VirtualBox

source: vbox/trunk/include/VBox/patm.h@ 2112

Last change on this file since 2112 was 1133, checked in by vboxsync, 18 years ago

Added CPUMGCCallV86Code.
PATM cleanup

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 18.7 KB
Line 
1/** @file
2 * PATM - Dynamic Guest OS Patching Manager
3 */
4
5/*
6 * Copyright (C) 2006 InnoTek Systemberatung GmbH
7 *
8 * This file is part of VirtualBox Open Source Edition (OSE), as
9 * available from http://www.virtualbox.org. This file is free software;
10 * you can redistribute it and/or modify it under the terms of the GNU
11 * General Public License as published by the Free Software Foundation,
12 * in version 2 as it comes in the "COPYING" file of the VirtualBox OSE
13 * distribution. VirtualBox OSE is distributed in the hope that it will
14 * be useful, but WITHOUT ANY WARRANTY of any kind.
15 *
16 * If you received this file as part of a commercial VirtualBox
17 * distribution, then only the terms of your commercial VirtualBox
18 * license agreement apply instead of the previous paragraph.
19 */
20
21#ifndef __VBox_patm_h__
22#define __VBox_patm_h__
23
24#include <VBox/cdefs.h>
25#include <VBox/types.h>
26#include <VBox/cpum.h>
27#include <VBox/dis.h>
28
29
30__BEGIN_DECLS
31
32/** @defgroup grp_patm The Patch Manager API
33 * @{
34 */
35#define MAX_PATCHES 512
36
37/**
38 * Flags for specifying the type of patch to install with PATMR3InstallPatch
39 * @{
40 */
41#define PATMFL_CODE32 BIT64(0)
42#define PATMFL_INTHANDLER BIT64(1)
43#define PATMFL_SYSENTER BIT64(2)
44#define PATMFL_GUEST_SPECIFIC BIT64(3)
45#define PATMFL_USER_MODE BIT64(4)
46#define PATMFL_IDTHANDLER BIT64(5)
47#define PATMFL_TRAPHANDLER BIT64(6)
48#define PATMFL_DUPLICATE_FUNCTION BIT64(7)
49#define PATMFL_REPLACE_FUNCTION_CALL BIT64(8)
50#define PATMFL_TRAPHANDLER_WITH_ERRORCODE BIT64(9)
51#define PATMFL_INTHANDLER_WITH_ERRORCODE (PATMFL_TRAPHANDLER_WITH_ERRORCODE)
52#define PATMFL_MMIO_ACCESS BIT64(10)
53/* no more room -> change PATMInternal.h if more is needed!! */
54
55/*
56 * Flags above 1024 are reserved for internal use!
57 */
58/** @} */
59
60/** Enable to activate sysenter emulation in GC. */
61/* #define PATM_EMULATE_SYSENTER */
62
63/**
64 * Maximum number of cached VGA writes
65 */
66#define MAX_VGA_WRITE_CACHE 64
67
68typedef struct PATMGCSTATE
69{
70 // Virtual Flags register (IF + more later on)
71 uint32_t uVMFlags;
72
73 /* Pending PATM actions (internal use only) */
74 uint32_t uPendingAction;
75
76 // Records the number of times all patches are called (indicating how many exceptions we managed to avoid)
77 uint32_t uPatchCalls;
78 // Scratchpad dword
79 uint32_t uScratch;
80 // Debugging info
81 uint32_t uIretEFlags, uIretCS, uIretEIP;
82
83 /* PATM stack pointer */
84 uint32_t Psp;
85
86 /* PATM interrupt flag */
87 uint32_t fPIF;
88 /* PATM inhibit irq address (used by sti) */
89 RTGCPTR GCPtrInhibitInterrupts;
90
91 /* Scratch room for call patch */
92 RTGCPTR GCCallPatchTargetAddr;
93 RTGCPTR GCCallReturnAddr;
94
95 /* Temporary storage for guest registers. */
96 struct
97 {
98 uint32_t uEAX;
99 uint32_t uECX;
100 uint32_t uEDI;
101 uint32_t eFlags;
102 uint32_t uFlags;
103 } Restore;
104
105} PATMGCSTATE, *PPATMGCSTATE;
106
107typedef struct PATMTRAPREC
108{
109 // pointer to original guest code instruction (for emulation)
110 RTGCPTR pNewEIP;
111 // pointer to the next guest code instruction
112 RTGCPTR pNextInstr;
113 //pointer to the corresponding next instruction in the patch block
114 RTGCPTR pNextPatchInstr;
115} PATMTRAPREC, *PPATMTRAPREC;
116
117
118/**
119 * Translation state (currently patch to GC ptr)
120 */
121typedef enum
122{
123 PATMTRANS_FAILED,
124 PATMTRANS_SAFE, /* Safe translation */
125 PATMTRANS_PATCHSTART, /* Instruction starts a patch block */
126 PATMTRANS_OVERWRITTEN, /* Instruction overwritten by patchjump */
127 PATMTRANS_INHIBITIRQ /* Instruction must be executed due to instruction fusing */
128} PATMTRANSSTATE;
129
130/**
131 * Load virtualized flags.
