Bitdefender Hypervisor Memory Introspection
udlist.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2020 Bitdefender
3  * SPDX-License-Identifier: Apache-2.0
4  */
5 #include "udlist.h"
6 #include "guests.h"
7 
24 
26 LIST_HEAD gListPendingUD = LIST_HEAD_INIT(gListPendingUD);
27 
28 
29 INTSTATUS
30 IntUDAddToPendingList(
31  _In_ const QWORD Cr3,
32  _In_ const QWORD Rip,
33  _In_ const QWORD Thread,
34  _Out_ INFO_UD_PENDING **CurrentPendingUD
35  )
51 {
52  INFO_UD_PENDING *infoUD;
53 
54  if (0 == Cr3)
55  {
56  return INT_STATUS_INVALID_PARAMETER_1;
57  }
58 
59  if (0 == Rip)
60  {
61  return INT_STATUS_INVALID_PARAMETER_2;
62  }
63 
64  if (0 == Thread)
65  {
66  return INT_STATUS_INVALID_PARAMETER_3;
67  }
68 
69  if (NULL == CurrentPendingUD)
70  {
71  return INT_STATUS_INVALID_PARAMETER_4;
72  }
73 
74  infoUD = HpAllocWithTag(sizeof(*infoUD), IC_TAG_UDCX);
75  if (NULL == infoUD)
76  {
77  return INT_STATUS_INSUFFICIENT_RESOURCES;
78  }
79 
80  infoUD->Cr3 = Cr3;
81  infoUD->Rip = Rip;
82  infoUD->Thread = Thread;
83 
84  // Add the entry to the list of pending UDs
85  InsertTailList(&gListPendingUD, &infoUD->Link);
86 
87  // After #UD is injected (IntHandleEventInjection), we will remove the entry from the list and for that,
88  // we need to keep this info
89  *CurrentPendingUD = infoUD;
90 
91  return INT_STATUS_SUCCESS;
92 }
93 
94 
95 void
96 IntUDRemoveEntry(
97  _Inout_ INFO_UD_PENDING **InfoUD
98  )
106 {
107  if (NULL != InfoUD && NULL != *InfoUD)
108  {
109  RemoveEntryList(&(*InfoUD)->Link);
110  HpFreeAndNullWithTag(InfoUD, IC_TAG_UDCX);
111  }
112 }
113 
114 
115 void
116 IntUDRemoveAllEntriesForCr3(
117  _In_ const QWORD Cr3
118  )
126 {
127  list_for_each(gListPendingUD, INFO_UD_PENDING, pInfoUD)
128  {
129  if (Cr3 == pInfoUD->Cr3)
130  {
131  WARNING("[WARNING] There are still pending UDs in the list when process terminates (will remove them) "
132  "CR3: 0x%016llx RIP: 0x%016llx THREAD: 0x%016llx\n",
133  pInfoUD->Cr3, pInfoUD->Rip, pInfoUD->Thread);
134 
135  for (DWORD index = 0; index < gGuest.CpuCount; index++)
136  {
137  if (pInfoUD == gGuest.VcpuArray[index].CurrentUD)
138  {
139  gGuest.VcpuArray[index].CurrentUD = NULL;
140  }
141  }
142 
143  IntUDRemoveEntry(&pInfoUD);
144  }
145  }
146 }
147 
148 
149 INFO_UD_PENDING *
150 IntUDGetEntry(
151  _In_ const QWORD Cr3,
152  _In_ const QWORD Rip,
153  _In_ const QWORD Thread
154  )
164 {
165  list_for_each(gListPendingUD, INFO_UD_PENDING, pInfoUD)
166  {
167  if (Cr3 == pInfoUD->Cr3 && Rip == pInfoUD->Rip && Thread == pInfoUD->Thread)
168  {
169  TRACE("[INFO] Already an UD pending for CR3: 0x%016llx RIP: 0x%016llx THREAD: 0x%016llx\n",
170  pInfoUD->Cr3, pInfoUD->Rip, pInfoUD->Thread);
171 
172  return pInfoUD;
173  }
174  }
175 
176  return NULL;
177 }
_Out_
#define _Out_
Definition: intro_sal.h:22
IntUDAddToPendingList
INTSTATUS IntUDAddToPendingList(const QWORD Cr3, const QWORD Rip, const QWORD Thread, INFO_UD_PENDING **CurrentPendingUD)
Add a new UD to the list of pending injections.
