├── tools ├── vsyasm │ ├── yasm.exe │ └── yasm.props └── nasm │ └── nasm.props ├── winguest ├── tools │ └── prjver.exe ├── winguest │ ├── scripts │ │ ├── winguest_security.exe │ │ ├── winguest_uninstall.cmd │ │ ├── winguest_install.cmd │ │ └── winguest_reinstall.cmd │ ├── winguest.cdf │ ├── external_interface │ │ └── wintypes_interface.h │ ├── updates.h │ ├── init.h │ ├── driver.h │ ├── memory.h │ ├── operation.h │ ├── umlibcomm.h │ ├── undocumented.c │ ├── comm_hv.h │ ├── misc_utils.h │ ├── version.h │ └── winguest.rc ├── winguestdll │ ├── external_interface │ │ └── wintypes_interface.h │ ├── utils_kernel.h │ ├── crc32.h │ ├── ccom_mgr.h │ ├── resource.h │ ├── base64.h │ ├── grub_env.h │ ├── wmi.h │ ├── setver.cmd │ ├── load_monitor.h │ ├── deploy_uefi.h │ ├── deploy_validation.h │ ├── kerncomm_int.h │ ├── libapis_private.h │ ├── event_timer.h │ ├── ccom_mgr.cpp │ ├── deploy_legacy.h │ ├── libapis_int.h │ ├── feedback.h │ ├── kerncomm.h │ ├── helpers.h │ └── version.h └── common │ ├── consts.h │ └── reg_opts.h ├── autogen ├── loaderscfg.h ├── napoca_buildconfig.h ├── efi_buildconfig.h ├── multibootdefs.nasm ├── efi_cmdline.txt ├── cmdline_templates.h ├── cmdlines │ └── cmdline.txt ├── install_files.h └── efi_cmdline.c ├── _external └── codex │ ├── inc │ ├── shared │ │ ├── native │ │ │ ├── wrappers │ │ │ │ ├── cx_winsal.h │ │ │ │ └── crt_short │ │ │ │ │ ├── crt.h │ │ │ │ │ ├── stdlib.h │ │ │ │ │ ├── assert.h │ │ │ │ │ ├── conv.h │ │ │ │ │ ├── memory.h │ │ │ │ │ ├── varargs.h │ │ │ │ │ └── crtdefs.h │ │ │ ├── compiler_dependent │ │ │ │ ├── cx_vc_sal.h │ │ │ │ └── types │ │ │ │ │ └── cx_msvc_types.h │ │ │ ├── base │ │ │ │ ├── cx_intrin.h │ │ │ │ ├── cx_mem.h │ │ │ │ ├── cx_sal.h │ │ │ │ ├── cx_elementary_types.h │ │ │ │ └── cx_synchronization.h │ │ │ ├── crt │ │ │ │ ├── crt_crt.h │ │ │ │ ├── crt_stdlib.h │ │ │ │ ├── crt_conv.h │ │ │ │ ├── crt_assert.h │ │ │ │ ├── crt_memory.h │ │ │ │ ├── crt_crtdefs.h │ │ │ │ └── crt_varargs.h │ │ │ ├── cx_native.h │ │ │ ├── interfaces │ │ │ │ └── data_structures │ │ │ │ │ ├── cx_queue_interface.h │ │ │ │ │ └── cx_addremove_interface.h │ │ │ └── data_structures │ │ │ │ └── cx_interlocked_static_queue.h │ │ └── cx_shared.h │ ├── km │ │ ├── cx_km.h │ │ └── cxqueuekernel.h │ └── um │ │ └── cx_um.h │ └── src │ └── shared │ └── native │ ├── crt │ ├── native_crt_assert.c │ └── native_crt_stdlib.c │ ├── wrappers │ └── crt │ │ ├── wrapper_fltused.c │ │ ├── wrapper_crt_conv.c │ │ └── wrapper_crt_memory.c │ └── base │ └── compiler_dependent │ └── memlib │ └── X64 │ ├── CxMemCompare.asm │ ├── CxMemScan.asm │ └── CxMemZero.asm ├── napoca ├── include │ ├── external_interface │ │ ├── wintypes_interface.h │ │ └── kernel_interface.h │ ├── forcerebuild.h │ ├── communication │ │ ├── intro_apptype.h │ │ ├── comm_msg.h │ │ ├── comm_guest.h │ │ └── guestcommands.h │ ├── napoca.h │ ├── boot │ │ ├── devres.h │ │ ├── phase2.h │ │ └── boot.h │ ├── memory │ │ ├── spp.h │ │ ├── fastmap.h │ │ └── cachedef.h │ ├── debug │ │ ├── debug_store.h │ │ ├── stackdump.h │ │ └── emu_debug.h │ ├── napocadefs.h │ ├── guests │ │ ├── code_scan.h │ │ ├── bios_handlers.h │ │ └── os_detect.h │ ├── kernel │ │ ├── intelhwp.h │ │ ├── gs_utils.h │ │ ├── simplechecksum.h │ │ ├── pcpu_common.h │ │ ├── hypercall.h │ │ ├── recspinlock.h │ │ └── newcore.h │ ├── base │ │ ├── ilockrr.h │ │ ├── idvector.h │ │ └── refcount.h │ ├── core.h │ └── introspection │ │ ├── glue_layer │ │ ├── introtimer.h │ │ ├── introhvcall.h │ │ └── introheap.h │ │ ├── introengine.h │ │ └── intronapoca.h ├── crt │ └── nd_crt.c ├── bios_hooks.nasm ├── kernel │ ├── except.nasm │ ├── global.c │ ├── simplechecksum.c │ ├── pcpu.nasm │ ├── _gs_checks.nasm │ ├── gs_checks.c │ ├── gs_utils.c │ └── vcpu64.nasm ├── version │ └── version.c ├── introspection │ └── glue_layer │ │ ├── introheap.c │ │ ├── introhvcall.c │ │ └── introtimer.c ├── guests │ └── code_scan.c └── debug │ └── perfstats.c ├── uefi ├── EfiPreloader │ ├── preload.h │ └── efi_preloader.vcxproj.filters └── EfiLoader │ ├── hvlib.c │ ├── newload.h │ └── debug.h ├── include ├── hvefi.h ├── common │ ├── external_interface │ │ ├── wintypes_interface.h │ │ ├── disasm_types.h │ │ ├── kernel_interface.h │ │ └── ringbuf_interface.h │ ├── boot │ │ └── bootdefs.h │ └── kernel │ │ └── napoca_version.h ├── public │ └── common_types.h ├── ver.h └── udtypes.h ├── .gitignore ├── .gitmodules ├── winguest_sample ├── include │ ├── cmdline.h │ ├── feedback.h │ └── imports.h ├── src │ └── main.c └── winguest_sample.vcxproj.filters ├── doxygen └── doxygen.vcxproj.filters └── common └── communication ├── vmcall32.nasm └── vmcall64.nasm /tools/vsyasm/yasm.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bitdefender/napoca/HEAD/tools/vsyasm/yasm.exe -------------------------------------------------------------------------------- /winguest/tools/prjver.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bitdefender/napoca/HEAD/winguest/tools/prjver.exe -------------------------------------------------------------------------------- /winguest/winguest/scripts/winguest_security.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/bitdefender/napoca/HEAD/winguest/winguest/scripts/winguest_security.exe -------------------------------------------------------------------------------- /winguest/winguest/scripts/winguest_uninstall.cmd: -------------------------------------------------------------------------------- 1 | @echo off 2 | pushd %~dp0 3 | wdfinst.exe remove {8a5531a8-2c02-482e-9b2e-99f8cacecc9d}\BdWinguest 4 | popd -------------------------------------------------------------------------------- /winguest/winguest/scripts/winguest_install.cmd: -------------------------------------------------------------------------------- 1 | @echo off 2 | pushd %~dp0 3 | wdfinst.exe install winguest.inf {8a5531a8-2c02-482e-9b2e-99f8cacecc9d}\BdWinguest 4 | popd -------------------------------------------------------------------------------- /winguest/winguestdll/external_interface/wintypes_interface.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #pragma once 7 | #include -------------------------------------------------------------------------------- /autogen/loaderscfg.h: -------------------------------------------------------------------------------- 1 | #ifndef _LOADERSCFG_H_ 2 | #define _LOADERSCFG_H_ 3 | 4 | #define CFG_ALLOWEDRETRIES 3 5 | #define CFG_BYPASSHV 0 6 | 7 | 8 | 9 | #endif 10 | -------------------------------------------------------------------------------- /winguest/winguest/scripts/winguest_reinstall.cmd: -------------------------------------------------------------------------------- 1 | @echo off 2 | pushd %~dp0 3 | wdfinst.exe remove {8a5531a8-2c02-482e-9b2e-99f8cacecc9d}\BdWinguest 4 | wdfinst.exe install winguest.inf {8a5531a8-2c02-482e-9b2e-99f8cacecc9d}\BdWinguest 5 | 6 | popd -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/wrappers/cx_winsal.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef CX_WINSAL_H 7 | #define CX_WINSAL_H 8 | 9 | #include 10 | 11 | #endif //CX_WINSAL_H -------------------------------------------------------------------------------- /winguest/winguest/winguest.cdf: -------------------------------------------------------------------------------- 1 | [CatalogHeader] 2 | Name=winguest.cat 3 | PublicVersion=0x00000001 4 | EncodingType=0x00010001 5 | CATATTR1=0x10010001:OSAttr:2:5.0 6 | [CatalogFiles] 7 | winguest.sys=winguest.sys 8 | winguest.inf=winguest.inf 9 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/compiler_dependent/cx_vc_sal.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef CX_VC_SAL_H 7 | #define CX_VC_SAL_H 8 | 9 | #include "sal.h" 10 | 11 | #endif //CX_VC_SAL_H -------------------------------------------------------------------------------- /winguest/winguestdll/utils_kernel.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #pragma once 7 | 8 | NTSTATUS 9 | EnumEfiPartitions( 10 | std::vector &Partitions 11 | ); 12 | -------------------------------------------------------------------------------- /napoca/include/external_interface/wintypes_interface.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _WINTYPES_INTERFACE_H_ 7 | #define _WINTYPES_INTERFACE_H_ 8 | 9 | #include "napoca.h" 10 | 11 | #endif 12 | -------------------------------------------------------------------------------- /winguest/winguest/external_interface/wintypes_interface.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _WINTYPES_INTERFACE_H_ 7 | #define _WINTYPES_INTERFACE_H_ 8 | 9 | #include "driver.h" 10 | 11 | #endif 12 | -------------------------------------------------------------------------------- /napoca/include/forcerebuild.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef __REBUILD__ 7 | #define __REBUILD__ 8 | 9 | #define REBUILD_BUILDTIME 1579790662 10 | 11 | #endif //__REBUILD__ 12 | -------------------------------------------------------------------------------- /_external/codex/inc/km/cx_km.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef __CX_KM_H__ 7 | #define __CX_KM_H__ 8 | 9 | #include 10 | #include 11 | #include 12 | #include 13 | 14 | #endif // __CX_KM_H__ 15 | -------------------------------------------------------------------------------- /winguest/winguestdll/crc32.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CRC32_H_ 7 | #define _CRC32_H_ 8 | 9 | DWORD 10 | Crc32( 11 | _In_ DWORD ContinuationValue, 12 | _In_ VOID* Buffer, 13 | _In_ QWORD BufferSize 14 | ); 15 | 16 | #endif // _CRC32_H_ -------------------------------------------------------------------------------- /uefi/EfiPreloader/preload.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _PRELOAD_H_ 7 | #define _PRELOAD_H_ 8 | 9 | 10 | #include 11 | #include 12 | #include 13 | #include 14 | 15 | #endif // _PRELOAD_H_ 16 | 17 | -------------------------------------------------------------------------------- /winguest/winguestdll/ccom_mgr.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #pragma once 7 | 8 | class CComInitMgr 9 | { 10 | public: 11 | CComInitMgr(); 12 | ~CComInitMgr(); 13 | bool Initialized() const; 14 | 15 | private: 16 | bool m_ComInitialized; 17 | }; 18 | -------------------------------------------------------------------------------- /include/hvefi.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef HV_EFI_H 7 | #define HV_EFI_H 8 | 9 | // guid used to identify all the EFI environment variables associated with the hypervisor 10 | #define HVSEC_BDHV_GUID {0xe15d1e5, 0x113a, 0x45a3, {0xa4, 0x2b, 0x2a, 0x99, 0x8f, 0xcf, 0xb9, 0x64}} 11 | 12 | #endif -------------------------------------------------------------------------------- /_external/codex/inc/shared/cx_shared.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef __CX_SHARED_H__ 7 | #define __CX_SHARED_H__ 8 | 9 | // pull correct headers for kernel mode or user mode 10 | #ifdef KERNEL_MODE 11 | #include "cx_km.h" 12 | #else 13 | #include "cx_um.h" 14 | #include 15 | #endif 16 | 17 | #endif // __CX_SHARED_H__ -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/base/cx_intrin.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CX_INTRIN_H_ 7 | #define _CX_INTRIN_H_ 8 | 9 | #include "base/cx_env.h" 10 | 11 | #ifdef CX_MSVC 12 | #include "compiler_dependent/intrin/cx_msvc_intrin.h" 13 | #else 14 | #include "compiler_dependent/intrin/cx_linux_intrin.h" 15 | #endif 16 | 17 | 18 | #endif // _CX_INTRIN_H_ -------------------------------------------------------------------------------- /include/common/external_interface/wintypes_interface.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // This file documents the interface declarations needed for compiling shared files that use 8 | // unsafe windows-style types (DWORD, NTSTATUS an so on). Intro public headers and dacia_types 9 | // are examples of shared files needing these definitions 10 | // 11 | 12 | 13 | -------------------------------------------------------------------------------- /include/common/external_interface/disasm_types.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _DISASM_TYPES_H_ 7 | #define _DISASM_TYPES_H_ 8 | 9 | #include "cx_native.h" 10 | typedef CX_UINT8 uint8_t; 11 | typedef CX_UINT16 uint16_t; 12 | typedef CX_UINT32 uint32_t; 13 | typedef CX_UINT64 uint64_t; 14 | typedef CX_BOOL bool; 15 | typedef CX_SIZE_T size_t; 16 | 17 | #endif 18 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | syntax: glob 2 | 3 | /_intdir 4 | *.obj 5 | *.ilk 6 | *.dep 7 | *.sbr 8 | *.ncb 9 | *.user 10 | *.log 11 | *.tlog 12 | *.sdf 13 | *.suo 14 | *.opensdf 15 | *.idb 16 | /bin 17 | *.*bkp 18 | *.mac 19 | *.FileListAbsolute.txt 20 | *.vcxprojAssemblyReference.cache 21 | objchk_* 22 | objfre_* 23 | .*swp 24 | *.pyc 25 | /tags 26 | .vs 27 | ipch/ 28 | autogen/cmdlines 29 | autogen 30 | doc 31 | grub-*-for-windows.zip 32 | grub 33 | install 34 | -------------------------------------------------------------------------------- /napoca/crt/nd_crt.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "napoca.h" 7 | 8 | int 9 | nd_vsnprintf_s(char *str, CX_SIZE_T sizeOfBuffer, CX_SIZE_T count, const char *format, va_list args) 10 | { 11 | UNREFERENCED_PARAMETER(sizeOfBuffer); 12 | 13 | return crt_rpl_vsnprintf(str, count, format, args); 14 | } 15 | 16 | void* 17 | nd_memset(void *s, int c, CX_SIZE_T n) 18 | { 19 | return crt_memset(s, c, n); 20 | } -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/crt/crt_crt.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CRT_HV_CRT_H_ 7 | #define _CRT_HV_CRT_H_ 8 | 9 | #include "cx_native.h" 10 | #include "base/cx_sal.h" 11 | 12 | #include "crt_crtdefs.h" 13 | #include "crt_assert.h" 14 | #include "crt_varargs.h" 15 | #include "crt_memory.h" 16 | #include "crt_string.h" 17 | #include "crt_conv.h" 18 | #include "crt_stdlib.h" 19 | 20 | 21 | #endif // _CRT_HV_CRT_H_ -------------------------------------------------------------------------------- /napoca/bios_hooks.nasm: -------------------------------------------------------------------------------- 1 | ; 2 | ; Copyright (c) 2020 Bitdefender 3 | ; SPDX-License-Identifier: Apache-2.0 4 | ; 5 | 6 | section .text 7 | 8 | ; 9 | ; Guest interrupt handlers/hooks, originally part of _init32.nasm 10 | ; 11 | 12 | ; 13 | ; Exported symbols 14 | ; 15 | 16 | global __RealModeHookPre 17 | global __RealModeHookPost 18 | global __RealModeHookStubEnd 19 | 20 | 21 | align 0x100 22 | __RealModeHookPre: 23 | vmcall 24 | __RealModeHookPost: 25 | vmcall 26 | iret 27 | __RealModeHookStubEnd: 28 | 29 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/crt/crt_stdlib.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CRT_STDLIB_H_ 7 | #define _CRT_STDLIB_H_ 8 | 9 | #include "cx_native.h" 10 | #include "crt/crt_memory.h" 11 | 12 | #define CRT_RAND_MAX CX_INT32_MAX_VALUE // maximum value returned by crt_rand() (0..CRT_RAND_MAX) 13 | 14 | CX_VOID crt_srand(CX_INT32 seed); 15 | CX_INT32 crt_rand(CX_VOID); 16 | /// ... 17 | 18 | #endif // _CRT_STDLIB_H_ 19 | -------------------------------------------------------------------------------- /napoca/include/communication/intro_apptype.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _INTRO_APPTYPE_H_ 7 | #define _INTRO_APPTYPE_H_ 8 | 9 | #define NAPOCA_APPTYPE_BROWSER 0x0000000000000001ULL 10 | #define NAPOCA_APPTYPE_EMAIL 0x0000000000000002ULL 11 | #define NAPOCA_APPTYPE_OFFICE 0x0000000000000004ULL 12 | #define NAPOCA_APPTYPE_ADOBE_READER 0x0000000000000008ULL 13 | 14 | #endif //_INTRO_APPTYPE_H_ 15 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/base/cx_mem.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CX_MEM_H_ 7 | #define _CX_MEM_H_ 8 | 9 | /// Note: this file assumes defined CX_USE_SSE2 or CX_USE_MMX for optimized versions of provided functions! 10 | 11 | #include "base/cx_env.h" 12 | 13 | #ifdef CX_MSVC 14 | #include "compiler_dependent/base/cx_msvc_mem.h" 15 | #else 16 | #include "compiler_dependent/base/cx_linux_mem.h" 17 | #endif 18 | 19 | 20 | #endif // _CX_MEM_H_ -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "acpica"] 2 | path = acpica 3 | url = https://github.com/bitdefender/acpica.git 4 | branch = napoca-custom 5 | [submodule "VisualUefi"] 6 | path = uefi/VisualUefi 7 | url = https://github.com/bitdefender/VisualUefi.git 8 | branch = napoca-custom 9 | [submodule "json"] 10 | path = libraries/json 11 | url = https://github.com/nlohmann/json.git 12 | [submodule "hvmi"] 13 | path = hvmi 14 | url = https://github.com/bitdefender/hvmi.git 15 | -------------------------------------------------------------------------------- /winguest/winguest/updates.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | 7 | #ifndef _SIGNATURES_H_ 8 | #define _SIGNATURES_H_ 9 | 10 | #include "common/kernel/napoca_version.h" 11 | 12 | NTSTATUS 13 | UpdateModule( 14 | _In_ PUNICODE_STRING FilePath, 15 | _In_ DWORD ModuleId, 16 | _In_opt_ PVOID ModuleCustomData, 17 | _In_opt_ DWORD ModuleCustomDataSize, 18 | _Out_ NAPOCA_VERSION *NewVersion 19 | ); 20 | 21 | #endif // _SIGNATURES_H_ 22 | -------------------------------------------------------------------------------- /winguest/winguest/init.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef __WINGUEST_INIT_H__ 7 | #define __WINGUEST_INIT_H__ 8 | 9 | #include "winguest_types.h" 10 | 11 | NTSTATUS 12 | WinguestInitialize( 13 | _In_ struct _DRIVER_OBJECT *DriverObject 14 | ); 15 | 16 | NTSTATUS 17 | WinguestDelayedInitialization( 18 | void 19 | ); 20 | 21 | NTSTATUS 22 | WinguestUninitialize( 23 | void 24 | ); 25 | 26 | #endif //__WINGUEST_INIT_H__ 27 | -------------------------------------------------------------------------------- /uefi/EfiLoader/hvlib.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "uefi_internal.h" 7 | #include "MemDebugLib/MemDebugLib.c" 8 | #include "FileOperationsLib/FileOperationsLib.c" 9 | 10 | EFI_GUID gEfiCertSha384Guid = EFI_CERT_SHA384_GUID; 11 | EFI_GUID gEfiCertX509Sha512Guid = EFI_CERT_X509_SHA512_GUID; 12 | EFI_GUID gEfiCertX509Sha256Guid = EFI_CERT_X509_SHA256_GUID; 13 | EFI_GUID gEfiCertX509Sha384Guid = EFI_CERT_X509_SHA384_GUID; 14 | EFI_GUID gEfiCertSha512Guid = EFI_CERT_SHA512_GUID; -------------------------------------------------------------------------------- /napoca/kernel/except.nasm: -------------------------------------------------------------------------------- 1 | ; 2 | ; Copyright (c) 2020 Bitdefender 3 | ; SPDX-License-Identifier: Apache-2.0 4 | ; 5 | 6 | section .text 7 | 8 | %define EXCEPT_HAS_PCPU 9 | %define EX_FPU_RESERVED_SIZE 2048 10 | %define EX_FPU_REG_SIZE 128 11 | %define EX_SAVE_XCR0 1 12 | %define EX_PRESERVE_FPU_STATE 2 13 | %define EX_ZERO_FPU_SAVE_AREA 1 14 | 15 | %ifdef __YASM_MAJOR__ 16 | %include "pcpu.nasm" 17 | %include "..\..\asmlib\except.nasm" 18 | %else 19 | %include "kernel\pcpu.nasm" 20 | %include "except.nasm" 21 | %endif 22 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/base/cx_sal.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CX_SAL_H_ 7 | #define _CX_SAL_H_ 8 | 9 | #include "base/cx_env.h" 10 | 11 | #ifdef CX_MSVC 12 | #include "compiler_dependent/cx_vc_sal.h" 13 | 14 | #ifndef KERNEL_MODE 15 | _Analysis_mode_(_Analysis_code_type_user_code_) 16 | #endif // USER_MODE 17 | _Analysis_mode_(_Analysis_local_leak_checks_) 18 | 19 | #else 20 | #include "compiler_dependent/cx_vc_sal.h" 21 | #endif 22 | 23 | 24 | #endif // _CX_SAL_H_ 25 | -------------------------------------------------------------------------------- /napoca/kernel/global.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /** @file global.c 7 | * @brief GLOBAL - global kernel data 8 | * 9 | */ 10 | 11 | #include "core.h" 12 | #include "kernel/kernel.h" 13 | 14 | GLOBAL_DATA gHypervisorGlobalData; ///< The Hypervisor global data 15 | 16 | VIRTUALIZATION_FEATURES gVirtFeatures = { 0 }; ///< The virtualization features found on the current platform 17 | 18 | CX_VOID *gTempE820 = CX_NULL; ///< E820 map prepared by our loader -------------------------------------------------------------------------------- /winguest/winguestdll/resource.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | //{{NO_DEPENDENCIES}} 7 | // Microsoft Visual C++ generated include file. 8 | // Used by resource.rc 9 | // 10 | 11 | // Next default values for new objects 12 | // 13 | #ifdef APSTUDIO_INVOKED 14 | #ifndef APSTUDIO_READONLY_SYMBOLS 15 | #define _APS_NEXT_RESOURCE_VALUE 101 16 | #define _APS_NEXT_COMMAND_VALUE 40001 17 | #define _APS_NEXT_CONTROL_VALUE 1001 18 | #define _APS_NEXT_SYMED_VALUE 101 19 | #endif 20 | #endif 21 | -------------------------------------------------------------------------------- /napoca/include/communication/comm_msg.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | 7 | #ifndef _COMM_MSG_H_ 8 | #define _COMM_MSG_H_ 9 | 10 | // GUEST -> HV 11 | #define RBX_GUEST_MAGIC 0x88611357 12 | 13 | typedef enum _MSG_TYPE { //set in EAX/RAX 14 | cmdTestCommand = 0, 15 | cmdSetOpt, 16 | cmdGetOpt, 17 | cmdInitCommunication, 18 | cmdUninitCommunication, 19 | cmdEnableInterrupts, 20 | cmdDisableInterrupts, 21 | } MSG_TYPE; 22 | 23 | // 24 | 25 | //HV -> GUEST 26 | 27 | 28 | #endif //_COMM_MSG_H_ -------------------------------------------------------------------------------- /napoca/include/napoca.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #pragma once 7 | #ifndef _NAPOCA_H_ 8 | #define _NAPOCA_H_ 9 | 10 | // unsafe sal, basic CX_UINT8/CX_UINT16 etc types, memzero/memcpy etc operations, 11 | #include "core.h" 12 | #include "napocadefs.h" 13 | 14 | #include "kernel/hvintrin.h" 15 | #include "kernel/cpuops.h" // complementary definitions for what's missing from hvintrin.h 16 | 17 | // napoca logging 18 | #include "io/io.h" 19 | 20 | #include "kernel/pcpu_common.h" 21 | #include "kernel/queue_ipc_common.h" 22 | #endif -------------------------------------------------------------------------------- /napoca/kernel/simplechecksum.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "kernel/simplechecksum.h" 7 | 8 | CX_UINT64 9 | HvChecksum64Ex( 10 | _In_ CX_UINT8 *Buffer, 11 | _In_ CX_UINT64 Size, 12 | _In_ CX_UINT64 Start 13 | ) 14 | { 15 | CX_UINT64 hash = Start; 16 | 17 | while (Size--) 18 | hash = (hash * 33) + *Buffer++; 19 | 20 | return hash + (hash >> 5); 21 | } 22 | 23 | CX_UINT64 24 | HvChecksum64( 25 | _In_ CX_UINT8 *Buffer, 26 | _In_ CX_UINT64 Size 27 | ) 28 | { 29 | return HvChecksum64Ex(Buffer, Size, 0); 30 | } -------------------------------------------------------------------------------- /winguest/winguestdll/base64.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _BASE64_H_ 7 | #define _BASE64_H_ 8 | 9 | #define GetToBase64Size(Length) ((((Length + 2) / 3) * 4) + 1) 10 | #define GetFromBase64Size(Length) ((Length / 4) * 3) 11 | 12 | NTSTATUS 13 | Tobase64( 14 | _Out_ CHAR *Out, 15 | _In_ const BYTE *In, 16 | _In_ QWORD InLength, 17 | _In_ QWORD OutLength 18 | ); 19 | 20 | NTSTATUS 21 | FromBase64( 22 | _Out_ BYTE *Out, 23 | _In_ const CHAR *In, 24 | _In_ QWORD OutLength 25 | ); 26 | 27 | #endif // _BASE64_H_ 28 | -------------------------------------------------------------------------------- /autogen/napoca_buildconfig.h: -------------------------------------------------------------------------------- 1 | #ifndef _NAPOCA_BUILDCONFIG_H_ 2 | #define _NAPOCA_BUILDCONFIG_H_ 3 | 4 | #define CFG_DEBUG_TRACE_SPINLOCKS 1 5 | #define CFG_FEATURES_CMDLINE_ENABLED 1 6 | #define CFG_FEATURES_OPENSSLSUPPORT 1 7 | 8 | 9 | #define SYMBOL_LIST {"CFG_DEBUG_TRACE_SPINLOCKS", UD_TYPE_NUMBER, (UD_NUMBER) CFG_DEBUG_TRACE_SPINLOCKS},\ 10 | {"CFG_FEATURES_CMDLINE_ENABLED", UD_TYPE_NUMBER, (UD_NUMBER) CFG_FEATURES_CMDLINE_ENABLED},\ 11 | {"CFG_FEATURES_OPENSSLSUPPORT", UD_TYPE_NUMBER, (UD_NUMBER) CFG_FEATURES_OPENSSLSUPPORT} 12 | 13 | #endif 14 | -------------------------------------------------------------------------------- /napoca/include/boot/devres.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _DEVRES_ 7 | #define _DEVRES_ 8 | 9 | #include "core.h" 10 | 11 | /// @brief Creates a memory map with the memory ranges used by the devices, reported by the _CRS method 12 | /// 13 | /// @returns CX_STATUS_SUCCESS - Everything went as expected, the map was created 14 | /// @returns OTHER - Internal error, on our side or from the ACPICA library's side 15 | CX_STATUS 16 | DevresLoadMemoryResourcesAcpi( 17 | CX_VOID 18 | ); 19 | 20 | #endif //_DEVRES_ 21 | -------------------------------------------------------------------------------- /napoca/kernel/pcpu.nasm: -------------------------------------------------------------------------------- 1 | ; 2 | ; Copyright (c) 2020 Bitdefender 3 | ; SPDX-License-Identifier: Apache-2.0 4 | ; 5 | 6 | STRUC PCPU 7 | .Self resq 1 8 | .Id resd 1 9 | .BootInfoIndex resd 1 10 | .VmxActivated resb 1 11 | .IsIntel resb 1 12 | .Vcpu resq 1 13 | .VmxOnPa resq 1 14 | .TempRCX resq 1 15 | .TopOfStack resq 1 16 | .UseXsave resb 1 17 | .UseXsaveopt resb 1 18 | .FpuSaveSize resd 1 19 | .Xcr0AvailMaskLow resd 1 20 | .Xcr0AvailMaskHigh resd 1 21 | ENDSTRUC 22 | -------------------------------------------------------------------------------- /napoca/include/memory/spp.