Bitdefender Hypervisor Memory Introspection
Macros
common.h File Reference
#include "handlers.h"
#include <stdint.h>
#include <signal.h>
#include <stddef.h>
#include <stdbool.h>
#include <errno.h>

Go to the source code of this file.

Macros

#define __fn_aligned   __attribute__((aligned(16)))
 
#define __fn_save_all   __attribute__((no_caller_saved_registers))
 
#define __section(S)   __attribute__((section (S)))
 
#define __default_fn_attr   __fn_save_all __fn_aligned
 
#define __fn_naked   __attribute__((naked))
 
#define BIT(x)   (1ULL << (x))
 
#define UNUSED_PARAMETER(P)   ((void)(P))
 
#define PAGE_SIZE   0x1000
 
#define get_jump_back_offset(fn_name)
 
#define get_detour_enable_offset(fn_name)
 
#define GNUASM_DEFINE_STR(SYMBOL, STR)   asm volatile ("#define " SYMBOL " " #STR);
 
#define GNUASM_DEFINE_VAL(SYMBOL, VALUE)   asm volatile ("#define " SYMBOL " %0" :: "n"(VALUE))
 
#define def_detour_asm_vars(fn_name)   GNUASM_DEFINE_VAL(#fn_name "_jmp", get_jump_back_offset(fn_name))
 
#define def_detour_hijack_asm_vars(fn_name, hijack_fn_name)   GNUASM_DEFINE_VAL(#fn_name "_" # hijack_fn_name "_jmp", get_jump_back_offset(fn_name ## _ ## hijack_fn_name))
 
#define def_detour_vars(fn_name)   extern void *fn_name ## _trampoline; extern void *fn_name ## _reloc
 
#define def_detour_hijack_vars(fn_name, fn_hijack_name)   extern void *fn_name ## _ ## fn_hijack_name ## _trampoline; extern void *fn_name ## _ ## fn_hijack_name ## _reloc
 
#define init_detour_field(fn_name)
 
#define init_detour_hijack_field(fn_name, hijack_fn_name)
 
#define __vmcall_param_1(param)   register size_t __p1 asm("r8") = (size_t)(param); asm volatile("" :: "r" (__p1));
 
#define __vmcall_param_2(param)   register size_t __p2 asm("r9") = (size_t)(param); asm volatile("" :: "r" (__p2));
 
#define __vmcall_param_3(param)   register size_t __p3 asm("r10") = (size_t)(param); asm volatile("" :: "r" (__p3));
 
#define __vmcall_param_4(param)   register size_t __p4 asm("r11") = (size_t)(param); asm volatile("" :: "r" (__p4));
 
#define __vmcall_param_5(param)   register size_t __p5 asm("r12") = (size_t)(param); asm volatile("" :: "r" (__p5));
 
#define __vmcall_param_6(param)   register size_t __p6 asm("r13") = (size_t)(param); asm volatile("" :: "r" (__p6));
 
#define __vmcall_param_7(param)   register size_t __p7 asm("r14") = (size_t)(param); asm volatile("" :: "r" (__p7));
 
#define __vmcall_param_8(param)   register size_t __p8 asm("r15") = (size_t)(param); asm volatile("" :: "r" (__p8));
 
#define vmcall_1(id, p1)
 
#define vmcall_2(id, p1, p2)
 
#define vmcall_3(id, p1, p2, p3)
 
#define vmcall_4(id, p1, p2, p3, p4)
 
#define vmcall_5(id, p1, p2, p3, p4, p5)
 
#define vmcall_6(id, p1, p2, p3, p4, p5, p6)
 
#define __read_reg(reg)
 

Macro Definition Documentation

◆ __default_fn_attr

#define __default_fn_attr   __fn_save_all __fn_aligned

Definition at line 21 of file common.h.

◆ __fn_aligned

#define __fn_aligned   __attribute__((aligned(16)))

Definition at line 16 of file common.h.

◆ __fn_naked

#define __fn_naked   __attribute__((naked))

Definition at line 22 of file common.h.

◆ __fn_save_all

#define __fn_save_all   __attribute__((no_caller_saved_registers))

Definition at line 17 of file common.h.

