VirtualBox

source: vbox/trunk/include/VBox/csam.h@ 6951

Last change on this file since 6951 was 5999, checked in by vboxsync, 17 years ago

The Giant CDDL Dual-License Header Change.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 7.8 KB
Line 
1/** @file
2 * CSAM - Guest OS Code Scanning and Analyis Manager.
3 */
4
5/*
6 * Copyright (C) 2006-2007 innotek GmbH
7 *
8 * This file is part of VirtualBox Open Source Edition (OSE), as
9 * available from http://www.virtualbox.org. This file is free software;
10 * you can redistribute it and/or modify it under the terms of the GNU
11 * General Public License (GPL) as published by the Free Software
12 * Foundation, in version 2 as it comes in the "COPYING" file of the
13 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
14 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
15 *
16 * The contents of this file may alternatively be used under the terms
17 * of the Common Development and Distribution License Version 1.0
18 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
19 * VirtualBox OSE distribution, in which case the provisions of the
20 * CDDL are applicable instead of those of the GPL.
21 *
22 * You may elect to license modified versions of this file under the
23 * terms and conditions of either the GPL or the CDDL or both.
24 */
25
26#ifndef ___VBox_csam_h
27#define ___VBox_csam_h
28
29#include <VBox/cdefs.h>
30#include <VBox/types.h>
31#include <VBox/cpum.h>
32#include <VBox/em.h>
33
34
35/** @defgroup grp_csam The Code Scanning and Analysis API
36 * @{
37 */
38
39/**
40 * CSAM monitoring tag
41 * For use with CSAMR3MonitorPage
42 */
43typedef enum CSAMTAG
44{
45 CSAM_TAG_INVALID = 0,
46 CSAM_TAG_REM,
47 CSAM_TAG_PATM,
48 CSAM_TAG_CSAM,
49 CSAM_TAG_32BIT_HACK = 0x7fffffff
50} CSAMTAG;
51
52
53__BEGIN_DECLS
54
55
56/**
57 * Check if this page needs to be analysed by CSAM.
58 *
59 * This function should only be called for supervisor pages and
60 * only when CSAM is enabled. Leaving these selection criteria
61 * to the caller simplifies the interface (PTE passing).
62 *
63 * Note the the page has not yet been synced, so the TLB trick
64 * (which wasn't ever active anyway) cannot be applied.
65 *
66 * @returns true if the page should be marked not present because
67 * CSAM want need to scan it.
68 * @returns false if the page was already scanned.
69 * @param pVM The VM to operate on.
70 * @param GCPtr GC pointer of page table entry
71 */
72CSAMDECL(bool) CSAMDoesPageNeedScanning(PVM pVM, RTGCPTR GCPtr);
73
74/**
75 * Check if this page was previously scanned by CSAM
76 *
77 * @returns true -> scanned, false -> not scanned
78 * @param pVM The VM to operate on.
79 * @param pPage GC page address
80 */
81CSAMDECL(bool) CSAMIsPageScanned(PVM pVM, RTGCPTR pPage);
82
83/**
84 * Mark a page as scanned/not scanned
85 *
86 * @note: we always mark it as scanned, even if we haven't completely done so
87 *
88 * @returns VBox status code.
89 * @param pVM The VM to operate on.
90 * @param pPage GC page address (not necessarily aligned)
91 * @param fScanned Mark as scanned or not scanned
92 *
93 */
94CSAMDECL(int) CSAMMarkPage(PVM pVM, RTGCPTR pPage, bool fScanned);
95
96
97/**
98 * Remember a possible code page for later inspection
99 *
100 * @returns VBox status code.
101 * @param pVM The VM to operate on.
102 * @param GCPtr GC pointer of page
103 */
104CSAMDECL(void) CSAMMarkPossibleCodePage(PVM pVM, RTGCPTR GCPtr);
105
106/**
107 * Query CSAM state (enabled/disabled)
108 *
109 * @returns 0 - disabled, 1 - enabled
110 * @param pVM The VM to operate on.
111 */
112#define CSAMIsEnabled(pVM) (pVM->fCSAMEnabled && EMIsRawRing0Enabled(pVM))
113
114/**
115 * Turn on code scanning
116 *
117 * @returns VBox status code. (trap handled or not)
118 * @param pVM The VM to operate on.
119 */
120CSAMDECL(int) CSAMEnableScanning(PVM pVM);
121
122/**
123 * Turn off code scanning
124 *
125 * @returns VBox status code. (trap handled or not)
126 * @param pVM The VM to operate on.
127 */
128CSAMDECL(int) CSAMDisableScanning(PVM pVM);
129
130
131/**
132 * Check if this page needs to be analysed by CSAM
133 *
134 * @returns 0 - disabled, 1 - enabled
135 * @param pVM The VM to operate on.
136 * @param pvFault Fault address
137 */
138CSAMDECL(int) CSAMExecFault(PVM pVM, RTGCPTR pvFault);
139
140/**