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /// @ingroup spp 7 | /// @{ 8 | #ifndef _SPP_H_ 9 | #define _SPP_H_ 10 | 11 | #include "core.h" 12 | #include "base/cx_sal.h" 13 | #include "wrappers/cx_winsal.h" 14 | #include "memory/tas.h" 15 | 16 | NTSTATUS 17 | SppSetPageProtection( 18 | _In_ MEM_ALIGNED_PA GuestPhysicalAddress, 19 | _In_ QWORD SppValue 20 | ); 21 | 22 | NTSTATUS 23 | SppGetPageProtection( 24 | _In_ MEM_ALIGNED_PA GuestPhysicalAddress, 25 | _Out_ QWORD *SppValue 26 | ); 27 | 28 | #endif // _SPP_H_ 29 | /// @} -------------------------------------------------------------------------------- /include/public/common_types.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _COMMON_TYPES_H_ 7 | #define _COMMON_TYPES_H_ 8 | 9 | // used to query the version for a component (at runtime) 10 | typedef enum _BIN_COMPONENT 11 | { 12 | compWinguestSys = 1, 13 | compWinguestDll = 2, 14 | compNapoca = 3, 15 | compIntro = 4, 16 | compExceptions = 5 17 | }BIN_COMPONENT, *PBIN_COMPONENT; 18 | 19 | typedef enum _BOOT_MODE { 20 | bootUnknown = 0, 21 | bootMbr = 1, 22 | bootMbrPxe = 2, 23 | bootUefi = 3, 24 | bootUefiPxe = 4, 25 | }BOOT_MODE, *PBOOT_MODE; 26 | 27 | #endif // _COMMON_TYPES_H_ 28 | -------------------------------------------------------------------------------- /napoca/kernel/_gs_checks.nasm: -------------------------------------------------------------------------------- 1 | ; 2 | ; Copyright (c) 2020 Bitdefender 3 | ; SPDX-License-Identifier: Apache-2.0 4 | ; 5 | 6 | section .text 7 | 8 | global __security_check_cookie 9 | 10 | extern __report_cookie_corruption 11 | extern __security_cookie 12 | 13 | [BITS 64] 14 | align 0x10, db 0 15 | __security_check_cookie: 16 | ; store rax 17 | cmp rcx, [rel __security_cookie] ; yasm: [__security_cookie wrt rip] 18 | 19 | je .end 20 | 21 | jmp __report_cookie_corruption 22 | 23 | ; we should NOT return, we should UNLOAD 24 | ; this generates the 2 byte codification of the INT3 interrupt 25 | int 3 26 | 27 | .end: 28 | ret 29 | -------------------------------------------------------------------------------- /winguest/winguest/driver.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _DRIVER_H_ 7 | #define _DRIVER_H_ 8 | 9 | #include "version.h" 10 | #include "winguest_status.h" 11 | #include "winguest_types.h" 12 | 13 | #define APIC_ID_CACHE_CLEAR CX_UINT8_MAX_VALUE 14 | extern CX_UINT8 gSavedApicIdForCpu[255]; 15 | 16 | int 17 | WinguestExceptionFilter( 18 | _In_ struct _EXCEPTION_POINTERS *ep, 19 | _In_ PCHAR File, 20 | _In_ DWORD Line 21 | ); 22 | 23 | NTSTATUS 24 | WinguestLockDevice( 25 | void 26 | ); 27 | 28 | NTSTATUS 29 | WinguestUnlockDevice( 30 | void 31 | ); 32 | 33 | #endif //_WINGUEST_H_ -------------------------------------------------------------------------------- /autogen/efi_buildconfig.h: -------------------------------------------------------------------------------- 1 | #ifndef _EFI_BUILDCONFIG_H_ 2 | #define _EFI_BUILDCONFIG_H_ 3 | 4 | #define CFG_UEFI_CONFIG_FILE "EFI\\NapocaHv\\config.cfg" 5 | #define CFG_UEFI_INSTALL_DIR "EFI\\NapocaHv" 6 | #define CFG_UEFI_MEMLOG_AUTOFLUSH 0 7 | #define CFG_UEFI_MEMLOG_OUT 1 8 | #define CONF_BYPASSHV_BYPASS 1 9 | #define CONF_BYPASSHV_NONE 0 10 | #define CONF_BYPASSHV_SIMULATE 2 11 | #define MAX_LOAD_SIZE 0x2000000 12 | #define UEFI_TEST_EXCEPTIONS 0 13 | 14 | 15 | 16 | #endif 17 | -------------------------------------------------------------------------------- /uefi/EfiLoader/newload.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _NEWLOAD_H_ 7 | #define _NEWLOAD_H_ 8 | 9 | #include "uefi_internal.h" 10 | 11 | #define HV_LOG_LENGTH (200 * 1024) 12 | extern UINT8 *gHvLogPhysicalAddress; 13 | extern UINT32 gHvLogSize; 14 | 15 | EFI_STATUS 16 | UefiAllocHibernateBuffer( 17 | IN UINTN Size 18 | ); 19 | 20 | EFI_STATUS 21 | UefiSetupModules( 22 | _In_ QWORD TempMemNumberOfBytes, 23 | _Inout_ QWORD *Cr3, // set to 0 the actual *Cr3 QWORD before the call if there is no pml4 root already set up 24 | _In_ QWORD NapocaBase, 25 | _In_ QWORD NapocaLength, 26 | _In_ QWORD NumberOfGuests 27 | ); 28 | 29 | #endif -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/wrappers/crt_short/crt.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifdef crt_INC_SETTINGS_CRT_H 7 | #include crt_INC_SETTINGS_CRT_H // define it to some .h file name/path if you want to provide settings 8 | #endif 9 | 10 | 11 | #ifndef _CRT_CRT_WRAPPER_ 12 | #define _CRT_CRT_WRAPPER_ 13 | #include "crt/crt_crt.h" 14 | #include "wrappers/crt_short/crtdefs.h" 15 | #include "wrappers/crt_short/assert.h" 16 | #include "wrappers/crt_short/varargs.h" 17 | #include "wrappers/crt_short/memory.h" 18 | #include "wrappers/crt_short/string.h" 19 | #include "wrappers/crt_short/conv.h" 20 | #include "wrappers/crt_short/stdlib.h" 21 | 22 | 23 | #endif //_CRT_CRT_WRAPPER_ 24 | -------------------------------------------------------------------------------- /include/ver.h: -------------------------------------------------------------------------------- 1 | #ifndef __VER_H__ 2 | #define __VER_H__ 3 | 4 | #define GLOBAL_VERSION_BRANCH "develop" 5 | #define GLOBAL_VERSION_BUILDMACHINE "p-tdi" 6 | #define GLOBAL_VERSION_BUILDNUMBER 150068255 7 | #define GLOBAL_VERSION_CHANGESET "ce907032c" 8 | #define GLOBAL_VERSION_GITBRANCH "develop" 9 | #define GLOBAL_VERSION_GITCHANGESET "ce907032c" 10 | #define GLOBAL_VERSION_GITLOCALREVISION 15006 11 | #define GLOBAL_VERSION_LOCALREVISION 15006 12 | #define GLOBAL_VERSION_MAJOR 1 13 | #define GLOBAL_VERSION_MINOR 13 14 | #define GLOBAL_VERSION_REVISION 0 15 | 16 | #endif //__VER_H__ 17 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/cx_native.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // Mandatory includes (if any one of these headers aren't included in native code headers or sources, 8 | // no functions can be properly declared) 9 | // Do not add any additional includes here unless they are needed for providing the most basic definitions. 10 | // 11 | 12 | #ifndef _CX_NATIVE_H_ 13 | #define _CX_NATIVE_H_ 14 | 15 | #include "base/cx_env.h" 16 | #include "base/cx_sal.h" /// include sal before cx_types if you want the CX_STATUS type to be SAL-aware! 17 | #include "base/cx_types.h" 18 | #include "base/cx_defs.h" 19 | #include "base/cx_status.h" 20 | 21 | 22 | #endif // _CX_NATIVE_H_ 23 | -------------------------------------------------------------------------------- /_external/codex/inc/um/cx_um.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef __CX_UM_H__ 7 | #define __CX_UM_H__ 8 | 9 | // include standard user mode headers and get also standard NTSTATUS defines 10 | #include 11 | #include 12 | #define WIN32_NO_STATUS // avoid redefinition of some NTSTATUS defines 13 | #include 14 | 15 | #include 16 | 17 | // define NTSTATUS only if it is not already defined 18 | // it can be defined by including ntdef.h or bcrypt.h which in turn includes ntdef.h 19 | #ifndef _NTDEF_ 20 | typedef _Return_type_success_(return >= 0) LONG NTSTATUS; 21 | typedef NTSTATUS *PNTSTATUS; 22 | #endif 23 | 24 | #endif // __CX_UM_H__ 25 | -------------------------------------------------------------------------------- /winguest/winguest/memory.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | 7 | #ifndef _MEMORY_H_ 8 | #define _MEMORY_H_ 9 | 10 | #define ExFreePoolWithTagAndNull(p, tag) \ 11 | { \ 12 | if ((p) && (*p)) \ 13 | { \ 14 | ExFreePoolWithTag((*(p)), tag); \ 15 | (*(p)) = NULL; \ 16 | } \ 17 | } 18 | 19 | #define TAG_STR ':RTS' ///< Tag that identifies string allocations 20 | #define TAG_MSG ':GSM' ///< Tag that identifies communication allocations 21 | #define TAG_BUF ':FUB' ///< Tag that identifies generic buffer allocations 22 | #define TAG_LOG ':GOL' ///< Tag that identifies logging allocations 23 | 24 | #endif //_MEMORY_H_ 25 | -------------------------------------------------------------------------------- /napoca/include/memory/fastmap.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // FASTMAP - fast VA-to-PA mapping support 7 | /// @ingroup fastmap 8 | /// @{ 9 | #ifndef _FASTMAP_H_ 10 | #define _FASTMAP_H_ 11 | 12 | 13 | void 14 | FmPreinit( 15 | void 16 | ); 17 | 18 | NTSTATUS 19 | FmInit( 20 | void 21 | ); 22 | 23 | NTSTATUS 24 | FmUninit( 25 | void 26 | ); 27 | 28 | NTSTATUS 29 | FmReserveRange( 30 | _In_ DWORD PageCount, 31 | _Out_ PVOID *VaPtr, 32 | _Out_ PQWORD *PtPtr 33 | ); 34 | 35 | NTSTATUS 36 | FmFreeRange( 37 | _Inout_ PVOID *VaPtr, 38 | _Inout_ PQWORD *PtPtr 39 | ); 40 | 41 | NTSTATUS 42 | FmDumpStats( 43 | _In_ DWORD Flags 44 | ); 45 | 46 | #endif // _FASTMAP_H_ 47 | 48 | /// @} -------------------------------------------------------------------------------- /uefi/EfiLoader/debug.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _DEBUG_H_ 7 | #define _DEBUG_H_ 8 | 9 | #include "uefi_internal.h" 10 | 11 | 12 | void 13 | UefiDbgDumpMemoryMap( 14 | void 15 | ); 16 | 17 | BOOLEAN 18 | InternalListHandlesAndProtocols( 19 | void 20 | ); 21 | 22 | #define _CR0_PG ((DWORD)1<<31) //0x8000 0000 ULL 23 | #define _CR0_WP ((DWORD)1<<16) 24 | #define _CR0_PE (1) 25 | #define _CR4_PSE ((DWORD)1<<4) 26 | #define _CR4_PAE ((DWORD)1<<5) 27 | #define _CR4_PGE ((DWORD)1<<7) 28 | #define _CR4_VMXE ((DWORD)1<<13) 29 | #define _CR4_SMXE ((DWORD)1<<14) 30 | #define _CR4_PCIDE ((DWORD)1<<17) 31 | #define _EFER_LME ((DWORD)1<<8) 32 | #define _EFER_LMA ((DWORD)1<<10) 33 | #define _EFER_NXE ((DWORD)1<<11) 34 | 35 | #endif -------------------------------------------------------------------------------- /winguest_sample/include/cmdline.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CMDLINE_H_ 7 | #define _CMDLINE_H_ 8 | 9 | #define WIN32_NO_STATUS 10 | #include 11 | #undef WIN32_NO_STATUS 12 | 13 | // If a command line has not been received at the start of the process, 14 | // we will have to request a string as an input from a user, a string that 15 | // will be transformed into a command line. 16 | // We consider that a 512 character limit is more than sufficient for that string 17 | #define MAX_USER_INPUT_STRING_LENGTH 512 18 | 19 | /**/ BOOLEAN CmdLineInit(VOID); 20 | /**/ NTSTATUS CmdLineMatchAndExecuteCommands(_In_ DWORD Argc, _In_ WCHAR **Argv); 21 | /**/ NTSTATUS CmdLineParseUserStringAndExecuteCommands(_In_ WCHAR *UserString); 22 | 23 | #endif // !_CMDLINE_H_ 24 | -------------------------------------------------------------------------------- /autogen/multibootdefs.nasm: -------------------------------------------------------------------------------- 1 | %define MULTIBOOT_NAMES_COUNT 7 2 | strCommandLine: db "commandLine", 0 3 | strExceptions: db "exceptions", 0 4 | strGuestLoader: db "guestLoader", 0 5 | strIntro: db "intro", 0 6 | strKernel: db "kernel", 0 7 | strLiveintroupd: db "liveintroupd", 0 8 | strSettings: db "settings", 0 9 | MultibootModuleNameToModId: 10 | dd RVA(strCommandLine), LD_MODID_COMMAND_LINE 11 | dd RVA(strExceptions), LD_MODID_INTRO_EXCEPTIONS 12 | dd RVA(strGuestLoader), LD_MODID_ORIG_MBR 13 | dd RVA(strIntro), LD_MODID_INTRO_CORE 14 | dd RVA(strKernel), LD_MODID_NAPOCA_IMAGE 15 | dd RVA(strLiveintroupd), LD_MODID_INTRO_LIVE_UPDATE 16 | dd RVA(strSettings), LD_MODID_MBR_SETTINGS -------------------------------------------------------------------------------- /winguest/winguestdll/grub_env.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _GRUB_ENV_H_ 7 | #define _GRUB_ENV_H_ 8 | 9 | NTSTATUS 10 | GrubEnvironmentParseRaw( 11 | _Out_ PVOID *Env, 12 | _In_ std::string const& Source 13 | ); 14 | 15 | void 16 | GrubEnvironmentFree( 17 | _Inout_ PVOID *Env 18 | ); 19 | 20 | NTSTATUS 21 | GrubEnvironmentGetRaw( 22 | _In_ PVOID Env, 23 | _Out_ std::string& Buffer 24 | ); 25 | 26 | NTSTATUS 27 | GrubEnvironmentSetValue( 28 | _In_ PVOID Env, 29 | _In_ std::string const &Key, 30 | _In_ std::string const &Value 31 | ); 32 | 33 | NTSTATUS 34 | GrubEnvironmentGetValue( 35 | _In_ PVOID Env, 36 | _In_ std::string const &Key, 37 | _Out_ std::string &Value 38 | ); 39 | 40 | #endif //_GRUB_ENV_H_ 41 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/crt/crt_conv.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CRT_CONV_H_ 7 | #define _CRT_CONV_H_ 8 | 9 | CX_INT32 __cdecl 10 | crt_strtol( 11 | _In_z_ const CX_INT8 *nptr, 12 | __out_opt CX_INT8 **endptr, 13 | _In_ CX_INT32 ibase ); 14 | 15 | CX_UINT32 __cdecl 16 | crt_strtoul( 17 | _In_z_ const CX_INT8 *nptr, 18 | __out_opt CX_INT8 **endptr, 19 | _In_ CX_INT32 ibase ); 20 | 21 | CX_INT64 __cdecl 22 | crt_strtoll( 23 | _In_z_ const CX_INT8 *nptr, 24 | __out_opt CX_INT8 **endptr, 25 | _In_ CX_INT32 ibase ); 26 | 27 | CX_UINT64 __cdecl 28 | crt_strtoull( 29 | _In_z_ const CX_INT8 *nptr, 30 | __out_opt CX_INT8 **endptr, 31 | _In_ CX_INT32 ibase ); 32 | 33 | #define crt_strtoq crt_strtoull 34 | 35 | #endif // _CRT_CONV_H_ 36 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/base/cx_elementary_types.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // Provide only the elementary, compiler-independent, set of types 8 | // 9 | #ifndef _CX_ELEMENTARY_TYPES_H_ 10 | #define _CX_ELEMENTARY_TYPES_H_ 11 | 12 | #include "base/cx_env.h" 13 | 14 | #ifdef CX_MSVC 15 | #include "compiler_dependent/types/cx_msvc_types.h" 16 | #define CX_HAVE_BASIC_TYPES 17 | #else 18 | #ifdef CX_CLANG 19 | #include "compiler_dependent/types/cx_unixtypes.h" 20 | #define CX_HAVE_BASIC_TYPES 21 | #else 22 | #ifdef CX_GNUC 23 | #include "compiler_dependent/types/cx_unixtypes.h" 24 | #define CX_HAVE_BASIC_TYPES 25 | #endif 26 | #endif 27 | #endif 28 | 29 | #ifndef CX_HAVE_BASIC_TYPES 30 | #error "Basic compiler-dependent types are not available!" 31 | #endif 32 | 33 | #endif //_CX_ELEMENTARY_TYPES_H_ 34 | -------------------------------------------------------------------------------- /napoca/include/debug/debug_store.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _DEBUG_STORE_H_ 7 | #define _DEBUG_STORE_H_ 8 | 9 | // 10 | // Set this to CX_TRUE if you want this feature enable 11 | // 12 | #define CFG_ENABLE_DEBUG_STORE CX_FALSE 13 | 14 | #include "coredefs.h" 15 | #include "base/cx_sal.h" 16 | #include "base/cx_defs.h" 17 | 18 | CX_STATUS 19 | DbgDsInit( 20 | _In_ PCPU *Pcpu 21 | ); 22 | 23 | CX_STATUS 24 | DbgDsUninit( 25 | _In_ PCPU *Pcpu 26 | ); 27 | 28 | CX_STATUS 29 | DbgDsStartBranchRecording( 30 | _In_ PCPU *Pcpu 31 | ); 32 | 33 | CX_STATUS 34 | DbgDsStopBranchRecording( 35 | _In_ PCPU *Pcpu 36 | ); 37 | 38 | CX_STATUS 39 | DbDsDumpBranches( 40 | _In_ PCPU *Pcpu 41 | ); 42 | 43 | 44 | #endif // _DEBUG_STORE_H_ 45 | -------------------------------------------------------------------------------- /napoca/include/memory/cachedef.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CACHEDEF_H_ 7 | #define _CACHEDEF_H_ 8 | 9 | #include "core.h" 10 | 11 | #define CHM_VA_TRANSLATIONS 128 12 | #define CHM_VA_PAGES 1 // no pages are actually cached, dummy 1-element array 13 | #define CHM_PA_TRANSLATIONS 512 14 | #define CHM_PA_PAGES 1 // no pages are actually cached, dummy 1-element array 15 | 16 | typedef struct _CHM_CACHE_ENTRY 17 | { 18 | SIZE_T SrcAddress; 19 | SIZE_T DstAddress; 20 | DWORD Priority; 21 | }CHM_CACHE_ENTRY; 22 | 23 | typedef struct _CHM_CACHE 24 | { 25 | DWORD NumberOfEntries; 26 | DWORD NumberOfUsedEntries; 27 | CHM_CACHE_ENTRY *Entries; 28 | }CHM_CACHE; 29 | 30 | #endif -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/crt/crt_assert.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CRT_ASSERT_ 7 | #define _CRT_ASSERT_ 8 | #include "base/cx_sal.h" 9 | typedef CX_VOID (*CRT_PFUNC_CRT_ASSERT_CALLBACK)(_In_ const CX_INT8 *File, _In_ CX_INT32 Line, _In_opt_ CX_INT8 *Message); 10 | 11 | #ifdef CX_DEBUG_BUILD 12 | extern CRT_PFUNC_CRT_ASSERT_CALLBACK volatile gNativeCrtAssert; 13 | #define crt_assert(x) __analysis_assume(x); { if (!(x) && (CX_NULL != gNativeCrtAssert)) gNativeCrtAssert(__FILE__, __LINE__, CX_NULL); } 14 | #define crtAssert2(x,f,l) __analysis_assume(x); { if (!(x) && (CX_NULL != gNativeCrtAssert)) gNativeCrtAssert(f, l, CX_NULL); } 15 | #else 16 | #define crt_assert(x) 17 | #define crtAssert2(x,f,l) 18 | #endif 19 | 20 | CX_INT32 21 | CrtSetOnlyOnceCrtAssertCallback( 22 | _In_ CRT_PFUNC_CRT_ASSERT_CALLBACK Callback ); 23 | 24 | #endif // _CRT_ASSERT_ -------------------------------------------------------------------------------- /_external/codex/src/shared/native/crt/native_crt_assert.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "crt/crt_crt.h" 7 | #include "base/cx_synchronization.h" 8 | #include "base/cx_env.h" 9 | 10 | // 11 | // global CRT crt_assert callback 12 | // 13 | CRT_PFUNC_CRT_ASSERT_CALLBACK volatile gNativeCrtAssert = CX_NULL; 14 | 15 | // 16 | // CrtSetOnlyOnceCrtAssertCallback 17 | // 18 | CX_INT32 19 | CrtSetOnlyOnceCrtAssertCallback( 20 | _In_ CRT_PFUNC_CRT_ASSERT_CALLBACK Callback 21 | ) 22 | { 23 | #ifdef CX_MSVC 24 | #pragma warning(suppress:4152) // nonstandard extension, function/data pointer conversion in expression 25 | return (0 == CxInterlockedCompareExchangePointer((CX_VOID *volatile *)&gNativeCrtAssert, Callback, CX_NULL)); 26 | #else 27 | return (0 == CxInterlockedCompareExchangePointer((CX_VOID *volatile *)&gNativeCrtAssert, Callback, CX_NULL)); 28 | #endif 29 | } -------------------------------------------------------------------------------- /autogen/efi_cmdline.txt: -------------------------------------------------------------------------------- 1 | CfgActiveOsLoad=1, 2 | CfgAllowedRetries=3, 3 | CfgBypassHv=0, 4 | CfgDebugBypassOnErrors=1, 5 | CfgDebugConfirmErrors=0, 6 | CfgDebugConfirmHv=0, 7 | CfgDebugConfirmOs=0, 8 | CfgDebugDumpCrashLog=1, 9 | CfgDebugDumpEnvironmentVariables=0, 10 | CfgDebugDumpLastLog=1, 11 | CfgDebugDumpRuntimeTables=0, 12 | CfgDebugDumpVersion=1, 13 | CfgDebugExceptionHandling=0, 14 | CfgDebugGopOutput=0, 15 | CfgDebugHaltOnErrors=0, 16 | CfgDebugSimulateSecondLoad=0, 17 | CfgFeedbackBufferSize=0x800000, 18 | CfgFilesEfiHv="", 19 | CfgFilesEfiHvEnabled=0, 20 | CfgFilesHvLog="EFI\\NapocaHv\\HvLog.bin", 21 | CfgFilesOs="EFI\\Microsoft\\Boot\\BOOTMGFW.EFI", 22 | CfgFilesOsBackup="EFI\\Boot\\bootx64.efi", 23 | CfgUserInterractionAllowKeyboardBypass=1, 24 | CfgUserInterractionBypassMessage="Press ESC to start without system virtualization", 25 | CfgUserInterractionBypassOnScanCode=23, 26 | CfgUserInterractionTimeOutInSeconds=5 -------------------------------------------------------------------------------- /napoca/include/napocadefs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // Globally (at napoca-scope) needed symbols 8 | // 9 | 10 | #ifndef _NAPOCA_DEFS_H_ 11 | #define _NAPOCA_DEFS_H_ 12 | 13 | #include "cx_native.h" 14 | #include "core.h" 15 | 16 | // hack for some components (disasm for example) that need AMD64 being defined / visible 17 | #define AMD64 18 | 19 | 20 | char* 21 | NtStatusToString( 22 | _In_ CX_STATUS Status); 23 | 24 | 25 | // remove the coredefs version of SUCCESS verification macros and provide the napoca-aware/custom ones instead 26 | #undef _SUCCESS 27 | #undef NTSUCCESS 28 | #undef NT_SUCCESS 29 | #undef SUCCESS 30 | 31 | #define _SUCCESS CX_SUCCESS 32 | #define NTSUCCESS CX_SUCCESS 33 | #define NT_SUCCESS CX_SUCCESS 34 | #define SUCCESS CX_SUCCESS 35 | 36 | #endif // _NAPOCA_DEFS_H_ -------------------------------------------------------------------------------- /napoca/include/guests/code_scan.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "kernel/kernel.h" 7 | 8 | typedef struct _HV_CODE_SIG 9 | { 10 | CX_UINT32 Hash; ///< First 4 bytes from a buffer sent to HvScanBuffer 11 | CX_UINT32 Verdict; ///< User-defined data returned by a successful match against this signature entry 12 | CX_UINT16 Length; ///< Number of bytes that were covered by the checksum 13 | CX_UINT64 Checksum; ///< A simple but fast and safe 64-bit checksum value 14 | }HV_CODE_SIG; 15 | 16 | typedef struct _HV_CODE_SIGNATURES 17 | { 18 | HV_CODE_SIG *Signatures; 19 | CX_UINT32 NumberOfSignatures; 20 | }HV_CODE_SIG_PACKAGE; 21 | 22 | 23 | 24 | CX_STATUS 25 | HvScanBuffer( 26 | _In_ HV_CODE_SIG_PACKAGE *SigPackage, 27 | _In_ CX_VOID *Buffer, 28 | _In_ CX_UINT32 BufferSize, 29 | __out_opt CX_UINT32 *Verdict // only set on a successful match 30 | ); 31 | -------------------------------------------------------------------------------- /tools/nasm/nasm.props: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Midl 5 | CustomBuild 6 | 7 | 8 | 9 | True 10 | $(IntDir)%(FileName).obj 11 | 1 12 | $(NASM_PREFIX)nasm.exe 13 | 0 14 | "%(CompilerNasm)" [AllOptions] [AdditionalOptions] "%(FullPath)" 15 | Assembling %(Filename)%(Extension) 16 | 17 | 18 | -------------------------------------------------------------------------------- /winguest/winguestdll/wmi.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #pragma once 7 | 8 | #include "ccom_mgr.h" 9 | 10 | #define WMI_ROOT_RESOURCE L"Root\\WMI" 11 | #define WMI_CIMV2_RESOURCE L"Root\\CIMV2" 12 | #define WMI_VOLUME_ENCRYPTION_RESOURCE L"\\\\.\\root\\cimv2\\security\\microsoftvolumeencryption" 13 | 14 | class WmiBridge 15 | { 16 | public: 17 | WmiBridge(); 18 | 19 | HRESULT Connect(std::wstring const& Resource); 20 | 21 | IWbemServices* GetServices(); 22 | 23 | HRESULT GetMethodParamInstances(IWbemClassObject* Class, std::wstring const& Method, CComPtr &InInst, CComPtr &OutInst); 24 | HRESULT GetMethodParamInstances(IWbemClassObject* Class, std::wstring const& Method, CComPtr &InInst); 25 | 26 | protected: 27 | 28 | private: 29 | CComInitMgr m_ComInitMgr; 30 | CComPtr m_wbemServices; 31 | }; 32 | -------------------------------------------------------------------------------- /napoca/include/kernel/intelhwp.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /** @file intelhwp.h 7 | * @brief Intel Hardware-Controlled Performance States support 8 | */ 9 | 10 | #ifndef INTELHWP_H 11 | #define INTELHWP_H 12 | 13 | #include "base/cx_types.h" 14 | 15 | /// 16 | /// @brief Activate HARDWARE-CONTROLLED PERFORMANCE STATES 17 | /// 18 | /// When HWP is enabled, the processor autonomously selects performance states as deemed appropriate for the 19 | /// applied workload and with consideration of constraining hints that are programmed by the software. 20 | /// These software - provided hints include minimum and maximum performance limits, preference towards energy efficiency or performance. 21 | /// Also, the hypervisor asks if it has access to Performance and Energy Bias Hint and if it does then 22 | /// suggests maximum performance to the detriment of energy saving. 23 | /// 24 | CX_VOID 25 | HvActivatePerformanceMode( 26 | CX_VOID 27 | ); 28 | 29 | #endif // ! INTELHWP_H 30 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/wrappers/crt_short/stdlib.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifdef crt_INC_SETTINGS_STDLIB_H 7 | #include crt_INC_SETTINGS_STDLIB_H // define it to some .h file name/path if you want to provide settings 8 | #endif 9 | 10 | 11 | #ifndef _CRT_STDLIB_WRAPPER_ 12 | #define _CRT_STDLIB_WRAPPER_ 13 | 14 | #include "crt/crt_stdlib.h" 15 | 16 | #if ( !defined(CRT_SKIP_DECL_RAND_MAX) && (!defined(CRT_DEFAULT_SKIP_STDLIB_H_DECL) || defined(CRT_WANT_DECL_RAND_MAX)) ) 17 | #define RAND_MAX CRT_RAND_MAX 18 | #endif 19 | 20 | #if ( !defined(CRT_SKIP_DECL_RAND) && (!defined(CRT_DEFAULT_SKIP_STDLIB_H_DECL) || defined(CRT_WANT_DECL_RAND)) ) 21 | #define rand crt_rand 22 | #endif 23 | 24 | #if ( !defined(CRT_SKIP_DECL_SRAND) && (!defined(CRT_DEFAULT_SKIP_STDLIB_H_DECL) || defined(CRT_WANT_DECL_SRAND)) ) 25 | #define srand crt_srand 26 | #endif 27 | 28 | 29 | #endif //_CRT_STDLIB_WRAPPER_ 30 | -------------------------------------------------------------------------------- /napoca/version/version.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "napoca.h" 7 | #include "dacia_types.h" 8 | #include "ver.h" 9 | #include "version.h" 10 | #include "boot/boot.h" 11 | 12 | CX_VOID 13 | PrintVersionInfo( 14 | CX_VOID 15 | ) 16 | { 17 | HvPrint("\n\n\n\tNAPOCA from " GLOBAL_VERSION_BUILDMACHINE 18 | " Build date: " NAPOCA_BUILD_DATE 19 | " Build time: " NAPOCA_BUILD_TIME 20 | " Build type: " NAPOCA_VERSION_BUILDTYPE 21 | " Major: %d" 22 | " Minor: %d" 23 | " Revision: %d" 24 | " Build %d" 25 | " Change-set: %s" 26 | " Branch: %s" 27 | " Boot Mode: %d\n\n\n", 28 | 29 | NAPOCA_VERSION_MAJOR, 30 | NAPOCA_VERSION_MINOR, 31 | NAPOCA_VERSION_REVISION, 32 | NAPOCA_VERSION_BUILDNUMBER, 33 | GLOBAL_VERSION_CHANGESET, 34 | GLOBAL_VERSION_BRANCH, 35 | HvGetBootMode()); 36 | 37 | return; 38 | } 39 | -------------------------------------------------------------------------------- /doxygen/doxygen.vcxproj.filters: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;c++;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | 20 | 21 | -------------------------------------------------------------------------------- /winguest/winguest/operation.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _OPERATION_H_ 7 | #define _OPERATION_H_ 8 | 9 | #include "fltKernel.h" 10 | #include "driver.h" 11 | 12 | FLT_PREOP_CALLBACK_STATUS 13 | WinguestPreCreateCallback( 14 | _Inout_ PFLT_CALLBACK_DATA Data, 15 | _In_ PCFLT_RELATED_OBJECTS FltObjects, 16 | __deref_out_opt PVOID *CompletionContext 17 | ); 18 | 19 | PTSTATUS 20 | WriteToProtectedFile( 21 | _In_ PLARGE_INTEGER ByteOffset, 22 | _In_ ULONG Length, 23 | _Out_ PVOID Buffer, 24 | _Out_ PULONG BytesWritten, 25 | _In_opt_ PFLT_COMPLETED_ASYNC_IO_CALLBACK Callback, 26 | _In_opt_ PVOID Context 27 | ); 28 | 29 | PTSTATUS 30 | ReadFromProtectedFile( 31 | _In_ PLARGE_INTEGER ByteOffset, 32 | _In_ ULONG Length, 33 | _Out_ PVOID Buffer, 34 | _Out_ PULONG BytesRead, 35 | _In_opt_ PFLT_COMPLETED_ASYNC_IO_CALLBACK Callback, 36 | _In_opt_ PVOID Context 37 | ); 38 | 39 | #endif // -------------------------------------------------------------------------------- /winguest/winguestdll/setver.cmd: -------------------------------------------------------------------------------- 1 | @echo off 2 | 3 | if "%3"=="" goto usage 4 | 5 | set TOOLS_PATH=..