132 *
133 * This function is called from CPUMRawEnter(). It doesn't have to update the
134 * IF and IOPL eflags bits, the caller will enforce those to set and 0 repectively.
135 *
136 * @param pVM VM handle.
137 * @param pCtxCore The cpu context core.
138 * @see pg_raw
139 */
140PATMDECL(void) PATMRawEnter(PVM pVM, PCPUMCTXCORE pCtxCore);
141
142/**
143 * Restores virtualized flags.
144 *
145 * This function is called from CPUMRawLeave(). It will update the eflags register.
146 *
147 * @param pVM VM handle.
148 * @param pCtxCore The cpu context core.
149 * @param rawRC Raw mode return code
150 * @see @ref pg_raw
151 */
152PATMDECL(void) PATMRawLeave(PVM pVM, PCPUMCTXCORE pCtxCore, int rawRC);
153
154/**
155 * Get the EFLAGS.
156 * This is a worker for CPUMRawGetEFlags().
157 *
158 * @returns The eflags.
159 * @param pVM The VM handle.
160 * @param pCtxCore The context core.
161 */
162PATMDECL(uint32_t) PATMRawGetEFlags(PVM pVM, PCCPUMCTXCORE pCtxCore);
163
164/**
165 * Updates the EFLAGS.
166 * This is a worker for CPUMRawSetEFlags().
167 *
168 * @param pVM The VM handle.
169 * @param pCtxCore The context core.
170 * @param efl The new EFLAGS value.
171 */
172PATMDECL(void) PATMRawSetEFlags(PVM pVM, PCPUMCTXCORE pCtxCore, uint32_t efl);
173
174/**
175 * Returns the guest context pointer of the GC context structure
176 *
177 * @returns VBox status code.
178 * @param pVM The VM to operate on.
179 */
180PATMDECL(GCPTRTYPE(PPATMGCSTATE)) PATMQueryGCState(PVM pVM);
181
182/**
183 * Checks whether the GC address is part of our patch region
184 *
185 * @returns true -> yes, false -> no
186 * @param pVM The VM to operate on.
187 * @param pAddr Guest context address
188 */
189PATMDECL(bool) PATMIsPatchGCAddr(PVM pVM, RTGCPTR pAddr);
190
191/**
192 * Check if we must use raw mode (patch code being executed or marked safe for IF=0)
193 *
194 * @param pVM VM handle.
195 * @param pAddrGC Guest context address
196 */
197PATMDECL(bool) PATMShouldUseRawMode(PVM pVM, RTGCPTR pAddrGC);
198
199/**
200 * Query PATM state (enabled/disabled)
201 *
202 * @returns 0 - disabled, 1 - enabled
203 * @param pVM The VM to operate on.
204 */
205#define PATMIsEnabled(pVM) (pVM->fPATMEnabled)
206
207/**
208 * Set parameters for pending MMIO patch operation
209 *
210 * @returns VBox status code.
211 * @param pDevIns Device instance.
