diff --git a/README.md b/README.md
index f547dd6..aa2a086 100644
--- a/README.md
+++ b/README.md
@@ -79,4 +79,67 @@ rename it to `payload.dll`. Put both `bootmgfw.efi` (Voyager.efi rename), and `p
-
\ No newline at end of file
+
+
+### libvoyager
+
+libvoyager is a tiny lib that allows a programmer to integrate voyager into VDM or other projects that require reading and writing to physical and virtual memory. There is
+an example in the repo which contains example code for integrating into VDM.
+
+```cpp
+vdm::read_phys_t _read_phys =
+ [&](void* addr, void* buffer, std::size_t size) -> bool
+{
+ const auto read_result =
+ voyager::read_phys((u64)addr, (u64)buffer, size);
+
+ return read_result ==
+ voyager::vmxroot_error_t::error_success;
+};
+
+vdm::write_phys_t _write_phys =
+ [&](void* addr, void* buffer, std::size_t size) -> bool
+{
+ const auto write_result =
+ voyager::write_phys((u64)addr, (u64)buffer, size);
+
+ return write_result ==
+ voyager::vmxroot_error_t::error_success;
+};
+```
+
+Any project that uses VDM can now use Voyager instead of a vulnerable driver. This includes all PTM projects.
+
+### Page Table Code
+
+mm.cpp and mm.hpp contain all of the memory managment code. Hyper-v has a self referencing PML4E at index 510. This is the same index for all versions of Hyper-v.
+This is crucial as without knowing where the PML4 of the current logical processor is located in virtual memory, there is no way to interface with physical memory.
+Each logical processor running under hyper-v has its own host cr3 value (each core has its own host PML4).
+
+###### Mapping PTE's
+
+In the Intel and AMD payloads of this project, there is a section for PDPT, PD, and PT. These sections need to be page aligned in
+order for them to work (they are just putting this here as a warning). Each logical processor has two PTE's, one for source and one for destination. This allows for
+copying of physical memory between two pages without requiring a buffer.
+
+```cpp
+
+auto mm::map_page(host_phys_t phys_addr, map_type_t map_type) -> u64
+{
+ cpuid_eax_01 cpuid_value;
+ __cpuid((int*)&cpuid_value, 1);
+
+ mm::pt[(cpuid_value
+ .cpuid_additional_information
+ .initial_apic_id * 2)
+ + (unsigned)map_type].pfn = phys_addr >> 12;
+
+ __invlpg(reinterpret_cast(
+ get_map_virt(virt_addr_t{ phys_addr }.offset_4kb, map_type)));
+
+ return get_map_virt(virt_addr_t{ phys_addr }.offset_4kb, map_type);
+}
+```
+
+As you can see from the code above, the logical processor number which is obtained from CPUID instruction is mulitplied by the `map_type`. There can be a max of 256 cores on the system, if there
+are more then 256 cores on the system then this code above will not work.
\ No newline at end of file
diff --git a/Usermode Example/Example.sln b/Usermode Example/Example.sln
deleted file mode 100644
index 70996b7..0000000
--- a/Usermode Example/Example.sln
+++ /dev/null
@@ -1,31 +0,0 @@
-
-Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.30503.244
-MinimumVisualStudioVersion = 10.0.40219.1
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Example", "Example.vcxproj", "{09B41831-3164-48AD-8660-23457D82B73B}"
-EndProject
-Global
- GlobalSection(SolutionConfigurationPlatforms) = preSolution
- Debug|x64 = Debug|x64
- Debug|x86 = Debug|x86
- Release|x64 = Release|x64
- Release|x86 = Release|x86
- EndGlobalSection
- GlobalSection(ProjectConfigurationPlatforms) = postSolution
- {09B41831-3164-48AD-8660-23457D82B73B}.Debug|x64.ActiveCfg = Debug|x64
- {09B41831-3164-48AD-8660-23457D82B73B}.Debug|x64.Build.0 = Debug|x64
- {09B41831-3164-48AD-8660-23457D82B73B}.Debug|x86.ActiveCfg = Debug|Win32
- {09B41831-3164-48AD-8660-23457D82B73B}.Debug|x86.Build.0 = Debug|Win32
- {09B41831-3164-48AD-8660-23457D82B73B}.Release|x64.ActiveCfg = Release|x64
- {09B41831-3164-48AD-8660-23457D82B73B}.Release|x64.Build.0 = Release|x64
- {09B41831-3164-48AD-8660-23457D82B73B}.Release|x86.ActiveCfg = Release|Win32
- {09B41831-3164-48AD-8660-23457D82B73B}.Release|x86.Build.0 = Release|Win32
- EndGlobalSection
- GlobalSection(SolutionProperties) = preSolution
- HideSolutionNode = FALSE
- EndGlobalSection
- GlobalSection(ExtensibilityGlobals) = postSolution
- SolutionGuid = {E132D109-7F0D-4125-B737-B5D83E6FBCA8}
- EndGlobalSection
-EndGlobal
diff --git a/Usermode Example/Example.vcxproj b/Usermode Example/Example.vcxproj
deleted file mode 100644
index 4b74ae6..0000000
--- a/Usermode Example/Example.vcxproj
+++ /dev/null
@@ -1,158 +0,0 @@
-
-
-
-
- Debug
- Win32
-
-
- Release
- Win32
-
-
- Debug
- x64
-
-
- Release
- x64
-
-
-
- 16.0
- Win32Proj
- {09b41831-3164-48ad-8660-23457d82b73b}
- DeepSpaceNetwork
- 10.0
- Example
-
-
-
- Application
- true
- v142
- Unicode
-
-
- Application
- false
- v142
- true
- Unicode
-
-
- Application
- true
- v142
- Unicode
-
-
- Application
- false
- v142
- true
- Unicode
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- true
-
-
- false
-
-
- true
-
-
- false
-
-
-
- Level3
- true
- WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)
- true
-
-
- Console
- true
-
-
-
-
- Level3
- true
- true
- true
- WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
- true
-
-
- Console
- true
- true
- true
-
-
-
-
- Level3
- true
- _DEBUG;_CONSOLE;%(PreprocessorDefinitions)
- true
-
-
- Console
- true
-
-
-
-
- Level3
- true
- true
- true
- NDEBUG;_CONSOLE;%(PreprocessorDefinitions)
- true
-
-
- Console
- true
- true
- true
-
-
-
-
-
-
-
- Document
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/Usermode Example/com.h b/Usermode Example/com.h
deleted file mode 100644
index 4e0f783..0000000
--- a/Usermode Example/com.h
+++ /dev/null
@@ -1,9 +0,0 @@
-#pragma once
-#define VMEXIT_KEY 0xDEADBEEFDEADBEEF
-enum class vmexit_command_t
-{
- init_paging_tables = 0x111
- // add your commands here...
