitmap in VMCS because of clearing !exception commands.
VOID	ProtectedHvRemoveUndefinedInstructionForDisablingSyscallSysretCommands (VIRTUAL_MACHINE_STATE *VCpu)
	Reset exception bitmap in VMCS because of clearing !exception commands.
VOID	ProtectedHvSetExternalInterruptExiting (VIRTUAL_MACHINE_STATE *VCpu, BOOLEAN Set)
	Set the External Interrupt Exiting.
VOID	ProtectedHvExternalInterruptExitingForDisablingInterruptCommands (VIRTUAL_MACHINE_STATE *VCpu)
	Clear events of !interrupt.
VOID	ProtectedHvSetRdtscExiting (VIRTUAL_MACHINE_STATE *VCpu, BOOLEAN Set)
	Set the RDTSC/P Exiting.
VOID	ProtectedHvDisableRdtscExitingForDisablingTscCommands (VIRTUAL_MACHINE_STATE *VCpu)
	Clear events of !tsc.
VOID	ProtectedHvSetMovDebugRegsExiting (VIRTUAL_MACHINE_STATE *VCpu, BOOLEAN Set)
	Set MOV to HW Debug Regs Exiting.
VOID	ProtectedHvDisableMovDebugRegsExitingForDisablingDrCommands (VIRTUAL_MACHINE_STATE *VCpu)
	Clear events of !dr.
VOID	ProtectedHvDisableMovControlRegsExitingForDisablingCrCommands (VIRTUAL_MACHINE_STATE *VCpu, UINT64 ControlRegister, UINT64 MaskRegister)
	Clear events of !crwrite.
VOID	ProtectedHvSetMov2CrExiting (BOOLEAN Set, UINT64 ControlRegister, UINT64 MaskRegister)
	Set MOV to CR0/4 Exiting.
VOID	ProtectedHvSetMov2Cr3Exiting (VIRTUAL_MACHINE_STATE *VCpu, BOOLEAN Set)
	Set MOV to CR3 Exiting.

Detailed Description

Header files for protected hypervisor resources.

Author

Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)

Protected Hypervisor Routines are those resource that are used in different parts of the debugger or hypervisor, these resources need extra checks to avoid integrity problems

Version

0.1

Date

2021-10-04

Copyright

This project is released under the GNU Public License v3.

Function Documentation

ProtectedHvDisableMovControlRegsExitingForDisablingCrCommands()

VOID ProtectedHvDisableMovControlRegsExitingForDisablingCrCommands	(	VIRTUAL_MACHINE_STATE *	VCpu,
		UINT64	ControlRegister,
		UINT64	MaskRegister )

Clear events of !crwrite.

Parameters

VCpu	The virtual processor's state
Control	Register
Mask	Register

Returns

VOID

{
    ProtectedHvSetMovControlRegsVmexit(VCpu, FALSE, PASSING_OVER_MOV_TO_CONTROL_REGS_EVENTS, ControlRegister, MaskRegister);
}

ProtectedHvDisableMovDebugRegsExitingForDisablingDrCommands()

VOID ProtectedHvDisableMovDebugRegsExitingForDisablingDrCommands

(

VIRTUAL_MACHINE_STATE *

VCpu

)

Clear events of !dr.

Parameters

VCpu	The virtual processor's state

Returns

VOID

{
    ProtectedHvSetMovDebugRegsVmexit(VCpu, FALSE, PASSING_OVER_MOV_TO_HW_DEBUG_REGS_EVENTS);
}

ProtectedHvDisableRdtscExitingForDisablingTscCommands()

VOID ProtectedHvDisableRdtscExitingForDisablingTscCommands

(

VIRTUAL_MACHINE_STATE *

VCpu

)

Clear events of !tsc.

Parameters

VCpu	The virtual processor's state

Returns

VOID

{
    ProtectedHvSetTscVmexit(VCpu, FALSE, PASSING_OVER_TSC_EVENTS);
}

ProtectedHvExternalInterruptExitingForDisablingInterruptCommands()

VOID ProtectedHvExternalInterruptExitingForDisablingInterruptCommands

(

VIRTUAL_MACHINE_STATE *

VCpu

)

Clear events of !interrupt.

Returns

VOID

{
    ProtectedHvApplySetExternalInterruptExiting(VCpu, FALSE, PASSING_OVER_INTERRUPT_EVENTS);
}

ProtectedHvRemoveUndefinedInstructionForDisablingSyscallSysretCommands()

VOID ProtectedHvRemoveUndefinedInstructionForDisablingSyscallSysretCommands

(

VIRTUAL_MACHINE_STATE *

VCpu

)

Reset exception bitmap in VMCS because of clearing !exception commands.

Should be called in vmx-root

Parameters

VCpu	The virtual processor's state

Returns

VOID

{
    UINT32 ExceptionBitmap = 0;
 
    //
    // Read the current bitmap
    //
    ExceptionBitmap = HvReadExceptionBitmap();
 
    //
    // Unset exception bitmap for #UD
    //
    ExceptionBitmap &= ~(1 << EXCEPTION_VECTOR_UNDEFINED_OPCODE);
 
    //
    // Set the new value
    //
    ProtectedHvChangeExceptionBitmapWithIntegrityCheck(VCpu, ExceptionBitmap, PASSING_OVER_UD_EXCEPTIONS_FOR_SYSCALL_SYSRET_HOOK);
}

ProtectedHvResetExceptionBitmapToClearEvents()

VOID ProtectedHvResetExceptionBitmapToClearEvents

(

VIRTUAL_MACHINE_STATE *

VCpu

)

Reset exception bitmap in VMCS because of clearing !exception commands.

Should be called in vmx-root

Parameters

VCpu	The virtual processor's state

Returns

VOID

{
    UINT32 ExceptionBitmap = 0;
 
    //
    // Set the new value
    //
    ProtectedHvChangeExceptionBitmapWithIntegrityCheck(VCpu, ExceptionBitmap, PASSING_OVER_EXCEPTION_EVENTS);
}

ProtectedHvSetExceptionBitmap()

VOID ProtectedHvSetExceptionBitmap	(	VIRTUAL_MACHINE_STATE *	VCpu,
		UINT32	IdtIndex )

Set exception bitmap in VMCS.

Should be called in vmx-root

Parameters

VCpu	The virtual processor's state
IdtIndex	Interrupt Descriptor Table index of exception

Returns

VOID

{
    UINT32 ExceptionBitmap = 0;
 
    //
    // Read the current bitmap
    //
    ExceptionBitmap = HvReadExceptionBitmap();
 
    if (IdtIndex == DEBUGGER_EVENT_EXCEPTIONS_ALL_FIRST_32_ENTRIES)
    {
        ExceptionBitmap = 0xffffffff;
    }
    else
    {
        ExceptionBitmap |= 1 << IdtIndex;
    }
 
    //
    // Set the new value
    //
    ProtectedHvChangeExceptionBitmapWithIntegrityCheck(VCpu, ExceptionBitmap, PASSING_OVER_NONE);
}

ProtectedHvSetExternalInterruptExiting()

VOID ProtectedHvSetExternalInterruptExiting	(	VIRTUAL_MACHINE_STATE *	VCpu,
		BOOLEAN	Set )

Set the External Interrupt Exiting.

Parameters

VCpu	The virtual processor's state
Set	Set or unset the External Interrupt Exiting

Returns

VOID

{
    ProtectedHvApplySetExternalInterruptExiting(VCpu, Set, PASSING_OVER_NONE);
}

ProtectedHvSetMov2Cr3Exiting()

VOID ProtectedHvSetMov2Cr3Exiting	(	VIRTUAL_MACHINE_STATE *	VCpu,
		BOOLEAN	Set )

Set MOV to CR3 Exiting.

Parameters

VCpu	The virtual processor's state
Set	Set or unset the MOV to CR3 Exiting

Returns

VOID

{
    ProtectedHvSetMovToCr3Vmexit(VCpu, Set, PASSING_OVER_NONE);
}

ProtectedHvSetMov2CrExiting()

VOID ProtectedHvSetMov2CrExiting	(	BOOLEAN	Set,
		UINT64	ControlRegister,
		UINT64	MaskRegister )

Set MOV to CR0/4 Exiting.

Parameters

Set	or unset the MOV to CR0/4 Exiting
Control	Register
Mask	Register

Returns

VOID

{
    ProtectedHvSetMovToCrVmexit(Set, ControlRegister, MaskRegister);
}

ProtectedHvSetMovDebugRegsExiting()

VOID ProtectedHvSetMovDebugRegsExiting	(	VIRTUAL_MACHINE_STATE *	VCpu,
		BOOLEAN	Set )

Set MOV to HW Debug Regs Exiting.

Parameters

VCpu	The virtual processor's state
Set	Set or unset the MOV to HW Debug Regs Exiting

Returns

VOID

{
    ProtectedHvSetMovDebugRegsVmexit(VCpu, Set, PASSING_OVER_NONE);
}

ProtectedHvSetRdtscExiting()

VOID ProtectedHvSetRdtscExiting	(	VIRTUAL_MACHINE_STATE *	VCpu,
		BOOLEAN	Set )

Set the RDTSC/P Exiting.

Parameters

VCpu	The virtual processor's state
Set	Set or unset the RDTSC/P Exiting

Returns

VOID

{
    ProtectedHvSetTscVmexit(VCpu, Set, PASSING_OVER_NONE);
}

ProtectedHvUnsetExceptionBitmap()

VOID ProtectedHvUnsetExceptionBitmap	(	VIRTUAL_MACHINE_STATE *	VCpu,
		UINT32	IdtIndex )

Unset exception bitmap in VMCS.

Should be called in vmx-root

Parameters

VCpu	The virtual processor's state
IdtIndex	Interrupt Descriptor Table index of exception

Returns

VOID

{
    UINT32 ExceptionBitmap = 0;
 
    //
    // Read the current bitmap
    //
    ExceptionBitmap = HvReadExceptionBitmap();
 
    if (IdtIndex == DEBUGGER_EVENT_EXCEPTIONS_ALL_FIRST_32_ENTRIES)
    {
        ExceptionBitmap = 0x0;
    }
    else
    {
        ExceptionBitmap &= ~(1 << IdtIndex);
    }
 
    //
    // Set the new value
    //
    ProtectedHvChangeExceptionBitmapWithIntegrityCheck(VCpu, ExceptionBitmap, PASSING_OVER_NONE);
}