VirtualBox

source: vbox/trunk/include/VBox/vmm/csam.h@ 41788

Last change on this file since 41788 was 41732, checked in by vboxsync, 13 years ago

DISCPUSTATE::opsize -> cbInstr.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 8.0 KB
Line 
1/** @file
2 * CSAM - Guest OS Code Scanning and Analyis Manager.
3 */
4
5/*
6 * Copyright (C) 2006-2010 Oracle Corporation
7 *
8 * This file is part of VirtualBox Open Source Edition (OSE), as
9 * available from http://www.virtualbox.org. This file is free software;
10 * you can redistribute it and/or modify it under the terms of the GNU
11 * General Public License (GPL) as published by the Free Software
12 * Foundation, in version 2 as it comes in the "COPYING" file of the
13 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
14 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
15 *
16 * The contents of this file may alternatively be used under the terms
17 * of the Common Development and Distribution License Version 1.0
18 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
19 * VirtualBox OSE distribution, in which case the provisions of the
20 * CDDL are applicable instead of those of the GPL.
21 *
22 * You may elect to license modified versions of this file under the
23 * terms and conditions of either the GPL or the CDDL or both.
24 */
25
26#ifndef ___VBox_vmm_csam_h
27#define ___VBox_vmm_csam_h
28
29#include <VBox/types.h>
30
31
32/** @defgroup grp_csam The Code Scanning and Analysis API
33 * @{
34 */
35
36/**
37 * CSAM monitoring tag
38 * For use with CSAMR3MonitorPage
39 */
40typedef enum CSAMTAG
41{
42 CSAM_TAG_INVALID = 0,
43 CSAM_TAG_REM,
44 CSAM_TAG_PATM,
45 CSAM_TAG_CSAM,
46 CSAM_TAG_32BIT_HACK = 0x7fffffff
47} CSAMTAG;
48
49
50RT_C_DECLS_BEGIN
51
52
53/**
54 * Check if this page needs to be analysed by CSAM.
55 *
56 * This function should only be called for supervisor pages and
57 * only when CSAM is enabled. Leaving these selection criteria
58 * to the caller simplifies the interface (PTE passing).
59 *
60 * Note the the page has not yet been synced, so the TLB trick
61 * (which wasn't ever active anyway) cannot be applied.
62 *
63 * @returns true if the page should be marked not present because
64 * CSAM want need to scan it.
65 * @returns false if the page was already scanned.
66 * @param pVM The VM to operate on.
67 * @param GCPtr GC pointer of page table entry
68 */
69VMMDECL(bool) CSAMDoesPageNeedScanning(PVM pVM, RTRCUINTPTR GCPtr);
70
71/**
72 * Check if this page was previously scanned by CSAM
73 *
74 * @returns true -> scanned, false -> not scanned
75 * @param pVM The VM to operate on.
76 * @param pPage GC page address
77 */
78VMMDECL(bool) CSAMIsPageScanned(PVM pVM, RTRCPTR pPage);
79
80/**
81 * Mark a page as scanned/not scanned
82 *
83 * @note: we always mark it as scanned, even if we haven't completely done so
84 *
85 * @returns VBox status code.
86 * @param pVM The VM to operate on.
87 * @param pPage GC page address (not necessarily aligned)
88 * @param fScanned Mark as scanned or not scanned
89 *
90 */
91VMMDECL(int) CSAMMarkPage(PVM pVM, RTRCUINTPTR pPage, bool fScanned);
92
93
94/**
95 * Remember a possible code page for later inspection
96 *
97 * @returns VBox status code.
98 * @param pVM The VM to operate on.
99 * @param GCPtr GC pointer of page
100 */
101VMMDECL(void) CSAMMarkPossibleCodePage(PVM pVM, RTRCPTR GCPtr);
102
103/**
104 * Query CSAM state (enabled/disabled)
105 *
106 * @returns 0 - disabled, 1 - enabled
107 * @param pVM The VM to operate on.
108 */
109#define CSAMIsEnabled(pVM) (pVM->fCSAMEnabled && EMIsRawRing0Enabled(pVM))
110
111/**
112 * Turn on code scanning
113 *
114 * @returns VBox status code. (trap handled or not)
115 * @param pVM The VM to operate on.
116 */
117VMMDECL(int) CSAMEnableScanning(PVM pVM);
118
119/**
120 * Turn off code scanning
121 *
122 * @returns VBox status code. (trap handled or not)
123 * @param pVM The VM to operate on.
124 */
125VMMDECL(int) CSAMDisableScanning(PVM pVM);
126
127
128/**
129 * Check if this page needs to be analysed by CSAM
130 *
131 * @returns 0 - disabled, 1 - enabled
132 * @param pVM The VM to operate on.
133 * @param pvFault Fault address
134 */
135VMMDECL(int) CSAMExecFault(PVM pVM, RTRCPTR pvFault);
136
137/**
138 * Check if we've scanned this instruction before. If true, then we can emulate
139 * it instead of returning to ring 3.
140 *
141 * @returns boolean