-};
-
-extern "C" size_t hypercall(size_t key, vmexit_command_t command);
\ No newline at end of file
diff --git a/Usermode Example/main.cpp b/Usermode Example/main.cpp
deleted file mode 100644
index fdf7344..0000000
--- a/Usermode Example/main.cpp
+++ /dev/null
@@ -1,9 +0,0 @@
-#include
-#include "com.h"
-
-int main()
-{
- auto result = hypercall(VMEXIT_KEY, vmexit_command_t::init_paging_tables);
- std::printf("[+] hyper-v (CPUID) init page table result -> %d\n", result);
- std::getchar();
-}
\ No newline at end of file
diff --git a/Voyager/PayLoad (AMD)/PayLoad (AMD).vcxproj b/Voyager/PayLoad (AMD)/PayLoad (AMD).vcxproj
index d3fb4b0..8097e8b 100644
--- a/Voyager/PayLoad (AMD)/PayLoad (AMD).vcxproj
+++ b/Voyager/PayLoad (AMD)/PayLoad (AMD).vcxproj
@@ -56,7 +56,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -65,7 +65,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -74,7 +74,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -83,7 +83,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -92,7 +92,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -101,7 +101,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -110,7 +110,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -119,7 +119,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -128,7 +128,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -137,7 +137,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -198,9 +198,13 @@
falsefalse_WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=1909;
+ Disabled
+ MultiThreaded
+ falsevmexit_handler
+ libcmt.lib;libucrt.lib;libvcruntime.lib;%(AdditionalDependencies)
@@ -210,9 +214,13 @@
falsefalse_WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=1903;
+ Disabled
+ MultiThreaded
+ falsevmexit_handler
+ libcmt.lib;libucrt.lib;libvcruntime.lib;%(AdditionalDependencies)
@@ -222,9 +230,13 @@
falsefalse_WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=1809;
+ Disabled
+ MultiThreaded
+ falsevmexit_handler
+ libcmt.lib;libucrt.lib;libvcruntime.lib;%(AdditionalDependencies)
@@ -234,9 +246,13 @@
falsefalse_WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=1803;
+ Disabled
+ MultiThreaded
+ falsevmexit_handler
+ libcmt.lib;libucrt.lib;libvcruntime.lib;%(AdditionalDependencies)
@@ -246,9 +262,13 @@
falsefalse_WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=1709
+ Disabled
+ MultiThreaded
+ falsevmexit_handler
+ libcmt.lib;libucrt.lib;libvcruntime.lib;%(AdditionalDependencies)
@@ -258,9 +278,13 @@
falsefalse_WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=1703
+ Disabled
+ MultiThreaded
+ falsevmexit_handler
+ libcmt.lib;libucrt.lib;libvcruntime.lib;%(AdditionalDependencies)
@@ -270,9 +294,13 @@
falsefalse_WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=1607
+ Disabled
+ MultiThreaded
+ falsevmexit_handler
+ libcmt.lib;libucrt.lib;libvcruntime.lib;%(AdditionalDependencies)
@@ -282,9 +310,13 @@
falsefalse_WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=1511;
+ Disabled
+ MultiThreaded
+ falsevmexit_handler
+ libcmt.lib;libucrt.lib;libvcruntime.lib;%(AdditionalDependencies)
@@ -293,10 +325,14 @@
falsefalsefalse
- _WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=1903;
+ _WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=1507;
+ Disabled
+ MultiThreaded
+ falsevmexit_handler
+ libcmt.lib;libucrt.lib;libvcruntime.lib;%(AdditionalDependencies)
@@ -306,21 +342,29 @@
falsefalse_WIN64;_AMD64_;AMD64;%(PreprocessorDefinitions);WINVER=2004;
+ Disabled
+ MultiThreaded
+ falsevmexit_handler
+ libcmt.lib;libucrt.lib;libvcruntime.lib;%(AdditionalDependencies)
+
-
+
+
-
+
+
+
diff --git a/Voyager/PayLoad (AMD)/PayLoad (AMD).vcxproj.filters b/Voyager/PayLoad (AMD)/PayLoad (AMD).vcxproj.filters
index 6fa82c1..6b15131 100644
--- a/Voyager/PayLoad (AMD)/PayLoad (AMD).vcxproj.filters
+++ b/Voyager/PayLoad (AMD)/PayLoad (AMD).vcxproj.filters
@@ -14,10 +14,16 @@
Header Files
-
+ Header Files
-
+
+ Header Files
+
+
+ Header Files
+
+ Header Files
@@ -25,7 +31,13 @@
Source Files
-
+
+ Source Files
+
+
+ Source Files
+
+ Source Files
diff --git a/Voyager/PayLoad (AMD)/debug.cpp b/Voyager/PayLoad (AMD)/debug.cpp
new file mode 100644
index 0000000..013c4ec
--- /dev/null
+++ b/Voyager/PayLoad (AMD)/debug.cpp
@@ -0,0 +1,69 @@
+#include "debug.h"
+
+auto dbg::debug_print_decimal(long long number) -> void
+{
+ if (number < 0)
+ {
+ __outbyte(PORT_NUM, '-');
+ number = -number;
+ }
+
+ for (auto d = 1000000000000000000; d != 0; d /= 10)
+ if ((number / d) != 0)
+ __outbyte(PORT_NUM, alphabet[(number / d) % 10]);
+}
+
+auto dbg::debug_print_hex(u64 number, const bool show_zeros) -> void
+{
+ for (auto d = 0x1000000000000000; d != 0; d /= 0x10)
+ if (show_zeros || (number / d) != 0)
+ __outbyte(PORT_NUM, alphabet[(number / d) % 0x10]);
+}
+