Definition: udlist.c:30
_In_
#define _In_
Definition: intro_sal.h:21
INT_STATUS_SUCCESS
#define INT_STATUS_SUCCESS
Definition: introstatus.h:54
IntUDRemoveEntry
void IntUDRemoveEntry(INFO_UD_PENDING **InfoUD)
Remove a pending UD entry.
Definition: udlist.c:96
_INFO_UD_PENDING::Cr3
QWORD Cr3
Target virtual address space.
Definition: udlist.h:17
HpAllocWithTag
#define HpAllocWithTag(Len, Tag)
Definition: glue.h:516
INTSTATUS
int INTSTATUS
The status data type.
Definition: introstatus.h:24
_GUEST_STATE::VcpuArray
PVCPU_STATE VcpuArray
Array of the VCPUs assigned to this guest. The index in this array matches the VCPU number...
Definition: guests.h:372
_INFO_UD_PENDING::Thread
QWORD Thread
Software thread ID.
Definition: udlist.h:19
_Inout_
#define _Inout_
Definition: intro_sal.h:20
_INFO_UD_PENDING
Definition: udlist.h:14
RemoveEntryList
static BOOLEAN RemoveEntryList(LIST_ENTRY *Entry)
Definition: introlists.h:87
QWORD
unsigned long long QWORD
Definition: intro_types.h:53
INT_STATUS_INVALID_PARAMETER_4
#define INT_STATUS_INVALID_PARAMETER_4
Definition: introstatus.h:71
TRACE
#define TRACE(fmt,...)
Definition: glue.h:58
HpFreeAndNullWithTag
#define HpFreeAndNullWithTag(Add, Tag)
Definition: glue.h:517
_VCPU_STATE::CurrentUD
INFO_UD_PENDING * CurrentUD
The currently pending #UD injection on this CPU.
Definition: guests.h:123
gListPendingUD
LIST_HEAD gListPendingUD
The list of pending UD injections. Once a UD gets injected, its entry will be removed from this list...
Definition: udlist.c:26
InsertTailList
static void InsertTailList(LIST_ENTRY *ListHead, LIST_ENTRY *Entry)
Definition: introlists.h:135
_INFO_UD_PENDING::Link
LIST_ENTRY Link
List entry element.
Definition: udlist.h:16
WARNING
#define WARNING(fmt,...)
Definition: glue.h:60
IntUDRemoveAllEntriesForCr3
void IntUDRemoveAllEntriesForCr3(const QWORD Cr3)
Remove all pending UD entries for a given virtual address space.
Definition: udlist.c:116
_GUEST_STATE::CpuCount
DWORD CpuCount
The number of logical CPUs.
Definition: guests.h:279
DWORD
uint32_t DWORD
Definition: intro_types.h:49
gGuest
GUEST_STATE gGuest
The current guest state.
Definition: guests.c:50
IntUDGetEntry
INFO_UD_PENDING * IntUDGetEntry(const QWORD Cr3, const QWORD Rip, const QWORD Thread)
Get a UD entry for the provided Cr3, Rip and Thread ID.
Definition: udlist.c:150
LIST_HEAD_INIT
#define LIST_HEAD_INIT(Name)
Definition: introlists.h:39
INT_STATUS_INVALID_PARAMETER_1
#define INT_STATUS_INVALID_PARAMETER_1
Definition: introstatus.h:62
IC_TAG_UDCX
#define IC_TAG_UDCX
UD pending context.
Definition: memtags.h:85
list_for_each
#define list_for_each(_head, _struct_type, _var)
Definition: introlists.h:41
INT_STATUS_INVALID_PARAMETER_2
#define INT_STATUS_INVALID_PARAMETER_2
Definition: introstatus.h:65
_LIST_ENTRY
Definition: introlists.h:16
_INFO_UD_PENDING::Rip
QWORD Rip
The Rip.
Definition: udlist.h:18
INT_STATUS_INSUFFICIENT_RESOURCES
#define INT_STATUS_INSUFFICIENT_RESOURCES
Definition: introstatus.h:281
INT_STATUS_INVALID_PARAMETER_3
#define INT_STATUS_INVALID_PARAMETER_3
Definition: introstatus.h:68