212 * @param GCPhys MMIO physical address
213 * @param pCachedData GC pointer to cached data
214 */
215PATMDECL(int) PATMSetMMIOPatchInfo(PVM pVM, RTGCPHYS GCPhys, RTGCPTR pCachedData);
216
217
218/**
219 * Adds branch pair to the lookup cache of the particular branch instruction
220 *
221 * @returns VBox status
222 * @param pVM The VM to operate on.
223 * @param pJumpTableGC Pointer to branch instruction lookup cache
224 * @param pBranchTarget Original branch target
225 * @param pRelBranchPatch Relative duplicated function address
226 */
227PATMDECL(int) PATMAddBranchToLookupCache(PVM pVM, RTGCPTR pJumpTableGC, RTGCPTR pBranchTarget, RTGCUINTPTR pRelBranchPatch);
228
229
230/**
231 * Checks if the int 3 was caused by a patched instruction
232 *
233 * @returns VBox status
234 *
235 * @param pVM The VM handle.
236 * @param pCtxCore The relevant core context.
237 */
238PATMDECL(int) PATMHandleInt3PatchTrap(PVM pVM, PCPUMCTXCORE pRegFrame);
239
240/**
241 * Checks if the int 3 was caused by a patched instruction
242 *
243 * @returns VBox status
244 *
245 * @param pVM The VM handle.
246 * @param pInstrGC Instruction pointer
247 * @param pOpcode Original instruction opcode (out, optional)
248 * @param pSize Original instruction size (out, optional)
249 */
250PATMDECL(bool) PATMIsInt3Patch(PVM pVM, RTGCPTR pInstrGC, uint32_t *pOpcode, uint32_t *pSize);
251
252
253/**
254 * Checks if the interrupt flag is enabled or not.
255 *
256 * @returns true if it's enabled.
257 * @returns false if it's diabled.
258 *
259 * @param pVM The VM handle.
260 */
261PATMDECL(bool) PATMAreInterruptsEnabled(PVM pVM);
262
263/**
264 * Checks if the interrupt flag is enabled or not.
265 *
266 * @returns true if it's enabled.
267 * @returns false if it's diabled.
268 *
269 * @param pVM The VM handle.
270 * @param pCtxCore CPU context
271 */
272PATMDECL(bool) PATMAreInterruptsEnabledByCtxCore(PVM pVM, PCPUMCTXCORE pCtxCore);
273
274#ifdef PATM_EMULATE_SYSENTER
275/**
276 * Emulate sysenter, sysexit and syscall instructions
277 *
278 * @returns VBox status
279 *
280 * @param pVM The VM handle.
281 * @param pCtxCore The relevant core context.
282 * @param pCpu Disassembly context
283 */
284PATMDECL(int) PATMSysCall(PVM pVM, PCPUMCTXCORE pRegFrame, PDISCPUSTATE pCpu);
285#endif
286
287#ifdef IN_GC
288/** @defgroup grp_patm_gc The Patch Manager API
289 * @ingroup grp_patm
290 * @{
291 */
292
293/**
294 * Checks if the write is located on a page with was patched before.
295 * (if so, then we are not allowed to turn on r/w)
296 *
297 * @returns VBox status
298 * @param pVM The VM to operate on.
299 * @param pRegFrame CPU context
300 * @param GCPtr GC pointer to write address
301 * @param cbWrite Nr of bytes to write
302 *
303 */
304PATMGCDECL(int) PATMGCHandleWriteToPatchPage(PVM pVM, PCPUMCTXCORE pRegFrame, RTGCPTR GCPtr, uint32_t cbWrite);
305
306/**
307 * Checks if the illegal instruction was caused by a patched instruction
308 *
309 * @returns VBox status
310 *
311 * @param pVM The VM handle.
312 * @param pCtxCore The relevant core context.
313 */
314PATMDECL(int) PATMGCHandleIllegalInstrTrap(PVM pVM, PCPUMCTXCORE pRegFrame);
315
316/** @} */
317
318#endif
319
320#ifdef IN_RING3
321/** @defgroup grp_patm_r3 The Patch Manager API
322 * @ingroup grp_patm
323 * @{
324 */
325
326/**
327 * Query PATM state (enabled/disabled)
328 *
329 * @returns 0 - disabled, 1 - enabled
330 * @param pVM The VM to operate on.