◆ __read_reg

#define __read_reg (   reg)
Value:
({ \
unsigned long long val; \
asm volatile("mov %0, " reg "\n\t" : "=r" (val)); \
(unsigned long long)(val); \
})

Definition at line 153 of file common.h.

Referenced by store_regs().

◆ __section

#define __section (   S)    __attribute__((section (S)))

Definition at line 19 of file common.h.

◆ __vmcall_param_1

#define __vmcall_param_1 (   param)    register size_t __p1 asm("r8") = (size_t)(param); asm volatile("" :: "r" (__p1));

Definition at line 72 of file common.h.

◆ __vmcall_param_2

#define __vmcall_param_2 (   param)    register size_t __p2 asm("r9") = (size_t)(param); asm volatile("" :: "r" (__p2));

Definition at line 75 of file common.h.

◆ __vmcall_param_3

#define __vmcall_param_3 (   param)    register size_t __p3 asm("r10") = (size_t)(param); asm volatile("" :: "r" (__p3));

Definition at line 78 of file common.h.

◆ __vmcall_param_4

#define __vmcall_param_4 (   param)    register size_t __p4 asm("r11") = (size_t)(param); asm volatile("" :: "r" (__p4));

Definition at line 81 of file common.h.

◆ __vmcall_param_5

#define __vmcall_param_5 (   param)    register size_t __p5 asm("r12") = (size_t)(param); asm volatile("" :: "r" (__p5));

Definition at line 84 of file common.h.

◆ __vmcall_param_6

#define __vmcall_param_6 (   param)    register size_t __p6 asm("r13") = (size_t)(param); asm volatile("" :: "r" (__p6));

Definition at line 87 of file common.h.

◆ __vmcall_param_7

#define __vmcall_param_7 (   param)    register size_t __p7 asm("r14") = (size_t)(param); asm volatile("" :: "r" (__p7));

Definition at line 90 of file common.h.

◆ __vmcall_param_8

#define __vmcall_param_8 (   param)    register size_t __p8 asm("r15") = (size_t)(param); asm volatile("" :: "r" (__p8));

Definition at line 93 of file common.h.

◆ BIT

#define BIT (   x)    (1ULL << (x))

Definition at line 24 of file common.h.

◆ def_detour_asm_vars

#define def_detour_asm_vars (   fn_name)    GNUASM_DEFINE_VAL(#fn_name "_jmp", get_jump_back_offset(fn_name))

Definition at line 45 of file common.h.

Referenced by __asm_defines().

◆ def_detour_hijack_asm_vars

#define def_detour_hijack_asm_vars (   fn_name,
  hijack_fn_name 
)    GNUASM_DEFINE_VAL(#fn_name "_" # hijack_fn_name "_jmp", get_jump_back_offset(fn_name ## _ ## hijack_fn_name))

Definition at line 48 of file common.h.

Referenced by __asm_defines().

◆ def_detour_hijack_vars

#define def_detour_hijack_vars (   fn_name,
  fn_hijack_name 
)    extern void *fn_name ## _ ## fn_hijack_name ## _trampoline; extern void *fn_name ## _ ## fn_hijack_name ## _reloc

Definition at line 54 of file common.h.

◆ def_detour_vars

#define def_detour_vars (   fn_name)    extern void *fn_name ## _trampoline; extern void *fn_name ## _reloc

Definition at line 51 of file common.h.

◆ get_detour_enable_offset

#define get_detour_enable_offset (   fn_name)
Value:
(__builtin_offsetof(LIX_HYPERCALL_PAGE, Detours) \
+ (det_ ## fn_name) * sizeof(LIX_GUEST_DETOUR) \
+ __builtin_offsetof(LIX_GUEST_DETOUR, EnableOptions)) \
_LIX_GUEST_DETOUR
Definition: handlers.h:100
_LIX_HYPERCALL_PAGE
Definition: handlers.h:110

Definition at line 34 of file common.h.

◆ get_jump_back_offset

#define get_jump_back_offset (   fn_name)
Value:
(__builtin_offsetof(LIX_HYPERCALL_PAGE, Detours) \
+ (det_ ## fn_name) * sizeof(LIX_GUEST_DETOUR) \
+ __builtin_offsetof(LIX_GUEST_DETOUR, JumpBack))
_LIX_GUEST_DETOUR
Definition: handlers.h:100
_LIX_HYPERCALL_PAGE
Definition: handlers.h:110

Definition at line 29 of file common.h.