+auto dbg::print(const char* format, ...) -> void
+{
+ va_list args;
+ va_start(args, format);
+
+ while (format[0])
+ {
+ if (format[0] == '%')
+ {
+ switch (format[1])
+ {
+ case 'd':
+ debug_print_decimal(va_arg(args, int));
+ format += 2;
+ continue;
+ case 'x':
+ debug_print_hex(va_arg(args, u32), false);
+ format += 2;
+ continue;
+ case 'l':
+ if (format[2] == 'l')
+ {
+ switch (format[3])
+ {
+ case 'd':
+ debug_print_decimal(va_arg(args, u64));
+ format += 4;
+ continue;
+ case 'x':
+ debug_print_hex(va_arg(args, u64), false);
+ format += 4;
+ continue;
+ }
+ }
+ break;
+ case 'p':
+ debug_print_hex(va_arg(args, u64), true);
+ format += 2;
+ continue;
+ }
+ }
+
+ __outbyte(PORT_NUM, format[0]);
+ ++format;
+ }
+ va_end(args);
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (AMD)/debug.h b/Voyager/PayLoad (AMD)/debug.h
new file mode 100644
index 0000000..fda84d7
--- /dev/null
+++ b/Voyager/PayLoad (AMD)/debug.h
@@ -0,0 +1,13 @@
+#pragma once
+#include
+#include
+#include "types.h"
+
+#define PORT_NUM 0x2F8
+namespace dbg
+{
+ constexpr char alphabet[] = "0123456789ABCDEF";
+ auto debug_print_decimal(long long number) -> void;
+ auto debug_print_hex(u64 number, const bool show_zeros) -> void;
+ auto print(const char* format, ...) -> void;
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (AMD)/ia32.hpp b/Voyager/PayLoad (AMD)/ia32.hpp
index dc0400c..256a0c3 100644
--- a/Voyager/PayLoad (AMD)/ia32.hpp
+++ b/Voyager/PayLoad (AMD)/ia32.hpp
@@ -14132,7 +14132,7 @@ typedef union
};
UINT64_t flags;
-} pml4e_64;
+} pml4e;
/**
* @brief Format of a 4-Level Page-Directory-Pointer-Table Entry (PDPTE) that Maps a 1-GByte Page
@@ -14431,7 +14431,7 @@ typedef union
};
UINT64_t flags;
-} pdpte_64;
+} pdpte;
/**
* @brief Format of a 4-Level Page-Directory Entry that Maps a 2-MByte Page
@@ -14730,7 +14730,7 @@ typedef union
};
UINT64_t flags;
-} pde_64;
+} pde;
/**
* @brief Format of a 4-Level Page-Table Entry that Maps a 4-KByte Page
@@ -14891,7 +14891,7 @@ typedef union
};
UINT64_t flags;
-} pte_64;
+} pte;
/**
* @brief Format of a common Page-Table Entry
@@ -18281,7 +18281,7 @@ typedef union
};
UINT64_t flags;
-} ept_pml4;
+} ept_pml4e;
/**
* @brief Format of an EPT Page-Directory-Pointer-Table Entry (PDPTE) that Maps a 1-GByte Page
@@ -18412,7 +18412,7 @@ typedef union
};
UINT64_t flags;
-} epdpte_1gb;
+} ept_pdpte_1gb;
/**
* @brief Format of an EPT Page-Directory-Pointer-Table Entry (PDPTE) that References an EPT Page Directory
@@ -18489,7 +18489,7 @@ typedef union
};
UINT64_t flags;
-} epdpte;
+} ept_pdpte;
/**
* @brief Format of an EPT Page-Directory Entry (PDE) that Maps a 2-MByte Page
@@ -18697,7 +18697,7 @@ typedef union
};
UINT64_t flags;
-} epde;
+} ept_pde;
/**
* @brief Format of an EPT Page-Table Entry that Maps a 4-KByte Page
@@ -18820,7 +18820,7 @@ typedef union
};
UINT64_t flags;
-} epte;
+} ept_pte;
/**
* @brief Format of a common EPT Entry
diff --git a/Voyager/PayLoad (AMD)/mm.cpp b/Voyager/PayLoad (AMD)/mm.cpp
new file mode 100644
index 0000000..29fedca
--- /dev/null
+++ b/Voyager/PayLoad (AMD)/mm.cpp
@@ -0,0 +1,363 @@
+#include "mm.h"
+#include "debug.h"
+
+auto mm::map_guest_phys(guest_phys_t phys_addr, map_type_t map_type) -> u64
+{
+ //const auto host_phys =
+ //translate_guest_physical(
+ //phys_addr, map_type);
+
+ //if (!host_phys)
+ //return {};
+
+ return map_page(phys_addr, map_type);
+}
+
+auto mm::map_guest_virt(guest_phys_t dirbase, guest_virt_t virt_addr, map_type_t map_type) -> u64
+{
+ const auto guest_phys =
+ translate_guest_virtual(
+ dirbase, virt_addr, map_type);
+
+ if (!guest_phys)
+ return {};
+
+ return map_guest_phys(guest_phys, map_type);
+}
+
+auto mm::map_page(host_phys_t phys_addr, map_type_t map_type) -> u64
+{
+ cpuid_eax_01 cpuid_value;
+ __cpuid((int*)&cpuid_value, 1);
+
+ mm::pt[(cpuid_value
+ .cpuid_additional_information
+ .initial_apic_id * 2)
+ + (unsigned)map_type].pfn = phys_addr >> 12;
+
+ __invlpg(reinterpret_cast(
+ get_map_virt(virt_addr_t{ phys_addr }.offset_4kb, map_type)));
+
+ return get_map_virt(virt_addr_t{ phys_addr }.offset_4kb, map_type);
+}
+
+auto mm::get_map_virt(u16 offset, map_type_t map_type) -> u64
+{
+ cpuid_eax_01 cpuid_value;
+ __cpuid((int*)&cpuid_value, 1);
+ virt_addr_t virt_addr{ MAPPING_ADDRESS_BASE };
+
+ virt_addr.pt_index = (cpuid_value
+ .cpuid_additional_information
+ .initial_apic_id * 2)
+ + (unsigned)map_type;
+
+ return virt_addr.value + offset;
+}
+
+auto mm::translate(host_virt_t host_virt) -> u64
+{
+ virt_addr_t virt_addr{ host_virt };
+ virt_addr_t cursor{ (u64)hyperv_pml4 };
+
+ if (!reinterpret_cast(cursor.value)[virt_addr.pml4_index].present)
+ return {};
+
+ cursor.pt_index = virt_addr.pml4_index;
+ if (!reinterpret_cast(cursor.value)[virt_addr.pdpt_index].present)
+ return {};
+
+ // handle 1gb large page...