\_tools 6 | 7 | FOR /F %%i in (buildnumber) do @set buildnumber=%%i 8 | 9 | echo Setting MDEICAR version: %1.%2.%3.%buildnumber% 10 | 11 | :: REM for %%f in (*.c) do %TOOLS_PATH%\prjver %%f "// Version : " %1 %2 %3 /t4 12 | :: REM for %%f in (*.h) do %TOOLS_PATH%\prjver %%f "// Version : " %1 %2 %3 /t4 13 | :: for %%f in (*.txt) do %TOOLS_PATH%\prjver %%f " Version : " %1 %2 %3 /t4 >nul 14 | 15 | %TOOLS_PATH%\prjver version.h "#define MDEICAR_VERSION_HIGH " %1 >nul 16 | %TOOLS_PATH%\prjver version.h "#define MDEICAR_VERSION_LOW " %2 >nul 17 | %TOOLS_PATH%\prjver version.h "#define MDEICAR_VERSION_REVISION " %3 >nul 18 | %TOOLS_PATH%\prjver version.h "#define MDEICAR_VERSION_BUILD " %buildnumber% >nul 19 | 20 | goto exit 21 | 22 | :usage 23 | echo. 24 | echo usage: setver hiversion loversion revision 25 | echo. 26 | echo example: setver 0 1 123 27 | echo. 28 | goto exit 29 | 30 | :exit 31 | -------------------------------------------------------------------------------- /_external/codex/src/shared/native/wrappers/crt/wrapper_fltused.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifdef CRT_INC_SETTINGS_WRAPPER_FLTUSED_C 7 | #include CRT_INC_SETTINGS_WRAPPER_FLTUSED_C // define it to some .h file name/path if you want to provide settings 8 | #endif 9 | 10 | 11 | // 12 | // Add this file to your project if you're getting a link-time error due to _fltused not being defined. 13 | // 14 | // Details: snpritf is using floating point support, and C compiler produces the _fltused 15 | // symbol by default. Simply define this symbol to satisfy the linker. 16 | // 17 | // IMPORTANT: Don't compile this file as part of your project UNLESS you actually get a linker error without it 18 | // and your project isn't a library. A library shouldn't compile this file as it might clash with other libraries 19 | // that already define it, better let the final project solve the symbol as adding it is always possible while removing 20 | // it from a .lib file isn't. 21 | // 22 | 23 | #include "cx_native.h" 24 | CX_INT32 _fltused = 0x9875; 25 | -------------------------------------------------------------------------------- /winguest/winguestdll/load_monitor.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _LOAD_MONITOR_H_ 7 | #define _LOAD_MONITOR_H_ 8 | 9 | typedef enum _FAIL_COUNT_ACTION 10 | { 11 | assumeFail = 1, ///< Set Boot to true and increment counter 12 | reset, ///< Reset Load Monitor Data 13 | recoverFail, ///< Clear Boot and Crash flags 14 | noAction ///< Do not alter Load Monitor Data 15 | } FAIL_COUNT_ACTION, *PFAIL_COUNT_ACTION; 16 | 17 | NTSTATUS 18 | GetLoadMonitorData( 19 | _Out_opt_ PDWORD AllowedRetries, 20 | _Out_opt_ PDWORD FailCount, 21 | _Out_opt_ PBOOLEAN Boot, 22 | _Out_opt_ PBOOLEAN Crash 23 | ); 24 | 25 | NTSTATUS 26 | UpdateLoadMonitorData( 27 | _In_ FAIL_COUNT_ACTION CounterAction, 28 | _In_opt_ PDWORD AllowedRetries 29 | ); 30 | 31 | bool 32 | FailCountAllowed( 33 | void 34 | ); 35 | 36 | NTSTATUS 37 | CheckLoadMonitor( 38 | void 39 | ); 40 | 41 | #endif //_LOAD_MONITOR_H 42 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/crt/crt_memory.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CRT_MEMORY_H_ 7 | #define _CRT_MEMORY_H_ 8 | #include "cx_native.h" 9 | 10 | 11 | CX_VOID* __cdecl 12 | crt_memcpy( 13 | __out_bcount_full_opt(Size) CX_VOID *Dest, 14 | __in_bcount_opt(Size) const CX_VOID *Source, 15 | _In_ CX_SIZE_T Size); 16 | 17 | CX_INT32 __cdecl 18 | crt_memcmp( 19 | __in_bcount_opt(Size) const CX_VOID *Source1, 20 | __in_bcount_opt(Size) const CX_VOID *Source2, 21 | _In_ CX_SIZE_T Size); 22 | 23 | CX_VOID* __cdecl 24 | crt_memset( 25 | __out_bcount_full_opt(Size) CX_VOID *Dest, 26 | _In_ CX_INT32 Value, 27 | _In_ CX_SIZE_T Size); 28 | 29 | CX_VOID* __cdecl 30 | crt_memcpy_s( 31 | __out_bcount_full_opt(Size) CX_VOID *Dest, 32 | _In_ CX_SIZE_T SizeInBytes, 33 | __in_bcount_opt(Size) const CX_VOID *Source, 34 | _In_ CX_SIZE_T Size); 35 | 36 | CX_VOID* __cdecl 37 | crt_memzero( 38 | __out_bcount_full_opt(Size) CX_VOID *Dest, 39 | _In_ CX_SIZE_T Size); 40 | 41 | 42 | #endif // _CRT_MEMORY_H_ 43 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/interfaces/data_structures/cx_queue_interface.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // Generic interface for a queue of pointers to data 8 | // 9 | 10 | #ifndef _CX_QUEUE_INTERFACE_H_ 11 | #define _CX_QUEUE_INTERFACE_H_ 12 | 13 | #include "cx_native.h" 14 | 15 | typedef void CX_QUEUE_VALUE; 16 | typedef void CX_QUEUE_DATA; 17 | 18 | typedef struct _CX_QUEUE_INTERFACE CX_QUEUE_INTERFACE; 19 | 20 | typedef 21 | CX_STATUS 22 | (*CX_QUEUE_ENQUEUE)( 23 | _In_ CX_QUEUE_INTERFACE *Queue, 24 | _In_ CX_QUEUE_VALUE *Value 25 | ); 26 | 27 | typedef 28 | CX_STATUS 29 | (*CX_QUEUE_DEQUEUE)( 30 | _In_ CX_QUEUE_INTERFACE *Queue, 31 | _Out_ CX_QUEUE_VALUE **Value 32 | ); 33 | 34 | typedef struct _CX_QUEUE_INTERFACE 35 | { 36 | CX_QUEUE_DATA *Data; 37 | CX_QUEUE_ENQUEUE Enqueue; 38 | CX_QUEUE_DEQUEUE Dequeue; 39 | }CX_QUEUE_INTERFACE; 40 | 41 | 42 | #endif // _CX_QUEUE_INTERFACE_H_ 43 | -------------------------------------------------------------------------------- /winguest_sample/include/feedback.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _FEEDBACK_H_ 7 | #define _FEEDBACK_H_ 8 | 9 | #define WIN32_NO_STATUS 10 | #include 11 | #undef WIN32_NO_STATUS 12 | 13 | #ifndef QWORD 14 | #define QWORD unsigned __int64 15 | #endif 16 | 17 | /* 18 | Note: this component uses functions exported by winguestdll.dll. 19 | So before using it you must initialize the imports by calling the ImportsInit function 20 | */ 21 | 22 | // Note: feedback folder should be configured. See 'setpath' command 23 | // TimeToWaitBeforeDelete - Time (in seconds) that the files 24 | // will be kept on the machine before being deleted. 25 | // ThrottleTime - Time (in seconds) that will be used for throttling 26 | // introspection alerts. Setting it on 0 will disable throttling mechanism. 27 | /**/ NTSTATUS FeedbackEnable(_In_ QWORD *TimeToWaitBeforeDelete, _In_ QWORD *ThrottleTime); 28 | /**/ NTSTATUS FeedbackSetVerbosity(_In_ BOOLEAN Enable); 29 | 30 | #endif // !_FEEDBACK_H_ 31 | -------------------------------------------------------------------------------- /winguest/winguest/umlibcomm.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _UMLIBCOMM_H_ 7 | #define _UMLIBCOMM_H_ 8 | 9 | NTSTATUS 10 | InitUmlibComm( 11 | ); 12 | 13 | NTSTATUS 14 | UninitUmlibComm( 15 | ); 16 | 17 | NTSTATUS 18 | UmLibCommReceiveMessage( 19 | _In_ PVOID/*WDFFILEOBJECT*/ WdfFileObject, 20 | _In_ PVOID InputBuffer, 21 | _In_ UINT32 InputBufferLength, 22 | __out_opt PVOID OutputBuffer, 23 | _In_opt_ UINT32 OutputBufferLength, 24 | _Out_ UINT32* BytesReturned 25 | ); 26 | 27 | NTSTATUS 28 | UmLibCommNewClientConnected( 29 | _In_ PVOID/*WDFFILEOBJECT*/ WdfFileObject, 30 | _In_ ULONG ProcessId 31 | ); 32 | 33 | NTSTATUS 34 | UmLibCommClientDisconnected( 35 | _In_ PVOID/*WDFFILEOBJECT*/ WdfFileObject 36 | ); 37 | 38 | NTSTATUS 39 | UmLibCommSendMessage( 40 | _In_ PVOID InputBuffer, 41 | _In_ DWORD InputBufferLength, 42 | __out_opt PVOID OutputBuffer, 43 | _In_opt_ DWORD OutputBufferLength, 44 | _Out_ DWORD* BytesReturned 45 | ); 46 | 47 | #endif -------------------------------------------------------------------------------- /napoca/include/kernel/gs_utils.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #pragma once 7 | 8 | /** 9 | * @brief Moves the old stack security cookie structure in a new stack location 10 | * 11 | * @param[in] OldStackTop Pointer to the buffer on which to perform the checksum 12 | * @param[in] NewStackTop Size of the memory area on which to perform the checksum 13 | * @param[in] StackSize Offset within the buffer 14 | * 15 | * @returns CX_STATUS_SUCCESS If the stack was moved successfully 16 | * @returns STATUS_GS_INVALID_OLD_STACK If the old stack address is invalid 17 | * @returns STATUS_GS_INVALID_NEW_STACK If the new stack address is invalid 18 | * @returns STATUS_GS_INEQUAL_STACK_OFFSETS If the two stacks have different offsets 19 | */ 20 | CX_STATUS 21 | GsUtilsNotifyStackChange( 22 | _In_ _Inout_updates_bytes_(StackSize) 23 | CX_VOID *OldStackTop, 24 | _In_ _Inout_updates_bytes_(StackSize) 25 | CX_VOID *NewStackTop, 26 | _In_ CX_UINT64 StackSize 27 | ); 28 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/base/cx_synchronization.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CX_SYNCHRONIZATION_H_ 7 | #define _CX_SYNCHRONIZATION_H_ 8 | 9 | // 10 | // define CX_SIGNAL_BEGIN_BUSY_WAITING() and CX_SIGNAL_BUSY_WAITING() macros, allowing external control over their content 11 | // 12 | 13 | #ifdef CX_BEGIN_BUSY_WAITING_HANDLER 14 | #define CX_SIGNAL_BEGIN_BUSY_WAITING CX_BEGIN_BUSY_WAITING_HANDLER 15 | #else 16 | #define CX_SIGNAL_BEGIN_BUSY_WAITING() 17 | #endif 18 | 19 | 20 | #ifdef CX_BUSY_WAITING_HANDLER 21 | #define CX_SIGNAL_BUSY_WAITING CX_BUSY_WAITING_HANDLER 22 | #else 23 | #define CX_SIGNAL_BUSY_WAITING() _mm_pause() 24 | #endif 25 | 26 | 27 | #include "base/cx_env.h" 28 | 29 | 30 | // 31 | // Microsoft VC Compiler specifics 32 | // 33 | #ifdef CX_MSVC 34 | #include "compiler_dependent/synchronization/cx_msvc_synch.h" 35 | #else 36 | #include "compiler_dependent/synchronization/cx_linux_synch.h" 37 | #endif 38 | 39 | // 40 | // TODO: add support for other compilers by following the above model 41 | // 42 | 43 | 44 | #endif // _CX_SYNCHRONIZATION_H_ 45 | -------------------------------------------------------------------------------- /winguest/winguestdll/deploy_uefi.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _DEPLOY_UEFI_H_ 7 | #define _DEPLOY_UEFI_H_ 8 | 9 | extern "C" { 10 | #include "common/boot/loader_interface.h" 11 | } 12 | 13 | #define NAPOCAHV_UEFI_GUID L"{0e15d1e5-113a-45a3-a42b-2a998fcfb964}" 14 | 15 | NTSTATUS 16 | GetLoadMonitorDataUefi( 17 | _Out_opt_ PDWORD AllowedRetries, 18 | _Out_opt_ PDWORD FailCount, 19 | _Out_opt_ PBOOLEAN Boot, 20 | _Out_opt_ PBOOLEAN Crash 21 | ); 22 | 23 | NTSTATUS 24 | SetLoadMonitorDataUefi( 25 | _In_opt_ PDWORD AllowedRetries, 26 | _In_opt_ PDWORD FailCount, 27 | _In_opt_ PBOOLEAN Boot, 28 | _In_opt_ PBOOLEAN Crash 29 | ); 30 | 31 | NTSTATUS 32 | DeployUefiBootFiles( 33 | LD_INSTALL_FILE_FLAGS Flags 34 | ); 35 | 36 | NTSTATUS 37 | ConfigureUefiBoot( 38 | _In_ BOOLEAN Install 39 | ); 40 | 41 | BOOLEAN 42 | ConfigUefiSupported( 43 | void 44 | ); 45 | 46 | HRESULT 47 | UefiCheckConfigurationIntegrity( 48 | void 49 | ); 50 | 51 | #endif //_DEPLOY_UEFI_H_ 52 | -------------------------------------------------------------------------------- /napoca/include/base/ilockrr.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // ILOCKRR - interlocked round-robin indexing support 7 | 8 | #ifndef _ILOCKRR_H_ 9 | #define _ILOCKRR_H_ 10 | 11 | 12 | typedef struct _ILOCK_RR { 13 | volatile INT32 Index; 14 | INT32 Limit; 15 | } ILOCK_RR, *PILOCK_RR; 16 | 17 | 18 | __forceinline 19 | void 20 | IrrInit( 21 | _In_ PILOCK_RR Irr, 22 | _In_ INT32 Limit 23 | ) 24 | { 25 | assert(NULL != Irr); 26 | 27 | Irr->Limit = Limit; 28 | Irr->Index = Limit-1; 29 | } 30 | 31 | 32 | __forceinline 33 | INT32 34 | IrrGetNext( 35 | _In_ PILOCK_RR Irr 36 | ) 37 | { 38 | register INT32 current; 39 | register INT32 next; 40 | 41 | assert(NULL != Irr); 42 | 43 | do 44 | { 45 | current = Irr->Index; 46 | next = current + 1; 47 | 48 | if (next >= Irr->Limit) 49 | { 50 | next = 0; 51 | } 52 | 53 | } while (current != _InterlockedCompareExchange((long volatile*)&Irr->Index, next, current)); 54 | 55 | return next; 56 | } 57 | 58 | 59 | #endif // _ILOCKRR_H_ -------------------------------------------------------------------------------- /napoca/include/kernel/simplechecksum.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef __HV_SIMPLECHECKSUM__ 7 | #define __HV_SIMPLECHECKSUM__ 8 | 9 | #include "kernel/kerneldefs.h" 10 | 11 | /** 12 | * @brief Computes a simple checksum on a given buffer. Should not be used for security hashes 13 | * 14 | * @param[in] Buffer Pointer to the buffer on which to perform the checksum 15 | * @param[in] Size Size of the memory area on which to perform the checksum 16 | * @param[in] Start Starting value for the checksum 17 | * 18 | * @returns The checksum 19 | */ 20 | CX_UINT64 21 | HvChecksum64Ex( 22 | _In_ CX_UINT8* Buffer, 23 | _In_ CX_UINT64 Size, 24 | _In_ CX_UINT64 Start 25 | ); 26 | 27 | /** 28 | * @brief Wrapper for HvChecksum64Ex 29 | * 30 | * @param[in] Buffer Pointer to the buffer on which to perform the checksum 31 | * @param[in] Size Size of the memory area on which to perform the checksum 32 | * 33 | * @returns The checksum 34 | */ 35 | CX_UINT64 36 | HvChecksum64( 37 | _In_ CX_UINT8* Buffer, 38 | _In_ CX_UINT64 Size 39 | ); 40 | 41 | #endif -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/crt/crt_crtdefs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CRT_CRTDEFS_H_ 7 | #define _CRT_CRTDEFS_H_ 8 | #include "cx_native.h" 9 | 10 | 11 | // 12 | // elementary definitions (might also be defined in runtimelib) 13 | // 14 | #ifndef __CRT_ELEMENTARY_DEFINITIONS 15 | #define __CRT_ELEMENTARY_DEFINITIONS 1 16 | 17 | 18 | #define CRT_UNREFERENCED_PARAMETER(P) ((void)(P)) 19 | #define CRT_UNREFERENCED_LOCAL_VARIABLE(V) ((void)(V)) 20 | #ifdef CX_DEBUG_BUILD 21 | #define CRT_DBG_UNREFERENCED_PARAMETER(P) ((void)(P)) // only on DEBUG builds 22 | #define CRT_REL_UNREFERENCED_PARAMETER(P) 23 | #else 24 | #define CRT_DBG_UNREFERENCED_PARAMETER(P) 25 | #define CRT_REL_UNREFERENCED_PARAMETER(P) ((void)(P)) // only on RELEASE builds 26 | #endif 27 | 28 | #endif // __CRT_ELEMENTARY_DEFINITIONS 29 | 30 | 31 | // 32 | // for unknown reasons VC 2008 doesn't treat CX_UINT16 as implicit type (even if /Zc: is set) 33 | // 34 | ///typedef __wchar_t CX_UINT16; // __wchar_t generates some warnings with L"string" constants 35 | 36 | #endif // _CRT_CRTDEFS_H_ -------------------------------------------------------------------------------- /napoca/include/guests/bios_handlers.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _BIOS_HANDLERS_H_ 7 | #define _BIOS_HANDLERS_H_ 8 | 9 | /// \addtogroup hooks 10 | /// @{ 11 | 12 | #include "core.h" 13 | 14 | typedef struct _BIOS_INT_HOOK BIOS_INT_HOOK; 15 | typedef struct _VCPU VCPU; 16 | 17 | /// @brief Hook used to detect the activation of the video mode by the guest (so we can disable ours) 18 | CX_STATUS 19 | BhInt0x10( 20 | _In_ BIOS_INT_HOOK *Hook, 21 | _In_ VCPU* Vcpu, 22 | _In_ CX_BOOL IsPostHook 23 | ); 24 | 25 | /// @brief Hook used to intercept the guest OS's queries to the legacy memory map(INT15(AX=0xE820)), in order to be able to hide the hypervisor's memory 26 | CX_STATUS 27 | BhInt0x15( 28 | _In_ BIOS_INT_HOOK *Hook, 29 | _In_ VCPU* Vcpu, 30 | _In_ CX_BOOL IsPostHook 31 | ); 32 | 33 | /// @brief Hook used to trace a given legacy interrupt 34 | CX_STATUS 35 | BhIntTraceOnly( 36 | _In_ BIOS_INT_HOOK *Hook, 37 | _In_ VCPU* Vcpu, 38 | _In_ CX_BOOL IsPostHook 39 | ); 40 | 41 | /// @} 42 | 43 | #endif //_BIOS_HANDLERS_H_ 44 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/interfaces/data_structures/cx_addremove_interface.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // Generic data structure interface for data that supports adding and removing pointer elements 8 | // 9 | #ifndef _CX_ADDREMOVE_INTERFACE_H_ 10 | #define _CX_ADDREMOVE_INTERFACE_H_ 11 | 12 | #include "cx_native.h" 13 | 14 | typedef void CX_ADDREMOVE_VALUE; 15 | typedef void CX_ADDREMOVE_DATA; 16 | 17 | typedef struct _CX_ADDREMOVE_INTERFACE CX_ADDREMOVE_INTERFACE; 18 | 19 | typedef 20 | CX_STATUS 21 | (*CX_ADDREMOVE_ADD)( 22 | _In_ CX_ADDREMOVE_INTERFACE *AddRemove, 23 | _In_ CX_ADDREMOVE_VALUE *Value 24 | ); 25 | 26 | typedef 27 | CX_STATUS 28 | (*CX_ADDREMOVE_REMOVE)( 29 | _In_ CX_ADDREMOVE_INTERFACE *AddRemove, 30 | _Out_ CX_ADDREMOVE_VALUE **Value 31 | ); 32 | 33 | typedef struct _CX_ADDREMOVE_INTERFACE 34 | { 35 | CX_ADDREMOVE_DATA *Data; 36 | CX_ADDREMOVE_ADD Add; 37 | CX_ADDREMOVE_REMOVE Remove; 38 | }CX_ADDREMOVE_INTERFACE; 39 | 40 | 41 | #endif // _CX_ADDREMOVE_INTERFACE_H_ 42 | -------------------------------------------------------------------------------- /include/common/external_interface/kernel_interface.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // This file documents the interface declarations needed for 8 | // compiling common C files depending on kernel_interface.h 9 | // 10 | 11 | #ifndef FEAT_PRINT 12 | #error "#define FEAT_PRINT(...) is not defined" 13 | #endif 14 | 15 | #ifndef FEAT_PRINTN 16 | #error "#define FEAT_PRINTN(...) is not defined" 17 | #endif 18 | 19 | #ifndef CPU_DEBUG_BREAK 20 | #error "#define CPU_DEBUG_BREAK() is not defined" 21 | #endif 22 | 23 | 24 | typedef CPU_IRQL CPU_IRQL; 25 | 26 | CPU_IRQL 27 | CpuRaiseIrqlToDpcLevel( 28 | CX_VOID 29 | ); 30 | 31 | CX_VOID 32 | CpuRaiseIrql( 33 | CPU_IRQL Irql, 34 | CPU_IRQL *OldIrql 35 | ); 36 | 37 | CX_VOID 38 | CpuLowerIrql( 39 | _In_ CPU_IRQL Irql 40 | ); 41 | 42 | CX_STATUS 43 | CpuDelayExecution( 44 | _In_ CX_BOOL Alertable, 45 | _In_ CX_BOOL IsRelativeInterval, 46 | _In_ CX_UINT64 MicrosecondsInterval 47 | ); 48 | 49 | CX_UINT32 50 | __cdecl 51 | CpuGetSecCapabilities( 52 | _In_ CX_UINT64 Selector 53 | ); 54 | 55 | CX_UINT32 56 | CpuGetCurrentApicId( 57 | CX_VOID 58 | ); 59 | -------------------------------------------------------------------------------- /uefi/EfiPreloader/efi_preloader.vcxproj.filters: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | 18 | 19 | Header Files 20 | 21 | 22 | 23 | 24 | Source Files 25 | 26 | 27 | -------------------------------------------------------------------------------- /winguest/winguestdll/deploy_validation.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _DEPLOY_VALIDATION_H_ 7 | #define _DEPLOY_VALIDATION_H_ 8 | 9 | extern "C" { 10 | #include "common/boot/loader_interface.h" 11 | } 12 | #include "dacia_types.h" 13 | #include "libapis_int.h" 14 | 15 | NTSTATUS 16 | DetectFirmwareInfo( 17 | void 18 | ); 19 | 20 | BOOLEAN 21 | IsUefiBootedOs( 22 | void 23 | ); 24 | 25 | BOOLEAN 26 | IsSecureBootEnabled( 27 | void 28 | ); 29 | 30 | NTSTATUS 31 | CheckInVm( 32 | _In_ BOOLEAN* InVm 33 | ); 34 | 35 | bool 36 | GetConnectedStandbySupport( 37 | void 38 | ); 39 | 40 | void 41 | GetPowerPlatformRole( 42 | POWER_PLATFORM_ROLE* PlatformRole 43 | ); 44 | 45 | NTSTATUS 46 | ValidateHvConfiguration( 47 | _Out_opt_ PHV_CONFIGURATION_MISSING_FEATURES MissingFeatures 48 | ); 49 | 50 | bool 51 | StatusToFeaturesBitmask( 52 | _In_ NTSTATUS Status, 53 | _Inout_ PHV_CONFIGURATION_MISSING_FEATURES MissingFeatures 54 | ); 55 | 56 | NTSTATUS 57 | CheckCurrentHvConfigurationTimerCallback( 58 | void 59 | ); 60 | 61 | #endif //_DEPLOY_VALIDATION_H_ 62 | -------------------------------------------------------------------------------- /include/udtypes.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // Interface to buildsystem userdata, provides the required data types 8 | // 9 | #ifndef _UDTYPES_H_ 10 | #define _UDTYPES_H_ 11 | #include "cx_native.h" 12 | 13 | // 14 | // required data types (or preprocessor symbols): 15 | // - UD_TYPE_QWORD: highest precision integer type (your option if signed or not) 16 | // - UD_TYPE_NUMBER: type used for counters, lengths etc, recommended unsigned 17 | // - UD_BOOLEAN: any integer type, only using zero or non-zero semantics 18 | // 19 | #define UD_ASCII_STRING_MAX_SIZE 256 20 | typedef char UD_FIXEDSIZE_ASCII_STRING[UD_ASCII_STRING_MAX_SIZE]; 21 | #define UD_QWORD CX_UINT64 22 | #define UD_NUMBER CX_UINT64 23 | #define UD_BOOLEAN CX_BOOL 24 | #define UD_ASCII_STRING UD_FIXEDSIZE_ASCII_STRING 25 | #define UD_SIZE_T CX_UINT64 26 | 27 | #define PROTECTED 1 28 | #define RUNTIME 2 29 | 30 | // last bit set from VariableMetadataFlags marks a cfg variable as dirty 31 | #define DIRTY (1ULL << 63) 32 | 33 | //#define STATIC 2 34 | 35 | #define CFG_USED_BUILD_CONFIGURATIONS "(UNKNOWN)" 36 | ///#include "buildconfdefs.h" 37 | 38 | #endif 39 | -------------------------------------------------------------------------------- /winguest/winguest/undocumented.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /** @file undocumented.c 7 | * @brief Retrieve and use undocumented APIs of the Windows Kernel 8 | */ 9 | 10 | #include 11 | #include 12 | 13 | #include "undocumented.h" 14 | #include "trace.h" 15 | #include "undocumented.tmh" 16 | 17 | /** 18 | * @brief Retrieve pointers to undocumented Windows Kernel APIs 19 | * 20 | * @param[out] Functions List of APIs 21 | * 22 | * @return STATUS_SUCCESS 23 | * @return STATUS_NOT_FOUND Could not retrieve all needed APIs 24 | */ 25 | NTSTATUS 26 | RetrieveUndocumentedFunctions( 27 | UNDOCUMENTED_FUNCTIONS *Functions 28 | ) 29 | { 30 | UNICODE_STRING funcName; 31 | 32 | RtlInitUnicodeString(&funcName, L"ZwSetSystemInformation"); 33 | Functions->ZwSetSystemInformation = (PFUNC_ZwSetSystemInformation)MmGetSystemRoutineAddress(&funcName); 34 | 35 | 36 | if (Functions->ZwSetSystemInformation == NULL) 37 | { 38 | LogError("Could not locate all needed functions!"); 39 | return STATUS_NOT_FOUND; 40 | } 41 | 42 | return STATUS_SUCCESS; 43 | } 44 | -------------------------------------------------------------------------------- /winguest/winguestdll/kerncomm_int.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | 7 | #ifndef _KERNCOMM_INT_ 8 | #define _KERNCOMM_INT_ 9 | 10 | #include "winguestdll.h" 11 | 12 | NTSTATUS 13 | InitMessageConsumers( 14 | void 15 | ); 16 | 17 | NTSTATUS 18 | UninitMessageConsumers( 19 | void 20 | ); 21 | 22 | NTSTATUS 23 | IntrospectionErrorReceive( 24 | _In_ PVOID Buffer, 25 | _In_ DWORD BufferSize 26 | ); 27 | 28 | NTSTATUS 29 | InstrospectionAlertReceive( 30 | _In_ PVOID Buffer, 31 | _In_ DWORD BufferSize 32 | ); 33 | 34 | NTSTATUS 35 | InternalPowerStateChanged( 36 | _In_ PVOID InputBuffer, 37 | _In_ DWORD InputBufferLength, // this includes the size of any msg header 38 | __out_opt PVOID OutputBuffer, 39 | _In_opt_ DWORD OutputBufferLength, 40 | _Out_ DWORD* BytesReturned 41 | ); 42 | 43 | NTSTATUS 44 | ResumeCallbackProcess( 45 | BOOLEAN ResumeVolatileSettings 46 | ); 47 | 48 | typedef struct _INTRO_HASH_INFO 49 | { 50 | QWORD FirstSeen; 51 | QWORD LastSeen; 52 | DWORD Count; 53 | }INTRO_HASH_INFO; 54 | 55 | void 56 | CleanupThrottleHashmap( 57 | void 58 | ); 59 | 60 | #endif //_KERNCOMM_INT_ -------------------------------------------------------------------------------- /napoca/include/boot/phase2.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /// @file phase2.h Guest virtual machine configuration 7 | 8 | #ifndef _PHASE2_H_ 9 | #define _PHASE2_H_ 10 | 11 | /// \addtogroup phase2 12 | /// @{ 13 | 14 | #include "core.h" 15 | #include "kernel/kerneldefs.h" 16 | 17 | /// @brief Performs the PHASE II initialization for the BSP processor 18 | /// 19 | /// The following major steps are executed: 20 | /// - set up the communication buffer 21 | /// - initialize guest structures (initialize GUEST structure, memory maps, vmcs, critical hooks, ept, rip cache) 22 | /// - initialize the emulator 23 | /// - activate guest 24 | /// - trigger APs execute their phase 2 and wait 25 | /// - execute the #Phase2ApStageTwo on BSP too 26 | NTSTATUS 27 | Phase2BspStageTwo( 28 | void 29 | ); 30 | 31 | /// @brief Performs the PHASE II initialization for the AP processor(s) 32 | /// 33 | /// The following major steps are executed: 34 | /// - fully configure the VMCS (control, host state, guest state) 35 | /// - initializes the DS & BTS for (for potential debugging purposes) 36 | NTSTATUS 37 | Phase2ApStageTwo( 38 | void 39 | ); 40 | 41 | /// @} 42 | 43 | #endif // _PHASE2_H_ 44 | -------------------------------------------------------------------------------- /winguest/winguest/comm_hv.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | 7 | #ifndef _COMM_HV_H_ 8 | #define _COMM_HV_H_ 9 | 10 | #include "common/communication/commands.h" 11 | 12 | NTSTATUS 13 | HvVmcallSafe( 14 | _In_ SIZE_T MessageType, 15 | _In_ SIZE_T Param1, 16 | _In_ SIZE_T Param2, 17 | _In_ SIZE_T Param3, 18 | _In_ SIZE_T Param4, 19 | _Out_opt_ SIZE_T* OutParam1, 20 | _Out_opt_ SIZE_T* OutParam2, 21 | _Out_opt_ SIZE_T* OutParam3, 22 | _Out_opt_ SIZE_T* OutParam4 23 | ); 24 | 25 | BOOLEAN 26 | HVStarted( 27 | void 28 | ); 29 | 30 | NTSTATUS 31 | HVCommInit( 32 | void 33 | ); 34 | 35 | NTSTATUS 36 | HVCommUninit( 37 | void 38 | ); 39 | 40 | NTSTATUS 41 | HVCommConnectHv( 42 | void 43 | ); 44 | 45 | NTSTATUS 46 | HVCommDisconnectHv( 47 | _In_ BOOLEAN WaitForQueueToBeEmpty 48 | ); 49 | 50 | NTSTATUS 51 | HVCommForwardMessage( 52 | _In_ PVOID InputBuffer, 53 | _In_ DWORD InputBufferLength, 54 | __out_opt PVOID OutputBuffer, 55 | _In_opt_ DWORD OutputBufferLength, 56 | _Out_ DWORD* BytesReturned 57 | ); 58 | 59 | typedef NTSTATUS (*PFUNC_HvReceiveMessageCallback)(_In_ PCOMM_MESSAGE InputBuffer); 60 | 61 | #endif //_COMM_HV_H_ -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/wrappers/crt_short/assert.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifdef crt_INC_SETTINGS_ASSERT_H 7 | #include crt_INC_SETTINGS_ASSERT_H // define it to some .h file name/path if you want to provide settings 8 | #endif 9 | 10 | 11 | #ifndef _CRT_ASSERT_WRAPPER_ 12 | #define _CRT_ASSERT_WRAPPER_ 13 | #include "crt/crt_assert.h" 14 | 15 | 16 | #if ( !defined(CRT_SKIP_DECL_PFUNC_CRT_ASSERT_CALLBACK) && (!defined(CRT_DEFAULT_SKIP_ASSERT_H_DECL) || defined(CRT_WANT_DECL_PFUNC_CRT_ASSERT_CALLBACK)) ) 17 | #define PFUNC_CRT_ASSERT_CALLBACK CRT_PFUNC_CRT_ASSERT_CALLBACK 18 | #endif 19 | 20 | #if ( !defined(CRT_SKIP_DECL_SETONLYONCECRTASSERTCALLBACK) && (!defined(CRT_DEFAULT_SKIP_ASSERT_H_DECL) || defined(CRT_WANT_DECL_SETONLYONCECRTASSERTCALLBACK)) ) 21 | #define SetOnlyOnceCrtAssertCallback CrtSetOnlyOnceCrtAssertCallback 22 | #endif 23 | 24 | #if ( !defined(CRT_SKIP_DECL_ASSERT) && (!defined(CRT_DEFAULT_SKIP_ASSERT_H_DECL) || defined(CRT_WANT_DECL_ASSERT)) ) 25 | #define assert crt_assert 26 | #endif 27 | 28 | #if ( !defined(CRT_SKIP_DECL_ASSERT2) && (!defined(CRT_DEFAULT_SKIP_ASSERT_H_DECL) || defined(CRT_WANT_DECL_ASSERT2)) ) 29 | #define assert2 crtAssert2 30 | #endif 31 | 32 | 33 | #endif //_CRT_ASSERT_WRAPPER_ 34 | -------------------------------------------------------------------------------- /napoca/include/guests/os_detect.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /** @file os_detect.h 7 | * @brief Support to detect the guest OS version 8 | */ 9 | 10 | #ifndef OS_DETECT_H 11 | #define OS_DETECT_H 12 | 13 | #include "base/cx_sal.h" 14 | #include "base/cx_defs.h" 15 | #include "base/cx_types.h" 16 | 17 | typedef struct _VCPU VCPU; 18 | 19 | /** 20 | * @brief Define a windows version 21 | */ 22 | typedef enum _OS_SCAN_VERDICTS 23 | { 24 | OS_SCAN_INVALID = 0, 25 | OS_SCAN_WIN7 = 1, 26 | OS_SCAN_WIN8 = 2, 27 | OS_SCAN_WIN10 = 3, 28 | OS_SCAN_NOTHING_DETECTED = 0xFFFFFFFF 29 | }OS_SCAN_VERDICT; 30 | 31 | /// 32 | /// @brief Detect guest OS Windows version 33 | /// 34 | /// 35 | /// @param[in] Vcpu running VCPU 36 | /// @param[out] Verdict guest OS Windows version 37 | /// 38 | /// @returns CX_STATUS_SUCCESS - if everything went with success. 39 | /// @returns CX_STATUS_INVALID_PARAMETER_1 - if VCPU is NULL 40 | /// @returns CX_STATUS_INVALID_PARAMETER_2 - if Verdict is NULL 41 | /// 42 | CX_STATUS 43 | OdCheckOsSignatures( 44 | _In_ VCPU *Vcpu, 45 | _Out_ OS_SCAN_VERDICT *Verdict 46 | ); 47 | 48 | NTSTATUS 49 | OdDetectGuestOs( 50 | _Inout_ GUEST* Guest, 51 | _In_ VCPU* Vcpu 52 | ); 53 | 54 | 55 | #endif //OS_DETECT_H 56 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/wrappers/crt_short/conv.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifdef crt_INC_SETTINGS_CONV_H 7 | #include crt_INC_SETTINGS_CONV_H // define it to some .h file name/path if you want to provide settings 8 | #endif 9 | 10 | 11 | #ifndef _CRT_CONV_WRAPPER_ 12 | #define _CRT_CONV_WRAPPER_ 13 | 14 | #include "crt/crt_conv.h" 15 | 16 | #if ( !defined(CRT_SKIP_DECL_STRTOL) && (!defined(CRT_DEFAULT_SKIP_CONV_H_DECL) || defined(CRT_WANT_DECL_STRTOL)) ) 17 | #define strtol crt_strtol 18 | #endif 19 | 20 | #if ( !defined(CRT_SKIP_DECL_STRTOLL) && (!defined(CRT_DEFAULT_SKIP_CONV_H_DECL) || defined(CRT_WANT_DECL_STRTOLL)) ) 21 | #define strtoll crt_strtoll 22 | #endif 23 | 24 | #if ( !defined(CRT_SKIP_DECL_STRTOQ) && (!defined(CRT_DEFAULT_SKIP_CONV_H_DECL) || defined(CRT_WANT_DECL_STRTOQ)) ) 25 | #define strtoq crt_strtoq 26 | #endif 27 | 28 | #if ( !defined(CRT_SKIP_DECL_STRTOUL) && (!defined(CRT_DEFAULT_SKIP_CONV_H_DECL) || defined(CRT_WANT_DECL_STRTOUL)) ) 29 | #define strtoul crt_strtoul 30 | #endif 31 | 32 | #if ( !defined(CRT_SKIP_DECL_STRTOULL) && (!defined(CRT_DEFAULT_SKIP_CONV_H_DECL) || defined(CRT_WANT_DECL_STRTOULL)) ) 33 | #define strtoull crt_strtoull 34 | #endif 35 | 36 | 37 | #endif //_CRT_CONV_WRAPPER_ 38 | -------------------------------------------------------------------------------- /winguest/common/consts.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | 7 | #ifndef _CONSTS_H_ 8 | #define _CONSTS_H_ 9 | 10 | // 11 | // little-endian / big-endian stuff 12 | // 13 | #define GET_WORD_LE(ptr,pos) (*(( WORD*)(((BYTE*)(ptr)) + (pos)))) 14 | #define GET_DWORD_LE(ptr,pos) (*((DWORD*)(((BYTE*)(ptr)) + (pos)))) 15 | #define GET_QWORD_LE(ptr,pos) (*((QWORD*)(((BYTE*)(ptr)) + (pos)))) 16 | 17 | #define DEFAULT_BUFFER_SIZE 0x1FF 18 | 19 | // memory size 20 | #define ONE_KILOBYTE 1024 21 | #define ONE_MEGABYTE (1024 * ONE_KILOBYTE) 22 | #define ONE_GIGABYTE ((QWORD)1024 * (QWORD)ONE_MEGABYTE) 23 | #define ONE_TERABYTE ((QWORD)1024 * (QWORD)ONE_GIGABYTE) 24 | 25 | #define ROUND_DOWN(v,a) ((((v) % (a))==0)?(v):((v) - ((v) % (a)))) 26 | #define ROUND_UP(v,a) ((((v) % (a))==0)?(v):((v) + ((a) - ((v) % (a))))) 27 | 28 | // delay values for KeDelayExecutionThread() 29 | // NOTE: values are negative to represent relative time 30 | #define DELAY_ONE_MICROSECOND (-10ll) 31 | #define DELAY_ONE_MILLISECOND (DELAY_ONE_MICROSECOND*1000) 32 | #define DELAY_ONE_SECOND (DELAY_ONE_MILLISECOND*1000) 33 | 34 | #define HV_COMM_POOLING_INTERVAL 1 35 | 36 | 37 | #endif //_CONSTS_H_ 38 | -------------------------------------------------------------------------------- /tools/vsyasm/yasm.props: -------------------------------------------------------------------------------- 1 | 2 | 3 | 5 | Midl 6 | CustomBuild 7 | 8 | 9 | $(SolutionDir)\tools\vsyasm\ 10 | 11 | 12 | 13 | 0 14 | 0 15 | $(IntDir)%(FileName).obj 16 | true 17 | "$(YasmPath)"yasm.exe -Xvc -f win32 [AllOptions] [AdditionalOptions] "%(FullPath)" 18 | "$(YasmPath)"yasm.exe -Xvc -f win64 [AllOptions] [AdditionalOptions] "%(FullPath)" 19 | echo YASM not supported on this platform 20 | exit 1 21 | %(Identity) 22 | 23 | 24 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/wrappers/crt_short/memory.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifdef crt_INC_SETTINGS_MEMORY_H 7 | #include crt_INC_SETTINGS_MEMORY_H // define it to some .h file name/path if you want to provide settings 8 | #endif 9 | 10 | 11 | #ifndef _CRT_MEMORY_WRAPPER_ 12 | #define _CRT_MEMORY_WRAPPER_ 13 | 14 | #include "crt/crt_memory.h" 15 | 16 | #if ( !defined(CRT_SKIP_DECL_MEMCMP) && (!defined(CRT_DEFAULT_SKIP_MEMORY_H_DECL) || defined(CRT_WANT_DECL_MEMCMP)) ) 17 | #define memcmp crt_memcmp 18 | #endif 19 | 20 | #if ( !defined(CRT_SKIP_DECL_MEMCPY) && (!defined(CRT_DEFAULT_SKIP_MEMORY_H_DECL) || defined(CRT_WANT_DECL_MEMCPY)) ) 21 | #define memcpy crt_memcpy 22 | #endif 23 | 24 | #if ( !defined(CRT_SKIP_DECL_MEMCPY_S) && (!defined(CRT_DEFAULT_SKIP_MEMORY_H_DECL) || defined(CRT_WANT_DECL_MEMCPY_S)) ) 25 | #define memcpy_s crt_memcpy_s 26 | #endif 27 | 28 | #if ( !defined(CRT_SKIP_DECL_MEMSET) && (!defined(CRT_DEFAULT_SKIP_MEMORY_H_DECL) || defined(CRT_WANT_DECL_MEMSET)) ) 29 | #define memset crt_memset 30 | #endif 31 | 32 | #if ( !defined(CRT_SKIP_DECL_MEMZERO) && (!defined(CRT_DEFAULT_SKIP_MEMORY_H_DECL) || defined(CRT_WANT_DECL_MEMZERO)) ) 33 | #define memzero crt_memzero 34 | #endif 35 | 36 | 37 | #endif //_CRT_MEMORY_WRAPPER_ 38 | -------------------------------------------------------------------------------- /winguest/winguestdll/libapis_private.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _LIBAPIS_PRIVATE_H_ 7 | #define _LIBAPIS_PRIVATE_H_ 8 | 9 | #include "winguestdll.h" 10 | 11 | #ifndef QWORD 12 | #define QWORD unsigned __int64 13 | #endif 14 | 15 | #ifdef __cplusplus 16 | extern "C" { 17 | #endif 18 | 19 | WINGUEST_DLL_API 20 | NTSTATUS 21 | WINGUEST_CALLING_CONV 22 | WinguestFastOpt( 23 | _In_ DWORD Opt, 24 | _In_opt_ COMM_COMPONENT Destination, 25 | _In_ QWORD Param1, 26 | _In_ QWORD Param2, 27 | _In_ QWORD Param3, 28 | _In_ QWORD Param4, 29 | _Out_opt_ QWORD *OutParam1, 30 | _Out_opt_ QWORD *OutParam2, 31 | _Out_opt_ QWORD *OutParam3, 32 | _Out_opt_ QWORD *OutParam4 33 | ); 34 | typedef 35 | NTSTATUS 36 | (WINGUEST_CALLING_CONV 37 | *PFUNC_WinguestFastOpt)( 38 | _In_ DWORD Opt, 39 | _In_opt_ COMM_COMPONENT Destination, 40 | _In_ QWORD Param1, 41 | _In_ QWORD Param2, 42 | _In_ QWORD Param3, 43 | _In_ QWORD Param4, 44 | _Out_opt_ QWORD *OutParam1, 45 | _Out_opt_ QWORD *OutParam2, 46 | _Out_opt_ QWORD *OutParam3, 47 | _Out_opt_ QWORD *OutParam4 48 | ); 49 | 50 | WINGUEST_DLL_API 51 | NTSTATUS 52 | WinguestDumpUefiLogs(); 53 | typedef 54 | NTSTATUS 55 | (WINGUEST_CALLING_CONV 56 | *PFUNC_WinguestDumpUefiLogs)(); 57 | 58 | #ifdef __cplusplus 59 | } 60 | #endif 61 | 62 | #endif -------------------------------------------------------------------------------- /napoca/include/base/idvector.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // IDVECTOR - lockless unique ID selection vector 7 | 8 | #ifndef _IDVECTOR_ 9 | #define _IDVECTOR_ 10 | 11 | #include "napoca.h" 12 | #define MAX_IDV_COUNT 10000 13 | 14 | typedef volatile PVOID IDV_ITEM; 15 | typedef IDV_ITEM ID_VECTOR, *PID_VECTOR; 16 | 17 | #pragma pack(push) 18 | #pragma pack(1) 19 | typedef union _ID_VECTOR_HEAD { 20 | struct { 21 | volatile INT16 MaxCount; 22 | volatile INT16 FreeCount; 23 | }; 24 | IDV_ITEM Items; 25 | } ID_VECTOR_HEAD, *PID_VECTOR_HEAD; 26 | #pragma pack(pop) 27 | 28 | // 29 | // IMPORTANT: an IDV always has N+1 items, the first item, with index 0 beeing used to store 30 | // MaxCount and FreeCount; an IDV can't hold more than 10,000 items! 31 | // 32 | // to decleare an IDV one needs simply to do like 'ID_VECTOR myVector[101] = {0};', for ex to 33 | // have an 100 usable item vector, then do IdvInit(myVector, 101) 34 | // 35 | 36 | 37 | // 38 | // prototypes 39 | // 40 | NTSTATUS 41 | IdvInit( 42 | _Inout_ PID_VECTOR Vector, 43 | _In_ INT16 MaxCountPlusOne 44 | ); 45 | 46 | NTSTATUS 47 | IdvAllocId( 48 | _Inout_ PID_VECTOR Vector, 49 | _In_ PVOID Item, 50 | _Out_ INT16 *Id 51 | ); 52 | 53 | NTSTATUS 54 | IdvFreeAndNullId( 55 | _Inout_ PID_VECTOR Vector, 56 | _Inout_ INT16 *Id 57 | ); 58 | 59 | #endif // _IDVECTOR_ -------------------------------------------------------------------------------- /common/communication/vmcall32.nasm: -------------------------------------------------------------------------------- 1 | ; 2 | ; Copyright (c) 2020 Bitdefender 3 | ; SPDX-License-Identifier: Apache-2.0 4 | ; 5 | 6 | [BITS 32] 7 | ; 8 | ; 9 | 10 | section .text 11 | 12 | global _HvVmcall 13 | _HvVmcall: 14 | push ebp 15 | mov ebp, esp 16 | 17 | push esi 18 | push ebx 19 | push edi 20 | push ebx 21 | 22 | mov eax, [ebp+8] 23 | mov ecx, [ebp+12] 24 | mov edx, [ebp+16] 25 | mov esi, [ebp+20] 26 | mov edi, [ebp+24] 27 | 28 | xor ebx, ebx 29 | mov ebx, 06C437648H 30 | vmcall 31 | 32 | mov ebx, dword [ebp+28] 33 | cmp ebx, 0 34 | jz skip_paramout1 35 | mov [ebx], ecx 36 | skip_paramout1: 37 | mov ebx, dword [ebp+32] 38 | cmp ebx, 0 39 | jz skip_paramout2 40 | mov [ebx], edx 41 | skip_paramout2: 42 | mov ebx, dword [ebp+36] 43 | cmp ebx, 0 44 | jz skip_paramout3 45 | mov [ebx], esi 46 | skip_paramout3: 47 | mov ebx, dword [ebp+40] 48 | cmp ebx, 0 49 | jz skip_paramout4 50 | mov [ebx], edi 51 | skip_paramout4: 52 | 53 | pop ebx 54 | pop edi 55 | pop ebx 56 | pop esi 57 | 58 | mov esp,ebp 59 | pop ebp 60 | ret 61 | 62 | 63 | global _CpuGetSecCapabilities 64 | _CpuGetSecCapabilities: 65 | push ebx 66 | 67 | mov ebx, [esp + 08h] ; RBX capabilities index 68 | xor eax, eax ; RAX param for getsec - 0 = capabilities 69 | getsec 70 | 71 | pop ebx 72 | ret 73 | -------------------------------------------------------------------------------- /winguest/winguest/misc_utils.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _MISC_UTILS_H_ 7 | #define _MISC_UTILS_H_ 8 | 9 | typedef enum _HvParameter 10 | { 11 | hvParamUnknown = 0, 12 | hvParamReinitRoutineCallCount, 13 | hvParamReserveHvLogBuffer 14 | }HvParameter; 15 | 16 | #define STATIC_WSTR_TO_UNICODE(ConstString) {sizeof(ConstString)-sizeof(L""), sizeof(ConstString), (ConstString)} 17 | #define UNICODE_LEN(String) ((String).Length >> 1) 18 | 19 | _At_(String->Buffer, __drv_allocatesMem(Mem)) 20 | _At_(String->Buffer, _Post_writable_size_(Length)) 21 | NTSTATUS 22 | CreateUnicodeString( 23 | _Out_ PUNICODE_STRING String, 24 | _In_ USHORT Length 25 | ); 26 | 27 | _At_(String->Buffer, __drv_freesMem(Mem)) 28 | _At_(String->Buffer, _Post_ptr_invalid_) 29 | VOID 30 | FreeUnicodeString( 31 | _Inout_ PUNICODE_STRING String 32 | ); 33 | 34 | NTSTATUS 35 | WinhostReadHvParameter( 36 | _In_ PUNICODE_STRING RegistryPath, 37 | _In_ HvParameter Param, 38 | _Out_writes_bytes_all_(BufferSize) PVOID Buffer, 39 | _In_ SIZE_T BufferSize 40 | ); 41 | 42 | NTSTATUS 43 | ParseRegistryMemoryMap( 44 | _In_ PWCHAR RegKey, 45 | _In_ PWCHAR RegValue, 46 | _In_ BYTE MemTypeHint, 47 | _Out_opt_ QWORD* MemorySize, 48 | _Inout_ MEM_MAP_ENTRY* PhyMemMap, 49 | _Inout_ WORD *PhyMemCount 50 | ); 51 | 52 | #endif // _MISC_UTILS_H_ 53 | -------------------------------------------------------------------------------- /autogen/cmdline_templates.h: -------------------------------------------------------------------------------- 1 | {"crash_hang", "CfgDebugTraceCrashLog=1"}, 2 | {"crash_reboot", "CfgDebugTraceCrashLog=3"}, 3 | {"hvmi_logs_critical", "CfgFeaturesIntrospectionVerbosity=4"}, 4 | {"hvmi_logs_debug", "CfgFeaturesIntrospectionVerbosity=0"}, 5 | {"hvmi_logs_error", "CfgFeaturesIntrospectionVerbosity=3"}, 6 | {"hvmi_logs_info", "CfgFeaturesIntrospectionVerbosity=1"}, 7 | {"hvmi_logs_warning", "CfgFeaturesIntrospectionVerbosity=2"}, 8 | {"intro", "CfgFeaturesIntrospectionEnabled=1"}, 9 | {"no_intro", "CfgFeaturesIntrospectionEnabled=0"}, 10 | {"no_out", "CfgDebugOutputEnabled=0"}, 11 | {"no_perf_stats", "CfgDebugTracePeriodicStatsEnabled=0,CfgDebugTracePeriodicStatsPerformance=0"}, 12 | {"no_serial", "CfgDebugOutputSerialEnabled=0"}, 13 | {"no_vga", "CfgDebugOutputVgaEnabled=0"}, 14 | {"nop", ""}, 15 | {"out", "CfgDebugOutputEnabled=1"}, 16 | {"output_all", "CfgDebugOutputEnabled=1,CfgDebugOutputSerialEnabled=1,CfgDebugOutputVgaEnabled=1,CfgDebugTraceAcpi=1,CfgDebugTraceApic=1,CfgDebugTraceMemoryMaps=1,CfgDebugTraceMsix=1,CfgDebugTracePci=1"}, 17 | {"perf_stats", "CfgDebugTracePeriodicStatsEnabled=1,CfgDebugTracePeriodicStatsPerformance=1"}, 18 | {"serial", "CfgDebugOutputEnabled=1,CfgDebugOutputSerialEnabled=1"}, 19 | {"trace_all", "CfgDebugTraceAcpi=1,CfgDebugTraceApic=1,CfgDebugTraceMemoryMaps=1,CfgDebugTraceMsix=1,CfgDebugTracePci=1"}, 20 | {"vga", "CfgDebugOutputEnabled=1,CfgDebugOutputVgaEnabled=1"} -------------------------------------------------------------------------------- /winguest/winguestdll/event_timer.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _EVENT_TIMER_H_ 7 | #define _EVENT_TIMER_H_ 8 | 9 | #include 10 | #include 11 | #include 12 | 13 | typedef 14 | VOID 15 | (*PFUNC_TimerCallback)(); 16 | 17 | typedef struct _TIMER_ENTRY 18 | { 19 | DWORD Interval; 20 | DWORD LastTrigger; 21 | PFUNC_TimerCallback Callback; 22 | std::string Tag; 23 | }TIMER_ENTRY, *PTIMER_ENTRY; 24 | 25 | typedef struct _EVENT_TIMER 26 | { 27 | BOOLEAN Initialized; 28 | DWORD TimeStamp; 29 | std::mutex TimerEntryListMutex; 30 | std::list> TimerEntryList; 31 | DWORD Granularity; 32 | std::thread Thread; 33 | HANDLE EndEvent; 34 | }EVENT_TIMER, *PEVENT_TIMER; 35 | 36 | 37 | 38 | NTSTATUS 39 | InitializeTimer( 40 | PEVENT_TIMER Timer, 41 | DWORD Granularity // Tick granularity (in seconds) 42 | ); 43 | 44 | NTSTATUS 45 | UninitializeTimer( 46 | PEVENT_TIMER Timer 47 | ); 48 | 49 | NTSTATUS 50 | RegisterEvent( 51 | PEVENT_TIMER Timer, 52 | std::string const& Tag, 53 | DWORD Interval, 54 | PVOID Callback 55 | ); 56 | 57 | NTSTATUS 58 | UnregisterEvent( 59 | PEVENT_TIMER Timer, 60 | std::string const& Tag 61 | ); 62 | 63 | bool 64 | StopTimerPending( 65 | _In_ PEVENT_TIMER Timer 66 | ); 67 | #endif // _EVENT_TIMER_H_ 68 | -------------------------------------------------------------------------------- /_external/codex/src/shared/native/crt/native_crt_stdlib.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "crt/crt_crt.h" 7 | 8 | // 9 | // pseudo-random number generator 10 | // 11 | static volatile CX_UINT64 gCrtRandQ = 1234567890876543; 12 | 13 | // check out also the multiply-with-carry method at http://en.wikipedia.org/wiki/Random_number_generation 14 | 15 | CX_VOID 16 | crt_srand( 17 | CX_INT32 seed ) 18 | { 19 | CX_UINT64 oldSeed, newSeed; 20 | 21 | oldSeed = gCrtRandQ; 22 | 23 | // we update only 32 bits from the old seed 24 | newSeed = 25 | ((oldSeed & 0x0000FFFF00000000ULL) << 16) | 26 | (((CX_UINT64)(seed & 0xFFFF0000)) << 16) | 27 | ((oldSeed & 0x000000000000FFFFULL) << 16) | 28 | ((CX_UINT64)(seed & 0xFFFF0000)); 29 | 30 | gCrtRandQ = newSeed; 31 | } 32 | 33 | 34 | CX_INT32 35 | crt_rand( 36 | CX_VOID ) 37 | { 38 | CX_UINT64 q; 39 | CX_UINT32 w, z; 40 | CX_UINT32 nw, nz; 41 | 42 | // get atomically the last Q value and extract W and Z 43 | q = gCrtRandQ; 44 | z = (CX_UINT32)(q >> 32); 45 | w = (CX_UINT32)q; 46 | 47 | // determine NEW W and Z values 48 | nz = 36969 * (z & 0xffff) + (z >> 16); 49 | nw = 18000 * (w & 0xffff) + (w >> 16); 50 | 51 | // store atomically Q 52 | q = (((CX_UINT64)nz) << 32) | nw; 53 | gCrtRandQ = q; 54 | 55 | // returns random value 56 | return (CX_INT32)(((nz << 16) + nw) & 0x000000007FFFFFFFULL); 57 | } 58 | -------------------------------------------------------------------------------- /winguest/winguestdll/ccom_mgr.cpp: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /** @file ccom_mgr.cpp 7 | * @brief COM APIs interaction 8 | */ 9 | 10 | #include 11 | #include "ccom_mgr.h" 12 | 13 | /** 14 | * @brief Constructor 15 | */ 16 | CComInitMgr::CComInitMgr() 17 | { 18 | m_ComInitialized = SUCCEEDED(CoInitializeEx(NULL, COINIT_MULTITHREADED)); 19 | 20 | if (m_ComInitialized) 21 | { 22 | CoInitializeSecurity( 23 | NULL, 24 | -1, // COM authentication 25 | NULL, // Authentication services 26 | NULL, // Reserved 27 | RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication 28 | RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation 29 | NULL, // Authentication info 30 | EOAC_NONE, // Additional capabilities 31 | NULL // Reserved 32 | ); 33 | } 34 | } 35 | 36 | /** 37 | * @brief Destructor 38 | */ 39 | CComInitMgr::~CComInitMgr() 40 | { 41 | if (m_ComInitialized) 42 | { 43 | CoUninitialize(); 44 | m_ComInitialized = false; 45 | } 46 | } 47 | 48 | /** 49 | * @brief Getter for m_ComInitialized 50 | * 51 | * @return m_ComInitialized 52 | */ 53 | bool CComInitMgr::Initialized() const 54 | { 55 | return m_ComInitialized; 56 | } 57 | -------------------------------------------------------------------------------- /winguest/winguestdll/deploy_legacy.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _DEPLOY_LEGACY_H_ 7 | #define _DEPLOY_LEGACY_H_ 8 | 9 | extern "C" { 10 | #include "common/boot/loader_interface.h" 11 | } 12 | #include "dacia_types.h" 13 | #include "load_monitor.h" 14 | 15 | #define LEGACY_INSTALL_FILES_FILE_ATTRIBUTES (FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_READONLY) 16 | 17 | NTSTATUS 18 | DeployGrubBootFiles( 19 | _In_ LD_INSTALL_FILE_FLAGS Flags, 20 | _In_ BOOLEAN CreateDynamicFiles 21 | ); 22 | 23 | NTSTATUS 24 | ConfigureLegacyBoot( 25 | _In_ BOOLEAN Install 26 | ); 27 | 28 | NTSTATUS 29 | ConfigGrubSupported( 30 | _In_opt_ PHV_CONFIGURATION_MISSING_FEATURES MissingFeatures 31 | ); 32 | 33 | NTSTATUS 34 | GetSystemLegacyConfiguration( 35 | _Out_opt_ PDWORD HardDiskIndex, 36 | _Out_opt_ PDWORD NrOfOurGrubMbrs, // only GRUB MBRs patched with our signature 37 | _Out_opt_ PDWORD NrOfWindowsMbrs, 38 | _In_ BOOLEAN Install 39 | ); 40 | 41 | NTSTATUS 42 | GetLoadMonitorDataMbr( 43 | _Out_opt_ PDWORD AllowedRetries, 44 | _Out_opt_ PDWORD FailCount, 45 | _Out_opt_ PBOOLEAN Boot, 46 | _Out_opt_ PBOOLEAN Crash 47 | ); 48 | 49 | NTSTATUS 50 | SetLoadMonitorDataMbr( 51 | _In_opt_ PDWORD AllowedRetries, 52 | _In_opt_ PDWORD FailCount, 53 | _In_opt_ PBOOLEAN Boot, 54 | _In_opt_ PBOOLEAN Crash 55 | ); 56 | 57 | #endif //_DEPLOY_LEGACY_H_ 58 | 59 | -------------------------------------------------------------------------------- /napoca/introspection/glue_layer/introheap.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /// @addtogroup introcallhv 7 | ///@{ 8 | 9 | /** @file introheap.c 10 | * @brief INTROHEAP - NAPOCA hypervisor glue layer, heap utilities offered/implemented for the introspection engine. 11 | * 12 | * The implementation. 13 | * 14 | */ 15 | 16 | #include "kernel/kernel.h" 17 | #include "introstatus.h" 18 | #include "introspection/glue_layer/introheap.h" 19 | #include "guests/intro.h" 20 | #include "memory/heap.h" 21 | 22 | 23 | NTSTATUS 24 | GuestIntNapQueryHeapSize( 25 | _Out_ SIZE_T* TotalHeapSize, 26 | _Out_ SIZE_T* FreeHeapSize 27 | ) 28 | { 29 | if (TotalHeapSize == NULL) return CX_STATUS_INVALID_PARAMETER_1; 30 | 31 | if (FreeHeapSize == NULL) return CX_STATUS_INVALID_PARAMETER_2; 32 | 33 | NTSTATUS status = HpQuerySize(TotalHeapSize, FreeHeapSize); 34 | 35 | return HV_STATUS_TO_INTRO_STATUS(status); 36 | } 37 | 38 | NTSTATUS 39 | GuestIntNapHpAllocWithTagAndInfo( 40 | _Outptr_result_bytebuffer_(Size) PVOID* Address, 41 | _In_ size_t Size, 42 | _In_ DWORD Tag 43 | ) 44 | { 45 | NTSTATUS status = HpAllocWithTag(Address, Size, Tag); 46 | 47 | return HV_STATUS_TO_INTRO_STATUS(status); 48 | } 49 | 50 | 51 | NTSTATUS 52 | GuestIntNapHpFreeWithTagAndInfo( 53 | _Inout_ _At_(*Address, _Post_null_) PVOID* Address, 54 | _In_ DWORD Tag 55 | ) 56 | { 57 | NTSTATUS status = HpFreeAndNullWithTag(Address, Tag); 58 | 59 | return HV_STATUS_TO_INTRO_STATUS(status); 60 | } 61 | 62 | ///@} -------------------------------------------------------------------------------- /_external/codex/src/shared/native/base/compiler_dependent/memlib/X64/CxMemCompare.asm: -------------------------------------------------------------------------------- 1 | ;------------------------------------------------------------------------------ 2 | ; 3 | ; Copyright (c) 2006 - 2008, Intel Corporation. All rights reserved.