142 * @param pVM The VM to operate on.
143 * @param GCPtr GC pointer of page table entry
144 */
145VMMDECL(bool) CSAMIsKnownDangerousInstr(PVM pVM, RTRCUINTPTR GCPtr);
146
147
148#ifdef IN_RING3
149/** @defgroup grp_csam_r3 The Code Scanning and Analysis API
150 * @ingroup grp_csam
151 * @{
152 */
153
154/**
155 * Query CSAM state (enabled/disabled)
156 *
157 * @returns 0 - disabled, 1 - enabled
158 * @param pVM The VM to operate on.
159 */
160VMMR3DECL(int) CSAMR3IsEnabled(PVM pVM);
161
162/**
163 * Initializes the csam.
164 *
165 * @returns VBox status code.
166 * @param pVM The VM to operate on.
167 */
168VMMR3DECL(int) CSAMR3Init(PVM pVM);
169
170/**
171 * Applies relocations to data and code managed by this
172 * component. This function will be called at init and
173 * whenever the VMM need to relocate it self inside the GC.
174 *
175 * The csam will update the addresses used by the switcher.
176 *
177 * @param pVM The VM.
178 * @param offDelta Relocation delta.
179 */
180VMMR3DECL(void) CSAMR3Relocate(PVM pVM, RTGCINTPTR offDelta);
181
182/**
183 * Terminates the csam.
184 *
185 * Termination means cleaning up and freeing all resources,
186 * the VM it self is at this point powered off or suspended.
187 *
188 * @returns VBox status code.
189 * @param pVM The VM to operate on.
190 */
191VMMR3DECL(int) CSAMR3Term(PVM pVM);
192
193/**
194 * CSAM reset callback.
195 *
196 * @returns VBox status code.
197 * @param pVM The VM which is reset.
198 */
199VMMR3DECL(int) CSAMR3Reset(PVM pVM);
200
201
202/**
203 * Notify CSAM of a page flush
204 *
205 * @returns VBox status code
206 * @param pVM The VM to operate on.
207 * @param addr GC address of the page to flush
208 */
209VMMR3DECL(int) CSAMR3FlushPage(PVM pVM, RTRCPTR addr);
210
211/**
212 * Remove a CSAM monitored page. Use with care!
213 *
214 * @returns VBox status code
215 * @param pVM The VM to operate on.
216 * @param addr GC address of the page to flush
217 */
218VMMR3DECL(int) CSAMR3RemovePage(PVM pVM, RTRCPTR addr);
219
220/**
221 * Scan and analyse code
222 *
223 * @returns VBox status code.
224 * @param pVM The VM to operate on.
225 * @param pCtxCore CPU context
226 * @param pInstrGC Instruction pointer
227 */
228VMMR3DECL(int) CSAMR3CheckCodeEx(PVM pVM, PCPUMCTXCORE pCtxCore, RTRCPTR pInstrGC);
229
230/**
231 * Scan and analyse code
232 *
233 * @returns VBox status code.
234 * @param pVM The VM to operate on.
235 * @param pInstrGC Instruction pointer (0:32 virtual address)
236 */
237VMMR3DECL(int) CSAMR3CheckCode(PVM pVM, RTRCPTR pInstrGC);
238
239/**
240 * Mark an instruction in a page as scanned/not scanned
241 *
242 * @returns VBox status code.
243 * @param pVM The VM to operate on.
244 * @param pInstr Instruction pointer
245 * @param cbInstr Instruction size
246 * @param fScanned Mark as scanned or not
247 */
248VMMR3DECL(int) CSAMR3MarkCode(PVM pVM, RTRCPTR pInstr, uint32_t cbInstr, bool fScanned);
249
250/**
251 * Perform any pending actions
252 *
253 * @returns VBox status code.
254 * @param pVM The VM to operate on.
255 * @param pVCpu The VMCPU to operate on.
256 */
257VMMR3DECL(int) CSAMR3DoPendingAction(PVM pVM, PVMCPU pVCpu);
258
259/**
260 * Monitors a code page (if not already monitored)
261 *
262 * @returns VBox status code
263 * @param pVM The VM to operate on.
264 * @param pPageAddrGC The page to monitor
265 * @param enmTag Monitor tag
266 */
267VMMR3DECL(int) CSAMR3MonitorPage(PVM pVM, RTRCPTR pPageAddrGC, CSAMTAG enmTag);
268
269/**
270 * Unmonitors a code page
271 *
272 * @returns VBox status code
273 * @param pVM The VM to operate on.
274 * @param pPageAddrGC The page to monitor
275 * @param enmTag Monitor tag
276 */
277VMMR3DECL(int) CSAMR3UnmonitorPage(PVM pVM, RTRCPTR pPageAddrGC, CSAMTAG enmTag);
278
279/**
280 * Analyse interrupt and trap gates
281 *
282 * @returns VBox status code.
283 * @param pVM The VM to operate on.
284 * @param iGate Start gate
285 * @param cGates Number of gates to check
286 */
287VMMR3DECL(int) CSAMR3CheckGates(PVM pVM, uint32_t iGate, uint32_t cGates);
288
289/**
290 * Record previous call instruction addresses
291 *
292 * @returns VBox status code.
293 * @param pVM The VM to operate on.
294 * @param GCPtrCall Call address
295 */
296VMMR3DECL(int) CSAMR3RecordCallAddress(PVM pVM, RTRCPTR GCPtrCall);
297
298/** @} */
299#endif
300
301
302/** @} */
303RT_C_DECLS_END
304
305#endif
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette