#include "hook_cr.h"
#include "callbacks.h"
#include "guests.h"

Functions
INTSTATUS	IntHookCrSetHook (DWORD Cr, DWORD Flags, PFUNC_CrWriteHookCallback Callback, void Context, HOOK_CR *Hook)
	Set a control register write hook. More...

static INTSTATUS	IntHookCrDeleteHook (HOOK_CR *Hook)
	Permanently delete a control register hook. More...

INTSTATUS	IntHookCrRemoveHook (HOOK_CR *Hook)
	Remove a control register hook. More...

static INTSTATUS	IntHookCrRemoveAllHooks (void)
	Remove all control register write hooks. More...

INTSTATUS	IntHookCrCommit (void)
	Commit the control register hooks. More...

INTSTATUS	IntHookCrInit (void)
	Initialize the control registers hook state. More...

INTSTATUS	IntHookCrUninit (void)
	Uninit the control register hooks state. More...

Function Documentation

◆ IntHookCrCommit()

INTSTATUS IntHookCrCommit ( void )

Commit the control register hooks.

This function will iterate the list of CR hooks, and it will delete all the hooks that were flagged for removal.

Return values

INT_STATUS_SUCCESS	On success.
INT_STATUS_NOT_INITIALIZED	If the CR hooks state is not initialized.

Definition at line 234 of file hook_cr.c.

Referenced by IntGuestPreReturnCallback().

◆ IntHookCrDeleteHook()

static INTSTATUS IntHookCrDeleteHook ( HOOK_CR * Hook )

static

Permanently delete a control register hook.

NOTE: When the last CR hook is removed, the CR notifications callback will be unregistered from the integrator.

Parameters

[in] Hook The CR hook to be deleted.

Return values

INT_STATUS_SUCCESS On success.

Definition at line 105 of file hook_cr.c.

Referenced by IntHookCrCommit(), and IntHookCrRemoveHook().

◆ IntHookCrInit()

INTSTATUS IntHookCrInit ( void )

Initialize the control registers hook state.

Return values

INT_STATUS_SUCCESS	On success.
INT_STATUS_INSUFFICIENT_RESOURCES	If a memory alloc fails.

Definition at line 272 of file hook_cr.c.

Referenced by IntGuestInit().

◆ IntHookCrRemoveAllHooks()

static INTSTATUS IntHookCrRemoveAllHooks ( void )

static

Remove all control register write hooks.

Return values

INT_STATUS_SUCCESS	On success.
INT_STATUS_NOT_INITIALIZED	If the hooks state is not initialized.

Definition at line 202 of file hook_cr.c.

Referenced by IntHookCrUninit().

◆ IntHookCrRemoveHook()

INTSTATUS IntHookCrRemoveHook ( HOOK_CR * Hook )

Remove a control register hook.

Removes a CR write hook. First of all, this function will mark the hook as being disabled (the callback will never be called again). If we are currently in the context of a CR violation, we will wait for the commit phase to permanently delete the hook. Otherwise, the hook will be deleted immediately.

Parameters

[in] Hook The hook to be removed.

Return values

INT_STATUS_SUCCESS	On success.
INT_STATUS_INVALID_PARAMETER	If an invalid parameter is supplied.
INT_STATUS_NOT_INITIALIZED	If the CR hooks state is not initialized.

Definition at line 135 of file hook_cr.c.

Referenced by DbgTestCrHookRem(), IntCr4Unprotect(), IntGuestHandleCr3Write(), IntGuestPrepareUninit(), IntGuestUninit(), IntHandleCrWrite(), and IntHookCrRemoveAllHooks().

◆ IntHookCrSetHook()

INTSTATUS IntHookCrSetHook	(	DWORD	Cr,
		DWORD	Flags,
		PFUNC_CrWriteHookCallback	Callback,
		void *	Context,
		HOOK_CR **	Hook
	)

Set a control register write hook.

This function will place a write hook on the indicated control register. Whenever the register is written, the indicated callback will be called. NOTE: On some hypervisors, modifying certain bits inside CR4 (for example CR4.PGE[7]) will not trigger an event to be sent to Introcore. NOTE: When placing a write hook on a CR for the first time, Introcore will ask the HV to enable VM exits on that particular register. This may lead to a significant performance impact (for example, when monitoring CR3 for writes, a VM exit will be triggered on each context switch). When removing the last write hook on a particular CR, Introcore will ask the HV to disable VM exits on that CR. NOTE: VM exits on some registers will always be enabled (for example, CR0 or CR4), but the CPU may trigger a VM exit only when certain bits are modified (for example, CR0.PE or CR0.PG).

Parameters

[in]	Cr	The control register to be monitored.
[in]	Flags	Generic flags, caller defined.
[in]	Callback	The callback to be called when the CR is modified.
[in]	Context	Optional context, will be passed as an argument to the Callback.
[out]	Hook	Optional hook handle. Can be later used to remove the hook.

Return values

INT_STATUS_SUCCESS	On success.
INT_STATUS_INVALID_PARAMETER	If an invalid parameter is supplied.
INT_STATUS_INSUFFICIENT_RESOURCES	If a memory alloc fails.

Definition at line 11 of file hook_cr.c.

Referenced by DbgTestCrHookSet(), IntCr4Protect(), and IntGuestInit().

◆ IntHookCrUninit()

INTSTATUS IntHookCrUninit ( void )

Uninit the control register hooks state.

Return values

INT_STATUS_SUCCESS	On success.
INT_STATUS_NOT_INITIALIZED_HINT	If the CR hooks state is not initialized.

Definition at line 295 of file hook_cr.c.

Referenced by IntGuestUninit().

Functions

Function Documentation

◆ IntHookCrCommit()

◆ IntHookCrDeleteHook()

◆ IntHookCrInit()

◆ IntHookCrRemoveAllHooks()

◆ IntHookCrRemoveHook()

◆ IntHookCrSetHook()

◆ IntHookCrUninit()