4 | ; This program and the accompanying materials 5 | ; are licensed and made available under the terms and conditions of the BSD License 6 | ; which accompanies this distribution. The full text of the license may be found at 7 | ; http://opensource.org/licenses/bsd-license.php. 8 | ; 9 | ; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 10 | ; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 11 | ; 12 | ; Module Name: 13 | ; 14 | ; CompareMem.Asm 15 | ; 16 | ; Abstract: 17 | ; 18 | ; CompareMem function 19 | ;------------------------------------------------------------------------------ 20 | 21 | .code 22 | 23 | ;------------------------------------------------------------------------------ 24 | ; INTN 25 | ; EFIAPI 26 | ; CxMemCompare ( 27 | ; IN CONST VOID *DestinationBuffer, 28 | ; IN CONST VOID *SourceBuffer, 29 | ; IN UINTN Length 30 | ; ); 31 | ;------------------------------------------------------------------------------ 32 | CxMemCompareBasic64 PROC USES rsi rdi 33 | mov rsi, rcx 34 | mov rdi, rdx 35 | mov rcx, r8 36 | repe cmpsb 37 | movzx rax, byte ptr [rsi - 1] 38 | movzx rdx, byte ptr [rdi - 1] 39 | sub rax, rdx 40 | ret 41 | CxMemCompareBasic64 ENDP 42 | 43 | END 44 | -------------------------------------------------------------------------------- /napoca/introspection/glue_layer/introhvcall.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /// @addtogroup introcallhv 7 | ///@{ 8 | 9 | /** @file introhvcall.c 10 | * @brief INTROHVCALL - NAPOCA hypervisor glue layer, generic VM/HV call functions. 11 | * 12 | */ 13 | 14 | #include "napoca.h" 15 | #include "introstatus.h" 16 | #include "introspection/glue_layer/introhvcall.h" 17 | #include "guests/intro.h" 18 | #include "guests/guests.h" 19 | 20 | NTSTATUS 21 | GuestIntNapRegisterIntroCallHandler( 22 | _In_ PVOID GuestHandle, 23 | _In_ PFUNC_IntIntroCallCallback Callback 24 | ) 25 | { 26 | if (GuestHandle == NULL) return CX_STATUS_INVALID_PARAMETER_1; 27 | 28 | GUEST *guest = GuestHandle; 29 | 30 | if (Callback == NULL) return CX_STATUS_INVALID_PARAMETER_2; 31 | 32 | if (guest->Intro.RawIntroCallCallback != NULL) return CX_STATUS_ALREADY_INITIALIZED; 33 | 34 | ValidateIntroCallbacksLock(&guest->Intro.IntroCallbacksLock); 35 | guest->Intro.RawIntroCallCallback = Callback; 36 | 37 | return CX_STATUS_SUCCESS; 38 | } 39 | 40 | 41 | 42 | NTSTATUS 43 | GuestIntNapUnregisterIntroCallHandler( 44 | _In_ PVOID GuestHandle 45 | ) 46 | { 47 | if (GuestHandle == NULL) return CX_STATUS_INVALID_PARAMETER_1; 48 | 49 | GUEST *guest = GuestHandle; 50 | 51 | if (guest->Intro.RawIntroCallCallback == NULL) return CX_STATUS_NOT_INITIALIZED_HINT; 52 | 53 | ValidateIntroCallbacksLock(&guest->Intro.IntroCallbacksLock); 54 | guest->Intro.RawIntroCallCallback = NULL; 55 | 56 | return CX_STATUS_SUCCESS; 57 | } 58 | 59 | ///@} -------------------------------------------------------------------------------- /napoca/introspection/glue_layer/introtimer.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /// @addtogroup introcallhv 7 | ///@{ 8 | 9 | /** @file introtimer.c 10 | * @brief INTROTIMER - NAPOCA hypervisor glue layer, generic timing facilities. 11 | * 12 | */ 13 | 14 | #include "napoca.h" 15 | #include "introstatus.h" 16 | #include "introspection/glue_layer/introtimer.h" 17 | #include "guests/intro.h" 18 | #include "guests/guests.h" 19 | 20 | 21 | NTSTATUS 22 | GuestIntNapRegisterVmxTimerHandler( 23 | _In_ PVOID GuestHandle, 24 | _In_ PFUNC_IntIntroTimerCallback Callback 25 | ) 26 | { 27 | if (GuestHandle == NULL) return CX_STATUS_INVALID_PARAMETER_1; 28 | 29 | if (Callback == NULL) return CX_STATUS_INVALID_PARAMETER_2; 30 | 31 | GUEST* guest = GuestHandle; 32 | 33 | if (guest->Intro.RawIntroTimerCallback != NULL) return CX_STATUS_ALREADY_INITIALIZED; 34 | 35 | ValidateIntroCallbacksLock(&guest->Intro.IntroCallbacksLock); 36 | guest->Intro.RawIntroTimerCallback = Callback; 37 | 38 | return CX_STATUS_SUCCESS; 39 | } 40 | 41 | 42 | 43 | NTSTATUS 44 | GuestIntNapUnregisterVmxTimerHandler( 45 | _In_ PVOID GuestHandle 46 | ) 47 | { 48 | if (GuestHandle == NULL) return CX_STATUS_INVALID_PARAMETER_1; 49 | 50 | GUEST* guest = GuestHandle; 51 | 52 | if (guest->Intro.RawIntroTimerCallback == NULL) return CX_STATUS_NOT_INITIALIZED_HINT; 53 | 54 | ValidateIntroCallbacksLock(&guest->Intro.IntroCallbacksLock); 55 | guest->Intro.RawIntroTimerCallback = NULL; 56 | 57 | return CX_STATUS_SUCCESS; 58 | } 59 | 60 | 61 | ///@} -------------------------------------------------------------------------------- /napoca/include/kernel/pcpu_common.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /** @file pcpu_common.h 7 | * @brief Common declarations needed for handling per-processor state globally (throughout the whole project) 8 | */ 9 | #ifndef _PCPU_COMMON_H_ 10 | #define _PCPU_COMMON_H_ 11 | #include "core.h" 12 | 13 | typedef struct _PCPU PCPU; 14 | 15 | /// @brief Get the PCPU from the global array(#gCpuPointersArray) 16 | /// 17 | /// @param[in] BootCpuIndex Index of the PCPU that we are interested in 18 | /// 19 | /// @returns Pointer to the asked PCPU, NULL if something went wrong 20 | PCPU* 21 | HvGetCpu( 22 | _In_ CX_UINT32 BootCpuIndex 23 | ); 24 | 25 | #define HvGetCurrentCpu() ((PCPU*)__readgsqword(FIELD_OFFSET(PCPU, Self))) 26 | #define HvGetCurrentApicId() ((CX_UINT32)__readgsdword(FIELD_OFFSET(PCPU, Id))) 27 | #define HvGetCurrentCpuIndex() ((CX_UINT32)__readgsdword(FIELD_OFFSET(PCPU, BootInfoIndex))) 28 | 29 | #define HvGetCurrentVcpu() ((VCPU*)__readgsqword(FIELD_OFFSET(PCPU, Vcpu))) 30 | 31 | #define HvGetCurrentGuest() ((GUEST*)((HvGetCurrentVcpu())?(HvGetCurrentVcpu()->Guest):(NULL))) 32 | #define HvGetCurrentGuestId() ((CX_UINT32)(HvGetCurrentGuest()->Index)) // There is no other safe value that can be returned here, page-fault it 33 | 34 | #define HvGetCurrentVcpuApicId() (CX_UINT32)(HvGetCurrentVcpu()->LapicId) 35 | #define HvDoWeHaveValidCpu() (HvGetCurrentCpu() != 0) 36 | 37 | BOOLEAN HvDoWeHaveIpcQueues( 38 | VOID 39 | ); 40 | 41 | 42 | #endif // _PCPU_COMMON_H_ 43 | 44 | -------------------------------------------------------------------------------- /napoca/include/core.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CORE_H_ 7 | #define _CORE_H_ 8 | 9 | // 10 | // Basic (UNSAFE) declarations like generic types and macros that are not dacia or napoca specific 11 | // USAGE: these base declarations should be available to any other headers AND this file must not include napoca-specific headers 12 | // 13 | 14 | #include "cx_native.h" 15 | #include "base/cx_synchronization.h" 16 | #include "base/cx_intrin.h" 17 | 18 | #pragma warning(disable:4200) // nonstandard extension used : zero-sized array in struct/union 19 | #pragma warning(disable:4201) // nonstandard extension used: nameless struct/union 20 | #pragma warning(disable:4204) // nonstandard extension used: non-constant aggregate initializer 21 | #pragma warning(disable:4214) // nonstandard extension used: bit field types other than int 22 | 23 | #include "wrappers/cx_winsal.h" 24 | #include "wrappers/cx_wintypes.h" 25 | #include "wrappers/cx_defs_short.h" 26 | #include "wrappers/cx_types_short.h" 27 | #include "wrappers/cx_winlists.h" 28 | #include "wrappers/crt_short/assert.h" 29 | #include "wrappers/crt_short/memory.h" 30 | #include "wrappers/crt_short/crtdefs.h" 31 | #include "wrappers/crt_short/varargs.h" 32 | #include "wrappers/crt_short/string.h" 33 | 34 | // the built-in config constants and the dynamic command-line variables have global scope and are safe to be visible everywhere 35 | #include "autogen/napoca_buildconfig.h" 36 | #include "autogen/napoca_cmdline.h" 37 | 38 | #include "hvstatus.h" 39 | #include "coredefs.h" 40 | 41 | #pragma intrinsic (_enable, _disable) 42 | 43 | #endif // _CORE_H_ 44 | -------------------------------------------------------------------------------- /winguest/winguestdll/libapis_int.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef __LIBAPIS_INT_H__ 7 | #define __LIBAPIS_INT_H__ 8 | 9 | #include "dacia_types.h" 10 | #include "winguestdll.h" 11 | 12 | #include 13 | 14 | #define EVENT_TIMER_DEFAULT_GRANULARITY 10 // every 10 seconds 15 | #define EVENT_TIMER_DEFAULT_FEEDBACK_CLEANUP_GRANULARITY (10 * 60) // every 10 minutes 16 | #define EVENT_TIMER_DEFAULT_HV_CONFIGURATION_CHECK_INTERVAL (6 * 60 * 60) // every 6 h 17 | #define EVENT_TIMER_DEFAULT_INTRO_THROTTLE_HASHMAP_CLEANUP 60 // every 60 seconds 18 | 19 | #define EVENT_TAG_HASHMAP_THROTTLE_CLEANUP "hashmap_throttle_cleanup" 20 | 21 | typedef struct _UM_CALLBACKS 22 | { 23 | PWINGUEST_INTROSPECTION_ERROR_CALLBACK IntrospectionErrorCallback; 24 | PWINGUEST_INTROSPECTION_ALERT_CALLBACK IntrospectionAlertCallback; 25 | PWINGUEST_INCOMPATIBLE_HV_CONFIGURATION_CALLBACK IncompatibleHvConfigurationCallback; 26 | PWINGUEST_VOLATILE_SETTINGS_REQUEST_CALLBACK VolatileSettingsRequestCallback; 27 | /// Add here callbacks 28 | } UM_CALLBACKS, *PUM_CALLBACKS; 29 | 30 | typedef struct _UM_CONTEXTS 31 | { 32 | PVOID IntrospectionErrorCallbackContext; 33 | PVOID IntrospectionAlertCallbackContext; 34 | PVOID IncompatibleHvConfigurationContext; 35 | PVOID VolatileSettingsRequestContex; 36 | }UM_CONTEXTS, *PUM_CONTEXTS; 37 | 38 | extern UM_CALLBACKS gCallbacks; 39 | extern UM_CONTEXTS gContexts; 40 | extern std::mutex gCallbacksMutex; 41 | 42 | #endif //__LIBAPIS_INT_H__ 43 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/wrappers/crt_short/varargs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifdef crt_INC_SETTINGS_VARARGS_H 7 | #include crt_INC_SETTINGS_VARARGS_H // define it to some .h file name/path if you want to provide settings 8 | #endif 9 | 10 | 11 | #ifndef _CRT_VARARGS_WRAPPER_ 12 | #define _CRT_VARARGS_WRAPPER_ 13 | 14 | #include "crt/crt_varargs.h" 15 | 16 | #if ( !defined(CRT_SKIP_DECL__ADDRESSOF) && (!defined(CRT_DEFAULT_SKIP_VARARGS_H_DECL) || defined(CRT_WANT_DECL__ADDRESSOF)) ) 17 | #define _ADDRESSOF _CRT_ADDRESSOF 18 | #endif 19 | 20 | #if ( !defined(CRT_SKIP_DECL__INTSIZEOF) && (!defined(CRT_DEFAULT_SKIP_VARARGS_H_DECL) || defined(CRT_WANT_DECL__INTSIZEOF)) ) 21 | #define _INTSIZEOF _CRT_INTSIZEOF 22 | #endif 23 | 24 | #if ( !defined(CRT_SKIP_DECL_VA_ARG) && (!defined(CRT_DEFAULT_SKIP_VARARGS_H_DECL) || defined(CRT_WANT_DECL_VA_ARG)) ) 25 | #define va_arg crt_va_arg 26 | #endif 27 | 28 | #if ( !defined(CRT_SKIP_DECL_VA_END) && (!defined(CRT_DEFAULT_SKIP_VARARGS_H_DECL) || defined(CRT_WANT_DECL_VA_END)) ) 29 | #define va_end crt_va_end 30 | #endif 31 | 32 | #if ( !defined(CRT_SKIP_DECL_VA_LIST) && (!defined(CRT_DEFAULT_SKIP_VARARGS_H_DECL) || defined(CRT_WANT_DECL_VA_LIST)) ) 33 | #define va_list crt_va_list 34 | #endif 35 | 36 | #if ( !defined(CRT_SKIP_DECL_VA_START) && (!defined(CRT_DEFAULT_SKIP_VARARGS_H_DECL) || defined(CRT_WANT_DECL_VA_START)) ) 37 | #define va_start crt_va_start 38 | #endif 39 | 40 | 41 | #endif //_CRT_VARARGS_WRAPPER_ 42 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/compiler_dependent/types/cx_msvc_types.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // Basic numeric types that have compiler-dependent sizes 8 | // 9 | 10 | #ifndef _CX_VCTYPES_H_ 11 | #define _CX_VCTYPES_H_ 12 | 13 | #include "base/cx_env.h" 14 | 15 | typedef __int8 CX_INT8; 16 | typedef __int16 CX_INT16; 17 | typedef __int32 CX_INT32; 18 | typedef __int64 CX_INT64; 19 | 20 | 21 | typedef unsigned __int8 CX_UINT8; 22 | typedef unsigned __int16 CX_UINT16; 23 | typedef unsigned __int32 CX_UINT32; 24 | typedef unsigned __int64 CX_UINT64; 25 | 26 | #ifdef CX_ARCH32 27 | typedef CX_UINT32 CX_SIZE_T; 28 | typedef CX_INT32 CX_SSIZE_T; 29 | #endif 30 | 31 | #ifdef CX_ARCH64 32 | typedef CX_UINT64 CX_SIZE_T; 33 | typedef CX_INT64 CX_SSIZE_T; 34 | #endif 35 | 36 | typedef CX_INT64 CX_INTMAXTYPE; // maximal signed integer type supported by this compiler 37 | typedef CX_UINT64 CX_UINTMAXTYPE; // maximal unsigned integer type supported by this compiler 38 | #define CX_INTMAXTYPE_WIDTH 64 39 | #define CX_UINTMAXTYPE_WIDTH 64 40 | #define CX_INTMAXTYPE_MIN_VALUE CX_INT64_MIN_VALUE 41 | #define CX_INTMAXTYPE_MAX_VALUE CX_INT64_MAX_VALUE 42 | #define CX_UINTMAXTYPE_MIN_VALUE CX_UINT64_MIN_VALUE 43 | #define CX_UINTMAXTYPE_MAX_VALUE CX_UINT64_MAX_VALUE 44 | 45 | #endif // _CX_VCTYPES_H_ 46 | -------------------------------------------------------------------------------- /winguest/winguestdll/feedback.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _FEEDBACK_H_ 7 | #define _FEEDBACK_H_ 8 | 9 | #include "json.hpp" 10 | 11 | extern "C" { 12 | #include "common/communication/commands.h" 13 | } 14 | 15 | #define FEEDBACK_EXT_INTRO "intro" 16 | #define FEEDBACK_EXT_COMPAT "compat" 17 | 18 | #define DEFAULT_THROTTLE_TIME 1ULL // seconds 19 | 20 | 21 | typedef enum _FEEDBACK_TYPES 22 | { 23 | feedbackIntroEpt = 0, 24 | feedbackIntroMsr, 25 | feedbackIntroCr, 26 | feedbackIntroXcr, 27 | feedbackIntroIntegrity, 28 | feedbackIntroTranslation, 29 | feedbackIntroMemcopy, 30 | feedbackIntroDtr, 31 | feedbackIntroProcessCreation, 32 | feedbackIntroModuleLoad, 33 | 34 | feedbackMax = feedbackIntroModuleLoad 35 | }FEEDBACK_FILE_TYPES, *PFEDBACK_FILE_TYPES; 36 | 37 | 38 | typedef struct _FEEDBACK_FILE_CONFIG 39 | { 40 | PCHAR Extension; 41 | BOOLEAN Generate; 42 | }FEEDBACK_FILE_CONFIG, *PFEEDBACK_FILE_CONFIG; 43 | 44 | typedef struct _FEEDBACK_OPTIONS 45 | { 46 | BOOLEAN Internal; 47 | QWORD LocalBackupDuration; 48 | 49 | FEEDBACK_FILE_CONFIG Files[feedbackMax + 1]; 50 | 51 | QWORD ThrottleTime; 52 | 53 | } FEEDBACK_OPTIONS, *PFEEDBACK_OPTIONS; 54 | 55 | void 56 | CleanupFeedbackFolder(void); 57 | 58 | NTSTATUS 59 | FeedbackWriteCompatHwInfo( 60 | _In_ nlohmann::json &jsonRoot 61 | ); 62 | 63 | NTSTATUS 64 | FeedbackWriteIntroAlertFile( 65 | _In_ INTROSPECTION_ALERT const& AlertCmd 66 | ); 67 | 68 | #endif // _FEEDBACK_H_ 69 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/wrappers/crt_short/crtdefs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifdef crt_INC_SETTINGS_CRTDEFS_H 7 | #include crt_INC_SETTINGS_CRTDEFS_H // define it to some .h file name/path if you want to provide settings 8 | #endif 9 | 10 | 11 | #ifndef _CRT_CRTDEFS_WRAPPER_ 12 | #define _CRT_CRTDEFS_WRAPPER_ 13 | 14 | #include "crt/crt_crtdefs.h" 15 | 16 | #if ( !defined(CRT_SKIP_DECL_DBG_UNREFERENCED_PARAMETER) && (!defined(CRT_DEFAULT_SKIP_CRTDEFS_H_DECL) || defined(CRT_WANT_DECL_DBG_UNREFERENCED_PARAMETER)) ) 17 | #define DBG_UNREFERENCED_PARAMETER CRT_DBG_UNREFERENCED_PARAMETER 18 | #endif 19 | 20 | #if ( !defined(CRT_SKIP_DECL_REL_UNREFERENCED_PARAMETER) && (!defined(CRT_DEFAULT_SKIP_CRTDEFS_H_DECL) || defined(CRT_WANT_DECL_REL_UNREFERENCED_PARAMETER)) ) 21 | #define REL_UNREFERENCED_PARAMETER CRT_REL_UNREFERENCED_PARAMETER 22 | #endif 23 | 24 | #if ( !defined(CRT_SKIP_DECL_UNREFERENCED_LOCAL_VARIABLE) && (!defined(CRT_DEFAULT_SKIP_CRTDEFS_H_DECL) || defined(CRT_WANT_DECL_UNREFERENCED_LOCAL_VARIABLE)) ) 25 | #define UNREFERENCED_LOCAL_VARIABLE CRT_UNREFERENCED_LOCAL_VARIABLE 26 | #endif 27 | 28 | #if ( !defined(CRT_SKIP_DECL_UNREFERENCED_PARAMETER) && (!defined(CRT_DEFAULT_SKIP_CRTDEFS_H_DECL) || defined(CRT_WANT_DECL_UNREFERENCED_PARAMETER)) ) 29 | #define UNREFERENCED_PARAMETER CRT_UNREFERENCED_PARAMETER 30 | #endif 31 | 32 | #if ( !defined(CRT_SKIP_DECL___ELEMENTARY_DEFINITIONS) && (!defined(CRT_DEFAULT_SKIP_CRTDEFS_H_DECL) || defined(CRT_WANT_DECL___ELEMENTARY_DEFINITIONS)) ) 33 | #define __ELEMENTARY_DEFINITIONS __CRT_ELEMENTARY_DEFINITIONS 34 | #endif 35 | 36 | 37 | #endif //_CRT_CRTDEFS_WRAPPER_ 38 | -------------------------------------------------------------------------------- /napoca/guests/code_scan.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "kernel/kernel.h" 7 | #include "guests/code_scan.h" 8 | #include "kernel/simplechecksum.h" 9 | 10 | CX_STATUS 11 | HvScanBuffer( 12 | _In_ HV_CODE_SIG_PACKAGE *SigPackage, 13 | _In_ CX_VOID *Buffer, 14 | _In_ CX_UINT32 BufferSize, 15 | __out_opt CX_UINT32 *Verdict 16 | ) 17 | { 18 | CX_UINT8 *bytes = Buffer; 19 | CX_UINT32 hash; 20 | 21 | if (SigPackage == CX_NULL) return CX_STATUS_INVALID_PARAMETER_1; 22 | if (bytes == CX_NULL) return CX_STATUS_INVALID_PARAMETER_2; 23 | if (BufferSize < sizeof(CX_UINT32)) return CX_STATUS_DATA_BUFFER_TOO_SMALL; 24 | 25 | // check the DOWRD hash 26 | hash = *(CX_UINT32*)bytes; 27 | for (CX_UINT32 i = 0; i < SigPackage->NumberOfSignatures; i++) 28 | { 29 | if (SigPackage->Signatures[i].Hash == hash) 30 | { 31 | CX_UINT64 currentChecksum; 32 | 33 | // avoid signatures that require more then the available buffer size 34 | if (SigPackage->Signatures[i].Length >= BufferSize) continue; 35 | 36 | // check the actual content checksum 37 | currentChecksum = HvChecksum64(bytes, SigPackage->Signatures[i].Length); 38 | if (currentChecksum == SigPackage->Signatures[i].Checksum) 39 | { 40 | LOG("Matched signature <%016llX> verdict = %d\n", currentChecksum, SigPackage->Signatures[i].Verdict); 41 | 42 | if (Verdict) *Verdict = SigPackage->Signatures[i].Verdict; 43 | 44 | return CX_STATUS_SUCCESS; 45 | } 46 | } 47 | } 48 | 49 | return CX_STATUS_DATA_NOT_FOUND; 50 | } -------------------------------------------------------------------------------- /include/common/external_interface/ringbuf_interface.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // This file documents the interface declarations needed for 8 | // compiling the ringbuffer as part of a project 9 | // 10 | 11 | 12 | #ifndef COMM_INFO 13 | #error "#define COMM_INFO(...) is not defined" 14 | #endif 15 | 16 | #ifndef COMM_LOG 17 | #error "#define COMM_LOG(...) is not defined" 18 | #endif 19 | 20 | #ifndef COMM_FUNC_FAIL 21 | #error "#define COMM_FUNC_FAIL(fnname, status) is not defined" 22 | #endif 23 | 24 | #ifndef COMM_ERROR 25 | #error "#define COMM_ERROR(...) is not defined" 26 | #endif 27 | 28 | #ifndef COMM_FATAL 29 | #error "#define COMM_FATAL(...) is not defined" 30 | #endif 31 | 32 | #ifndef CRT_COMPONENT 33 | #error "#define CRT_COMPONENT is not defined (see target* definitions in commands.h)" 34 | #endif 35 | 36 | 37 | 38 | CX_STATUS 39 | CommInitCustom( 40 | CX_VOID 41 | ); 42 | 43 | 44 | CX_BOOL 45 | CommBlockingAllowed( 46 | CX_VOID 47 | ); 48 | 49 | CX_BOOL 50 | CommIsBufferingEnabled( 51 | CX_VOID 52 | ); 53 | 54 | CX_BOOL 55 | CommCanAffordToWait( 56 | CX_VOID 57 | ); 58 | 59 | CX_STATUS 60 | CommSignalMessage( 61 | _In_ COMMAND_CODE CommandCode, 62 | _In_ CX_SIZE_T MessageOffset 63 | ); 64 | 65 | CX_STATUS 66 | CommSignalEvent( 67 | _In_ PCOMM_SHMEM_HEADER SharedMem, 68 | _In_ CX_UINT8 Event, 69 | _In_opt_ CX_UINT64 QDetail1, 70 | _In_opt_ CX_UINT64 QDetail2, 71 | _In_opt_ CX_UINT32 DDetail1, 72 | _In_opt_ CX_UINT32 DDetail2 73 | ); 74 | 75 | CX_STATUS 76 | CommDumpBufferedMessages( 77 | CX_VOID 78 | ); 79 | 80 | CX_STATUS 81 | CommFlushBufferedMessages( 82 | _In_ PCOMM_SHMEM_HEADER SharedMem /// ... 83 | ); -------------------------------------------------------------------------------- /napoca/include/external_interface/kernel_interface.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // This file is providing NAPOCA custom declarations and/or definitions needed by the common/kernel/* files 8 | // 9 | 10 | #ifndef _KERNEL_INTERFACE_H_ 11 | #define _KERNEL_INTERFACE_H_ 12 | 13 | #include "napoca.h" 14 | #include "kernel/kernel.h" 15 | #include "common/communication/ringbuf.h" 16 | 17 | #define FEAT_PRINT LOG 18 | #define FEAT_PRINTN LOGN 19 | 20 | 21 | #define CPU_IRQL_HIGH_LEVEL 0 22 | #define CPU_DEBUG_BREAK() 23 | 24 | 25 | typedef CX_UINT8 CPU_IRQL; 26 | 27 | __forceinline 28 | CPU_IRQL 29 | CpuRaiseIrqlToDpcLevel( 30 | CX_VOID 31 | ) 32 | { 33 | return 0; 34 | } 35 | 36 | __forceinline 37 | CX_VOID 38 | CpuRaiseIrql( 39 | CPU_IRQL Irql, 40 | CPU_IRQL *OldIrql 41 | ) 42 | { 43 | CX_UNREFERENCED_PARAMETER(Irql, OldIrql); 44 | return; 45 | } 46 | 47 | __forceinline 48 | CX_VOID 49 | CpuLowerIrql( 50 | _In_ CPU_IRQL Irql 51 | ) 52 | { 53 | CX_UNREFERENCED_PARAMETER(Irql); 54 | return; 55 | } 56 | 57 | __forceinline 58 | CX_STATUS 59 | CpuDelayExecution( 60 | _In_ CX_BOOL Alertable, 61 | _In_ CX_BOOL IsRelativeInterval, 62 | _In_ CX_UINT64 MicrosecondsInterval 63 | ) 64 | { 65 | CX_UNREFERENCED_PARAMETER(Alertable); 66 | if (IsRelativeInterval) 67 | { 68 | HvSpinWait(MicrosecondsInterval); 69 | return CX_STATUS_SUCCESS; 70 | } 71 | return CX_STATUS_OPERATION_NOT_SUPPORTED; 72 | } 73 | 74 | __forceinline 75 | CX_UINT32 76 | CpuGetCurrentApicId( 77 | CX_VOID 78 | ) 79 | { 80 | return __readgsdword(FIELD_OFFSET(PCPU, Id)); 81 | } 82 | 83 | 84 | #endif // _KERNEL_INTERFACE_H_ 85 | 86 | 87 | -------------------------------------------------------------------------------- /_external/codex/src/shared/native/wrappers/crt/wrapper_crt_conv.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifdef CRT_INC_SETTINGS_WRAPPER_CRT_CONV_C 7 | #include CRT_INC_SETTINGS_WRAPPER_CRT_CONV_C // define it to some .h file name/path if you want to provide settings 8 | #endif 9 | 10 | 11 | #include "crt/crt_crt.h" 12 | 13 | #if ( !defined(CRT_SKIP_DEF_STRTOL) && (!defined(CRT_DEFAULT_SKIP_WRAPPER_CRT_CONV_C_DEF) || defined(CRT_WANT_DEF_STRTOL)) ) 14 | CX_INT32 __cdecl 15 | strtol( 16 | _In_z_ const CX_INT8 *nptr, 17 | __out_opt CX_INT8 **endptr, 18 | _In_ CX_INT32 ibase 19 | ) 20 | { 21 | return crt_strtol(nptr, endptr, ibase); 22 | } 23 | #endif 24 | 25 | 26 | #if ( !defined(CRT_SKIP_DEF_STRTOUL) && (!defined(CRT_DEFAULT_SKIP_WRAPPER_CRT_CONV_C_DEF) || defined(CRT_WANT_DEF_STRTOUL)) ) 27 | CX_UINT32 __cdecl 28 | strtoul( 29 | _In_z_ const CX_INT8 *nptr, 30 | __out_opt CX_INT8 **endptr, 31 | _In_ CX_INT32 ibase 32 | ) 33 | { 34 | return crt_strtoul(nptr, endptr, ibase); 35 | } 36 | #endif 37 | 38 | 39 | #if ( !defined(CRT_SKIP_DEF_STRTOLL) && (!defined(CRT_DEFAULT_SKIP_WRAPPER_CRT_CONV_C_DEF) || defined(CRT_WANT_DEF_STRTOLL)) ) 40 | CX_INT64 __cdecl 41 | strtoll( 42 | _In_z_ const CX_INT8 *nptr, 43 | __out_opt CX_INT8 **endptr, 44 | _In_ CX_INT32 ibase 45 | ) 46 | { 47 | return crt_strtoll(nptr, endptr, ibase); 48 | } 49 | #endif 50 | 51 | 52 | #if ( !defined(CRT_SKIP_DEF_STRTOULL) && (!defined(CRT_DEFAULT_SKIP_WRAPPER_CRT_CONV_C_DEF) || defined(CRT_WANT_DEF_STRTOULL)) ) 53 | CX_UINT64 __cdecl 54 | strtoull( 55 | _In_z_ const CX_INT8 *nptr, 56 | __out_opt CX_INT8 **endptr, 57 | _In_ CX_INT32 ibase 58 | ) 59 | { 60 | return crt_strtoull(nptr, endptr, ibase); 61 | } 62 | #endif 63 | 64 | 65 | 66 | -------------------------------------------------------------------------------- /napoca/debug/perfstats.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "core.h" 7 | #include "debug/perfstats.h" 8 | 9 | CX_STATUS 10 | PerfAccountEvent( 11 | _In_ PERF_STATS *Stats, 12 | _In_ CX_UINT64 DeltaTsc 13 | ) 14 | { 15 | PERF_STATS_PACKED_BITFIELD oldPacked, newPacked; 16 | 17 | // total tsc 18 | CxInterlockedAdd64(&Stats->TotalTsc, DeltaTsc); 19 | 20 | // min 21 | CX_UINT64 timeout = HvApproximateTimeGuardFast(PERF_TIMEOUT); 22 | do 23 | { 24 | oldPacked = Stats->Packed; 25 | newPacked = oldPacked; 26 | newPacked.MinTscPerEvent = DeltaTsc; 27 | if (HvTimeout(timeout)) { ERROR("Timeout!\n"); timeout = HvApproximateTimeGuardFast(PERF_TIMEOUT); } 28 | } while ((!oldPacked.MinTscPerEvent || (DeltaTsc < oldPacked.MinTscPerEvent)) 29 | && (oldPacked.Raw != CxInterlockedCompareExchange64(&Stats->Packed.Raw, newPacked.Raw, oldPacked.Raw))); 30 | 31 | // max 32 | CX_UINT64 oldMax; 33 | timeout = HvApproximateTimeGuardFast(PERF_TIMEOUT); 34 | do 35 | { 36 | oldMax = Stats->MaxTscPerEvent; 37 | if (HvTimeout(timeout)) { ERROR("Timeout!\n"); timeout = HvApproximateTimeGuardFast(PERF_TIMEOUT); } 38 | } while ((DeltaTsc > oldMax) && (oldMax != CxInterlockedCompareExchange64(&Stats->MaxTscPerEvent, DeltaTsc, oldMax))); 39 | 40 | // counter 41 | CxInterlockedIncrement64(&Stats->TotalEvents); 42 | 43 | return CX_STATUS_SUCCESS; 44 | } 45 | 46 | CX_STATUS 47 | PerfReset( 48 | _Inout_ PERF_STATS *Stats, 49 | _In_ CX_UINT32 NumberOfEntries 50 | ) 51 | { 52 | for (CX_UINT32 i = 0; i < NumberOfEntries; i++) 53 | { 54 | PERF_STATS *s = &Stats[i]; 55 | memzero((CX_VOID *)s, sizeof(*s)); 56 | } 57 | 58 | return CX_STATUS_SUCCESS; 59 | } -------------------------------------------------------------------------------- /napoca/include/introspection/glue_layer/introtimer.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /// @addtogroup introcallhv 7 | ///@{ 8 | 9 | /** @file introtimer.h 10 | * @brief INTROTIMER - NAPOCA hypervisor glue layer, generic timing facilities. 11 | * 12 | */ 13 | 14 | #ifndef _INTROTIMER_H_ 15 | #define _INTROTIMER_H_ 16 | 17 | #include "glueiface.h" 18 | 19 | 20 | /// 21 | /// @brief Registers a timer callback, subscribing introcore to VMX timer events 22 | /// 23 | /// @param[in] GuestHandle Integrator-specific guest identifier 24 | /// @param[in] Callback The callback 25 | /// 26 | /// @returns CX_STATUS_SUCCESS - if the registration was successful 27 | /// @returns CX_STATUS_INVALID_PARAMETER_1 - if GuestHandle is NULL 28 | /// @returns CX_STATUS_INVALID_PARAMETER_2 - if Callback is NULL 29 | /// @returns CX_STATUS_ALREADY_INITIALIZED - if the callback was already registered by introcore, but no unregister was called. 30 | /// 31 | NTSTATUS 32 | GuestIntNapRegisterVmxTimerHandler( 33 | _In_ PVOID GuestHandle, 34 | _In_ PFUNC_IntIntroTimerCallback Callback 35 | ); 36 | 37 | /// 38 | /// @brief Unregisters the current timer callback, un-subscribing introcore from VMX timer events 39 | /// 40 | /// @param[in] GuestHandle Integrator-specific guest identifier 41 | /// 42 | /// @returns CX_STATUS_SUCCESS - if the un-registration was successful 43 | /// @returns CX_STATUS_INVALID_PARAMETER_1 - if GuestHandle is NULL 44 | /// @returns CX_STATUS_NOT_INITIALIZED_HINT - if the callback was never registered or it was already un-registered. 45 | /// 46 | NTSTATUS 47 | GuestIntNapUnregisterVmxTimerHandler( 48 | _In_ PVOID GuestHandle 49 | ); 50 | 51 | #endif // _INTROTIMER_H_ 52 | 53 | ///@} -------------------------------------------------------------------------------- /napoca/include/introspection/glue_layer/introhvcall.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /// @addtogroup introcallhv 7 | ///@{ 8 | 9 | /** @file introhvcall.h 10 | * @brief INTROHVCALL - NAPOCA hypervisor glue layer, generic VM/HV call functions. 11 | * 12 | */ 13 | 14 | #ifndef _INTROHVCALL_H_ 15 | #define _INTROHVCALL_H_ 16 | 17 | #include "glueiface.h" 18 | 19 | /// 20 | /// @brief Registers a VMCALL exit handler 21 | /// 22 | /// @param[in] GuestHandle Integrator-specific guest identifier 23 | /// @param[in] Callback The callback that must be invoked on VMCALL exits 24 | /// 25 | /// @returns CX_STATUS_SUCCESS - if the registration was successful 26 | /// @returns CX_STATUS_INVALID_PARAMETER_1 - if GuestHandle is NULL 27 | /// @returns CX_STATUS_INVALID_PARAMETER_2 - if Callback is NULL 28 | /// @returns CX_STATUS_ALREADY_INITIALIZED - if the callback was already registered by introcore, but no unregister was called. 29 | /// 30 | NTSTATUS 31 | GuestIntNapRegisterIntroCallHandler( 32 | _In_ PVOID GuestHandle, 33 | _In_ PFUNC_IntIntroCallCallback Callback 34 | ); 35 | 36 | /// 37 | /// @brief Unregisters the current VMCALL exit callback, un-subscribing introcore from VMCALL events 38 | /// 39 | /// @param[in] GuestHandle Integrator-specific guest identifier 40 | /// 41 | /// @returns CX_STATUS_SUCCESS - if the unregistration was successful 42 | /// @returns CX_STATUS_INVALID_PARAMETER_1 - if GuestHandle is NULL 43 | /// @returns CX_STATUS_NOT_INITIALIZED_HINT - if the callback was never registered or it was already un-registered. 44 | /// 45 | NTSTATUS 46 | GuestIntNapUnregisterIntroCallHandler( 47 | _In_ PVOID GuestHandle 48 | ); 49 | 50 | #endif // _INTROHVCALL_H_ 51 | 52 | ///@} -------------------------------------------------------------------------------- /napoca/include/communication/comm_guest.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | 7 | #ifndef _COMM_GUEST_H_ 8 | #define _COMM_GUEST_H_ 9 | 10 | #include "common/communication/commands.h" 11 | 12 | typedef struct _VCPU VCPU; 13 | 14 | NTSTATUS 15 | VxhVmCallGuestMessage( 16 | _In_ VCPU* Vcpu, 17 | _In_ BOOLEAN Privileged, 18 | _In_ COMMAND_CODE CommandCode, 19 | _In_ QWORD Param1, 20 | _In_ QWORD Param2, 21 | _In_ QWORD Param3, 22 | _In_ QWORD Param4, 23 | _Out_ QWORD *OutParam1, 24 | _Out_ QWORD *OutParam2, 25 | _Out_ QWORD *OutParam3, 26 | _Out_ QWORD *OutParam4 27 | ); 28 | 29 | NTSTATUS 30 | GuestClientConnected( 31 | _In_ COMM_COMPONENT Component, 32 | _Out_ QWORD *OutSharedMemGPA, 33 | _Out_ QWORD *OutSharedMemSize 34 | ); 35 | 36 | NTSTATUS 37 | GuestClientDisconnected( 38 | _In_ COMM_COMPONENT Component 39 | ); 40 | 41 | NTSTATUS 42 | CommGuestForwardMessage( 43 | _In_ PCOMM_MESSAGE Msg 44 | ); 45 | 46 | NTSTATUS 47 | CommPrepareMessage( 48 | _In_ COMMAND_CODE CommandCode, 49 | _In_ WORD CommandFlags, 50 | _In_ COMM_COMPONENT DstComponent, 51 | _In_ DWORD Size, 52 | _Out_ PCOMM_MESSAGE *Message 53 | ); 54 | 55 | NTSTATUS 56 | CommPostMessage( 57 | _In_ PCOMM_MESSAGE Message 58 | ); 59 | 60 | NTSTATUS 61 | CommDestroyMessage( 62 | _In_ PCOMM_MESSAGE Message 63 | ); 64 | 65 | NTSTATUS 66 | CommSetupHostRingBuffer( 67 | void 68 | ); 69 | 70 | VOID 71 | CommIntroCheckPendingAlerts( 72 | _In_ VCPU* Vcpu, 73 | _In_ BOOLEAN ForcedFlush 74 | ); 75 | 76 | __forceinline 77 | BOOLEAN 78 | CommIsComponentConnected( 79 | _In_ COMM_COMPONENT CommComponent 80 | ); 81 | 82 | #endif //_COMM_GUEST_H_ 83 | -------------------------------------------------------------------------------- /winguest/winguestdll/kerncomm.