+ if (reinterpret_cast(cursor.value)[virt_addr.pdpt_index].large_page)
+ return (reinterpret_cast(cursor.value)
+ [virt_addr.pdpt_index].pfn << 30) + virt_addr.offset_1gb;
+
+ cursor.pd_index = virt_addr.pml4_index;
+ cursor.pt_index = virt_addr.pdpt_index;
+ if (!reinterpret_cast(cursor.value)[virt_addr.pd_index].present)
+ return {};
+
+ // handle 2mb large page...
+ if (reinterpret_cast(cursor.value)[virt_addr.pd_index].large_page)
+ return (reinterpret_cast(cursor.value)
+ [virt_addr.pd_index].pfn << 21) + virt_addr.offset_2mb;
+
+ cursor.pdpt_index = virt_addr.pml4_index;
+ cursor.pd_index = virt_addr.pdpt_index;
+ cursor.pt_index = virt_addr.pd_index;
+ if (!reinterpret_cast(cursor.value)[virt_addr.pt_index].present)
+ return {};
+
+ return (reinterpret_cast(cursor.value)
+ [virt_addr.pt_index].pfn << 12) + virt_addr.offset_4kb;
+}
+
+auto mm::translate_guest_virtual(guest_phys_t dirbase, guest_virt_t guest_virt, map_type_t map_type) -> u64
+{
+ virt_addr_t virt_addr{ guest_virt };
+
+ const auto pml4 =
+ reinterpret_cast(
+ map_guest_phys(dirbase, map_type));
+
+ if (!pml4 || !pml4[virt_addr.pml4_index].present)
+ return {};
+
+ const auto pdpt =
+ reinterpret_cast(map_guest_phys(
+ pml4[virt_addr.pml4_index].pfn << 12, map_type));
+
+ if (!pdpt || !pdpt[virt_addr.pdpt_index].present)
+ return {};
+
+ // handle 1gb pages...
+ if (pdpt[virt_addr.pdpt_index].large_page)
+ return (pdpt[virt_addr.pdpt_index].pfn << 12) + virt_addr.offset_1gb;
+
+ const auto pd =
+ reinterpret_cast(map_guest_phys(
+ pdpt[virt_addr.pdpt_index].pfn << 12, map_type));
+
+ if (!pd || !pd[virt_addr.pd_index].present)
+ return {};
+
+ // handle 2mb pages...
+ if (pd[virt_addr.pd_index].large_page)
+ return (pd[virt_addr.pd_index].pfn << 12) + virt_addr.offset_2mb;
+
+ const auto pt =
+ reinterpret_cast(map_guest_phys(
+ pd[virt_addr.pd_index].pfn << 12, map_type));
+
+ if (!pt || !pt[virt_addr.pt_index].present)
+ return {};
+
+ return (pt[virt_addr.pt_index].pfn << 12) + virt_addr.offset_4kb;
+}
+
+auto mm::translate_guest_physical(guest_phys_t phys_addr, map_type_t map_type) -> u64
+{
+ phys_addr_t guest_phys{ phys_addr };
+ const auto vmcb = svm::get_vmcb();
+
+ const auto npt_pml4 =
+ reinterpret_cast(
+ map_page(vmcb->ncr3, map_type));
+
+ if (!npt_pml4[guest_phys.pml4_index].present)
+ return {};
+
+ const auto npt_pdpt =
+ reinterpret_cast(
+ map_page(npt_pml4[guest_phys.pml4_index].pfn << 12, map_type));
+
+ if (!npt_pdpt[guest_phys.pdpt_index].present)
+ return {};
+
+ const auto npt_pd =
+ reinterpret_cast(
+ map_page(npt_pdpt[guest_phys.pdpt_index].pfn << 12, map_type));
+
+ if (!npt_pd[guest_phys.pd_index].present)
+ return {};
+
+ // handle 2mb pages...
+ if (reinterpret_cast(npt_pd)[guest_phys.pd_index].large_page)
+ return (reinterpret_cast(npt_pd)
+ [guest_phys.pd_index].pfn << 21) + guest_phys.offset_2mb;
+
+ const auto npt_pt =
+ reinterpret_cast(
+ map_page(npt_pd[guest_phys.pd_index].pfn << 12, map_type));
+
+ if (!npt_pt[guest_phys.pt_index].present)
+ return {};
+
+ return (npt_pt[guest_phys.pt_index].pfn << 12) + guest_phys.offset_4kb;
+}
+
+auto mm::init() -> svm::vmxroot_error_t
+{
+ const auto pdpt_phys =
+ translate(reinterpret_cast(pdpt));
+
+ const auto pd_phys =
+ translate(reinterpret_cast(pd));
+
+ const auto pt_phys =
+ translate(reinterpret_cast(pt));
+
+ if (!pdpt_phys || !pd_phys || !pt_phys)
+ return svm::vmxroot_error_t::invalid_host_virtual;
+
+ // setup mapping page table entries...
+ {
+ hyperv_pml4[MAPPING_PML4_IDX].present = true;
+ hyperv_pml4[MAPPING_PML4_IDX].pfn = pdpt_phys >> 12;
+ hyperv_pml4[MAPPING_PML4_IDX].user_supervisor = false;
+ hyperv_pml4[MAPPING_PML4_IDX].writeable = true;
+
+ pdpt[511].present = true;
+ pdpt[511].pfn = pd_phys >> 12;
+ pdpt[511].user_supervisor = false;
+ pdpt[511].rw = true;
+
+ pd[511].present = true;
+ pd[511].pfn = pt_phys >> 12;
+ pd[511].user_supervisor = false;
+ pd[511].rw = true;
+ }
+
+ // each core will have its own page it can use to map
+ // physical memory into virtual memory :^)
+ for (auto idx = 0u; idx < 512; ++idx)
+ {
+ pt[idx].present = true;
+ pt[idx].user_supervisor = false;
+ pt[idx].rw = true;
+ }
+
+ const auto mapped_pml4 =
+ reinterpret_cast(
+ mm::map_page(__readcr3()));
+
+ // check to make sure translate works...
