8 #ifndef HYPERPLATFORM_UTIL_H_ 9 #define HYPERPLATFORM_UTIL_H_ 63 return static_cast<VmxStatus>(
static_cast<unsigned __int8
>(lhs) |
64 static_cast<unsigned __int8>(rhs));
82 _IRQL_requires_max_(PASSIVE_LEVEL) NTSTATUS
101 _IRQL_requires_max_(APC_LEVEL) NTSTATUS
103 _In_opt_
void *context);
112 _IRQL_requires_max_(DISPATCH_LEVEL) NTSTATUS
114 _In_opt_
void *context);
119 _IRQL_requires_max_(APC_LEVEL) NTSTATUS
UtilSleep(_In_ LONG millisecond);
128 void *
UtilMemMem(_In_
const void *search_base, _In_ SIZE_T search_size,
129 _In_
const void *pattern, _In_ SIZE_T pattern_size);
186 _Must_inspect_result_ _IRQL_requires_max_(DISPATCH_LEVEL)
void 192 _In_
void *base_address);
199 _In_opt_
void *context);
205 _In_ ULONG_PTR stack_pointer);
278 _IRQL_requires_max_(DISPATCH_LEVEL) NTSTATUS
299 template <
typename T>
302 return (min <= value) && (value <= max);
305 #endif // HYPERPLATFORM_UTIL_H_ NTSTATUS UtilForEachProcessorDpc(_In_ PKDEFERRED_ROUTINE deferred_routine, _In_opt_ void *context)
Queues deferred_routine on all processors.
bool UtilIsAccessibleAddress(_In_ void *address)
Checks is the address is present on physical memory.
PFN_NUMBER number_of_pages
A physical memory size in pages.
Operation failed without status available.
HypercallNumber
Available command numbers for VMCALL.
const PhysicalMemoryDescriptor * UtilGetPhysicalMemoryRanges()
Returns ranges of physical memory on the system.
PFN_NUMBER UtilPfnFromPa(_In_ ULONG64 pa)
PA -> PFN.
VmxStatus
Indicates a result of VMX-instructions.
ULONG64 UtilPaFromPfn(_In_ PFN_NUMBER pfn)
PNF -> PA.
Operation failed with extended status available.
void * UtilAllocateContiguousMemory(_In_ SIZE_T number_of_bytes)
Allocates continuous physical memory.
VmxStatus UtilVmWrite(_In_ VmcsField field, _In_ ULONG_PTR field_value)
Writes natural-width VMCS.
ULONG_PTR base_page
A base address / PAGE_SIZE (ie, 0x1 for 0x1000)
Represents a physical memory ranges of the system.
void * UtilMemMem(_In_ const void *search_base, _In_ SIZE_T search_size, _In_ const void *pattern, _In_ SIZE_T pattern_size)
Searches a byte pattern from a given address range.
VmxStatus UtilInvvpidIndividualAddress(_In_ USHORT vpid, _In_ void *address)
Executes the INVVPID instruction (type 0)
void * UtilVaFromPfn(_In_ PFN_NUMBER pfn)
PNF -> VA.
NTSTATUS UtilForceCopyMemory(_In_ void *destination, _In_ const void *source, _In_ SIZE_T length)
Does RtlCopyMemory safely even if destination is a read only region.
void UtilFreeContiguousMemory(_In_ void *base_address)
Frees an address allocated by UtilAllocateContiguousMemory()
NTSTATUS UtilForEachProcessor(_In_ NTSTATUS(*callback_routine)(void *), _In_opt_ void *context)
Executes callback_routine on each processor.
VmxStatus UtilInvvpidAllContext()
Executes the INVVPID instruction (type 2)
VmxStatus UtilVmWrite64(_In_ VmcsField field, _In_ ULONG64 field_value)
Writes 64bit-width VMCS.
VmxStatus UtilInveptGlobal()
Executes the INVEPT instruction and invalidates EPT entry cache.
Msr
See: MODEL-SPECIFIC REGISTERS (MSRS)
bool UtilIsX86Pae()
Checks if the system is a PAE-enabled x86 system.
ULONG64 UtilVmRead64(_In_ VmcsField field)
Reads 64bit-width VMCS.
VmcsField
See: FIELD ENCODING IN VMCS.
Represents ranges of addresses.
NTSTATUS UtilVmCall(_In_ HypercallNumber hypercall_number, _In_opt_ void *context)
Executes VMCALL.
VmxStatus UtilInvvpidSingleContext(_In_ USHORT vpid)
Executes the INVVPID instruction (type 1)
void UtilTermination()
Frees all resources allocated for the sake of the Util functions.
VmxStatus UtilInvvpidSingleContextExceptGlobal(_In_ USHORT vpid)
Executes the INVVPID instruction (type 3)
void * UtilGetSystemProcAddress(_In_ const wchar_t *proc_name)
Get an address of an exported symbol by the kernel or HAL.
void UtilDumpGpRegisters(_In_ const AllRegisters *all_regs, _In_ ULONG_PTR stack_pointer)
Debug prints registers.
Defines constants and structures defined by the x86-64 architecture.
void * UtilVaFromPa(_In_ ULONG64 pa)
PA -> VA.
void * UtilPcToFileHeader(_In_ void *address)
Returns a module base address of address.
NTSTATUS UtilSleep(_In_ LONG millisecond)
Suspends the execution of the current thread.
ULONG_PTR UtilVmRead(_In_ VmcsField field)
Reads natural-width VMCS.
constexpr VmxStatus operator|=(_In_ VmxStatus lhs, _In_ VmxStatus rhs)
Provides |= operator for VmxStatus.
void UtilLoadPdptes(_In_ ULONG_PTR cr3_value)
Loads the PDPTE registers from CR3 to VMCS.
NTSTATUS UtilInitialization(_In_ PDRIVER_OBJECT driver_object)
Makes the Util functions ready for use.
ULONG_PTR page_count
A number of pages.
PhysicalMemoryRun run[1]
ranges of addresses
PFN_NUMBER UtilPfnFromVa(_In_ void *va)
VA -> PFN.
ULONG64 UtilPaFromVa(_In_ void *va)
VA -> PA.
constexpr bool UtilIsInBounds(_In_ const T &value, _In_ const T &min, _In_ const T &max)
Tests if value is in between min and max.
ULONG_PTR UtilReadMsr(_In_ Msr msr)
Reads natural-width MSR.
void UtilWriteMsr64(_In_ Msr msr, _In_ ULONG64 value)
Writes 64bit-width MSR.
PFN_COUNT number_of_runs
A number of PhysicalMemoryDescriptor::run.
ULONG64 UtilReadMsr64(_In_ Msr msr)
Reads 64bit-width MSR.
void UtilWriteMsr(_In_ Msr msr, _In_ ULONG_PTR value)
Writes natural-width MSR.
Represents a stack layout after a sequence of PUSHFx, PUSHAx.
