2 * This file is part of the Palacios Virtual Machine Monitor developed
3 * by the V3VEE Project with funding from the United States National
4 * Science Foundation and the Department of Energy.
6 * The V3VEE Project is a joint project between Northwestern University
7 * and the University of New Mexico. You can find out more at
10 * Copyright (c) 2011, Kyle C. Hale <kh@u.norhtwestern.edu>
11 * Copyright (c) 2011, The V3VEE Project <http://www.v3vee.org>
12 * All rights reserved.
14 * Author: Kyle C. Hale <kh@u.northwestern.edu>
16 * This is free software. You are permitted to use,
17 * redistribute, and modify it as specified in the file "V3VEE_LICENSE".
20 #include <palacios/vmm.h>
21 #include <palacios/vm_guest_mem.h>
22 #include <palacios/vm_guest.h>
23 #include <palacios/vmm_intr.h>
24 #include <palacios/vmm_decoder.h>
25 #include <palacios/vmm_string.h>
26 #include <palacios/vmm_shadow_paging.h>
27 #include <palacios/vmm_extensions.h>
28 #include <palacios/vmm_intr.h>
30 #include <interfaces/syscall_hijack.h>
31 #include <interfaces/sw_intr.h>
33 #include "syscall_ref.h"
35 #ifndef V3_CONFIG_DEBUG_EXT_SYSCALL_HIJACK
37 #define PrintDebug(fmt, args...)
42 #define max(a, b) ( ((a) > (b)) ? (a) : (b) )
45 #define SYSCALL_INT_VECTOR 0x80
48 struct v3_syscall_hook {
49 int (*handler)(struct guest_info * core, uint_t syscall_nr, void * priv_data);
53 static struct v3_syscall_hook * syscall_hooks[512];
56 static int v3_syscall_handler (struct guest_info * core, uint8_t vector, void * priv_data) {
58 uint_t syscall_nr = (uint_t) core->vm_regs.rax;
61 struct v3_syscall_hook * hook = syscall_hooks[syscall_nr];
63 #ifdef V3_CONFIG_EXT_SYSCALL_PASSTHROUGH
64 if (v3_hook_passthrough_syscall(core, syscall_nr) == -1) {
65 PrintDebug("Error hooking passthrough syscall\n");
68 hook = syscall_hooks[syscall_nr];
70 return v3_raise_swintr(core, vector);
74 err = hook->handler(core, syscall_nr, hook->priv_data);
76 PrintDebug("V3 Syscall Handler: Error in syscall hook\n");
84 static int init_syscall_hijack (struct v3_vm_info * vm, v3_cfg_tree_t * cfg, void ** priv_data) {
90 static int init_syscall_hijack_core (struct guest_info * core, void * priv_data) {
92 v3_hook_swintr(core, SYSCALL_INT_VECTOR, v3_syscall_handler, NULL);
97 static void print_arg (struct guest_info * core, v3_reg_t reg, uint8_t argnum) {
102 PrintDebug("\t ARG%d: INT - %ld\n", argnum, (long) reg);
104 if (core->mem_mode == PHYSICAL_MEM) {
105 ret = v3_gpa_to_hva(core, get_addr_linear(core, reg, &(core->segments.ds)), &hva);
108 ret = v3_gva_to_hva(core, get_addr_linear(core, reg, &(core->segments.ds)), &hva);
111 PrintDebug("\t STR - ");
117 uint32_t c = max(MAX_CHARS, 4096 - (hva % 4096));
119 for (; i < c && *((char*)(hva + i)) != 0; i++) {
120 PrintDebug("%c", *((char*)(hva + i)));
126 static void print_syscall (uint8_t is64, struct guest_info * core) {
129 PrintDebug("Syscall #%ld: \"%s\"\n", (long)core->vm_regs.rax, get_linux_syscall_name64(core->vm_regs.rax));
131 PrintDebug("Syscall #%ld: \"%s\"\n", (long)core->vm_regs.rax, get_linux_syscall_name32(core->vm_regs.rax));
134 print_arg(core, core->vm_regs.rbx, 1);
135 print_arg(core, core->vm_regs.rcx, 2);
136 print_arg(core, core->vm_regs.rdx, 3);
142 static struct v3_extension_impl syscall_impl = {
143 .name = "syscall_intercept",
144 .init = init_syscall_hijack,
146 .core_init = init_syscall_hijack_core,
152 register_extension(&syscall_impl);
157 static inline struct v3_syscall_hook * get_syscall_hook (struct guest_info * core, uint_t syscall_nr) {
158 return syscall_hooks[syscall_nr];
162 int v3_hook_syscall (struct guest_info * core,
164 int (*handler)(struct guest_info * core, uint_t syscall_nr, void * priv_data),
167 struct v3_syscall_hook * hook = (struct v3_syscall_hook *)V3_Malloc(sizeof(struct v3_syscall_hook));
174 if (get_syscall_hook(core, syscall_nr) != NULL) {
175 PrintError("System Call #%d already hooked\n", syscall_nr);
179 hook->handler = handler;
180 hook->priv_data = priv_data;
182 syscall_hooks[syscall_nr] = hook;
188 static int passthrough_syscall_handler (struct guest_info * core, uint_t syscall_nr, void * priv_data) {
189 print_syscall(0, core);
194 int v3_hook_passthrough_syscall (struct guest_info * core, uint_t syscall_nr) {
196 int rc = v3_hook_syscall(core, syscall_nr, passthrough_syscall_handler, NULL);
199 PrintError("failed to hook syscall 0x%x for passthrough (guest=0x%p)\n", syscall_nr, (void *)core);
202 PrintDebug("hooked syscall 0x%x for passthrough (guest=0x%p)\n", syscall_nr, (void *)core);
206 /* shouldn't get here */
211 int v3_sysexecve_handler (struct guest_info * core, uint_t syscall_nr, void * priv_data) {
213 struct exec_hook * hook;
216 ret = v3_gva_to_hva(core, get_addr_linear(core, (addr_t)core->vm_regs.rbx, &(core->segments.ds)), &hva);
218 PrintDebug("Error translating file path in sysexecve handler\n");
222 key = v3_hash_buffer((uchar_t*)hva, strlen((uchar_t*)hva));
223 if ((hook = (struct exec_hook*)v3_htable_search(core->exec_hooks.bin_table, key)) != NULL) {
224 if (hook->handler(core, NULL) == -1) {
225 PrintDebug("Error handling execve hook\n");