+ if (translate((u64)mapped_pml4) != __readcr3())
+ return svm::vmxroot_error_t::vmxroot_translate_failure;
+
+ // check to make sure the self ref pml4e is valid...
+ if (mapped_pml4[SELF_REF_PML4_IDX].pfn != __readcr3() >> 12)
+ return svm::vmxroot_error_t::invalid_self_ref_pml4e;
+
+ // check to make sure the mapping pml4e is valid...
+ if (mapped_pml4[MAPPING_PML4_IDX].pfn != pdpt_phys >> 12)
+ return svm::vmxroot_error_t::invalid_mapping_pml4e;
+
+ return svm::vmxroot_error_t::error_success;
+}
+
+auto mm::read_guest_phys(guest_phys_t dirbase, guest_phys_t guest_phys,
+ guest_virt_t guest_virt, u64 size) -> svm::vmxroot_error_t
+{
+ // handle reading over page boundaries of both src and dest...
+ while (size)
+ {
+ auto dest_current_size = PAGE_4KB -
+ virt_addr_t{ guest_virt }.offset_4kb;
+
+ if (size < dest_current_size)
+ dest_current_size = size;
+
+ auto src_current_size = PAGE_4KB -
+ phys_addr_t{ guest_phys }.offset_4kb;
+
+ if (size < src_current_size)
+ src_current_size = size;
+
+ auto current_size =
+ min(dest_current_size, src_current_size);
+
+ const auto mapped_dest =
+ reinterpret_cast(
+ map_guest_virt(dirbase, guest_virt, map_type_t::map_dest));
+
+ if (!mapped_dest)
+ return svm::vmxroot_error_t::invalid_guest_virtual;
+
+ const auto mapped_src =
+ reinterpret_cast(
+ map_guest_phys(guest_phys, map_type_t::map_src));
+
+ if (!mapped_src)
+ return svm::vmxroot_error_t::invalid_guest_physical;
+
+ memcpy(mapped_dest, mapped_src, current_size);
+ guest_phys += current_size;
+ guest_virt += current_size;
+ size -= current_size;
+ }
+
+ return svm::vmxroot_error_t::error_success;
+}
+
+auto mm::write_guest_phys(guest_phys_t dirbase,
+ guest_phys_t guest_phys, guest_virt_t guest_virt, u64 size) -> svm::vmxroot_error_t
+{
+ // handle reading over page boundaries of both src and dest...
+ while (size)
+ {
+ auto dest_current_size = PAGE_4KB -
+ virt_addr_t{ guest_virt }.offset_4kb;
+
+ if (size < dest_current_size)
+ dest_current_size = size;
+
+ auto src_current_size = PAGE_4KB -
+ phys_addr_t{ guest_phys }.offset_4kb;
+
+ if (size < src_current_size)
+ src_current_size = size;
+
+ auto current_size =
+ min(dest_current_size, src_current_size);
+
+ const auto mapped_src =
+ reinterpret_cast(
+ map_guest_virt(dirbase, guest_virt, map_type_t::map_src));
+
+ if (!mapped_src)
+ return svm::vmxroot_error_t::invalid_guest_virtual;
+
+ const auto mapped_dest =
+ reinterpret_cast(
+ map_guest_phys(guest_phys, map_type_t::map_dest));
+
+ if (!mapped_src)
+ return svm::vmxroot_error_t::invalid_guest_physical;
+
+ memcpy(mapped_dest, mapped_src, current_size);
+ guest_phys += current_size;
+ guest_virt += current_size;
+ size -= current_size;
+ }
+
+ return svm::vmxroot_error_t::error_success;
+}
+
+auto mm::copy_guest_virt(guest_phys_t dirbase_src, guest_virt_t virt_src,
+ guest_virt_t dirbase_dest, guest_virt_t virt_dest, u64 size) -> svm::vmxroot_error_t
+{
+ while (size)
+ {
+ auto dest_size = PAGE_4KB - virt_addr_t{ virt_dest }.offset_4kb;
+ if (size < dest_size)
+ dest_size = size;
+
+ auto src_size = PAGE_4KB - virt_addr_t{ virt_src }.offset_4kb;
+ if (size < src_size)
+ src_size = size;
+
+ const auto mapped_src =
+ reinterpret_cast(
+ map_guest_virt(dirbase_src, virt_src, map_type_t::map_src));
+
+ if (!mapped_src)
+ return svm::vmxroot_error_t::invalid_guest_virtual;
+
+ const auto mapped_dest =
+ reinterpret_cast(
+ map_guest_virt(dirbase_dest, virt_dest, map_type_t::map_dest));
+
+ if (!mapped_dest)
+ return svm::vmxroot_error_t::invalid_guest_virtual;
+
+ auto current_size = min(dest_size, src_size);
+ memcpy(mapped_dest, mapped_src, current_size);
+
+ virt_src += current_size;
+ virt_dest += current_size;
+ size -= current_size;
+ }
+
+ return svm::vmxroot_error_t::error_success;
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (AMD)/mm.h b/Voyager/PayLoad (AMD)/mm.h
new file mode 100644
index 0000000..391977b
--- /dev/null
+++ b/Voyager/PayLoad (AMD)/mm.h
@@ -0,0 +1,237 @@
+#pragma once
+#include "types.h"
+
+#define SELF_REF_PML4_IDX 510
+#define MAPPING_PML4_IDX 100
+
+#define MAPPING_ADDRESS_BASE 0x0000327FFFE00000
+#define SELF_REF_PML4 0xFFFFFF7FBFDFE000
+
+#define EPT_LARGE_PDPTE_OFFSET(_) (((u64)(_)) & ((0x1000 * 0x200 * 0x200) - 1))
+#define EPT_LARGE_PDE_OFFSET(_) (((u64)(_)) & ((0x1000 * 0x200) - 1))
+
+#pragma section(".pdpt", read, write)
+#pragma section(".pd", read, write)
+#pragma section(".pt", read, write)
+
+namespace mm
+{
+ enum class map_type_t
+ {
+ map_src,
+ map_dest
+ };
+
+ typedef union _virt_addr_t
+ {
+ u64 value;
+ struct
+ {
+ u64 offset_4kb : 12;
+ u64 pt_index : 9;
+ u64 pd_index : 9;
+ u64 pdpt_index : 9;
+ u64 pml4_index : 9;
+ u64 reserved : 16;
+ };
+
+ struct
+ {
+ u64 offset_2mb : 21;
+ u64 pd_index : 9;
+ u64 pdpt_index : 9;
+ u64 pml4_index : 9;
+ u64 reserved : 16;
+ };
+
+ struct
+ {
+ u64 offset_1gb : 30;
+ u64 pdpt_index : 9;
+ u64 pml4_index : 9;
+ u64 reserved : 16;
+ };
+
+ } virt_addr_t, * pvirt_addr_t;
+ using phys_addr_t = virt_addr_t;
+
+ typedef union _pml4e
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 writeable : 1;
+ u64 user_supervisor : 1;
+ u64 page_write_through : 1;
+ u64 page_cache : 1;
+ u64 accessed : 1;
+ u64 ignore_1 : 1;
+ u64 page_size : 1;
+ u64 ignore_2 : 4;
+ u64 pfn : 36;
+ u64 reserved : 4;
+ u64 ignore_3 : 11;
+ u64 nx : 1;
+ };
+ } pml4e, * ppml4e;
+
+ typedef union _pdpte
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 rw : 1;
+ u64 user_supervisor : 1;
+ u64 page_write_through : 1;
+ u64 page_cache : 1;
+ u64 accessed : 1;
+ u64 ignore_1 : 1;
+ u64 large_page : 1;
+ u64 ignore_2 : 4;
+ u64 pfn : 36;
+ u64 reserved : 4;
+ u64 ignore_3 : 11;
+ u64 nx : 1;
+ };
+ } pdpte, * ppdpte;
+
+ typedef union _pde
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 rw : 1;
+ u64 user_supervisor : 1;
+ u64 page_write_through : 1;
+ u64 page_cache : 1;
+ u64 accessed : 1;
+ u64 ignore_1 : 1;
+ u64 large_page : 1;
+ u64 ignore_2 : 4;
+ u64 pfn : 36;
+ u64 reserved : 4;
+ u64 ignore_3 : 11;
+ u64 nx : 1;
+ };
+ } pde, * ppde;
+
+ typedef union _pte
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 rw : 1;
+ u64 user_supervisor : 1;
+ u64 page_write_through : 1;
+ u64 page_cache : 1;
+ u64 accessed : 1;
+ u64 dirty : 1;
+ u64 access_type : 1;
+ u64 global : 1;
+ u64 ignore_2 : 3;
+ u64 pfn : 36;
+ u64 reserved : 4;
+ u64 ignore_3 : 7;
+ u64 pk : 4;
+ u64 nx : 1;
+ };
+ } pte, * ppte;
+
+ typedef struct _npt_pml4e
+ {
+ union
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 writeable : 1;
+ u64 user : 1;
+ u64 write_through : 1;
+ u64 cache_disable : 1;
+ u64 accessed : 1;
+ u64 reserved1 : 3;
+ u64 avl : 3;
+ u64 pfn : 40;
+ u64 reserved2 : 11;
+ u64 nx : 1;
+ };
+ };
+ } npt_pml4e, *pnpt_pml4e, npt_pdpte,
+ *pnpt_pdpte, npt_pde, *pnpt_pde;
+
+ typedef struct _npt_pte
+ {
+ union
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 writeable : 1;
+ u64 user : 1;
+ u64 write_through : 1;
+ u64 cache_disable : 1;
+ u64 accessed : 1;
+ u64 dirty : 1;
+ u64 pat : 1;
+ u64 global : 1;
+ u64 avl : 3;
+ u64 pfn : 40;
+ u64 reserved : 11;
+ u64 nx : 1;
+ };
+ };
+ } npt_pte, *pnpt_pte;
+
+ typedef struct _npt_pde_2mb
+ {
+ union
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 writeable : 1;
+ u64 user : 1;
+ u64 write_through : 1;
+ u64 cache_disable : 1;
+ u64 accessed : 1;
+ u64 dirty : 1;
+ u64 large_page : 1;
+ u64 global : 1;
+ u64 avl : 3;
+ u64 pat : 1;
+ u64 reserved1 : 8;
+ u64 pfn : 31;
+ u64 reserved2 : 11;
+ u64 nx : 1;
+ };
+ };
+ } npt_pde_2mb, * pnpt_pde_2mb;
+
+ __declspec(allocate(".pdpt")) inline pdpte pdpt[512];
+ __declspec(allocate(".pd")) inline pde pd[512];
+ __declspec(allocate(".pt")) inline pte pt[512];
+
+ inline const ppml4e hyperv_pml4{ reinterpret_cast(SELF_REF_PML4) };
+
+ auto init() -> svm::vmxroot_error_t;
+ auto map_guest_phys(guest_phys_t phys_addr, map_type_t map_type = map_type_t::map_src) -> u64;
+ auto map_guest_virt(guest_phys_t dirbase, guest_virt_t virt_addr, map_type_t map_type = map_type_t::map_src) -> u64;
+
+ auto map_page(host_phys_t phys_addr, map_type_t map_type = map_type_t::map_src) -> u64;
+ auto get_map_virt(u16 offset = 0u, map_type_t map_type = map_type_t::map_src) -> u64;
+
+ auto translate(host_virt_t host_virt) -> u64;
+ auto translate_guest_physical(guest_phys_t guest_phys, map_type_t map_type = map_type_t::map_src) -> u64;
+ auto translate_guest_virtual(guest_phys_t dirbase, guest_virt_t guest_virt, map_type_t map_type = map_type_t::map_src) -> u64;
+
+ auto read_guest_phys(guest_phys_t dirbase, guest_phys_t guest_phys, guest_virt_t guest_virt, u64 size) -> svm::vmxroot_error_t;
+ auto write_guest_phys(guest_phys_t dirbase, guest_phys_t guest_phys, guest_virt_t guest_virt, u64 size) -> svm::vmxroot_error_t;
+ auto copy_guest_virt(guest_phys_t dirbase_src, guest_virt_t virt_src, guest_virt_t dirbase_dest, guest_virt_t virt_dest, u64 size) ->svm::vmxroot_error_t;
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (AMD)/pg_table.cpp b/Voyager/PayLoad (AMD)/pg_table.cpp
deleted file mode 100644
index e523f21..0000000
--- a/Voyager/PayLoad (AMD)/pg_table.cpp
+++ /dev/null
@@ -1,138 +0,0 @@
-#include "pg_table.h"
-
-namespace pg_table
-{
- void* translate(void* virtual_address, const ptable_entries entries)
- {
- virt_addr_t virt_addr{ virtual_address };
- virt_addr_t cursor{ hyperv_pml4 };
-
- if (entries) entries->pml4e = reinterpret_cast(cursor.value)[virt_addr.pml4_index];
- if (!reinterpret_cast(cursor.value)[virt_addr.pml4_index].present)
- return nullptr;
-
- // set the cursor to self reference so that when we read
- // the addresses pointed to by cursor its going to be a pdpt...
- cursor.pdpt_index = virt_addr_t{ hyperv_pml4 }.pml4_index;
- cursor.pd_index = virt_addr_t{ hyperv_pml4 }.pml4_index;
- cursor.pt_index = virt_addr.pml4_index;
- if (entries) entries->pdpte = reinterpret_cast(cursor.value)[virt_addr.pdpt_index];
-
- if (!reinterpret_cast(cursor.value)[virt_addr.pdpt_index].present)
- return nullptr;
-
- // set the cursor to self reference so that when we read
- // the addresses pointed to by cursor its going to be a pd...
- cursor.pdpt_index = virt_addr_t{ hyperv_pml4 }.pml4_index;
- cursor.pd_index = virt_addr.pml4_index;
- cursor.pt_index = virt_addr.pdpt_index;
- if (entries) entries->pde = reinterpret_cast(cursor.value)[virt_addr.pd_index];
-
- if (!reinterpret_cast(cursor.value)[virt_addr.pd_index].present)
- return nullptr;
-
- // set the cursor to self reference so that when we read
- // the addresses pointed to by cursor its going to be a pt...
- cursor.pdpt_index = virt_addr.pml4_index;
- cursor.pd_index = virt_addr.pdpt_index;
- cursor.pt_index = virt_addr.pd_index;
- if (entries) entries->pte = reinterpret_cast(cursor.value)[virt_addr.pt_index];
-
- if (!reinterpret_cast(cursor.value)[virt_addr.pt_index].present)
- return nullptr;
-
- return reinterpret_cast(
- reinterpret_cast(cursor.value)[virt_addr.pt_index].pfn << 12);
- }
-
- void* translate(void* virtual_address, u32 pml4_pfn, const ptable_entries entries)
- {
- virt_addr_t virt_addr{ virtual_address };
- const auto cursor = get_cursor_page();
-
- set_cursor_page(pml4_pfn);
- if (!reinterpret_cast(cursor)[virt_addr.pml4_index].present)
- return nullptr;
-
- if (entries) entries->pml4e = reinterpret_cast(cursor)[virt_addr.pml4_index];
- set_cursor_page(reinterpret_cast(cursor)[virt_addr.pml4_index].pfn);
- if (!reinterpret_cast(cursor)[virt_addr.pdpt_index].present)
- return nullptr;
-
- if (entries) entries->pdpte = reinterpret_cast(cursor)[virt_addr.pdpt_index];
- set_cursor_page(reinterpret_cast(cursor)[virt_addr.pdpt_index].pfn);
- if (!reinterpret_cast(cursor)[virt_addr.pd_index].present)
- return nullptr;
-
- if (entries) entries->pde = reinterpret_cast(cursor)[virt_addr.pd_index];
- set_cursor_page(reinterpret_cast(cursor)[virt_addr.pd_index].pfn);
- if (!reinterpret_cast(cursor)[virt_addr.pt_index].present)
- return nullptr;
-
- if (entries) entries->pte = reinterpret_cast(cursor)[virt_addr.pt_index];
- return reinterpret_cast(
- reinterpret_cast(cursor)[virt_addr.pt_index].pfn << 12);
- }
-
- void set_cursor_page(u32 phys_pfn)
- {
- cpuid_eax_01 cpuid_value;
- __cpuid((int*)&cpuid_value, 1);
- pg_table::pt[cpuid_value
- .cpuid_additional_information
- .initial_apic_id].pfn = phys_pfn;
-
- // flush tlb for this page and then ensure the instruction stream
- // is seralized as to not execute instructions out of order and access the page
- // before the TLB is flushed...
- __invlpg(get_cursor_page());
- _mm_lfence();
- }
-
- void* get_cursor_page()
- {
- cpuid_eax_01 cpuid_value;
- __cpuid((int*)&cpuid_value, 1);
- constexpr auto cursor_page = 0x00007F7FFFE00000;
-
- virt_addr_t virt_addr{ reinterpret_cast(cursor_page) };
- virt_addr.pt_index = cpuid_value
- .cpuid_additional_information
- .initial_apic_id;
-
- return virt_addr.value;
- }
-
- bool init_pg_tables()
- {
- auto pdpt_phys = reinterpret_cast(translate(pdpt));
- auto pd_phys = reinterpret_cast(translate(pd));
- auto pt_phys = reinterpret_cast(translate(pt));
-
- if (!pdpt_phys || !pd_phys || !pt_phys)
- return false;
-
- hyperv_pml4[254].present = true;
- hyperv_pml4[254].pfn = pdpt_phys >> 12;
- hyperv_pml4[254].user_supervisor = false;
- hyperv_pml4[254].rw = true;
-
- pdpt[511].present = true;
- pdpt[511].pfn = pd_phys >> 12;
- pdpt[511].user_supervisor = false;
- pdpt[511].rw = true;
-
- pd[511].present = true;
- pd[511].pfn = pt_phys >> 12;
- pd[511].user_supervisor = false;
- pd[511].rw = true;
-
- for (auto idx = 0u; idx < 512; ++idx)
- {
- pt[idx].present = true;
- pt[idx].user_supervisor = false;
- pt[idx].rw = true;
- }
- return true;
- }
-}
\ No newline at end of file
diff --git a/Voyager/PayLoad (AMD)/pg_table.h b/Voyager/PayLoad (AMD)/pg_table.h
deleted file mode 100644
index 42bce15..0000000
--- a/Voyager/PayLoad (AMD)/pg_table.h
+++ /dev/null
@@ -1,167 +0,0 @@
-#pragma once
-#include "types.h"
-#include "ia32.hpp"
-
-#pragma section(".pdpt", read, write)
-#pragma section(".pd", read, write)
-#pragma section(".pt", read, write)
-
-namespace pg_table
-{
- typedef union _virt_addr_t
- {
- void* value;
- struct
- {
- u64 offset : 12;
- u64 pt_index : 9;
- u64 pd_index : 9;
- u64 pdpt_index : 9;
- u64 pml4_index : 9;
- u64 reserved : 16;
- };
- } virt_addr_t, * pvirt_addr_t;
-
- typedef union _pml4e
- {
- u64 value;
- struct
- {
- u64 present : 1; // Must be 1, region invalid if 0.