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | 7 | #ifndef _KERNCOMM_H_ 8 | #define _KERNCOMM_H_ 9 | 10 | extern "C" { 11 | #include "common/communication/commands.h" 12 | } 13 | #include "common/boot/cpu_features.h" 14 | 15 | NTSTATUS 16 | KernCommInit( 17 | void 18 | ); 19 | 20 | NTSTATUS 21 | KernCommUninit( 22 | void 23 | ); 24 | 25 | NTSTATUS 26 | KernCommSendMessage( 27 | _In_ COMMAND_CODE CommandId, 28 | _In_ COMM_COMPONENT Destination, 29 | _In_reads_bytes_(InputBufferSize) PVOID InputBuffer, 30 | _In_ DWORD InputBufferSize, 31 | _Out_writes_bytes_to_opt_(OutputBufferSize, *ActualOutputBufferSize) PVOID OutputBuffer, 32 | _In_ DWORD OutputBufferSize, 33 | _Out_opt_ DWORD *ActualOutputBufferSize 34 | ); 35 | 36 | NTSTATUS 37 | KernCommReceiveMessage( 38 | _In_ HANDLE Client, 39 | _In_ PVOID InputBuffer, 40 | _In_ DWORD InputBufferLength, 41 | _Out_opt_ PVOID OutputBuffer, 42 | _In_opt_ DWORD OutputBufferLength, 43 | _Out_opt_ DWORD* BytesReturned 44 | ); 45 | 46 | NTSTATUS 47 | KernCommNewClientConnected( 48 | _In_ HANDLE Client 49 | ); 50 | 51 | NTSTATUS 52 | KernCommClientDisconnected( 53 | _In_ HANDLE Client 54 | ); 55 | 56 | ////////////////////////////////////////////////////////////////////////// 57 | /// Specific communication 58 | ////////////////////////////////////////////////////////////////////////// 59 | 60 | NTSTATUS 61 | GetHostCpuAndVirtFeatures( 62 | _Inout_ CPU_ENTRY *CpuEntry, 63 | _Inout_ VIRTUALIZATION_FEATURES *VirtFeatures, 64 | _Inout_ SMX_CAPABILITIES *SmxCapabilities 65 | ); 66 | 67 | NTSTATUS 68 | GetHostCpuCrValues( 69 | _Inout_ QWORD* Cr0, 70 | _Inout_ QWORD* Cr4 71 | ); 72 | 73 | #endif 74 | -------------------------------------------------------------------------------- /autogen/cmdlines/cmdline.txt: -------------------------------------------------------------------------------- 1 | CfgDebugHookBareMinimumPci=1, 2 | CfgDebugInterceptHwp=0, 3 | CfgDebugOutputDebuggerOnly=0, 4 | CfgDebugOutputEnabled=0, 5 | CfgDebugOutputSerialEnabled=0, 6 | CfgDebugOutputVgaEnabled=0, 7 | CfgDebugStartInDebugger=0, 8 | CfgDebugTraceAcpi=0, 9 | CfgDebugTraceApic=0, 10 | CfgDebugTraceCrashLog=3, 11 | CfgDebugTraceEmulatorEnabled=0, 12 | CfgDebugTraceEmulatorUnique=0, 13 | CfgDebugTraceGuestExceptions=0, 14 | CfgDebugTraceHwp=0, 15 | CfgDebugTraceMemoryMaps=0, 16 | CfgDebugTraceMsix=0, 17 | CfgDebugTracePci=0, 18 | CfgDebugTracePciDeviceBus=0, 19 | CfgDebugTracePciDeviceDevice=0, 20 | CfgDebugTracePciDeviceEnabled=0, 21 | CfgDebugTracePciDeviceFunction=0, 22 | CfgDebugTracePeriodicStatsEnabled=0, 23 | CfgDebugTracePeriodicStatsFastAllocators=0, 24 | CfgDebugTracePeriodicStatsPerformance=0, 25 | CfgFeaturesActivateHwp=2, 26 | CfgFeaturesHibernatePersistance=1, 27 | CfgFeaturesHidePhysicalX2Apic=1, 28 | CfgFeaturesIntrospectionCallTimer=1, 29 | CfgFeaturesIntrospectionEnabled=1, 30 | CfgFeaturesIntrospectionOptions=0x293BFFFFF, 31 | CfgFeaturesIntrospectionVerbosity=3, 32 | CfgFeaturesNmiPerformanceCounterTicksPerSecond=0, 33 | CfgFeaturesUnloadOnErrorsEnabled=1, 34 | CfgFeaturesVirtualizationEnlightCpuManagement=2, 35 | CfgFeaturesVirtualizationEnlightEnabled=1, 36 | CfgFeaturesVirtualizationEnlightRefCounter=1, 37 | CfgFeaturesVirtualizationEnlightTscPage=1, 38 | CfgFeaturesVirtualizationEnlightTscPageWorkaround=1, 39 | CfgFeaturesVirtualizationMonitorGuestActivityStateChanges=1, 40 | CfgFeaturesVirtualizationPreemptionTimerExitsPerHour=3600, 41 | CfgFeaturesVirtualizationSingleStepUsingLargePages=1, 42 | CfgFeaturesVirtualizationSpp=1, 43 | CfgFeaturesVirtualizationTscExit=0, 44 | CfgFeaturesVirtualizationTscOffsetting=1, 45 | CfgFeaturesVirtualizationVe=1, 46 | CfgFeaturesVirtualizationVmFunc=1, 47 | CfgHacksWinhvrReducedEnlightenment=1 -------------------------------------------------------------------------------- /winguest/winguest/version.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _VERSION_H_ 7 | #define _VERSION_H_ 8 | 9 | #include "../../include/ver.h" // global version info 10 | 11 | #define WINGUEST_VERSION_HIGH GLOBAL_VERSION_MAJOR 12 | #define WINGUEST_VERSION_LOW GLOBAL_VERSION_MINOR 13 | #define WINGUEST_VERSION_REVISION GLOBAL_VERSION_REVISION 14 | #define WINGUEST_VERSION_BUILD GLOBAL_VERSION_BUILDNUMBER 15 | 16 | #define WINGUEST_BUILD_DATE __DATE__ 17 | #define WINGUEST_BUILD_TIME __TIME__ 18 | 19 | #define WINGUEST_VERSIONSTAMP ((((DWORD)WINGUEST_VERSION_REVISION) << 16) | ((DWORD)WINGUEST_VERSION_BUILD)) 20 | 21 | #ifdef VER_INTERNALNAME_STR 22 | #undef VER_INTERNALNAME_STR 23 | #endif 24 | #define VER_INTERNALNAME_STR "winguest.sys" 25 | 26 | #ifdef VER_MODULE_REVISION 27 | #undef VER_MODULE_REVISION 28 | #endif 29 | #define VER_MODULE_REVISION WINGUEST_VERSION_REVISION 30 | 31 | #ifdef VER_FILEVERSION 32 | #undef VER_FILEVERSION 33 | #endif 34 | #define VER_FILEVERSION WINGUEST_VERSION_HIGH,WINGUEST_VERSION_LOW,WINGUEST_VERSION_REVISION,WINGUEST_VERSION_BUILD 35 | 36 | #ifdef DBG 37 | #define BDVER_FILEVERSION_MAJORMINORREVBLD2(x,y,z,w) #x "." #y "." #z "." #w ", DEBUG" 38 | #else 39 | #define BDVER_FILEVERSION_MAJORMINORREVBLD2(x,y,z,w) #x "." #y "." #z "." #w ", RELEASE" 40 | #endif 41 | #define BDVER_FILEVERSION_MAJORMINORREVBLD1(x,y,z,w) BDVER_FILEVERSION_MAJORMINORREVBLD2(x, y, z, w) 42 | 43 | #ifdef VER_FILEVERSION_STR 44 | #undef VER_FILEVERSION_STR 45 | #endif 46 | #define VER_FILEVERSION_STR BDVER_FILEVERSION_MAJORMINORREVBLD1(WINGUEST_VERSION_HIGH, WINGUEST_VERSION_LOW, WINGUEST_VERSION_REVISION, WINGUEST_VERSION_BUILD) 47 | 48 | #endif // _VERSION_H_ 49 | -------------------------------------------------------------------------------- /winguest/winguestdll/helpers.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _HELPERS_H_ 7 | #define _HELPERS_H_ 8 | 9 | #include 10 | #include "common/kernel/napoca_version.h" 11 | 12 | #define STATIC_LEN(String) (_countof(String) - 1) 13 | 14 | #define STRINGIFY2(s) #s 15 | #define STRINGIFY(s) STRINGIFY2(s) // two steps needed in order to expand nested macros before conversion 16 | 17 | #define WIDEN2(s) L ## s 18 | #define WIDEN(s) WIDEN2(s) // two steps needed in order to expand nested macros before conversion 19 | 20 | #define WIDE_TO_CHAR(wstr) ((std::wstring_convert>().to_bytes(wstr)).c_str()) 21 | #define CHAR_TO_WIDE(str) ((std::wstring_convert>().from_bytes(str)).c_str()) 22 | 23 | struct KNOWN_VERSIONS 24 | { 25 | NAPOCA_VERSION WinguestSys; 26 | NAPOCA_VERSION Napoca; 27 | NAPOCA_VERSION Intro; 28 | DWORD LiveSupportHigh; 29 | DWORD LiveSupportLow; 30 | DWORD LiveSupportBuild; 31 | DWORD ExceptionsHigh; 32 | DWORD ExceptionsLow; 33 | DWORD ExceptionsBuild; 34 | NAPOCA_VERSION WinguestDllRequiredByWinguestSys; 35 | }; 36 | 37 | NTSTATUS 38 | GetWindowsVersion( 39 | _Out_ DWORD* Major, 40 | _Out_ DWORD* Minor, 41 | _Out_opt_ WORD* ServicePack, 42 | _Out_opt_ DWORD* BuildNumber, 43 | _Out_opt_ DWORD* UpdateBuildRevision, 44 | _Out_opt_ BYTE* ProductType, 45 | _Out_opt_ WORD* SuiteMask, 46 | _Out_opt_ BOOLEAN *Is32 47 | ); 48 | 49 | NTSTATUS 50 | CreateDirectoryFullPath( 51 | _In_ std::wstring const& FullPath 52 | ); 53 | 54 | NTSTATUS 55 | DeleteDirectoryAndContent( 56 | _In_ std::wstring const& Directory 57 | ); 58 | 59 | #endif //_HELPERS_H_ 60 | -------------------------------------------------------------------------------- /common/communication/vmcall64.nasm: -------------------------------------------------------------------------------- 1 | ; 2 | ; Copyright (c) 2020 Bitdefender 3 | ; SPDX-License-Identifier: Apache-2.0 4 | ; 5 | 6 | [BITS 64] 7 | %include "seh.nasm" 8 | 9 | 10 | section .text 11 | 12 | 13 | ; 14 | ; HvVmcall( 15 | ; SIZE_T MessageType, 16 | ; SIZE_T Param1, 17 | ; SIZE_T Param2, 18 | ; SIZE_T Param3, 19 | ; SIZE_T Param4, 20 | ; SIZE_T *OutParam1, 21 | ; SIZE_T *OutParam2, 22 | ; SIZE_T *OutParam3, 23 | ; SIZE_T *OutParam4) 24 | ; 25 | SEH_INSTANTIATE_DEFAULT_HANDLER 26 | 27 | global HvVmcall 28 | 29 | HvVmcall: 30 | SEH 31 | PUSHREGS RBP, RBX, RDI, RSI 32 | ENDPROLOG 33 | 34 | .argdelta equ 4*8 + 8 + 0x20 ; 4x8 bytes from 4xpushreg + 8 bytes return address + 0x20 for the "shadow store" 35 | 36 | mov rax, rcx ; first arg 37 | mov rcx, rdx ; second arg 38 | mov rdx, r8 ; third 39 | mov rsi, r9 ; 4th arg 40 | mov rdi, [rsp + .argdelta] ; 5th arg 41 | 42 | xor rbx, rbx 43 | mov ebx, 06C437648H 44 | vmcall 45 | 46 | mov rbx, [rsp + .argdelta + 8] 47 | test rbx, rbx 48 | jz .skip_paramout1 49 | mov [rbx], rcx 50 | .skip_paramout1: 51 | mov rbx, [rsp + .argdelta + 8*2] 52 | test rbx, rbx 53 | jz .skip_paramout2 54 | mov [rbx], rdx 55 | .skip_paramout2: 56 | mov rbx, [rsp + .argdelta + 8*3] 57 | test rbx, rbx 58 | jz .skip_paramout3 59 | mov [rbx], rsi 60 | .skip_paramout3: 61 | mov rbx, [rsp + .argdelta + 8*4] 62 | test rbx, rbx 63 | jz .skip_paramout4 64 | mov [rbx], rdi 65 | .skip_paramout4: 66 | 67 | POPREGS RBP, RBX, RDI, RSI 68 | ret 69 | ENDSEH 70 | 71 | 72 | global CpuGetSecCapabilities 73 | CpuGetSecCapabilities: 74 | push rbx 75 | 76 | mov rbx, rcx ; RBX capabilities index 77 | xor rax, rax ; RAX param for getsec - 0 = capabilities 78 | getsec 79 | 80 | pop rbx 81 | ret -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/crt/crt_varargs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _CRT_VARARGS_H_ 7 | #define _CRT_VARARGS_H_ 8 | #include "cx_native.h" 9 | 10 | typedef CX_INT8 * crt_va_list; 11 | 12 | #ifdef __cplusplus 13 | #define _CRT_ADDRESSOF(v) ( &reinterpret_cast(v) ) 14 | #else 15 | #define _CRT_ADDRESSOF(v) ( &(v) ) 16 | #endif 17 | 18 | #if defined(CX_ARCH64) 19 | 20 | // the __crt_va_start is exported by the compiler, but with different names 21 | 22 | #ifdef CX_GNUC 23 | #define __crt_va_start __builtin_va_start 24 | #else 25 | #ifdef CX_CLANG 26 | #define __crt_va_start __builtin_va_start 27 | #else 28 | #ifdef CX_MSVC 29 | #define __crt_va_start __va_start 30 | extern CX_VOID __cdecl __va_start(_Out_ crt_va_list *, ...); // is this exported by VC compiler? 31 | #endif 32 | #endif 33 | #endif 34 | 35 | #define _crt_va_start(ap, x) ( __crt_va_start(&ap, x) ) 36 | #define _crt_va_arg(ap, t) ( ( sizeof(t) > sizeof(CX_INT64) || ( sizeof(t) & (sizeof(t) - 1) ) != 0 ) \ 37 | ? **(t **)( ( ap += sizeof(CX_INT64) ) - sizeof(CX_INT64) ) \ 38 | : *(t *)( ( ap += sizeof(CX_INT64) ) - sizeof(CX_INT64) ) ) 39 | #define _crt_va_end(ap) ( ap = (crt_va_list)0 ) 40 | 41 | #else 42 | 43 | // a guess at the proper definitions for other platforms 44 | 45 | #define _CRT_INTSIZEOF(n) ( (sizeof(n) + sizeof(CX_INT32) - 1) & ~(sizeof(CX_INT32) - 1) ) 46 | 47 | #define _crt_va_start(ap,v) ( ap = (crt_va_list)_CRT_ADDRESSOF(v) + _CRT_INTSIZEOF(v) ) 48 | #define _crt_va_arg(ap,t) ( *(t *)((ap += _CRT_INTSIZEOF(t)) - _CRT_INTSIZEOF(t)) ) 49 | #define _crt_va_end(ap) ( ap = (crt_va_list)0 ) 50 | 51 | #endif 52 | 53 | #define crt_va_start _crt_va_start 54 | #define crt_va_arg _crt_va_arg 55 | #define crt_va_end _crt_va_end 56 | 57 | #endif // _CRT_VARARGS_H_ 58 | 59 | -------------------------------------------------------------------------------- /winguest_sample/src/main.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #define WIN32_NO_STATUS 7 | #include 8 | #undef WIN32_NO_STATUS 9 | 10 | #include 11 | #include 12 | #include 13 | 14 | #include 15 | 16 | #include "cmdline.h" 17 | #include "imports.h" 18 | 19 | DWORD wmain(DWORD Argc, WCHAR **Argv, WCHAR **Envp) 20 | { 21 | UNREFERENCED_PARAMETER(Envp); 22 | 23 | if (!CmdLineInit()) { return 1; } 24 | 25 | // This application uses functions from winguestdll.dll. 26 | // We must initialize all imports and dll's before processing orders. 27 | NTSTATUS status = ImportsInit(); 28 | if (!NT_SUCCESS(status)) { return 1; } 29 | 30 | // The application can be used both with and without the command line. 31 | // If the command line is used, the application will no longer require 32 | // input from the user but will parse and execute the command line, then exit. 33 | // If a command line is not given, the application will request input from the user. 34 | if (Argc > 1) 35 | { 36 | // We are in the case where we received the command line directly. 37 | // We send the command to the interpreter but we ignore the first argument 38 | // which is the name of the program. 39 | status = CmdLineMatchAndExecuteCommands(Argc - 1, &Argv[1]); 40 | } 41 | 42 | wprintf(L"\nWelcome to the NAPOCA Hypervisor sample configuration utility\n"); 43 | wprintf(L"Type 'help' for available commands.\n"); 44 | 45 | while (TRUE) 46 | { 47 | WCHAR userInputString[MAX_USER_INPUT_STRING_LENGTH] = { 0 }; 48 | wprintf(L"Command: "); 49 | 50 | fgetws(userInputString, MAX_USER_INPUT_STRING_LENGTH - 1, stdin); 51 | size_t userInputLength = wcslen(userInputString); 52 | userInputString[userInputLength - 1] = 0; // Cut '\n' 53 | 54 | status = CmdLineParseUserStringAndExecuteCommands(userInputString); 55 | } 56 | 57 | return 0; 58 | } -------------------------------------------------------------------------------- /autogen/install_files.h: -------------------------------------------------------------------------------- 1 | {napocabin, SDK_DIR_HV, L"napoca.bin", L"napoca.bin", 0b01000111, LD_MODID_NAPOCA_IMAGE, "kernel" }, 2 | {introcorebin, SDK_DIR_HV, L"introcore.dll", L"introcore.dll", 0b00010111, LD_MODID_INTRO_CORE, "intro" }, 3 | {defaultCmdLine, SDK_DIR_HV, L"cmdline.txt", NULL, 0b00000000, LD_MODID_INVALID, NULL }, 4 | {finalCmdLine, SDK_DIR_HV, L"cmdlinefinal.txt", L"napoca.cfg", 0b10011111, LD_MODID_COMMAND_LINE, "commandLine" }, 5 | {efiPreloader, SDK_DIR_EFI, L"bdhvpreloader.efi", L"bdhvpreloader.efi", 0b00000010, LD_MODID_INVALID, NULL }, 6 | {undefinedId, SDK_DIR_EFI, L"bdhvloader.efi", L"bdhvloader.efi", 0b00000010, LD_MODID_INVALID, NULL }, 7 | {undefinedId, SDK_DIR_EFI, L"efi_cmdline.txt", L"config.cfg", 0b00000010, LD_MODID_INVALID, NULL }, 8 | {efiLoaderBackup, SDK_DIR_DYNAMIC, L"EFI\\Boot\\bootx64.efi", L"EFI\\Boot\\bootx64_bck.efi", 0b00000000, LD_MODID_INVALID, NULL }, 9 | {exceptionsbin, SDK_DIR_UPDATES_INTRO, L"exceptions.bin", L"exceptions.bin", 0b00011111, LD_MODID_INTRO_EXCEPTIONS, "exceptions" }, 10 | {introliveupdtbin, SDK_DIR_UPDATES_INTRO, L"intro_live_update.bin", L"intro_live_update.bin", 0b00011111, LD_MODID_INTRO_LIVE_UPDATE, "liveintroupd" }, 11 | {undefinedId, SDK_DIR_DYNAMIC, NULL, L"original_mbr", 0b00110000, LD_MODID_ORIG_MBR, "guestLoader" }, 12 | {undefinedId, SDK_DIR_DYNAMIC, NULL, L"boot.module", 0b00010000, LD_MODID_MBR_SETTINGS, "settings" }, 13 | {undefinedId, SDK_DIR_DYNAMIC, NULL, L"recovery.module", 0b00100000, LD_MODID_MBR_SETTINGS, "settings" } -------------------------------------------------------------------------------- /napoca/kernel/gs_checks.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "kernel/kernel.h" 7 | 8 | #define GET_RETURN_ADDRESS *((CX_VOID **)_AddressOfReturnAddress()) ///< Address of the current stack 9 | 10 | #define DEFAULT_SECURITY_COOKIE_VALUE 0x3D79'CF46'20CA'B10EULL ///< Security value used to check the integrity of the stack 11 | 12 | const CX_UINT64 __security_cookie = DEFAULT_SECURITY_COOKIE_VALUE; ///< Wrapper for DEFAULT_SECURITY_COOKIE_VALUE 13 | 14 | // Called when a buffer bound check fails 15 | // From what I've seen in the disassembly no parameters passed => we can only print the location where the instruction occurred 16 | 17 | /** 18 | * @brief GS Buffer Security Check method. 19 | * @brief Logs the security error and unloads the Hypervisor 20 | */ 21 | __declspec(noreturn) 22 | CX_VOID 23 | __report_rangecheckfailure( 24 | CX_VOID 25 | ) 26 | { 27 | CRITICAL("Function which corrupted the stack is %018p\n", GET_RETURN_ADDRESS); 28 | 29 | CLN_UNLOAD(STATUS_GS_RANGE_CHECK_FAILURE); 30 | } 31 | 32 | #pragma optimize( "", off) 33 | 34 | /** 35 | * @brief GS Buffer Security Check method. 36 | * @brief Logs the security error and unloads the Hypervisor 37 | */ 38 | __declspec(noreturn) 39 | CX_VOID 40 | __GSHandlerCheck( 41 | CX_VOID 42 | ) 43 | { 44 | CRITICAL("Function which corrupted the stack is %018p\n", GET_RETURN_ADDRESS); 45 | 46 | CLN_UNLOAD(STATUS_GS_HANDLER_CHECK_FAILURE); 47 | } 48 | #pragma optimize( "", on) 49 | 50 | 51 | /** 52 | * @brief GS Buffer Security Check method. 53 | * @brief Logs the cookie-stack error and unloads the hypervisor. 54 | */ 55 | __declspec(noreturn) 56 | CX_VOID 57 | __cdecl 58 | __report_cookie_corruption( 59 | _In_ CX_UINT64 StackCookie 60 | ) 61 | { 62 | LOG("Security cookie is %018p but should have been %018p. Function which corrupted the stack is %018p\n", 63 | StackCookie, __security_cookie, GET_RETURN_ADDRESS); 64 | CLN_UNLOAD(STATUS_GS_COOKIE_BITTEN); 65 | } 66 | -------------------------------------------------------------------------------- /winguest/winguest/winguest.rc: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #include 4 | 5 | #include "version.h" 6 | 7 | #define VER_FILETYPE VFT_DRV 8 | #define VER_FILESUBTYPE VFT2_DRV_SYSTEM 9 | #ifdef DBG 10 | #define VER_FILEDESCRIPTION_STR "WINGUEST filter driver (DEBUG)" 11 | #else 12 | #define VER_FILEDESCRIPTION_STR "WINGUEST filter driver" 13 | #endif 14 | #define VER_INTERNALNAME_STR "winguest.sys" 15 | 16 | #ifdef VER_LEGALCOPYRIGHT_STR 17 | #undef VER_LEGALCOPYRIGHT_STR 18 | #endif 19 | #define VER_LEGALCOPYRIGHT_STR "Copyright \251 NapocaHv" 20 | 21 | #ifdef VER_COMPANYNAME_STR 22 | #undef VER_COMPANYNAME_STR 23 | #endif 24 | #define VER_COMPANYNAME_STR "NapocaHv" 25 | 26 | #ifdef VER_PRODUCTNAME_STR 27 | #undef VER_PRODUCTNAME_STR 28 | #endif 29 | #define VER_PRODUCTNAME_STR "NapocaHv WINGUEST" 30 | 31 | #ifdef VER_FILEVERSION 32 | #undef VER_FILEVERSION 33 | #endif 34 | #define VER_FILEVERSION WINGUEST_VERSION_HIGH,WINGUEST_VERSION_LOW,WINGUEST_VERSION_REVISION,WINGUEST_VERSION_BUILD 35 | 36 | #ifdef BDVER_FILEVERSION_MAJORMINORREVBLD2 37 | #undef BDVER_FILEVERSION_MAJORMINORREVBLD2 38 | #endif 39 | #define BDVER_FILEVERSION_MAJORMINORREVBLD2(x,y,z,w) #x "." #y "." #z "." #w 40 | 41 | #ifdef BDVER_FILEVERSION_MAJORMINORREVBLD1 42 | #undef BDVER_FILEVERSION_MAJORMINORREVBLD1 43 | #endif 44 | #define BDVER_FILEVERSION_MAJORMINORREVBLD1(x,y,z,w) BDVER_FILEVERSION_MAJORMINORREVBLD2(x, y, z, w) 45 | 46 | #ifdef VER_FILEVERSION_STR 47 | #undef VER_FILEVERSION_STR 48 | #endif 49 | #define VER_FILEVERSION_STR BDVER_FILEVERSION_MAJORMINORREVBLD1(WINGUEST_VERSION_HIGH, WINGUEST_VERSION_LOW, WINGUEST_VERSION_REVISION, WINGUEST_VERSION_BUILD) 50 | 51 | #ifdef VER_PRODUCTVERSION_STR 52 | #undef VER_PRODUCTVERSION_STR 53 | #endif 54 | #define VER_PRODUCTVERSION_STR BDVER_FILEVERSION_MAJORMINORREVBLD1(WINGUEST_VERSION_HIGH, WINGUEST_VERSION_LOW, WINGUEST_VERSION_REVISION, WINGUEST_VERSION_BUILD) 55 | 56 | #ifdef VER_PRODUCTVERSION 57 | #undef VER_PRODUCTVERSION 58 | #endif 59 | #define VER_PRODUCTVERSION VER_FILEVERSION 60 | 61 | 62 | #include "common.ver" 63 | 64 | -------------------------------------------------------------------------------- /napoca/include/kernel/hypercall.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /** @file hypercall.h 7 | * @brief The hypercall handler 8 | * 9 | * The hypervisor provides a calling mechanism for guests. 10 | * Such calls are referred to as hypercalls. Each hypercall defines a set of input and/or output parameters. 11 | * These parameters are specified in terms of a memory-based data structure 12 | * or directly as values through the VCPU registers (in the case of fast type hypercalls). 13 | * You can make an analogy between syscall and hypercall. 14 | * The syscall is a User-Mode <-> Kernel-Mode communication mechanism 15 | * and the hypercall is a GuestOs <-> Hypervisor communication mechanism 16 | * 17 | */ 18 | 19 | /// \defgroup hc Hypercall support 20 | /// \ingroup gst_enlight 21 | /// @{ 22 | 23 | #ifndef _HYPERCALL_H_ 24 | #define _HYPERCALL_H_ 25 | 26 | #include "kernel/kernel.h" 27 | #include "kernel/hypercall_status.h" 28 | 29 | /** 30 | * @brief Hypercall magic 31 | * 32 | * A simple overview of the hypercall mechanism: 33 | * The hypervisor prepares a memory page with executable code, 34 | * the page where the guest jumps and executes to make a hypercall. 35 | * Within that page a vmcall will be made, to pass from the guest to the hypervisor 36 | * (somewhat equivalent to SYSENTER in the case of syscalls). 37 | * So, for our hypervisor to differentiate between hypercalls 38 | * and other events that come within the vmcall exit, this magic value will be used. 39 | * Please keep this definition synchronized 40 | * with HC_VMCALL_MAGIC from the kernel_vmx.nasm file. 41 | * 42 | */ 43 | #define HC_VMCALL_MAGIC 0xBDBDBD66 44 | 45 | /// 46 | /// @brief Manages the hypercalls that reach our hypervisor. 47 | /// 48 | /// If a vmcall exit appears in the hypervisor and that vmcall has the 49 | /// magic value HC_VMCALL_MAGIC set in the EBP register then it is considered 50 | /// a HYPERCALL because it reached us on the page we prepared for the GUEST OS. 51 | /// This function will handle the hypercall request. 52 | /// 53 | CX_VOID 54 | HcHyperCallHandler( 55 | CX_VOID 56 | ); 57 | 58 | /// @} 59 | 60 | #endif // !_HYPERCALL_H_ -------------------------------------------------------------------------------- /napoca/include/debug/stackdump.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _STACKDUMP_H_ 7 | #define _STACKDUMP_H_ 8 | 9 | #include "base/cx_defs.h" 10 | #include "base/cx_types.h" 11 | 12 | #define DVTC_BLOB_PREFIX "$$$stack$$$" 13 | #define DVTC_BLOB_MAGIC_HEXENCODED "DVTC_HEX" 14 | #define DVTC_BLOB_SUFFIX "###stack###" 15 | 16 | // 17 | // basic BLOB structures and definitions 18 | // 19 | #define DVTC_BLOB_TYPE_STACKWALK 0x00000001 20 | #define DVTC_BLOB_TYPE_DUMPTYPE 0x00000002 21 | 22 | // 23 | // flags that can be used with DVTC_BLOB_TYPE_STACKWALK 24 | // 25 | #define DVTC_FLAG_STACKWALK_BASIC_INFO 0x00000001 // windbg k-like stack dump 26 | #define DVTC_FLAG_STACKWALK_PARAM_INFO 0x00000002 // windbg kv-like stack dump 27 | #define DVTC_FLAG_STACKWALK_LOCAL_INFO 0x00000004 // windbg kv-like stack dump + locals for each function 28 | 29 | #pragma pack(push) 30 | #pragma pack(1) 31 | 32 | #pragma warning(push) 33 | #pragma warning(disable:4200) // nonstandard extension used: zero-sized array in struct/union 34 | 35 | typedef struct _DVTC_BLOB_HEADER 36 | { 37 | CX_UINT32 BlobSize; // in bytes, including this header + suffix & prefix 38 | CX_UINT32 Type; // DVTC_BLOB_TYPE_xxx 39 | } DVTC_BLOB_HEADER; 40 | 41 | typedef struct _DVTC_BLOB_STACKWALK 42 | { 43 | DVTC_BLOB_HEADER Header; 44 | CX_UINT64 CpuBootIndex; 45 | CX_UINT64 Rsp; 46 | CX_UINT64 Rip; 47 | CX_UINT64 Rdi; 48 | CX_UINT32 Flags; 49 | CX_UINT32 RawStackLength; // in bytes 50 | CX_UINT8 RawStack[]; 51 | } DVTC_BLOB_STACKWALK; 52 | 53 | #define DVTC_BLOB_NEEDED_SIZE_HEXENCODED(StructType, PayloadLength) \ 54 | ((sizeof(DVTC_BLOB_PREFIX) - 1) + (sizeof(DVTC_BLOB_MAGIC_HEXENCODED) - 1) + \ 55 | (sizeof(StructType) + (PayloadLength)) * 2 + (sizeof(DVTC_BLOB_SUFFIX) - 1)) 56 | 57 | #pragma warning(pop) 58 | #pragma pack(pop) 59 | 60 | #endif 61 | -------------------------------------------------------------------------------- /winguest_sample/include/imports.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _IMPORTS_H_ 7 | #define _IMPORTS_H_ 8 | 9 | // 10 | // Here you will find all the functions imported from winguestdll.dll 11 | // 12 | 13 | #ifndef QWORD 14 | #define QWORD unsigned __int64 15 | #endif 16 | 17 | #define WIN32_NO_STATUS 18 | #include 19 | #undef WIN32_NO_STATUS 20 | 21 | #include "winguestdll.h" 22 | #include "drvinstall.h" 23 | 24 | #pragma warning(disable:4214) // disable bit field types other than int warning 25 | #pragma warning(disable:4201) // disable nameless struct warning 26 | #include "libapis.h" 27 | #pragma warning(default:4201) // enable nameless struct warning 28 | #pragma warning(default:4214) // enable bit field types other than int warning 29 | 30 | typedef struct _WINGUEST_IMPORTS 31 | { 32 | // 33 | // winguestdll.h 34 | // 35 | PFUNC_WinguestInitialize Initialize; 36 | PFUNC_WinguestUninitialize Uninitialize; 37 | 38 | // 39 | // drvinstall.h 40 | // 41 | PFUNC_WinguestInstallDriver InstallDriver; 42 | PFUNC_WinguestUninstallDriver UninstallDriver; 43 | 44 | // 45 | // libapis.h 46 | // 47 | PFUNC_WinguestNtStatusToString NtStatusToString; 48 | PFUNC_WinguestSetPath SetPath; 49 | PFUNC_WinguestConfigureHypervisor ConfigureHypervisor; 50 | PFUNC_WinguestConnectToDriver ConnectToDriver; 51 | PFUNC_WinguestDisconnectFromDriver DisconnectFromDriver; 52 | PFUNC_WinguestSetProtectedProcess SetProtectedProcess; 53 | PFUNC_WinguestConfigureLoadMonitor ConfigureLoadMonitor; 54 | PFUNC_WinguestControlModule ControlModule; 55 | PFUNC_WinguestGetHvStatus GetHvStatus; 56 | PFUNC_WinguestQueryModule QueryModule; 57 | PFUNC_WinguestGetMissingFeatures GetMissingFeatures; 58 | PFUNC_WinguestConfigureFeedback ConfigureFeedback; 59 | PFUNC_WinguestRegisterCallback RegisterCallback; 60 | }WINGUEST_IMPORTS; 61 | extern WINGUEST_IMPORTS Winguest; 62 | 63 | /**/ NTSTATUS ImportsInit(VOID); 64 | /**/ NTSTATUS ImportsUninit(VOID); 65 | 66 | #endif // !_IMPORTS_H_ 67 | -------------------------------------------------------------------------------- /_external/codex/src/shared/native/base/compiler_dependent/memlib/X64/CxMemScan.asm: -------------------------------------------------------------------------------- 1 | ;------------------------------------------------------------------------------ 2 | ; 3 | ; Copyright (c) 2006 - 2008, Intel Corporation. All rights reserved.