141 * Check if we've scanned this instruction before. If true, then we can emulate
142 * it instead of returning to ring 3.
143 *
144 * @returns boolean
145 * @param pVM The VM to operate on.
146 * @param GCPtr GC pointer of page table entry
147 */
148CSAMDECL(bool) CSAMIsKnownDangerousInstr(PVM pVM, RTGCPTR GCPtr);
149
150
151#ifdef IN_RING3
152/** @defgroup grp_csam_r3 The Code Scanning and Analysis API
153 * @ingroup grp_csam
154 * @{
155 */
156
157/**
158 * Query CSAM state (enabled/disabled)
159 *
160 * @returns 0 - disabled, 1 - enabled
161 * @param pVM The VM to operate on.
162 */
163CSAMR3DECL(int) CSAMR3IsEnabled(PVM pVM);
164
165/**
166 * Initializes the csam.
167 *
168 * @returns VBox status code.
169 * @param pVM The VM to operate on.
170 */
171CSAMR3DECL(int) CSAMR3Init(PVM pVM);
172
173/**
174 * Applies relocations to data and code managed by this
175 * component. This function will be called at init and
176 * whenever the VMM need to relocate it self inside the GC.
177 *
178 * The csam will update the addresses used by the switcher.
179 *
180 * @param pVM The VM.
181 * @param offDelta Relocation delta.
182 */
183CSAMR3DECL(void) CSAMR3Relocate(PVM pVM, RTGCINTPTR offDelta);
184
185/**
186 * Terminates the csam.
187 *
188 * Termination means cleaning up and freeing all resources,
189 * the VM it self is at this point powered off or suspended.
190 *
191 * @returns VBox status code.
192 * @param pVM The VM to operate on.
193 */
194CSAMR3DECL(int) CSAMR3Term(PVM pVM);
195
196/**
197 * CSAM reset callback.
198 *
199 * @returns VBox status code.
200 * @param pVM The VM which is reset.
201 */
202CSAMR3DECL(int) CSAMR3Reset(PVM pVM);
203
204
205/**
206 * Notify CSAM of a page flush
207 *
208 * @returns VBox status code
209 * @param pVM The VM to operate on.
210 * @param addr GC address of the page to flush
211 */
212CSAMR3DECL(int) CSAMR3FlushPage(PVM pVM, RTGCPTR addr);
213
214/**
215 * Remove a CSAM monitored page. Use with care!
216 *
217 * @returns VBox status code
218 * @param pVM The VM to operate on.
219 * @param addr GC address of the page to flush
220 */
221CSAMR3DECL(int) CSAMR3RemovePage(PVM pVM, RTGCPTR addr);
222
223/**
224 * Scan and analyse code
225 *
226 * @returns VBox status code.
227 * @param pVM The VM to operate on.
228 * @param Sel selector
229 * @param pHiddenSel The hidden selector register.
230 * @param pInstrGC Instruction pointer
231 */
232CSAMR3DECL(int) CSAMR3CheckCodeEx(PVM pVM, RTSEL Sel, CPUMSELREGHID *pHiddenSel, RTGCPTR pInstrGC);
233
234/**
235 * Scan and analyse code
236 *
237 * @returns VBox status code.
238 * @param pVM The VM to operate on.
239 * @param pInstrGC Instruction pointer (0:32 virtual address)
240 */
241CSAMR3DECL(int) CSAMR3CheckCode(PVM pVM, RTGCPTR pInstrGC);
242
243/**
244 * Mark an instruction in a page as scanned/not scanned
245 *
246 * @returns VBox status code.
247 * @param pVM The VM to operate on.
248 * @param pInstr Instruction pointer
249 * @param opsize Instruction size
250 * @param fScanned Mark as scanned or not
251 */
252CSAMR3DECL(int) CSAMR3MarkCode(PVM pVM, RTGCPTR pInstr, uint32_t opsize, bool fScanned);
253
254/**
255 * Perform any pending actions
256 *
257 * @returns VBox status code.
258 * @param pVM The VM to operate on.
259 */
260CSAMR3DECL(int) CSAMR3DoPendingAction(PVM pVM);
261
262/**
263 * Monitors a code page (if not already monitored)
264 *
265 * @returns VBox status code
266 * @param pVM The VM to operate on.
267 * @param pPageAddrGC The page to monitor
268 * @param enmTag Monitor tag
269 */
270CSAMR3DECL(int) CSAMR3MonitorPage(PVM pVM, RTGCPTR pPageAddrGC, CSAMTAG enmTag);
271
272/**
273 * Analyse interrupt and trap gates
274 *
275 * @returns VBox status code.
276 * @param pVM The VM to operate on.
277 * @param iGate Start gate
278 * @param cGates Number of gates to check
279 */
280CSAMR3DECL(int) CSAMR3CheckGates(PVM pVM, uint32_t iGate, uint32_t cGates);
281
282/**
283 * Record previous call instruction addresses
284 *
285 * @returns VBox status code.
286 * @param pVM The VM to operate on.
287 * @param GCPtrCall Call address
288 */
289CSAMR3DECL(int) CSAMR3RecordCallAddress(PVM pVM, RTGCPTR GCPtrCall);
290
291/** @} */
292#endif
293
294
295/** @} */
296__END_DECLS
297
298#endif
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette