Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/ionescu007/SimpleVisor.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--shvvmxhv.c7
-rw-r--r--shvvp.c23
2 files changed, 17 insertions, 13 deletions
diff --git a/shvvmxhv.c b/shvvmxhv.c
index 886ad0d..6a54fda 100644
--- a/shvvmxhv.c
+++ b/shvvmxhv.c
@@ -262,6 +262,13 @@ ShvVmxEntryHandler (
if (guestContext.ExitVm)
{
//
+ // Return the VP Data structure in RAX:RBX which is going to be part of
+ // the CPUID response that the caller (ShvVpUninitialize) expects back.
+ //
+ Context->Rax = (ULONG_PTR)vpData >> 32;
+ Context->Rbx = (ULONG_PTR)vpData & 0xFFFFFFFF;
+
+ //
// When running in VMX root mode, the processor will set limits of the
// GDT and IDT to 0xFFFF (notice that there are no Host VMCS fields to
// set these values). This causes problems with PatchGuard, which will
diff --git a/shvvp.c b/shvvp.c
index 1f1f744..8bd2f57 100644
--- a/shvvp.c
+++ b/shvvp.c
@@ -104,10 +104,7 @@ ShvVpRestoreAfterLaunch (
//
// And finally, restore the context, so that all register and stack
- // state is finally restored. Note that by continuing to reference the
- // per-VP data this way, the compiler will continue to generate non-
- // optimized accesses, guaranteeing that no previous register state
- // will be used.
+ // state is finally restored.
//
RtlRestoreContext(&vpData->ContextFrame, NULL);
}
@@ -148,19 +145,24 @@ ShvVpUninitialize (
VOID
)
{
- INT dummy[4];
+ INT cpuInfo[4];
+ PSHV_VP_DATA vpData;
//
- // Send the magic shutdown instruction sequence
+ // Send the magic shutdown instruction sequence. It will return in EAX:EBX
+ // the VP data for the current CPU, which we must free.
//
- __cpuidex(dummy, 0x41414141, 0x42424242);
+ __cpuidex(cpuInfo, 0x41414141, 0x42424242);
+ vpData = (PSHV_VP_DATA)((ULONG64)cpuInfo[0] << 32 | cpuInfo[1]);
+ DbgPrintEx(77, 0, "DAta: 0x%p\n", vpData);
+ MmFreeContiguousMemory(vpData);
//
// The processor will return here after the hypervisor issues a VMXOFF
// instruction and restores the CPU context to this location. Unfortunately
// because this is done with RtlRestoreContext which returns using "iretq",
// this causes the processor to remove the RPL bits off the segments. As
- // the x64 kernel does not expect kernel-mode code to chang ethe value of
+ // the x64 kernel does not expect kernel-mode code to change the value of
// any segments, this results in the DS and ES segments being stuck 0x20,
// and the FS segment being stuck at 0x50, until the next context switch.
//
@@ -291,11 +293,6 @@ ShvVpCallbackDpc (
//
ShvVpUninitialize();
NT_ASSERT(ShvIsOurHypervisorPresent() == FALSE);
-
- //
- // Free the VP data
- //
- //MmFreeContiguousMemory(ShvGlobalData[cpuIndex]);
}
Quickie:
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-12 16:12:43 +0300