331 */
332PATMR3DECL(int) PATMR3IsEnabled(PVM pVM);
333
334/**
335 * Initializes the PATM.
336 *
337 * @returns VBox status code.
338 * @param pVM The VM to operate on.
339 */
340PATMR3DECL(int) PATMR3Init(PVM pVM);
341
342/**
343 * Finalizes HMA page attributes.
344 *
345 * @returns VBox status code.
346 * @param pVM The VM handle.
347 */
348PATMR3DECL(int) PATMR3InitFinalize(PVM pVM);
349
350/**
351 * Applies relocations to data and code managed by this
352 * component. This function will be called at init and
353 * whenever the VMM need to relocate it self inside the GC.
354 *
355 * The PATM will update the addresses used by the switcher.
356 *
357 * @param pVM The VM.
358 */
359PATMR3DECL(void) PATMR3Relocate(PVM pVM);
360
361/**
362 * Terminates the PATM.
363 *
364 * Termination means cleaning up and freeing all resources,
365 * the VM it self is at this point powered off or suspended.
366 *
367 * @returns VBox status code.
368 * @param pVM The VM to operate on.
369 */
370PATMR3DECL(int) PATMR3Term(PVM pVM);
371
372/**
373 * PATM reset callback.
374 *
375 * @returns VBox status code.
376 * @param pVM The VM which is reset.
377 */
378PATMR3DECL(int) PATMR3Reset(PVM pVM);
379
380/**
381 * Returns the host context pointer and size of the patch memory block
382 *
383 * @returns VBox status code.
384 * @param pVM The VM to operate on.
385 * @param pcb Size of the patch memory block
386 */
387PATMR3DECL(void *) PATMR3QueryPatchMemHC(PVM pVM, uint32_t *pcb);
388
389/**
390 * Returns the guest context pointer and size of the patch memory block
391 *
392 * @returns VBox status code.
393 * @param pVM The VM to operate on.
394 * @param pcb Size of the patch memory block
395 */
396PATMR3DECL(RTGCPTR) PATMR3QueryPatchMemGC(PVM pVM, uint32_t *pcb);
397
398/**
399 * Checks whether the GC address is inside a generated patch jump
400 *
401 * @returns true -> yes, false -> no
402 * @param pVM The VM to operate on.
403 * @param pAddr Guest context address
404 * @param pPatchAddr Guest context patch address (if true)
405 */
406PATMR3DECL(bool) PATMR3IsInsidePatchJump(PVM pVM, RTGCPTR pAddr, PRTGCPTR pPatchAddr);
407
408
409/**
410 * Returns the GC pointer of the patch for the specified GC address
411 *
412 * @returns VBox status code.
413 * @param pVM The VM to operate on.
414 * @param pAddrGC Guest context address
415 */
416PATMR3DECL(RTGCPTR) PATMR3QueryPatchGCPtr(PVM pVM, RTGCPTR pAddrGC);
417
418/**
419 * Checks whether the HC address is part of our patch region
420 *
421 * @returns VBox status code.
422 * @param pVM The VM to operate on.
423 * @param pAddrGC Guest context address
424 */
425PATMR3DECL(bool) PATMR3IsPatchHCAddr(PVM pVM, HCPTRTYPE(uint8_t *) pAddrHC);
426
427/**
428 * Convert a GC patch block pointer to a HC patch pointer
429 *
430 * @returns HC pointer or NULL if it's not a GC patch pointer
431 * @param pVM The VM to operate on.
432 * @param pAddrGC GC pointer
433 */
434PATMR3DECL(HCPTRTYPE(void *)) PATMR3GCPtrToHCPtr(PVM pVM, RTGCPTR pAddrGC);
435
436
437/**
438 * Returns the host context pointer and size of the GC context structure
439 *
440 * @returns VBox status code.
441 * @param pVM The VM to operate on.
442 */
443PATMR3DECL(PPATMGCSTATE) PATMR3QueryGCStateHC(PVM pVM);
444
445/**
446 * Handle trap inside patch code
447 *
448 * @returns VBox status code.
449 * @param pVM The VM to operate on.
450 * @param pCtx CPU context
451 * @param pEip GC pointer of trapping instruction
452 * @param pNewEip GC pointer to new instruction
453 */
454PATMR3DECL(int) PATMR3HandleTrap(PVM pVM, PCPUMCTX pCtx, RTGCPTR pEip, RTGCPTR *ppNewEip);
455
456/**
457 * Handle page-fault in monitored page
458 *
459 * @returns VBox status code.
460 * @param pVM The VM to operate on.
461 */
462PATMR3DECL(int) PATMR3HandleMonitoredPage(PVM pVM);
463
464/**
465 * Notifies PATM about a (potential) write to code that has been patched.
466 *
467 * @returns VBox status code.
468 * @param pVM The VM to operate on.
469 * @param GCPtr GC pointer to write address
470 * @param cbWrite Nr of bytes to write
471 *
472 */
473PATMR3DECL(int) PATMR3PatchWrite(PVM pVM, RTGCPTR GCPtr, uint32_t cbWrite);
474
475/**
476 * Notify PATM of a page flush
477 *
478 * @returns VBox status code
479 * @param pVM The VM to operate on.
480 * @param addr GC address of the page to flush
481 */
482PATMR3DECL(int) PATMR3FlushPage(PVM pVM, RTGCPTR addr);
483
484/**
485 * Allows or disallow patching of privileged instructions executed by the guest OS
486 *
487 * @returns VBox status code.
488 * @param pVM The VM to operate on.
489 * @param fAllowPatching Allow/disallow patching
490 */
491PATMR3DECL(int) PATMR3AllowPatching(PVM pVM, uint32_t fAllowPatching);
492
493/**
494 * Patch privileged instruction at specified location
495 *
496 * @returns VBox status code.
497 * @param pVM The VM to operate on.
498 * @param pInstr Guest context point to privileged instruction (0:32 flat address)
499 * @param flags Patch flags
500 *
501 * @note returns failure if patching is not allowed or possible
502 */
503PATMR3DECL(int) PATMR3InstallPatch(PVM pVM, RTGCPTR pInstrGC, uint64_t flags);
504
505/**
506 * Gives hint to PATM about supervisor guest instructions
507 *
508 * @returns VBox status code.
509 * @param pVM The VM to operate on.
510 * @param pInstr Guest context point to privileged instruction
511 * @param flags Patch flags
512 */
513PATMR3DECL(int) PATMR3AddHint(PVM pVM, RTGCPTR pInstrGC, uint32_t flags);
514
515/**
516 * Patch branch target function for call/jump at specified location.
517 * (in responds to a VINF_PATM_DUPLICATE_FUNCTION GC exit reason)
518 *
519 * @returns VBox status code.
520 * @param pVM The VM to operate on.
521 * @param pCtx Guest context
522 *
523 */
524PATMR3DECL(int) PATMR3DuplicateFunctionRequest(PVM pVM, PCPUMCTX pCtx);
525
526/**
527 * Query the corresponding GC instruction pointer from a pointer inside the patch block itself
528 *
529 * @returns original GC instruction pointer or 0 if not found
530 * @param pVM The VM to operate on.
531 * @param pPatchGC GC address in patch block
532 * @param pEnmState State of the translated address (out)
533 *
534 */
535PATMR3DECL(RTGCPTR) PATMR3PatchToGCPtr(PVM pVM, RTGCPTR pPatchGC, PATMTRANSSTATE *pEnmState);
536
537/**
538 * Converts Guest code GC ptr to Patch code GC ptr (if found)
539 *
540 * @returns corresponding GC pointer in patch block
541 * @param pVM The VM to operate on.
542 * @param pInstrGC Guest context pointer to privileged instruction
543 *
544 */
545PATMR3DECL(RTGCPTR) PATMR3GuestGCPtrToPatchGCPtr(PVM pVM, GCPTRTYPE(uint8_t*) pInstrGC);
546
547/**
548 * Query the opcode of the original code that was overwritten by the 5 bytes patch jump
549 *
550 * @returns VBox status code.
551 * @param pVM The VM to operate on.
552 * @param pInstrGC GC address of instr
553 * @param pByte opcode byte pointer (OUT)
554 * @returns VBOX error code
555 *
556 */
557PATMR3DECL(int) PATMR3QueryOpcode(PVM pVM, RTGCPTR pInstrGC, uint8_t *pByte);
558
559/**
560 * Disable patch for privileged instruction at specified location
561 *
562 * @returns VBox status code.
563 * @param pVM The VM to operate on.
564 * @param pInstr Guest context point to privileged instruction
565 *
566 * @note returns failure if patching is not allowed or possible
567 *
568 */
569PATMR3DECL(int) PATMR3DisablePatch(PVM pVM, RTGCPTR pInstrGC);
570
571
572/**
573 * Enable patch for privileged instruction at specified location
574 *
575 * @returns VBox status code.
576 * @param pVM The VM to operate on.
577 * @param pInstr Guest context point to privileged instruction
578 *
579 * @note returns failure if patching is not allowed or possible
580 *
581 */
582PATMR3DECL(int) PATMR3EnablePatch(PVM pVM, RTGCPTR pInstrGC);
583
584
585/**
586 * Remove patch for privileged instruction at specified location
587 *
588 * @returns VBox status code.
589 * @param pVM The VM to operate on.
590 * @param pInstr Guest context point to privileged instruction
591 *
592 * @note returns failure if patching is not allowed or possible
593 *
594 */
595PATMR3DECL(int) PATMR3RemovePatch(PVM pVM, RTGCPTR pInstrGC);
596
597
598/**
599 * Detects it the specified address falls within a 5 byte jump generated for an active patch.
600 * If so, this patch is permanently disabled.
601 *
602 * @param pVM The VM to operate on.
603 * @param pInstrGC Guest context pointer to instruction
604 * @param pConflictGC Guest context pointer to check
605 */
606PATMR3DECL(int) PATMR3DetectConflict(PVM pVM, RTGCPTR pInstrGC, RTGCPTR pConflictGC);
607
608
609/**
610 * Checks if the instructions at the specified address has been patched already.
611 *
612 * @returns boolean, patched or not
613 * @param pVM The VM to operate on.
614 * @param pInstrGC Guest context pointer to instruction
615 */
616PATMR3DECL(bool) PATMR3HasBeenPatched(PVM pVM, RTGCPTR pInstrGC);
617
618
619/**
620 * Install Linux 2.6 spinlock patch
621 *
622 * @returns VBox status code.
623 * @param pVM The VM to operate on
624 * @param pCallAcquireSpinlockGC GC pointer of call instruction
625 * @param cbAcquireSpinlockCall Instruction size
626 *
627 */
628PATMR3DECL(int) PATMInstallSpinlockPatch(PVM pVM, RTGCPTR pCallAcquireSpinlockGC, uint32_t cbAcquireSpinlockCall);
629
630
631/**
632 * Check if supplied call target is the Linux 2.6 spinlock acquire function
633 *
634 * @returns boolean
635 * @param pVM The VM to operate on
636 * @param pCallAcquireSpinlockGC Call target GC address
637 *
638 */
639PATMR3DECL(bool) PATMIsSpinlockAcquire(PVM pVM, RTGCPTR pCallTargetGC);
640
641/**
642 * Check if supplied call target is the Linux 2.6 spinlock release function
643 *
644 * @returns boolean
645 * @param pVM The VM to operate on
646 * @param pCallTargetGC Call target GC address
647 *
648 */
649PATMR3DECL(bool) PATMIsSpinlockRelease(PVM pVM, RTGCPTR pCallTargetGC);
650
651/**
652 * Check if supplied call target is the Linux 2.6 spinlock release function (patched equivalent)
653 *
654 * @returns boolean
655 * @param pVM The VM to operate on
656 * @param pCallTargetGC Call target GC address
657 *
658 */
659PATMR3DECL(bool) PATMIsSpinlockReleasePatch(PVM pVM, RTGCPTR pCallTargetGC);
660
661/** @} */
662#endif
663
664
665/** @} */
666__END_DECLS
667
668
669#endif /* !__VBox_patm_h__ */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette