138 lines
3.1 KiB
C
138 lines
3.1 KiB
C
#ifndef XEN_TURNSTILE_H
|
|
#define XEN_TURNSTILE_H
|
|
|
|
#ifdef __XEN__
|
|
#include <xen/types.h>
|
|
#else
|
|
#include <stdint.h>
|
|
#endif
|
|
|
|
#define TURNSTILE_OP_SET_POLICY 0
|
|
#define TURNSTILE_OP_PROTECT_RANGE 1
|
|
#define TURNSTILE_OP_UNPROTECT_RANGE 2
|
|
#define TURNSTILE_OP_REQUEST_WRITE 3
|
|
#define TURNSTILE_OP_GET_VIOLATIONS 4
|
|
#define TURNSTILE_OP_GET_STATS 5
|
|
#define TURNSTILE_OP_UPLOAD_METADATA 6
|
|
|
|
#define TURNSTILE_POLICY_DISABLED 0
|
|
#define TURNSTILE_POLICY_AUDIT 1
|
|
#define TURNSTILE_POLICY_ENFORCE 2
|
|
|
|
#define TURNSTILE_MAX_RANGES 256
|
|
#define TURNSTILE_RING_SIZE 4096
|
|
#define TURNSTILE_MAX_FUNC_ENTRIES 65536
|
|
#define TURNSTILE_MAX_JUMP_ENTRIES 32768
|
|
|
|
#define TURNSTILE_IMPLICIT_DENIED 0
|
|
#define TURNSTILE_IMPLICIT_FTRACE 1
|
|
#define TURNSTILE_IMPLICIT_STATIC 2
|
|
|
|
struct turnstile_violation {
|
|
uint64_t timestamp;
|
|
uint64_t gpa;
|
|
uint64_t rip;
|
|
uint64_t cr3;
|
|
uint32_t access_flags;
|
|
uint32_t response;
|
|
uint8_t insn_bytes[16];
|
|
uint32_t seq;
|
|
uint32_t _pad;
|
|
};
|
|
|
|
struct turnstile_stats {
|
|
uint64_t violations_total;
|
|
uint64_t violations_blocked;
|
|
uint64_t violations_allowed;
|
|
uint64_t implicit_ftrace;
|
|
uint64_t implicit_static_key;
|
|
uint64_t explicit_write_grants;
|
|
uint64_t ring_overflows;
|
|
};
|
|
|
|
struct turnstile_op_set_policy {
|
|
uint32_t policy;
|
|
uint32_t _pad;
|
|
};
|
|
|
|
struct turnstile_op_protect_range {
|
|
uint64_t gpa_start;
|
|
uint64_t length;
|
|
};
|
|
|
|
struct turnstile_op_request_write {
|
|
uint64_t gpa_start;
|
|
uint64_t length;
|
|
uint32_t timeout_ms;
|
|
uint32_t _pad;
|
|
};
|
|
|
|
struct turnstile_op_get_violations {
|
|
uint64_t buffer_ptr;
|
|
uint32_t max_entries;
|
|
uint32_t entries_returned;
|
|
uint32_t overflow_count;
|
|
uint32_t _pad;
|
|
};
|
|
|
|
struct turnstile_op_upload_metadata {
|
|
uint64_t buffer_ptr;
|
|
uint32_t metadata_type;
|
|
uint32_t count;
|
|
};
|
|
|
|
#define TURNSTILE_META_FUNC_ENTRIES 0
|
|
#define TURNSTILE_META_JUMP_ENTRIES 1
|
|
|
|
#ifdef __XEN__
|
|
#include <xen/sched.h>
|
|
#include <xen/spinlock.h>
|
|
#include <xen/time.h>
|
|
#include <asm/p2m.h>
|
|
|
|
struct turnstile_range {
|
|
uint64_t gpa_start;
|
|
uint64_t gpa_end;
|
|
p2m_type_t original_type;
|
|
bool active;
|
|
};
|
|
|
|
struct turnstile_write_grant {
|
|
uint64_t gpa_start;
|
|
uint64_t gpa_end;
|
|
s_time_t expiry;
|
|
bool active;
|
|
};
|
|
|
|
struct turnstile_domain_state {
|
|
rwlock_t lock;
|
|
uint32_t policy;
|
|
|
|
struct turnstile_range ranges[TURNSTILE_MAX_RANGES];
|
|
unsigned int num_ranges;
|
|
|
|
struct turnstile_violation ring[TURNSTILE_RING_SIZE];
|
|
uint32_t ring_head;
|
|
uint32_t ring_tail;
|
|
uint32_t ring_seq;
|
|
uint32_t overflow_count;
|
|
|
|
uint64_t *func_entries;
|
|
unsigned int num_func_entries;
|
|
|
|
uint64_t *jump_entries;
|
|
unsigned int num_jump_entries;
|
|
|
|
struct turnstile_write_grant write_grant;
|
|
struct turnstile_stats stats;
|
|
};
|
|
|
|
int turnstile_domain_init(struct domain *d);
|
|
void turnstile_domain_destroy(struct domain *d);
|
|
long do_turnstile_op(unsigned int op, domid_t domid, XEN_GUEST_HANDLE_PARAM(void) arg);
|
|
int turnstile_check_violation(struct domain *d, uint64_t gpa, uint64_t rip,
|
|
uint64_t cr3, uint32_t access_flags,
|
|
const uint8_t *insn_bytes);
|
|
#endif
|
|
|
|
#endif
|