Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

simple of syscall interception,What shall I do?(EFER HOOK or SysCall HOOK) #50

Open
fenjack opened this issue May 6, 2022 · 9 comments
Open

simple of syscall interception,What shall I do?(EFER HOOK or SysCall HOOK) #50

fenjack opened this issue May 6, 2022 · 9 comments

Comments

@fenjack
Copy link

fenjack commented May 6, 2022

I'm sorry,I know it might be silly,But I don't know what to do.
I want to use EFER HOOK or SysCall HOOK,I see the code, vmexit_passthrough_handler::handle_emulate_syscall
Settings may be required efer.Bits.sce = false....
@fenjack
Copy link
Author

fenjack commented May 7, 2022

I don't know whether to do so....

  auto entry_ctls = msr::vmx_entry_ctls_t{};
  entry_ctls.ia32e_mode_guest = true;
  entry_ctls.load_ia32_efer = true;
  vp.vm_entry_controls(entry_ctls);

  auto exit_ctls = msr::vmx_exit_ctls_t{};
  exit_ctls.ia32e_mode_host = true;
  exit_ctls.load_ia32_efer = true;
  exit_ctls.save_ia32_efer = true;
  exit_ctls.acknowledge_interrupt_on_exit = true;
  vp.vm_exit_controls(exit_ctls);


  vmx::msr_bitmap_t msr_bitmap{};
  memset(msr_bitmap.data, 0xff, sizeof(msr_bitmap));

  vp.msr_bitmap(msr_bitmap);

@fenjack
Copy link
Author

fenjack commented May 9, 2022

I use it in vcpu.cpp files,
Initialization in this function auto vcpu_t::setup_host() noexcept -> error_code_t,
Run in the past, but get an error message after executing the functionerror: 8 (vmentry_invalid_host_state)

@wbenny
Copy link
Owner

wbenny commented May 9, 2022

Put:

  auto efer = msr::read<msr::efer_t>();
  efer.syscall_enable = false;
  msr::write(efer);

here: https://github.com/wbenny/hvpp/blob/master/src/hvppdrv/vmexit_custom.cpp#L10

@wbenny
Copy link
Owner

wbenny commented May 10, 2022

You also probably want this

  auto exception_bitmap = vp.exception_bitmap();
  exception_bitmap.invalid_opcode = true;
  vp.exception_bitmap(exception_bitmap);

@fenjack
Copy link
Author

fenjack commented May 10, 2022

You also probably want this

  auto exception_bitmap = vp.exception_bitmap();
  exception_bitmap.invalid_opcode = true;
  vp.exception_bitmap(exception_bitmap);

I'm sorry I forgot this code.
GOOD,Now it runs successfully on my VMware!
Thank you very much for helping me solve this problem.
This is a great project,Your programming ability and code habits let me learn.
Thank you again and bless you and your family.

@fenjack fenjack closed this as completed May 10, 2022
@fenjack fenjack reopened this May 14, 2022
@fenjack
Copy link
Author

fenjack commented May 14, 2022

Sorry to bother you again,It seems to trigger the patchguard mechanism, Even if I write like this

void vmexit_custom_handler::handle_execute_rdmsr(vcpu_t& vp) noexcept
{
  uint32_t msr_id = vp.context().ecx;
  uint64_t msr_value;

  if (msr_id == msr::efer_t::msr_id)
  {
    auto efer = msr::read<msr::efer_t>();
    efer.syscall_enable = true;

    msr_value = efer.flags;

    vp.context().rax = msr_value & 0xffffffff;
    vp.context().rdx = msr_value >> 32;
  }
  else
  {
    base_type::handle_execute_rdmsr(vp);
  }
}

@wbenny
Copy link
Owner

wbenny commented May 16, 2022

You need to actually enable RDMSR exits. Add this to the setup() method:

  auto msr_bitmap = vmx::msr_bitmap_t{};
  bitmap<>(msr_bitmap.rdmsr_high).set(msr::efer_t::msr_id - vmx::msr_bitmap_t::msr_id_high_min);
  vp.msr_bitmap(msr_bitmap);

@fenjack
Copy link
Author

fenjack commented May 16, 2022

You need to actually enable RDMSR exits. Add this to the setup() method:

  auto msr_bitmap = vmx::msr_bitmap_t{};
  bitmap<>(msr_bitmap.rdmsr_high).set(msr::efer_t::msr_id - vmx::msr_bitmap_t::msr_id_high_min);
  vp.msr_bitmap(msr_bitmap);

Fatal System Error: 0x0000007f,
Am I wrong to write that....


auto vmexit_custom_handler::setup(vcpu_t& vp) noexcept -> error_code_t

{
  base_type::setup(vp);

  auto efer = msr::read<msr::efer_t>();
  efer.syscall_enable = false;
  msr::write(efer);

  //
  // Set per-VCPU data and mirror current physical memory in EPT.
  //
  auto data = new per_vcpu_data{};

  data->ept.map_identity();
  data->page_exec = 0;
  data->page_read = 0;
  vp.user_data(data);


  //
  // Enable EPT.
  //
  vp.ept(data->ept);
  vp.ept_enable();

#if 1
  //
  // Enable exitting on 0x64 I/O port (keyboard).
  //
  auto procbased_ctls = vp.processor_based_controls();
  procbased_ctls.use_io_bitmaps = true;
  procbased_ctls.activate_secondary_controls = false;
  procbased_ctls.use_msr_bitmaps = false;
  vp.processor_based_controls(procbased_ctls);

  auto msr_bitmap = vmx::msr_bitmap_t{};
  bitmap<>(msr_bitmap.rdmsr_high).set(msr::efer_t::msr_id - vmx::msr_bitmap_t::msr_id_high_min); 

  vp.msr_bitmap(msr_bitmap);


  vmx::io_bitmap_t io_bitmap{};
  bitmap<>(io_bitmap.a).set(0x64);

  vp.io_bitmap(io_bitmap);

  auto exception_bitmap = vp.exception_bitmap();
  exception_bitmap.invalid_opcode = true;
  vp.exception_bitmap(exception_bitmap);
#else

@fenjack
Copy link
Author

fenjack commented May 18, 2022

You need to actually enable RDMSR exits. Add this to the setup() method:

  auto msr_bitmap = vmx::msr_bitmap_t{};
  bitmap<>(msr_bitmap.rdmsr_high).set(msr::efer_t::msr_id - vmx::msr_bitmap_t::msr_id_high_min);
  vp.msr_bitmap(msr_bitmap);

Without these codes,
there will be no fatal system error: 0x0000007f,
Maybe I should add something, for rdmsr_ low ...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wbenny @fenjack