◆ GNUASM_DEFINE_STR

#define GNUASM_DEFINE_STR (   SYMBOL,
  STR 
)    asm volatile ("#define " SYMBOL " " #STR);

Definition at line 39 of file common.h.

◆ GNUASM_DEFINE_VAL

#define GNUASM_DEFINE_VAL (   SYMBOL,
  VALUE 
)    asm volatile ("#define " SYMBOL " %0" :: "n"(VALUE))

Definition at line 42 of file common.h.

◆ init_detour_field

#define init_detour_field (   fn_name)
Value:
[det_ ## fn_name] = { \
.Name = #fn_name, \
.HijackName[0] = '\0', \
.Address = (unsigned long)&fn_name ## _trampoline, \
.RelocatedCode = (unsigned long)&fn_name ## _reloc \
}

Definition at line 56 of file common.h.

◆ init_detour_hijack_field

#define init_detour_hijack_field (   fn_name,
  hijack_fn_name 
)
Value:
[det_ ## fn_name ## _ ## hijack_fn_name] = { \
.Name = #fn_name, \
.HijackName = #hijack_fn_name, \
.Address = (unsigned long)&fn_name ## _ ## hijack_fn_name ## _trampoline, \
.RelocatedCode = (unsigned long)&fn_name ## _ ## hijack_fn_name ## _reloc \
}

Definition at line 64 of file common.h.

◆ PAGE_SIZE

#define PAGE_SIZE   0x1000

Definition at line 26 of file common.h.

◆ UNUSED_PARAMETER

#define UNUSED_PARAMETER (   P)    ((void)(P))

Definition at line 25 of file common.h.

◆ vmcall_1

#define vmcall_1 (   id,
  p1 
)
Value:
({ \
__vmcall_param_1(p1); \
vmcall(id); \
})

Definition at line 97 of file common.h.

Referenced by module_param_sysfs_remove(), and module_param_sysfs_setup().

◆ vmcall_2

#define vmcall_2 (   id,
  p1,
  p2 
)
Value:
({ \
__vmcall_param_1(p1); \
__vmcall_param_2(p2); \
vmcall(id); \
})

Definition at line 104 of file common.h.

Referenced by __vma_link_rb(), arch_jump_label_transform(), arch_ptrace(), change_protection(), commit_creds(), do_exit(), do_munmap_rb_erase(), mprotect_fixup_vma_wants_writenotify(), process_vm_rw_core(), vma_adjust_rb_erase(), vma_rb_erase(), and wake_up_new_task().

◆ vmcall_3

#define vmcall_3 (   id,
  p1,
  p2,
  p3 
)
Value:
({ \
__vmcall_param_1(p1); \
__vmcall_param_2(p2); \
__vmcall_param_3(p3); \
vmcall(id); \
})

Definition at line 112 of file common.h.

Referenced by begin_new_exec(), complete_signal(), expand_downwards(), flush_old_exec(), ftrace_write(), and text_poke().

◆ vmcall_4

#define vmcall_4 (   id,
  p1,
  p2,
  p3,
  p4 
)
Value:
({ \
__vmcall_param_1(p1); \
__vmcall_param_2(p2); \
__vmcall_param_3(p3); \
__vmcall_param_4(p4); \
vmcall(id); \
})

Definition at line 121 of file common.h.

Referenced by vma_adjust().

◆ vmcall_5

#define vmcall_5 (   id,
  p1,
  p2,
  p3,
  p4,
  p5 
)
Value:
({ \
__vmcall_param_1(p1); \
__vmcall_param_2(p2); \
__vmcall_param_3(p3); \
__vmcall_param_4(p4); \
__vmcall_param_5(p5); \
vmcall(id); \
})

Definition at line 131 of file common.h.

Referenced by __access_remote_vm().

◆ vmcall_6

#define vmcall_6 (   id,
  p1,
  p2,
  p3,
  p4,
  p5,
  p6 
)
Value:
({ \
__vmcall_param_1(p1); \
__vmcall_param_2(p2); \
__vmcall_param_3(p3); \
__vmcall_param_4(p4); \
__vmcall_param_5(p5); \
__vmcall_param_6(p6); \
vmcall(id); \
})

Definition at line 142 of file common.h.