4 | ; This program and the accompanying materials 5 | ; are licensed and made available under the terms and conditions of the BSD License 6 | ; which accompanies this distribution. The full text of the license may be found at 7 | ; http://opensource.org/licenses/bsd-license.php. 8 | ; 9 | ; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 10 | ; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 11 | ; 12 | ; 13 | ;------------------------------------------------------------------------------ 14 | 15 | .code 16 | 17 | ;------------------------------------------------------------------------------ 18 | ; CONST VOID * 19 | ; EFIAPI 20 | ; CxMemScanXX ( 21 | ; IN CONST VOID *Buffer, 22 | ; IN UINTN Length, 23 | ; IN UINTXX Value 24 | ; ); 25 | ;------------------------------------------------------------------------------ 26 | CxMemScan8Basic64 PROC USES rdi 27 | mov rdi, rcx 28 | mov rcx, rdx 29 | mov rax, r8 30 | repne scasb 31 | lea rax, [rdi - 1] 32 | cmovnz rax, rcx ; set rax to 0 if not found 33 | ret 34 | CxMemScan8Basic64 ENDP 35 | 36 | CxMemScan16Basic64 PROC USES rdi 37 | mov rdi, rcx 38 | mov rax, r8 39 | mov rcx, rdx 40 | repne scasw 41 | lea rax, [rdi - 2] 42 | cmovnz rax, rcx 43 | ret 44 | CxMemScan16Basic64 ENDP 45 | 46 | 47 | CxMemScan32Basic64 PROC USES rdi 48 | mov rdi, rcx 49 | mov rax, r8 50 | mov rcx, rdx 51 | repne scasd 52 | lea rax, [rdi - 4] 53 | cmovnz rax, rcx 54 | ret 55 | CxMemScan32Basic64 ENDP 56 | 57 | 58 | CxMemScan64Basic64 PROC USES rdi 59 | mov rdi, rcx 60 | mov rax, r8 61 | mov rcx, rdx 62 | repne scasq 63 | lea rax, [rdi - 8] 64 | cmovnz rax, rcx 65 | ret 66 | CxMemScan64Basic64 ENDP 67 | 68 | 69 | END 70 | -------------------------------------------------------------------------------- /include/common/boot/bootdefs.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /** @file bootdefs.h 7 | * @brief BOOT - generic definitions for boot phase 8 | */ 9 | #ifndef _BOOT_DEFS_H_ 10 | #define _BOOT_DEFS_H_ 11 | 12 | // include also CPU features stuff, but only after common definitions 13 | #include "common/boot/cpu_features.h" 14 | #include "common/boot/loader_interface.h" 15 | #include "public/dacia_types.h" 16 | 17 | /// @brief Max boot physical memory-map entry count 18 | #define BOOT_MAX_PHY_MEM_COUNT 512 19 | 20 | /// @brief Maximum number of supported CPUs 21 | #define BOOT_MAX_CPU_COUNT 64 22 | 23 | /// @brief The maximum number of memory zones that the hypervisor can take. 24 | /// 25 | /// HV shouldn't allocate too many entries if the memory sent by the loader isn't fragmented 26 | /// 27 | #define BOOT_MAX_HV_ZONE_COUNT 1024 28 | 29 | /// @brief BOOT flags 30 | enum 31 | { 32 | BIF_HV_ZONE_MAPS_ONLY_KZ = 0x00000002U ///< We have reserved HV zone in memory map 33 | }BOOT_FLAGS; 34 | 35 | /// @brief Boot information passed from the loader 36 | typedef struct _BOOT_INFO { 37 | struct 38 | { 39 | CX_UINT16 PhyMemCount; ///< Number of entries in E820 memory map 40 | CX_UINT32 CpuCount; ///< Number of available CPUs found parsing the MADT table 41 | CX_UINT32 PredetCpuCount; ///< How many ACTIVE CPUs were there at load time 42 | CX_UINT32 Flags; ///< Flags from #BOOT_FLAGS 43 | }; 44 | 45 | MEM_MAP_ENTRY PhyMemMap[BOOT_MAX_PHY_MEM_COUNT]; ///< Physical memory map prepared by the loader 46 | CPU_ENTRY CpuMap[BOOT_MAX_CPU_COUNT]; ///< Array of structures that describe the features of each processor 47 | 48 | LD_POINTER_MEMBER(HV_MEM_MAP, HvMemMap); ///< Hypervisor memory 49 | 50 | } BOOT_INFO; 51 | 52 | #pragma pack(push) 53 | #pragma pack(1) 54 | 55 | /// @brief Information used to boot using GRUB 56 | typedef struct 57 | { 58 | CX_UINT8 GrubBoot; 59 | CX_UINT8 BootDrive; 60 | CX_UINT8 BootSector; 61 | }GRUB_INFO; 62 | 63 | #pragma pack(pop) 64 | 65 | #endif // _BOOT_DEFS_H_ 66 | -------------------------------------------------------------------------------- /napoca/include/communication/guestcommands.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | 7 | #ifndef _GUESTCOMMANDS_H_ 8 | #define _GUESTCOMMANDS_H_ 9 | 10 | #include "core.h" 11 | #include "guests/guests.h" 12 | #include "common/communication/commands.h" 13 | 14 | NTSTATUS 15 | MsgFastOpt( 16 | _In_ GUEST* Guest, 17 | _In_ COMMAND_CODE CommandCode, 18 | _In_ QWORD Param1, 19 | _In_ QWORD Param2, 20 | _In_ QWORD Param3, 21 | _In_ QWORD Param4, 22 | _Out_ QWORD* OutParam1, 23 | _Out_ QWORD* OutParam2, 24 | _Out_ QWORD* OutParam3, 25 | _Out_ QWORD* OutParam4 26 | ); 27 | 28 | NTSTATUS 29 | MsgDriverCheckCompatWithNapoca( 30 | CMD_CHECK_COMPATIBILITY *Message 31 | ); 32 | 33 | NTSTATUS 34 | MsgGetComponentVersion( 35 | CMD_GET_COMPONENT_VERSION *Message, 36 | GUEST* Guest 37 | ); 38 | 39 | NTSTATUS 40 | MsgGetLogsHv( 41 | CMD_GET_LOGS *Message 42 | ); 43 | 44 | NTSTATUS 45 | MsgGetHostCrValues( 46 | CMD_GET_CR_VALUES *Message 47 | ); 48 | 49 | NTSTATUS 50 | MsgGetCpuSmxAndVirtFeat( 51 | CMD_GET_CPU_SMX_VIRT_FEATURES *Message 52 | ); 53 | 54 | NTSTATUS 55 | MsgGetCfgItemData( 56 | CMD_GET_CFG_ITEM_DATA *Message 57 | ); 58 | 59 | NTSTATUS 60 | MsgSetCfgItemData( 61 | CMD_SET_CFG_ITEM_DATA *Message 62 | ); 63 | 64 | NTSTATUS 65 | MsgSendDbgCommand( 66 | CMD_SEND_DBG_COMMAND *Message 67 | ); 68 | 69 | NTSTATUS 70 | MsgIntroFlags( 71 | CMD_INTRO_FLAGS *Message, 72 | GUEST* Guest 73 | ); 74 | 75 | NTSTATUS 76 | MsgSetProtectedProcess( 77 | CMD_SET_PROTECTED_PROCESS *Message, 78 | GUEST* Guest 79 | ); 80 | 81 | NTSTATUS 82 | MsgAddExceptionFromAlert( 83 | CMD_ADD_EXCEPTION_FROM_ALERT *Message, 84 | GUEST* Guest 85 | ); 86 | 87 | NTSTATUS 88 | MsgRemoveException( 89 | CMD_REMOVE_EXCEPTION *Message, 90 | GUEST* Guest 91 | ); 92 | 93 | NTSTATUS 94 | MsgIntroGuestInfo( 95 | CMD_GUEST_INFO *Message, 96 | GUEST* Guest 97 | ); 98 | 99 | #endif // ifndef _GUESTCOMMANDS_H_ 100 | -------------------------------------------------------------------------------- /napoca/kernel/gs_utils.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #include "kernel/kernel.h" 7 | 8 | extern CX_UINT64 __security_cookie; 9 | 10 | #define MAX_SUPPORTED_STACK_FRAME_SIZE (16 * CX_KILO) ///< Maximum supported stack size 11 | 12 | CX_STATUS 13 | GsUtilsNotifyStackChange( 14 | _In_ _Inout_updates_bytes_(StackSize) 15 | CX_VOID *OldStackTop, 16 | _In_ _Inout_updates_bytes_(StackSize) 17 | CX_VOID *NewStackTop, 18 | _In_ CX_UINT64 StackSize 19 | ) 20 | { 21 | UNREFERENCED_PARAMETER(StackSize); 22 | if (OldStackTop == CX_NULL) return STATUS_GS_INVALID_OLD_STACK; 23 | if (NewStackTop == CX_NULL) return STATUS_GS_INVALID_NEW_STACK; 24 | if (PAGE_OFFSET((CX_SIZE_T)OldStackTop) != PAGE_OFFSET((CX_SIZE_T)NewStackTop)) return STATUS_GS_INEQUAL_STACK_OFFSETS; 25 | 26 | CX_VOID *newRsp = _AddressOfReturnAddress(); 27 | CX_UINT64 *oldStack = (CX_UINT64 *)((CX_SIZE_T)OldStackTop + (CX_SIZE_T)newRsp - (CX_SIZE_T)NewStackTop); 28 | CX_UINT64 *newStack = (CX_UINT64 *)(newRsp); 29 | CX_UINT32 totalStackEntries = (CX_UINT32)(((CX_SIZE_T)OldStackTop - (CX_SIZE_T)oldStack) / sizeof(CX_UINT64)); 30 | 31 | for (CX_UINT32 i = 0; i < totalStackEntries; i++) 32 | { 33 | // the value of each cookie = __security_cookie xor (it's address + some delta) 34 | // find the delta by xoring the cookie back with __security_cookie and subtracting its address => if the resulting delta 35 | // is small enough, it is highly likely (based on how "random" the __security_cookie value is) this is indeed a cookie and 36 | // we can reuse the delta for relocating the cookie to its new address (on the new stack) 37 | 38 | CX_INT64 rspCookieDelta = (oldStack[i] ^ __security_cookie) - ((CX_INT64)&oldStack[i]); 39 | if (CX_ABS(rspCookieDelta) < MAX_SUPPORTED_STACK_FRAME_SIZE) 40 | { 41 | CX_UINT64 newCookie = __security_cookie ^ (((CX_SIZE_T)&newStack[i]) + rspCookieDelta); 42 | oldStack[i] = newStack[i] = newCookie; 43 | } 44 | } 45 | 46 | return CX_STATUS_SUCCESS; 47 | } 48 | 49 | #ifdef DEBUG 50 | 51 | // unused 52 | void __chkstk(void) {} 53 | 54 | #endif // DEBUG 55 | -------------------------------------------------------------------------------- /napoca/include/kernel/recspinlock.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #pragma once 7 | 8 | // Recursive (Re-entrant) Spinlock 9 | 10 | #include "spinlock.h" 11 | 12 | typedef struct _RECSPINLOCK 13 | { 14 | SPINLOCK Lock; ///< Internal Spinlock 15 | 16 | QWORD OwnerId; ///< Current owner to allow recursive re-acquires 17 | 18 | volatile DWORD EntryCount; ///< Current number of acquires 19 | DWORD MaxEntryCountHint; ///< Maximum number of concurrent acquires 20 | } RECSPINLOCK, *PRECSPINLOCK; 21 | 22 | void 23 | RecSpinlockInit2( 24 | _Out_ RECSPINLOCK *Spinlock, 25 | _In_ DWORD MaxEntryCount, 26 | _In_ PCHAR Name, 27 | _In_ PCHAR File, 28 | _In_ DWORD Line 29 | ); 30 | 31 | void 32 | RecSpinlockAcquire2( 33 | _Inout_ RECSPINLOCK *Spinlock, 34 | _In_ BOOLEAN Interruptible, 35 | _In_ PCHAR File, 36 | _In_ DWORD Line 37 | ); 38 | 39 | BOOLEAN 40 | RecSpinlockTryAcquire2( 41 | _Inout_ RECSPINLOCK *Spinlock, 42 | _In_ BOOLEAN Interruptible, 43 | _In_ PCHAR File, 44 | _In_ DWORD Line 45 | ); 46 | 47 | void 48 | RecSpinlockRelease2( 49 | _Inout_ RECSPINLOCK *Spinlock, 50 | _In_ PCHAR File, 51 | _In_ DWORD Line 52 | ); 53 | 54 | #define HvInitRecSpinLock(Spinlock, MaxEntryHint, Name) RecSpinlockInit2(Spinlock, MaxEntryHint, Name, __FILE__, __LINE__) 55 | #define HvAcquireRecSpinLock(Spinlock) RecSpinlockAcquire2(Spinlock, TRUE, __FILE__, __LINE__) 56 | #define HvAcquireRecSpinLockNoInterrupts(Spinlock) RecSpinlockAcquire2(Spinlock, FALSE, __FILE__, __LINE__) 57 | #define HvTryToAcquireRecSpinLock(Spinlock) RecSpinlockTryAcquire2(Spinlock, TRUE, __FILE__, __LINE__) 58 | #define HvTryToAcquireRecSpinLockNoInterrupts(Spinlock) RecSpinlockTryAcquire2(Spinlock, FALSE, __FILE__, __LINE__) 59 | #define HvReleaseRecSpinLock(Spinlock) RecSpinlockRelease2(Spinlock, __FILE__, __LINE__) 60 | 61 | -------------------------------------------------------------------------------- /napoca/include/kernel/newcore.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _NEWCORE_H_ 7 | #define _NEWCORE_H_ 8 | 9 | /// \addtogroup core 10 | /// @{ 11 | 12 | #include "kernel/kerneldefs.h" 13 | #include "kernel/vcpu.h" 14 | 15 | /// @brief The main routine before VMENTRY/VMLAUNCH 16 | /// 17 | /// This is called by both the BSP and AP processors, being effectively the core of PHASE 3. Constantly tries to 18 | /// get a VCPU to be executed on the current PCPU. If no schedulable VCPU is found, the physical CPU is halted (HLT). 19 | /// This routine is called also after each VMX VmExit (after the exit reason is handled) to switch back to VM guest. 20 | /// 21 | /// @returns Never 22 | void 23 | HvPcpuRootMainCycle( 24 | void 25 | ); 26 | 27 | /// @brief The assembly part of the common exit handler 28 | void 29 | HvVmxHandleVmExitAsm( 30 | void 31 | ); 32 | 33 | 34 | /// @brief Common part of (almost) all exit handlers 35 | /// 36 | /// This is called from the ASM part of the VMX VmExit handler (HvVmxHandleVmExitAsm) on a successful VmExit (on failure, 37 | /// HvVmxLaunchOrResumeFailed is called instead). 38 | /// 39 | /// @param[in] Vcpu The VCPU structure on which the exit occurred 40 | void 41 | HvVmxHandleVmExitCommon( 42 | _In_ VCPU* Vcpu 43 | ); 44 | 45 | /// @brief The assembly part of switching back/back to the guest 46 | void 47 | HvVmxSwitchFromHostToVmGuest( 48 | void 49 | ); 50 | 51 | /// @brief The assembly part of switching back to the guest, and expecting to get the control back where the function call was issues 52 | void 53 | HvVmxSwitchFromHostToVmGuestWithContinuation( 54 | void 55 | ); 56 | 57 | /// @brief Called if the VMLAUNCH or the VMRESUM failed 58 | /// 59 | /// IMPORTANT: take care, because the full register set is NOT saved to ArchRegs, only part of it (take a look to kernel_vmx.nasm) 60 | /// 61 | /// @param[in] Vcpu The VCPU structure on which the failure occurred 62 | /// @param[in] ErrorNumber Should contain the failure's reason 63 | /// 64 | /// @returns Should not! 65 | void 66 | HvVmxLaunchOrResumeFailed( 67 | _In_ VCPU* Vcpu, 68 | _In_ QWORD ErrorNumber 69 | ); 70 | 71 | /// @} 72 | 73 | #endif // _NEWCORE_H_ 74 | 75 | -------------------------------------------------------------------------------- /napoca/include/introspection/introengine.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /// @addtogroup introspection 7 | ///@{ 8 | 9 | /** @file introengine.h 10 | * @brief INTROENGINE - hypervisor introspection initialization. 11 | * 12 | */ 13 | 14 | #ifndef _INTROENGINE_H 15 | #define _INTROENGINE_H 16 | 17 | #include "napoca.h" 18 | 19 | /// 20 | /// @brief Initializes the memory introspection engine core and the interfaces corresponding to the engine (Glue/Upper Interfaces) 21 | /// 22 | /// If LoadNewProtectedGuest is TRUE, memory introspection engine will be started for the primary guest (update cases when it's already loaded), 23 | /// otherwise only the interfaces are set up. Introspection can be started only when the Guest is loaded. FALSE case is applied on on-the-fly 24 | /// updates where there is no necessity in loading a new protected guest if it is already loaded and protected. 25 | /// 26 | /// @param[in] IntroModuleCallbacks A HV_INTRO_MODULE_INTERFACE structure, already initialized with the basic callbacks of the intro module. 27 | /// @param[in] LoadNewProtectedGuest TRUE if the engine must be started for the primary guest or FALSE if not. 28 | /// 29 | /// @returns CX_STATUS_SUCCESS - if everything went with success. 30 | /// @returns CX_STATUS_INVALID_PARAMETER_1 - if the CPU doesn't supports EPT execute only pages 31 | /// @returns CX_STATUS_INVALID_INTERNAL_STATE - if IntroModuleCallbacks is NULL or is not completed correctly (MinRequirements) or if 32 | /// the current Guest pointer is not valid 33 | /// @returns CX_STATUS_OPERATION_NOT_SUPPORTED - if Introcore version is not compatible or not present. 34 | /// @returns CX_STATUS_INVALID_INTERNAL_STATE - if IntInit was successful, but the callbacks NewGuestNotification and DisableIntro were not 35 | /// populated inside the GLUEIFACE structure by introcore 36 | /// @returns OTHER - other NTSTATUS values returned by Intro initialization callbacks or by NewGuestNotifications 37 | /// 38 | NTSTATUS 39 | NapIntFullInit( 40 | _In_ PVOID IntroModuleCallbacks, 41 | _In_ BOOLEAN LoadNewProtectedGuest 42 | ); 43 | 44 | #endif // _INTROENGINE_H 45 | 46 | 47 | ///@} -------------------------------------------------------------------------------- /winguest_sample/winguest_sample.vcxproj.filters: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hh;hpp;hxx;hm;inl;inc;ipp;xsd 11 | 12 | 13 | {67DA6AB6-F800-4c08-8B7A-83BB121AAD01} 14 | rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms 15 | 16 | 17 | {7853377f-326e-4c19-9d11-889c0fdb58b1} 18 | 19 | 20 | {5b757c0d-08f1-4aed-9205-683e22fbdb93} 21 | 22 | 23 | {b50c8e77-7750-48a8-90f0-8a65b3f70379} 24 | 25 | 26 | {31b40827-07c2-418d-b1cc-fd0912c02fd4} 27 | 28 | 29 | 30 | 31 | Source Files 32 | 33 | 34 | Source Files\cmdline 35 | 36 | 37 | Source Files\dll_utils 38 | 39 | 40 | Source Files\dll_utils 41 | 42 | 43 | 44 | 45 | Header Files\cmdline 46 | 47 | 48 | Header Files\dll_utils 49 | 50 | 51 | Header Files\dll_utils 52 | 53 | 54 | -------------------------------------------------------------------------------- /_external/codex/inc/shared/native/data_structures/cx_interlocked_static_queue.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // 7 | // Offers a CX_QUEUE_INTERFACE as an interlocked statically (pre) allocated queue, 8 | // implemented as a circular buffer / ring buffer 9 | // 10 | #ifndef _CX_INTERLOCKED_STATIC_QUEUE_H_ 11 | #define _CX_INTERLOCKED_STATIC_QUEUE_H_ 12 | 13 | #include "cx_native.h" 14 | #include "base/cx_synchronization.h" 15 | 16 | #include "interfaces/data_structures/cx_addremove_interface.h" 17 | #include "interfaces/data_structures/cx_queue_interface.h" 18 | 19 | #pragma warning(push) 20 | #pragma warning(disable:4214) // nonstandard extension used: bit field types other than int 21 | typedef union 22 | { 23 | // pack the relevant fields into a UINT64 bitfield to support interlocked operations 24 | volatile CX_UINT64 Raw; 25 | struct 26 | { 27 | volatile CX_UINT64 NumberOfPopulatedEntries : 21; // 2^21 = 2 mega entries 28 | volatile CX_UINT64 Head : 21; 29 | volatile CX_UINT64 Tail : 21; 30 | volatile CX_UINT64 _reserved : 1; // 21 * 3 = 63 bits 31 | }BitField; 32 | }CX_INTERLOCKED_STATIC_QUEUE_CONTROL_DATA; 33 | #pragma warning(pop) 34 | 35 | 36 | typedef struct _CX_INTERLOCKED_STATIC_QUEUE_DATA 37 | { 38 | CX_QUEUE_INTERFACE Interface; 39 | CX_UINT64 *QueueBuffer; 40 | CX_INTERLOCKED_STATIC_QUEUE_CONTROL_DATA ControlData; 41 | CX_UINT32 NumberOfEntries; 42 | CX_ONCE_INIT0 Initialized; 43 | }CX_INTERLOCKED_STATIC_QUEUE_DATA; 44 | 45 | 46 | CX_STATUS 47 | CxInterlockedStaticQueueInit( 48 | _Out_ CX_INTERLOCKED_STATIC_QUEUE_DATA *LocklessStaticQueue, // you must allocate such an item and this function will initialize it 49 | _In_ PCX_VOID QueueBuffer, // your data buffer for the table 50 | _In_ CX_UINT32 QueueBufferSizeInBytes, 51 | __out_opt CX_QUEUE_INTERFACE **Queue // receive a generic queue 'object' 52 | ); 53 | 54 | 55 | 56 | // a macro for correctly finding out how much memory such a queue requires 57 | #define CX_INTERLOCKED_STATIC_QUEUE_BUFFER_SIZE(NumberOfElements) (sizeof(CX_UINT64) * (NumberOfElements)) 58 | 59 | #endif // _CX_INTERLOCKED_STATIC_QUEUE_H_ 60 | -------------------------------------------------------------------------------- /napoca/include/base/refcount.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | // REFCOUNT - minimal reference counting and free-after-last-dereference for runtimelib-like objects 7 | 8 | #ifndef _REFCOUNT_H_ 9 | #define _REFCOUNT_H_ 10 | 11 | 12 | // 13 | // FreeObject Callback 14 | // 15 | typedef NTSTATUS (*PFUNC_FreeObject)(_In_ PVOID Object); 16 | 17 | // 18 | // Flags 19 | // 20 | #define RFC_FLAG_INITIALIZED 0x00000001 21 | #define RFC_FLAG_STATIC 0x00000002 22 | #define RFC_FLAG_DONT_CHECK_0_TO_1 0x00000004 23 | 24 | // 25 | // Object Type Masks 26 | // 27 | #define RFC_MASK_REF_COUNT_RESERVED 0x000000FF 28 | #define RFC_MASK_OBJECT_TYPE 0x0000FF00 29 | #define RFC_MASK_OBJECT_TYPE_MAJOR 0x00000F00 30 | #define RFC_MASK_OBJECT_TYPE_MINOR 0x0000F000 31 | #define RFC_MASK_CUSTOM 0xFFFF0000 32 | #define RFC_MASK_ALLOWED_TO_SET (RFC_MASK_OBJECT_TYPE | RFC_MASK_CUSTOM) 33 | 34 | // 35 | // Structures 36 | // 37 | typedef struct _REF_COUNTER 38 | { 39 | DWORD ObjectType; // Unique ID to identify object type to which this REF_COUNT belongs to 40 | volatile DWORD Flags; // Per-object flags 41 | PFUNC_FreeObject FreeRoutine; // Optional routine to be used to free any non static object when ref-count reaches 0 42 | volatile __int32 RefCount; // Current reference count 43 | } REF_COUNTER, *PREF_COUNTER; 44 | 45 | // 46 | // prototypes 47 | // 48 | VOID 49 | RfcPreInit( 50 | _In_ PREF_COUNTER RefCnt 51 | ); 52 | 53 | NTSTATUS 54 | RfcInit( 55 | _In_ PREF_COUNTER RefCnt, 56 | _In_ DWORD Flags, 57 | _In_ DWORD ObjectType, 58 | _In_ PFUNC_FreeObject FreeRoutine 59 | ); 60 | 61 | NTSTATUS 62 | RfcUninit( 63 | _In_ PREF_COUNTER RefCnt 64 | ); 65 | 66 | PREF_COUNTER 67 | RfcReference( 68 | _In_ PREF_COUNTER RefCnt 69 | ); 70 | 71 | NTSTATUS 72 | RfcDereference( 73 | _Inout_ PREF_COUNTER *RefCnt 74 | ); 75 | 76 | // 77 | // Object Types (Major) - Mask: 0x00000F00 78 | // 79 | #define RFC_OBJ_TYPE_LIST 0x00000100 80 | /// ... 81 | 82 | // 83 | // Object Sub-types (Minor) - Mask: 0x0000F000 (for each Major Type) 84 | // 85 | 86 | // RFC_OBJ_TYPE_LIST 87 | #define RFC_OBJ_SUBTYPE_DLL_LIST 0x00001000 88 | #define RFC_OBJ_SUBTYPE_SLL_LIST 0x00002000 89 | #define RFC_OBJ_SUBTYPE_LRLW_LIST 0x00003000 90 | 91 | 92 | #endif // _REFCOUNT_H_ -------------------------------------------------------------------------------- /_external/codex/src/shared/native/wrappers/crt/wrapper_crt_memory.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifdef CRT_INC_SETTINGS_WRAPPER_CRT_MEMORY_C 7 | #include CRT_INC_SETTINGS_WRAPPER_CRT_MEMORY_C // define it to some .h file name/path if you want to provide settings 8 | #endif 9 | 10 | 11 | #include "crt/crt_crt.h" 12 | #include "base/cx_env.h" 13 | #include "crt/crt_memory.h" 14 | 15 | #ifdef CX_MSVC 16 | // those are the non-intrinsic fallback functions 17 | #ifdef CX_RELEASE_BUILD 18 | #pragma function(memcpy, memcmp, memset) 19 | #endif 20 | #endif 21 | 22 | #if ( !defined(CRT_SKIP_DEF_MEMCPY) && (!defined(CRT_DEFAULT_SKIP_WRAPPER_CRT_MEMORY_C_DEF) || defined(CRT_WANT_DEF_MEMCPY)) ) 23 | CX_VOID* __cdecl 24 | memcpy( 25 | __out_bcount_full_opt(Size) CX_VOID *Dest, 26 | __in_bcount_opt(Size) const CX_VOID *Source, 27 | _In_ CX_SIZE_T Size 28 | ) 29 | { 30 | return crt_memcpy(Dest, Source, Size); 31 | } 32 | #endif 33 | 34 | 35 | #if ( !defined(CRT_SKIP_DEF_MEMCMP) && (!defined(CRT_DEFAULT_SKIP_WRAPPER_CRT_MEMORY_C_DEF) || defined(CRT_WANT_DEF_MEMCMP)) ) 36 | CX_INT32 __cdecl 37 | memcmp( 38 | __in_bcount_opt(Size) const CX_VOID *Source1, 39 | __in_bcount_opt(Size) const CX_VOID *Source2, 40 | _In_ CX_SIZE_T Size 41 | ) 42 | { 43 | return crt_memcmp(Source1, Source2, Size); 44 | } 45 | #endif 46 | 47 | 48 | #if ( !defined(CRT_SKIP_DEF_MEMSET) && (!defined(CRT_DEFAULT_SKIP_WRAPPER_CRT_MEMORY_C_DEF) || defined(CRT_WANT_DEF_MEMSET)) ) 49 | #ifdef CX_GNUC 50 | __attribute__((optimize(2))) 51 | #endif 52 | CX_VOID* __cdecl 53 | memset( 54 | __out_bcount_full_opt(Size) CX_VOID *Dest, 55 | _In_ CX_INT32 Value, 56 | _In_ CX_SIZE_T Size 57 | ) 58 | { 59 | return crt_memset(Dest, Value, Size); 60 | } 61 | #endif 62 | 63 | #if ( !defined(CRT_SKIP_DEF_MEMCPY_S) && (!defined(CRT_DEFAULT_SKIP_WRAPPER_CRT_MEMORY_C_DEF) || defined(CRT_WANT_DEF_MEMCPY_S)) ) 64 | CX_VOID* __cdecl 65 | memcpy_s( 66 | __out_bcount_full_opt(Size) CX_VOID *Dest, 67 | _In_ CX_SIZE_T SizeInBytes, 68 | __in_bcount_opt(Size) const CX_VOID *Source, 69 | _In_ CX_SIZE_T Size) 70 | { 71 | return crt_memcpy_s(Dest, SizeInBytes, Source, Size); 72 | } 73 | #endif 74 | 75 | 76 | #if ( !defined(CRT_SKIP_DEF_MEMZERO) && (!defined(CRT_DEFAULT_SKIP_WRAPPER_CRT_MEMORY_C_DEF) || defined(CRT_WANT_DEF_MEMZERO)) ) 77 | CX_VOID* __cdecl 78 | memzero( 79 | __out_bcount_full_opt(Size) CX_VOID *Dest, 80 | _In_ CX_SIZE_T Size 81 | ) 82 | { 83 | return crt_memzero(Dest, Size); 84 | } 85 | #endif 86 | 87 | 88 | -------------------------------------------------------------------------------- /napoca/kernel/vcpu64.nasm: -------------------------------------------------------------------------------- 1 | ; 2 | ; Copyright (c) 2020 Bitdefender 3 | ; SPDX-License-Identifier: Apache-2.0 4 | ; 5 | 6 | ;; 7 | ;; MUST be keept in sync with states from VCPU.H 8 | ;; 9 | STRUC ARCHREGS 10 | .RAX resq 1 11 | .RCX resq 1 12 | .RDX resq 1 13 | .RBX resq 1 14 | .RSP resq 1 15 | .RBP resq 1 16 | .RSI resq 1 17 | .RDI resq 1 18 | .R8 resq 1 19 | .R9 resq 1 20 | .R10 resq 1 21 | .R11 resq 1 22 | .R12 resq 1 23 | .R13 resq 1 24 | .R14 resq 1 25 | .R15 resq 1 26 | .DR7 resq 1 27 | .RFLAGS resq 1 28 | .RIP resq 1 29 | .CR0 resq 1 30 | .CR2 resq 1 31 | .CR3 resq 1 32 | .CR4 resq 1 33 | .CR8 resq 1 ;; *NOT AUTOMATICALLY SAVED* 34 | .XCR0 resq 1 ;; *NOT AUTOMATICALLY SAVED* 2012/08/18 35 | .IDTRBASE resq 1 36 | .IDTRLIMIT resw 1 37 | ._RESW1 resw 1 38 | ._RESD1 resd 1 39 | .GDTRBASE resq 1 40 | .GDTRLIMIT resw 1 41 | ._RESW2 resw 1 42 | ._RESD2 resd 1 43 | .DR6 resq 1 44 | ._RESERVED resq 2 45 | ENDSTRUC 46 | 47 | VCPU_STATE_INVALID EQU 0 48 | VCPU_STATE_NOT_ACTIVE EQU 1 49 | VCPU_STATE_ACTIVE EQU 2 50 | VCPU_STATE_ERROR EQU 3 51 | VCPU_STATE_TOTAL_VALUES EQU 4 52 | 53 | MAX_AUTO_STORED_MSR_COUNT EQU 32 54 | 55 | STRUC MSR_ENTRY 56 | .Msr resd 1 57 | .Flags resd 1 58 | .Value resq 1 59 | ENDSTRUC 60 | 61 | STRUC VCPU 62 | .State resw 1 63 | .Schedulable resb 1 64 | .Pcpu resq 1 65 | 66 | .Guest resq 1 67 | .GuestExitRoutine resq 1 68 | .ExitCounter resq 1 69 | .Vpid resw 1 70 | .GuestIndex resb 1 71 | .GuestCpuIndex resb 1 72 | 73 | .LapicId resd 1 74 | .LastExitTsc resq 1 75 | .LastEntryTsc resq 1 76 | .PrevInHostTscDuration resq 1 77 | .PrevInGuestTscDuration resq 1 78 | .LinearTsc resq 1 79 | .VirtualTsc resq 1 80 | 81 | .ArchRegs resb ARCHREGS_size 82 | 83 | .ExtState resq 1 84 | .RestoreExtState resb 1 85 | 86 | .GuestHaltedCsRip resq 1 87 | .TimesHalted resq 1 88 | .IsInactive resb 1 89 | ENDSTRUC 90 | -------------------------------------------------------------------------------- /winguest/common/reg_opts.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | 7 | #ifndef _REG_OPTS_H_ 8 | #define _REG_OPTS_H_ 9 | 10 | #define REG_SUBKEY_SYSTEM_PARTITION L"SYSTEM\\Setup" // ! subkey of HKLM 11 | #define REG_VALUE_SYSTEM_PARTITION L"SystemPartition" // REG_SZ 12 | 13 | // DACIA key paths 14 | #define REG_SUBKEY_GENERAL_SETTINGS L"Software\\DACIA" // ! subkey of HKLM 15 | #define REG_KEY_SOFTWARE_UM L"Software" 16 | 17 | /// KERNEL MODE 18 | 19 | #define REG_VALUE_REINIT_MAX_CALL_COUNT L"ReinitMaxCallCount" 20 | #define REG_VALUE_RESERVE_HVLOG_BUFFER L"ReserveHvLogBuffer" 21 | 22 | /// USER MODE 23 | 24 | // general settings 25 | #define REG_VALUE_EVENT_TIMER_GRANULARITY L"EventTimerGranularity" // REG_DWORD (default value set by winguestdll) 26 | #define REG_VALUE_FEEDBACK_CLEANUP_GRANULARITY L"FeedbackCleanupInterval" // REG_DWORD (default value set by winguestdll) 27 | #define REG_VALUE_HV_CONFIG_CHECK_INTERVAL L"HvConfigCheckInterval" // REG_DWORD (default value set by winguestdll) 28 | #define REG_VALUE_CONFIG_LEGACY_INSTALL_PARTITION L"ConfigLegacyInstallPartition" // REG_SZ (value set by the legacy configuration code) 29 | #define REG_VALUE_HV_CONFIGURATION L"HvConfiguration" 30 | #define REG_VALUE_CHANGES_LIST L"ChangeList" // REG_BINARY (serialized list of hashes based on installer.cfg entries) 31 | 32 | // paths 33 | #define REG_VALUE_SDK_BASE_PATH L"SDKBasePath" 34 | #define REG_VALUE_UPDATES_INTRO_PATH L"IntroUpdatesPath" 35 | #define REG_VALUE_FEEDBACK_PATH L"FeedbackPath" 36 | 37 | // other 38 | #define REG_KEY_LOADER_RESERVED_PHYSICAL_MEMORY_MAP L"\\REGISTRY\\MACHINE\\HARDWARE\\RESOURCEMAP\\System Resources\\Loader Reserved" 39 | #define REG_VALUE_LOADER_RESERVED_MEMORY_MAP L".Raw" 40 | 41 | #define REG_KEY_SERVICES L"\\REGISTRY\\MACHINE\\SYSTEM\\CurrentControlSet\\Services" 42 | #define REG_SUBKEY_SMBIOS L"System\\CurrentControlSet\\services\\mssmbios\\data\\" // ! subkey of HKLM 43 | 44 | #define REG_SUBKEY_WINDOWS_VERSION L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion" 45 | #define REG_VALUE_UPDATE_BUILD_REVISION L"UBR" 46 | 47 | #endif //_REG_OPTS_H_ -------------------------------------------------------------------------------- /napoca/include/boot/boot.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _BOOT_H_ 7 | #define _BOOT_H_ 8 | 9 | #include "boot/multiboot.h" 10 | #include "common/boot/loader_interface.h" 11 | #include "common/boot/bootdefs.h" 12 | #include "common/boot/cpu_features.h" 13 | 14 | // 15 | // BOOT related global vars 16 | // 17 | 18 | extern BOOT_INFO *gBootInfo; 19 | 20 | /// @brief E820 map prepared by our loader, usable during initializations 21 | extern CX_VOID *gTempE820; 22 | 23 | /// @brief Used when some CPU has failed its initializations and is requesting full HV unload 24 | extern volatile CX_BOOL gNeedToUnload; 25 | 26 | extern LD_LOADER_CUSTOM *gLoaderCustom; 27 | 28 | /// @brief Identifies various boot modes of the hypervisor (UEFI, Legacy, PXE...) 29 | extern BOOT_MODE gBootMode; 30 | 31 | extern LD_BOOT_CONTEXT *gBootContext; 32 | 33 | extern LD_NAPOCA_MODULE gBootModules[LD_MAX_MODULES]; 34 | 35 | extern LD_MEM_BUFFER *gTempMem; 36 | 37 | static 38 | __forceinline 39 | BOOT_MODE 40 | HvGetBootMode( 41 | void 42 | ) 43 | { 44 | return gBootMode; 45 | } 46 | 47 | static 48 | __forceinline 49 | void 50 | HvSetBootMode( 51 | BOOT_MODE BootMode 52 | ) 53 | { 54 | gBootMode = BootMode; 55 | } 56 | 57 | /// @brief We were booted in a Legacy Boot environment by Mbr loading 58 | #define BOOT_MBR (HvGetBootMode() == bootMbr) 59 | 60 | /// @brief We were booted in a Legacy Boot environment by boot through PXE 61 | #define BOOT_MBR_PXE (HvGetBootMode() == bootMbrPxe) 62 | 63 | /// @brief We were booted by a UEFI firmware 64 | #define BOOT_UEFI (HvGetBootMode() == bootUefi) 65 | 66 | /// @brief We were booted through PXE in a UEFI manner 67 | #define BOOT_UEFI_PXE (HvGetBootMode() == bootUefiPxe) 68 | 69 | /// @brief Loader already running in a multi-processor environment 70 | #define BOOT_OPT_MULTIPROCESSOR (BOOT_UEFI) 71 | 72 | /// @brief The loader was started in a 64 bit environment 73 | #define BOOT_OPT_64BIT_ENVIRONMENT (BOOT_UEFI) 74 | 75 | /// @brief Legacy BIOS environment 76 | #define BOOT_OPT_BIOS_ENVIRONMENT (!(BOOT_UEFI)) 77 | 78 | /// @brief If the VGA memory is accessible/usable 79 | #define BOOT_OPT_VGA_MEM BOOT_OPT_BIOS_ENVIRONMENT 80 | 81 | /// @brief The number of CPUs which were find in the system, used for waiting to all of them in different stages 82 | #define CPU_COUNT_TO_WAIT (gBootInfo->CpuCount) 83 | 84 | 85 | #endif // _BOOT_H_ 86 | -------------------------------------------------------------------------------- /_external/codex/inc/km/cxqueuekernel.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef __CXQUEUEKERNEL_H__ 7 | #define __CXQUEUEKERNEL_H__ 8 | 9 | #include "cxqueuetypes.h" 10 | 11 | #ifdef __cplusplus 12 | extern "C" { 13 | #endif 14 | 15 | typedef 16 | NTSTATUS 17 | (*PFUNC_CommClientConnected)( 18 | _In_ PVOID/*WDFFILEOBJECT*/ WdfFileObject, 19 | _In_ ULONG ProcessId 20 | ); 21 | 22 | typedef 23 | NTSTATUS 24 | (*PFUNC_CommClientDisconected)( 25 | _In_ PVOID/*WDFFILEOBJECT*/ WdfFileObject 26 | ); 27 | 28 | typedef 29 | NTSTATUS 30 | (*PFUNC_CommReceiveData) ( 31 | _In_ PVOID/*WDFFILEOBJECT*/ WdfFileObject, 32 | _In_ PVOID InputBuffer, 33 | _In_ UINT32 InputBufferLength, 34 | __out_opt PVOID OutputBuffer, 35 | _In_opt_ UINT32 OutputBufferLength, 36 | _Out_ UINT32* BytesReturned 37 | ); 38 | 39 | #pragma pack(push, 8) 40 | 41 | typedef struct _COMM_INIT_DATA 42 | { 43 | UINT32 Version; // version information 44 | UINT32 Flags; // Customization flags 45 | PWCHAR NativeDeviceName; // Device name in the form \device\xxxxx 46 | PWCHAR UserDeviceName; // Device name in the form \\.\\xxxxx 47 | 48 | PFUNC_CommClientConnected CommClientConnected; // Notification for a new client that is connected - CreateFile 49 | PFUNC_CommClientDisconected CommClientDisconnected; // Notification for a client that is disconnected - CloseHandle 50 | PFUNC_CommReceiveData CommReceiveData; // Notification for data that is available - sent from user mode 51 | PFUNC_CommReceiveData CommReceiveDataInternal; // Notification for data that is available - sent from kernel mode 52 | }COMM_INIT_DATA, *PCOMM_INIT_DATA; 53 | #pragma pack(pop) 54 | 55 | NTSTATUS 56 | CommInitializeQueueCommunication( 57 | _In_ WDFDRIVER Driver, 58 | _In_ PCOMM_INIT_DATA CommInitData 59 | ); 60 | 61 | NTSTATUS 62 | CommStartQueueCommunication( 63 | ); 64 | 65 | NTSTATUS 66 | CommStopQueueCommunication( 67 | ); 68 | 69 | NTSTATUS 70 | CommSendQueueData( 71 | _In_ PVOID/*WDFFILEOBJECT*/ FileObject, // treat this as a "client id"; it is provided in COMM_INIT_DATACommClientConnected callback 72 | _In_ PVOID InputBuffer, 73 | _In_ UINT32 InputBufferSize, 74 | _Inout_opt_ PVOID OutputBuffer, 75 | _Inout_opt_ UINT32 OutputBufferSize, 76 | _Out_opt_ UINT32 *ActualOutputBufferSize, 77 | _In_opt_ UINT64 Timeout 78 | ); 79 | 80 | NTSTATUS 81 | CommUninitializeQueueCommunication( 82 | void 83 | ); 84 | 85 | #ifdef __cplusplus 86 | } 87 | #endif 88 | 89 | 90 | #endif //__CXQUEUEKERNEL_H__ 91 | -------------------------------------------------------------------------------- /napoca/include/introspection/intronapoca.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /// @addtogroup introinterfaceinit 7 | ///@{ 8 | 9 | /** @file intronapoca.h 10 | * @brief INTRONAPOCA - NAPOCA hypervisor glue layer, interface initializations for introspection 11 | * 12 | */ 13 | 14 | #ifndef _INTRONAPOCA_H_ 15 | #define _INTRONAPOCA_H_ 16 | 17 | #include "core.h" 18 | 19 | /// 20 | /// @brief Initializes the GlueInterface, completes the callbacks necessary for introspection usage. 21 | 22 | /// 23 | /// @param[in, out] GlueInterfaceBuffer The buffer containing the GlueIfaca which has to be initialized 24 | /// @param[in] BufferLength The buffer length of GleuInterfaceBuffer 25 | /// @param[in] RequestedIfaceVersion The requested interface version. 26 | /// 27 | /// @returns CX_STATUS_SUCCESS - if everything went with success. 28 | /// @returns CX_STATUS_INVALID_PARAMETER_1 - if GlueInterfaceBuffer is NULL. 29 | /// @returns CX_STATUS_INVALID_PARAMETER_2 - if BufferLegnth is smaller than the latest GLUE_IFACE structures size. 30 | /// @returns CX_STATUS_OPERATION_NOT_SUPPORTED - if RequestedIfaceVersion is not the latest version. 31 | /// 32 | /// @remark For now we support only one single version of the GLUE_IFACE, the latest. 33 | /// 34 | NTSTATUS 35 | IntNapInitGlueInterface( 36 | _Inout_ PVOID GlueInterfaceBuffer, 37 | _In_ DWORD BufferLength, 38 | _In_ DWORD RequestedIfaceVersion 39 | ); 40 | 41 | /// 42 | /// @brief Initializes the UpperInterface, completes the callbacks necessary for introspection usage. 43 | 44 | /// 45 | /// @param[in, out] UpperInterfaceBuffer The buffer containing the UpperIfaca which has to be initialized 46 | /// @param[in] BufferLength The buffer length of UpperInterfaceBuffer 47 | /// @param[in] RequestedIfaceVersion The requested interface version. 48 | /// 49 | /// @returns CX_STATUS_SUCCESS - if everything went with success. 50 | /// @returns CX_STATUS_INVALID_PARAMETER_1 - if UpperInterfaceBuffer is NULL. 51 | /// @returns CX_STATUS_INVALID_PARAMETER_2 - if BufferLegnth is smaller than the latest UPPER_IFACE structures size. 52 | /// @returns CX_STATUS_OPERATION_NOT_SUPPORTED - if RequestedIfaceVersion is not the latest version. 53 | /// 54 | /// @remark For now we support only one single version of the GLUE_IFACE, the latest. 55 | /// 56 | NTSTATUS 57 | IntNapInitUpperInterface( 58 | _Inout_ PVOID UpperInterfaceBuffer, 59 | _In_ DWORD BufferLength, 60 | _In_ DWORD RequestedIfaceVersion 61 | ); 62 | 63 | #endif // _INTRONAPOCA_H_ 64 | 65 | 66 | ///@} -------------------------------------------------------------------------------- /_external/codex/src/shared/native/base/compiler_dependent/memlib/X64/CxMemZero.asm: -------------------------------------------------------------------------------- 1 | ;------------------------------------------------------------------------------ 2 | ; 3 | ; Copyright (c) 2006, Intel Corporation. All rights reserved.
4 | ; This program and the accompanying materials 5 | ; are licensed and made available under the terms and conditions of the BSD License 6 | ; which accompanies this distribution. The full text of the license may be found at 7 | ; http://opensource.org/licenses/bsd-license.php. 8 | ; 9 | ; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 10 | ; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 11 | ; 12 | ; Module Name: 13 | ; 14 | ; ZeroMem.Asm 15 | ; 16 | ; Abstract: 17 | ; 18 | ; ZeroMem function 19 | ; 20 | ; Notes: 21 | ; 22 | ;------------------------------------------------------------------------------ 23 | 24 | .code 25 | 26 | ;------------------------------------------------------------------------------ 27 | ; VOID * 28 | ; CxMemZero ( 29 | ; IN VOID *Buffer, 30 | ; IN UINTN Count 31 | ; ); 32 | ;------------------------------------------------------------------------------ 33 | CxMemZeroBasic64 PROC USES rdi 34 | push rcx 35 | xor rax, rax 36 | mov rdi, rcx 37 | mov rcx, rdx 38 | shr rcx, 3 39 | and rdx, 7 40 | rep stosq 41 | mov ecx, edx 42 | rep stosb 43 | pop rax 44 | ret 45 | CxMemZeroBasic64 ENDP 46 | 47 | CxMemZeroMmx64 PROC USES rdi 48 | mov rdi, rcx 49 | mov rcx, rdx 50 | mov r8, rdi 51 | and edx, 7 52 | shr rcx, 3 53 | jz @ZeroBytes 54 | DB 0fh, 0efh, 0c0h ; pxor mm0, mm0 55 | @@: 56 | DB 0fh, 0e7h, 7 ; movntq [rdi], mm0 57 | add rdi, 8 58 | loop @B 59 | DB 0fh, 0aeh, 0f0h ; mfence 60 | @ZeroBytes: 61 | xor eax, eax 62 | mov ecx, edx 63 | rep stosb 64 | mov rax, r8 65 | ret 66 | CxMemZeroMmx64 ENDP 67 | 68 | CxMemZeroSse264 PROC USES rdi 69 | mov rdi, rcx 70 | xor rcx, rcx 71 | xor eax, eax 72 | sub rcx, rdi 73 | and rcx, 15 74 | mov r8, rdi 75 | jz @F 76 | cmp rcx, rdx 77 | cmova rcx, rdx 78 | sub rdx, rcx 79 | rep stosb 80 | @@: 81 | mov rcx, rdx 82 | and edx, 15 83 | shr rcx, 4 84 | jz @ZeroBytes 85 | pxor xmm0, xmm0 86 | @@: 87 | movntdq [rdi], xmm0 ; rdi should be 16-byte aligned 88 | add rdi, 16 89 | loop @B 90 | mfence 91 | @ZeroBytes: 92 | mov ecx, edx 93 | rep stosb 94 | mov rax, r8 95 | ret 96 | CxMemZeroSse264 ENDP 97 | 98 | END 99 | -------------------------------------------------------------------------------- /include/common/kernel/napoca_version.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _NAPOCA_VERSION_H_ 7 | #define _NAPOCA_VERSION_H_ 8 | 9 | #include "cx_native.h" 10 | #include "base/cx_status.h" 11 | 12 | /*! @def NAPOCA_VERSION 13 | * 14 | * @brief Contains the version of a component consisting of 4 hierarchical version descriptors 15 | */ 16 | typedef struct _NAPOCA_VERSION 17 | { 18 | CX_UINT32 High; 19 | CX_UINT32 Low; 20 | CX_UINT32 Revision; 21 | CX_UINT32 Build; 22 | } NAPOCA_VERSION; 23 | 24 | /** 25 | * @brief Validates a version requirement 26 | * 27 | * @param[in] ActualVersion Version to be validated 28 | * @param[in] RequiredVersion Minimum version requirement 29 | * 30 | * @return CX_STATUS_SUCCESS ActualVersion meets the requirement of RequiredVersion 31 | * @return CX_STATUS_OUT_OF_RANGE ActualVersion does not meet requirement of RequiredVersion 32 | */ 33 | __forceinline 34 | CX_STATUS 35 | CheckCompatibility( 36 | _In_ NAPOCA_VERSION *ActualVersion, 37 | _In_ NAPOCA_VERSION *RequiredVersion 38 | ) 39 | { 40 | typedef union 41 | { 42 | CX_UINT64 Raw; 43 | struct 44 | { 45 | CX_UINT64 Build :16; 46 | CX_UINT64 Rev :16; 47 | CX_UINT64 Minor :16; 48 | CX_UINT64 Major :16; 49 | }; 50 | }VER; 51 | 52 | VER actualVer = {0}, reqVer = {0}; 53 | 54 | if (ActualVersion == CX_NULL) return CX_STATUS_INVALID_PARAMETER_1; 55 | 56 | actualVer.Major = ActualVersion->High; 57 | actualVer.Minor = ActualVersion->Low; 58 | actualVer.Rev = ActualVersion->Revision; 59 | actualVer.Build = 0; 60 | 61 | reqVer.Major = RequiredVersion->High; 62 | reqVer.Minor = RequiredVersion->Low; 63 | reqVer.Rev = RequiredVersion->Revision; 64 | reqVer.Build = 0; 65 | 66 | return actualVer.Raw < reqVer.Raw ? CX_STATUS_OUT_OF_RANGE : CX_STATUS_SUCCESS; 67 | } 68 | 69 | /** 70 | * @brief Fills the fields of a #NAPOCA_VERSION structure 71 | * 72 | * @param[out] Version Version to initialize 73 | * @param[in] High Component High Version 74 | * @param[in] Low Component Low Version 75 | * @param[in] Revision Component Revision 76 | * @param[in] Build Component Build Number 77 | */ 78 | __forceinline 79 | CX_VOID 80 | MakeVersion( 81 | _Out_ NAPOCA_VERSION *Version, 82 | _In_ CX_UINT32 High, 83 | _In_ CX_UINT32 Low, 84 | _In_ CX_UINT32 Revision, 85 | _In_ CX_UINT32 Build 86 | ) 87 | { 88 | Version->High = High; 89 | Version->Low = Low; 90 | Version->Revision = Revision; 91 | Version->Build = Build; 92 | } 93 | 94 | #endif // _NAPOCA_VERSION_H_ 95 | -------------------------------------------------------------------------------- /napoca/include/debug/emu_debug.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef __EMU_DEBUG_H__ 7 | #define __EMU_DEBUG_H__ 8 | 9 | #include "common/external_interface/disasm_types.h" 10 | #include "napoca.h" 11 | #include "bddisasm.h" 12 | 13 | // 14 | // This entity retain information about instruction trace, tlbs, etc. 15 | // 16 | 17 | typedef enum _DBG_TABLE 18 | { 19 | DBG_TABLE_TLB, 20 | DBG_TABLE_TRACE, 21 | }DBG_TABLE; 22 | 23 | #define EMULATED_INSTRUCTION_DEISASSEMBLY_BUFFER_SIZE 128 24 | typedef struct _EMU_TRACE_ENTRY 25 | { 26 | CX_BOOL IsValid; 27 | CX_UINT64 EmulatedRip; // holds emulated instructions RIP 28 | char EmulatedDis[EMULATED_INSTRUCTION_DEISASSEMBLY_BUFFER_SIZE]; // holds emulated instructions disassembly 29 | INSTRUX EmulatedBytes; // the actual instrux of the emulated instruction 30 | CX_UINT64 EmulatedTargetGva; // the address accessed because of the emulation 31 | CX_UINT64 EmulatedTargetValueLoad; 32 | CX_UINT64 EmulatedTargetValueStore; 33 | CX_UINT8 EmulatedTargetSize; 34 | ARCH_REGS EmulatedContextBefore; 35 | ARCH_REGS EmulatedContextAfter; 36 | }EMU_TRACE_ENTRY; 37 | 38 | typedef struct _EMU_TLB_ENTRY 39 | { 40 | CX_BOOL IsValid; 41 | CX_UINT64 Gva; 42 | CX_UINT32 Cpu; 43 | CX_UINT32 Flags; 44 | CX_UINT32 RequiredFlags; 45 | CX_UINT32 Size; 46 | } EMU_TLB_ENTRY; 47 | 48 | STATUS EmuDebugInit(_In_ CX_UINT8 CpuCount); 49 | 50 | // We keep information about the last N instructions/tlbs/etc. emulated. 51 | // To find max N, call this function. 52 | // The function return 0 if this debug entity 53 | // fails to initialize (or it is not initialized) 54 | CX_UINT32 EmuDebugGetTableSize(_In_ DBG_TABLE DebugTable); 55 | 56 | STATUS EmuDebugInsertTlbEntry(_In_ EMU_TLB_ENTRY* NewTlbDebugEntry); 57 | STATUS EmuDebugInsertTraceEntry(_In_ CX_UINT8 CpuIndex, _In_ EMU_TRACE_ENTRY* NewDebugEntry); 58 | 59 | // If BackInTimeNEntries is 0 then informations about last saved entry is returned 60 | // If BackInTimeNEntries is 1, information about last - 1 saved entry is returned, and so on.. 61 | // The maximum value of BackInTimeNEntries can be EmuDebugGetTableSize - 1 62 | #define GET_LAST_ENTRY 0 63 | STATUS EmuDebugGetTlbEntry(_In_ CX_UINT32 BackInTimeNEntries, _Outptr_ EMU_TLB_ENTRY* TlbDebugEntry, _In_ CX_BOOL RemoveEntryFromHistory); 64 | STATUS EmuDebugGetTraceEntry(_In_ CX_UINT8 CpuIndex, _In_ CX_UINT32 BackInTimeNEntries, _Outptr_ EMU_TRACE_ENTRY* TraceDebugEntry, _In_ CX_BOOL RemoveEntryFromHistory); 65 | 66 | #endif //__EMU_DEBUG_H__ 67 | -------------------------------------------------------------------------------- /autogen/efi_cmdline.c: -------------------------------------------------------------------------------- 1 | #include "userdata.h" 2 | #include "efi_cmdline.h" 3 | UD_NUMBER CfgActiveOsLoad = CFG_ACTIVEOSLOAD; 4 | UD_NUMBER CfgAllowedRetries = CFG_ALLOWEDRETRIES; 5 | UD_NUMBER CfgBypassHv = CFG_BYPASSHV; 6 | UD_NUMBER CfgDebugBypassOnErrors = CFG_DEBUG_BYPASSONERRORS; 7 | UD_NUMBER CfgDebugConfirmErrors = CFG_DEBUG_CONFIRMERRORS; 8 | UD_NUMBER CfgDebugConfirmHv = CFG_DEBUG_CONFIRMHV; 9 | UD_NUMBER CfgDebugConfirmOs = CFG_DEBUG_CONFIRMOS; 10 | UD_NUMBER CfgDebugDumpCrashLog = CFG_DEBUG_DUMP_CRASHLOG; 11 | UD_NUMBER CfgDebugDumpEnvironmentVariables = CFG_DEBUG_DUMP_ENVIRONMENTVARIABLES; 12 | UD_NUMBER CfgDebugDumpLastLog = CFG_DEBUG_DUMP_LASTLOG; 13 | UD_NUMBER CfgDebugDumpRuntimeTables = CFG_DEBUG_DUMP_RUNTIMETABLES; 14 | UD_NUMBER CfgDebugDumpVersion = CFG_DEBUG_DUMP_VERSION; 15 | UD_NUMBER CfgDebugExceptionHandling = CFG_DEBUG_EXCEPTIONHANDLING; 16 | UD_NUMBER CfgDebugGopOutput = CFG_DEBUG_GOPOUTPUT; 17 | UD_NUMBER CfgDebugHaltOnErrors = CFG_DEBUG_HALTONERRORS; 18 | UD_NUMBER CfgDebugSimulateSecondLoad = CFG_DEBUG_SIMULATESECONDLOAD; 19 | UD_NUMBER CfgFeedbackBufferSize = CFG_FEEDBACKBUFFERSIZE; 20 | UD_ASCII_STRING CfgFilesEfiHv = CFG_FILES_EFIHV; 21 | UD_NUMBER CfgFilesEfiHvEnabled = CFG_FILES_EFIHVENABLED; 22 | UD_ASCII_STRING CfgFilesHvLog = CFG_FILES_HVLOG; 23 | UD_ASCII_STRING CfgFilesOs = CFG_FILES_OS; 24 | UD_ASCII_STRING CfgFilesOsBackup = CFG_FILES_OSBACKUP; 25 | UD_NUMBER CfgUserInterractionAllowKeyboardBypass = CFG_USERINTERRACTION_ALLOWKEYBOARDBYPASS; 26 | UD_ASCII_STRING CfgUserInterractionBypassMessage = CFG_USERINTERRACTION_BYPASSMESSAGE; 27 | UD_NUMBER CfgUserInterractionBypassOnScanCode = CFG_USERINTERRACTION_BYPASSONSCANCODE; 28 | UD_NUMBER CfgUserInterractionTimeOutInSeconds = CFG_USERINTERRACTION_TIMEOUTINSECONDS; 29 | -------------------------------------------------------------------------------- /napoca/include/introspection/glue_layer/introheap.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | /// @addtogroup introcallhv 7 | ///@{ 8 | 9 | /** @file introheap.h 10 | * @brief INTROHEAP - NAPOCA hypervisor glue layer, heap utilities offered/implemented for the introspection engine. 11 | * 12 | */ 13 | 14 | #ifndef _INTROHEAP_H_ 15 | #define _INTROHEAP_H_ 16 | 17 | #include "glueiface.h" 18 | 19 | /// 20 | /// @brief Get the available free memory to introcore from Napoca. 21 | /// 22 | /// This function is used by introcore to determine if certain operations can 23 | /// be attempted. In low memory conditions, certain operations will not be attempted. 24 | /// This function implements the corresponding service from the UPPER_IFACE interface. 25 | /// 26 | /// @param[out] TotalHeapSize The total size of the heap, in bytes 27 | /// @param[out] FreeHeapSize The size of the remaining free heap, in bytes 28 | /// 29 | /// @returns CX_STATUS_SUCCESS - operation completed successfully 30 | /// @returns OTHER - an appropriate STATUS error value 31 | /// 32 | NTSTATUS 33 | GuestIntNapQueryHeapSize( 34 | _Out_ SIZE_T* TotalHeapSize, 35 | _Out_ SIZE_T* FreeHeapSize 36 | ); 37 | 38 | /// 39 | /// @brief Allocates a block of memory from the heap. 40 | /// 41 | /// This function implements the corresponding service from the UPPER_IFACE interface. 42 | /// 43 | /// @param[in] Address If successful, will contain a pointer to the allocated memory region 44 | /// @param[in] Size The size of the block 45 | /// @param[in] Tag The tag of the allocation 46 | /// 47 | /// @returns CX_STATUS_SUCCESS - if the allocation succeeded 48 | /// @returns CX_STATUS_INSUFFICIENT_RESOURCES - if there is not enough memory available 49 | /// @returns OTHER - other potential internal STATUS error value 50 | /// 51 | NTSTATUS 52 | GuestIntNapHpAllocWithTagAndInfo( 53 | _Outptr_result_bytebuffer_(Size) PVOID* Address, 54 | _In_ size_t Size, 55 | _In_ DWORD Tag 56 | ); 57 | 58 | /// 59 | /// @brief Frees a memory block previously allocated with GuestIntNapHpAllocWithTagAndInfo. 60 | /// 61 | /// This function implements the corresponding service from the UPPER_IFACE interface. 62 | /// 63 | /// @param[in] Address Pointer to the memory address of the allocated block. On successful calls, 64 | /// it will be set to NULL 65 | /// @param[in] Tag The tag of the allocation. Must match the one provided by the GuestIntNapHpAllocWithTagAndInfo call. 66 | /// 67 | /// @returns CX_STATUS_SUCCESS - if the allocation was successfully freed. 68 | /// @returns OTHER - other potential internal STATUS error value 69 | /// 70 | NTSTATUS 71 | GuestIntNapHpFreeWithTagAndInfo( 72 | _Inout_ _At_(*Address, _Post_null_) PVOID* Address, 73 | _In_ DWORD Tag 74 | ); 75 | 76 | #endif // _INTROHEAP_H_ 77 | 78 | ///@} -------------------------------------------------------------------------------- /winguest/winguestdll/version.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020 Bitdefender 3 | * SPDX-License-Identifier: Apache-2.0 4 | */ 5 | 6 | #ifndef _VERSION_H_ 7 | #define _VERSION_H_ 8 | 9 | #include "ver.h" // global version file 10 | 11 | #define WINGUESTDLL_VERSION_HIGH GLOBAL_VERSION_MAJOR 12 | #define WINGUESTDLL_VERSION_LOW GLOBAL_VERSION_MINOR 13 | #define WINGUESTDLL_VERSION_REVISION GLOBAL_VERSION_REVISION 14 | #define WINGUESTDLL_VERSION_BUILD GLOBAL_VERSION_BUILDNUMBER 15 | 16 | #define WINGUESTDLL_BUILD_DATE __DATE__ 17 | #define WINGUESTDLL_BUILD_TIME __TIME__ 18 | 19 | #define WINGUESTDLL_VERSIONSTAMP ((((DWORD)WINGUESTDLL_VERSION_HIGH) << 30) | (((DWORD)WINGUESTDLL_VERSION_LOW) << 24) | \ 20 | (((DWORD)WINGUESTDLL_VERSION_REVISION) << 16) | ((DWORD)WINGUESTDLL_VERSION_BUILD)) 21 | 22 | #ifdef DEBUG 23 | #define VER_FILEDESCRIPTION_STR "WINGUEST communication library (DEBUG)" 24 | #else 25 | #define VER_FILEDESCRIPTION_STR "WINGUEST communication library" 26 | #endif 27 | 28 | #define VER_INTERNALNAME_STR "winguestdll.dll" 29 | 30 | #define VER_ORIGINALFILENAME_STR VER_INTERNALNAME_STR 31 | 32 | #ifdef VER_LEGALCOPYRIGHT_STR 33 | #undef VER_LEGALCOPYRIGHT_STR 34 | #endif 35 | #define VER_LEGALCOPYRIGHT_STR "\251 NapocaHv All rights reserved." 36 | 37 | #ifdef VER_COMPANYNAME_STR 38 | #undef VER_COMPANYNAME_STR 39 | #endif 40 | #define VER_COMPANYNAME_STR "NapocaHv Bucharest, ROMANIA" 41 | 42 | #ifdef VER_PRODUCTNAME_STR 43 | #undef VER_PRODUCTNAME_STR 44 | #endif 45 | #define VER_PRODUCTNAME_STR "NapocaHv \256 AntiVirus" 46 | 47 | #define VER_PRODUCTVERSION WINGUESTDLL_VERSION_HIGH,WINGUESTDLL_VERSION_LOW,WINGUESTDLL_VERSION_REVISION,WINGUESTDLL_VERSION_BUILD 48 | 49 | #ifdef VER_FILEVERSION 50 | #undef VER_FILEVERSION 51 | #endif 52 | #define VER_FILEVERSION WINGUESTDLL_VERSION_HIGH,WINGUESTDLL_VERSION_LOW,WINGUESTDLL_VERSION_REVISION,WINGUESTDLL_VERSION_BUILD 53 | 54 | #ifdef DEBUG 55 | #define BDVER_FILEVERSION_MAJORMINORREVBLD2(x,y,z,w) #x "." #y "." #z "." #w ", DEBUG" 56 | #else 57 | #define BDVER_FILEVERSION_MAJORMINORREVBLD2(x,y,z,w) #x "." #y "." #z "." #w 58 | #endif 59 | #define BDVER_FILEVERSION_MAJORMINORREVBLD1(x,y,z,w) BDVER_FILEVERSION_MAJORMINORREVBLD2(x, y, z, w) 60 | 61 | #ifdef VER_FILEVERSION_STR 62 | #undef VER_FILEVERSION_STR 63 | #endif 64 | #define VER_FILEVERSION_STR BDVER_FILEVERSION_MAJORMINORREVBLD1(WINGUESTDLL_VERSION_HIGH, WINGUESTDLL_VERSION_LOW, WINGUESTDLL_VERSION_REVISION, WINGUESTDLL_VERSION_BUILD) 65 | 66 | #ifdef VER_PRODUCTVERSION_STR 67 | #undef VER_PRODUCTVERSION_STR 68 | #endif 69 | #define VER_PRODUCTVERSION_STR BDVER_FILEVERSION_MAJORMINORREVBLD1(WINGUESTDLL_VERSION_HIGH, WINGUESTDLL_VERSION_LOW, WINGUESTDLL_VERSION_REVISION, WINGUESTDLL_VERSION_BUILD) 70 | #endif // _VERSION_H_ 71 | --------------------------------------------------------------------------------