transparency.h File Reference

headers for test functions More...

Go to the source code of this file.

Macros
#define	TestCount   1000
	Number of tests for each instruction sets.

Functions
void	GuassianGenerateRandom (vector< double > Data, UINT64 *AverageOfData, UINT64 *StandardDeviationOfData, UINT64 *MedianOfData)
	Calculate and generate random gaussian number.
BOOLEAN	TransparentModeCheckHypervisorPresence (UINT64 *Average, UINT64 *StandardDeviation, UINT64 *Median)
	compute the average, standard deviation and median if rdtsc+cpuid+rdtsc
BOOLEAN	TransparentModeCheckRdtscpVmexit (UINT64 *Average, UINT64 *StandardDeviation, UINT64 *Median)
	compute the average, standard deviation and median if rdtsc+rdtsc
double	Randn (double mu, double sigma)
	random generator based on calculations
double	Median (vector< double > Cases)
	get the median of a vector
unsigned long long	TransparentModeRdtscDiffVmexit ()
	get the difference clock cycles between two rdtsc(s)
unsigned long long	TransparentModeRdtscVmexitTracing ()
	get the difference clock cycles between rdtsc+cpuid+rdtsc

Detailed Description

headers for test functions

Author

Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)

Version

0.1

Date

2020-07-30

Copyright

This project is released under the GNU Public License v3.

Macro Definition Documentation

TestCount

#define TestCount   1000

Number of tests for each instruction sets.

used to generate test cases for rdts+cpuid+rdtsc and rdtsc+rdtsc commands

Function Documentation

GuassianGenerateRandom()

void GuassianGenerateRandom	(	vector< double >	Data,
		UINT64 *	AverageOfData,
		UINT64 *	StandardDeviationOfData,
		UINT64 *	MedianOfData )

Calculate and generate random gaussian number.

Parameters

Data
AverageOfData
StandardDeviationOfData
MedianOfData

{
    vector<double> FinalData;
    int            CountOfOutliers = 0;
    double         Medians;
    double         Mad;
    double         StandardDeviation;
    double         DataAverage;
    double         DataMedian;
 
    vector<double> OriginalData  = Data;
    vector<double> ChangableData = std::move(Data);
 
    Mad     = MedianAbsoluteDeviationTest(ChangableData);
    Medians = Median(OriginalData);
 
    for (auto item : OriginalData)
    {
        if (item > (3 * Mad) + Medians || item < -(3 * Mad) + Medians)
        {
            CountOfOutliers++;
        }
        else
        {
            FinalData.push_back(item);
        }
    }
 
    StandardDeviation = CalculateStandardDeviation(FinalData);
    DataAverage       = Average(FinalData);
    DataMedian        = Median(FinalData);
 
    //
    // Set the values to return
    //
    *AverageOfData = (UINT64)DataAverage;
 
    //
    // We add 5 to the standard deviation because this value might be
    // 0 or 1 so we need more variance
    //
    *StandardDeviationOfData = (UINT64)StandardDeviation + 5;
    *MedianOfData            = (UINT64)DataMedian;
 
    //
    // ShowMessages("variance : %f\n", StandardDeviation);
    // ShowMessages("mean : %f\n", DataAverage);
    // ShowMessages("count of outliers : %d\n", CountOfOutliers);
    //
    //
    // for (int i = 0; i < 10000; i++)
    // {
    //  ShowMessages("final Random Time Stamp : %d\n", (int) Randn(DataAverage,
    // StandardDeviation));
    // _getch();
    // }
    //
}

Median()

double Median

(

vector< double >

Cases

)

get the median of a vector

Parameters

Cases

all the elements

Returns

double median of elements

{
    size_t Size = Cases.size();
 
    if (Size == 0)
    {
        return 0; // Undefined, really
    }
    else
    {
        sort(Cases.begin(), Cases.end());
        if (Size % 2 == 0)
        {
            return (Cases[Size / 2 - 1] + Cases[Size / 2]) / 2;
        }
        else
        {
            return Cases[Size / 2];
        }
    }
}

Randn()

double Randn	(	double	mu,
		double	sigma )

random generator based on calculations

Parameters

mu
sigma

Returns

double random number in the range of gaussian curve

{
    double        U1, U2, W, mult;
    static double X1, X2;
    static int    call = 0;
 
    if (call == 1)
    {
        call = !call;
        return (mu + sigma * (double)X2);
    }
 
    do
    {
        U1 = -1 + ((double)rand() / RAND_MAX) * 2;
        U2 = -1 + ((double)rand() / RAND_MAX) * 2;
        W  = pow(U1, 2) + pow(U2, 2);
    } while (W >= 1 || W == 0);
 
    mult = sqrt((-2 * log(W)) / W);
    X1   = U1 * mult;
    X2   = U2 * mult;
 
    call = !call;
 
    return (mu + sigma * (double)X1);
}

TransparentModeCheckHypervisorPresence()

BOOLEAN TransparentModeCheckHypervisorPresence	(	UINT64 *	Average,
		UINT64 *	StandardDeviation,
		UINT64 *	Median )

compute the average, standard deviation and median if rdtsc+cpuid+rdtsc

detects the presence of hypervisor

Parameters

Average	a pointer to save average on it
StandardDeviation	a pointer to standard deviation average on it
Median	a pointer to save median on it

Returns

int

{
    //
    // Check whether the hypervisor is detected or not
    //
    if (TransparentModeCpuidTimeStampCounter(Average, StandardDeviation, Median))
    {
        ShowMessages("hypervisor detected\n");
        return TRUE;
    }
    else
    {
        ShowMessages("hypervisor not detected\n");
        return FALSE;
    }
}

TransparentModeCheckRdtscpVmexit()

BOOLEAN TransparentModeCheckRdtscpVmexit	(	UINT64 *	Average,
		UINT64 *	StandardDeviation,
		UINT64 *	Median )

compute the average, standard deviation and median if rdtsc+rdtsc

detects the presence of rdtsc/p vm-exits

Parameters

Average	a pointer to save average on it
StandardDeviation	a pointer to standard deviation average on it
Median	a pointer to save median on it

Returns

int

{
    //
    // Check whether the system emulating rdtsc/p or not
    //
    if (TransparentModeRdtscEmulationDetection(Average, StandardDeviation, Median))
    {
        ShowMessages("rdtsc/p emulation detected\n");
        return TRUE;
    }
    else
    {
        ShowMessages("rdtsc/p emulation not detected\n");
        return FALSE;
    }
}

TransparentModeRdtscDiffVmexit()

unsigned long long TransparentModeRdtscDiffVmexit

(

)

get the difference clock cycles between two rdtsc(s)

Returns

unsigned long long

{
    unsigned long long ret, ret2;
    int                cpuid_result[4] = {0};
 
    //
    // GCC
    //
    // __asm__ volatile("rdtsc" : "=a" (eax), "=d" (edx));
    // ret = ((unsigned long long)eax) | (((unsigned long long)edx) << 32);
 
    //
    // Win32
    //
    ret = __rdtsc();
 
    /* vm exit forced here. it uses: eax = 0; cpuid; */
 
    //
    // GCC
    //
    //__asm__ volatile("cpuid" : /* no output */ : "a"(0x00));
 
    //
    // WIN32
    //
    __cpuid(cpuid_result, 0);
 
    //
    // GCC
    //
    // __asm__ volatile("rdtsc" : "=a" (eax), "=d" (edx));
    // ret2 = ((unsigned long long)eax) | (((unsigned long long)edx) << 32);
 
    //
    // WIN32
    //
    ret2 = __rdtsc();
 
    return ret2 - ret;
}

TransparentModeRdtscVmexitTracing()

unsigned long long TransparentModeRdtscVmexitTracing

(

)

get the difference clock cycles between rdtsc+cpuid+rdtsc

Returns

unsigned long long

{
    unsigned long long ret, ret2;
 
    //
    // GCC
    //
    // __asm__ volatile("rdtsc" : "=a" (eax), "=d" (edx));
    // ret = ((unsigned long long)eax) | (((unsigned long long)edx) << 32);
 
    //
    // WIN32
    //
    ret = __rdtsc();
 
    //
    // GCC
    //
    // __asm__ volatile("rdtsc" : "=a"(eax), "=d"(edx));
    // ret2 = ((unsigned long long)eax) | (((unsigned long long)edx) << 32);
 
    //
    // WIN32
    //
    ret2 = __rdtsc();
 
    return ret2 - ret;
}