- u64 rw : 1; // If 0, writes not allowed.
- u64 user_supervisor : 1; // If 0, user-mode accesses not allowed.
- u64 PageWriteThrough : 1; // Determines the memory type used to access PDPT.
- u64 page_cache : 1; // Determines the memory type used to access PDPT.
- u64 accessed : 1; // If 0, this entry has not been used for translation.
- u64 Ignored1 : 1;
- u64 page_size : 1; // Must be 0 for PML4E.
- u64 Ignored2 : 4;
- u64 pfn : 36; // The page frame number of the PDPT of this PML4E.
- u64 Reserved : 4;
- u64 Ignored3 : 11;
- u64 nx : 1; // If 1, instruction fetches not allowed.
- };
- } pml4e, * ppml4e;
-
- typedef union _pdpte
- {
- u64 value;
- struct
- {
- u64 present : 1; // Must be 1, region invalid if 0.
- u64 rw : 1; // If 0, writes not allowed.
- u64 user_supervisor : 1; // If 0, user-mode accesses not allowed.
- u64 PageWriteThrough : 1; // Determines the memory type used to access PD.
- u64 page_cache : 1; // Determines the memory type used to access PD.
- u64 accessed : 1; // If 0, this entry has not been used for translation.
- u64 Ignored1 : 1;
- u64 page_size : 1; // If 1, this entry maps a 1GB page.
- u64 Ignored2 : 4;
- u64 pfn : 36; // The page frame number of the PD of this PDPTE.
- u64 Reserved : 4;
- u64 Ignored3 : 11;
- u64 nx : 1; // If 1, instruction fetches not allowed.
- };
- } pdpte, * ppdpte;
-
- typedef union _pde
- {
- u64 value;
- struct
- {
- u64 present : 1; // Must be 1, region invalid if 0.
- u64 rw : 1; // If 0, writes not allowed.
- u64 user_supervisor : 1; // If 0, user-mode accesses not allowed.
- u64 PageWriteThrough : 1; // Determines the memory type used to access PT.
- u64 page_cache : 1; // Determines the memory type used to access PT.
- u64 accessed : 1; // If 0, this entry has not been used for translation.
- u64 Ignored1 : 1;
- u64 page_size : 1; // If 1, this entry maps a 2MB page.
- u64 Ignored2 : 4;
- u64 pfn : 36; // The page frame number of the PT of this PDE.
- u64 Reserved : 4;
- u64 Ignored3 : 11;
- u64 nx : 1; // If 1, instruction fetches not allowed.
- };
- } pde, * ppde;
-
- typedef union _pte
- {
- u64 value;
- struct
- {
- u64 present : 1; // Must be 1, region invalid if 0.
- u64 rw : 1; // If 0, writes not allowed.
- u64 user_supervisor : 1; // If 0, user-mode accesses not allowed.
- u64 PageWriteThrough : 1; // Determines the memory type used to access the memory.
- u64 page_cache : 1; // Determines the memory type used to access the memory.
- u64 accessed : 1; // If 0, this entry has not been used for translation.
- u64 Dirty : 1; // If 0, the memory backing this page has not been written to.
- u64 PageAccessType : 1; // Determines the memory type used to access the memory.
- u64 Global : 1; // If 1 and the PGE bit of CR4 is set, translations are global.
- u64 Ignored2 : 3;
- u64 pfn : 36; // The page frame number of the backing physical page.
- u64 reserved : 4;
- u64 Ignored3 : 7;
- u64 ProtectionKey : 4; // If the PKE bit of CR4 is set, determines the protection key.
- u64 nx : 1; // If 1, instruction fetches not allowed.
- };
- } pte, * ppte;
-
- typedef struct _table_entries
- {
- pg_table::pml4e pml4e;
- pg_table::pdpte pdpte;
- pg_table::pde pde;
- pg_table::pte pte;
- } table_entries, *ptable_entries;
-
- ///
- /// payload paging tables...
- ///
- __declspec(allocate(".pdpt")) inline pdpte pdpt[512];
- __declspec(allocate(".pd")) inline pde pd[512];
- __declspec(allocate(".pt")) inline pte pt[512];
-
- ///
- /// self referencing pml4e is at 255...
- ///
- inline const ppml4e hyperv_pml4{ reinterpret_cast(0x00007FBFDFEFF000) };
-
- ///
- /// only does address translation for hyper-v's context
- ///
- /// virtual address to be translated...
- /// optional
- /// returns a physical address...
- void* translate(void* virt_addr, const ptable_entries entries = nullptr);
-
- ///
- /// translates linear virtual addresses to linear physical addresses...
- ///
- /// virtual address to translate...
- /// page map level four page frame number...
- /// (optional) pointer to a table_entries structure...
- /// linear physical address...
- void* translate(void* virtual_address, u32 pml4_pfn, const ptable_entries entries = nullptr);
-
- ///
- // changes the cursor address to the specified physical address...
- // after doing so, the TLB entry for that address is going to be flushed...
- // a memory fence is applied to prevent out of order execution...
- ///
- /// pfn of the physical page to change the cursor too...
- void set_cursor_page(u32 phys_pfn);
-
- ///
- /// get the cursor page... each core has its own cursor page...
- ///
- /// cursor page for the current core...
- void* get_cursor_page();
-
- ///
- /// initalizes paging tables (connects pdpt->pd->pt)
- ///
- /// was the setup successful?
- bool init_pg_tables();
-}
\ No newline at end of file
diff --git a/Voyager/PayLoad (AMD)/types.h b/Voyager/PayLoad (AMD)/types.h
index 07d69b3..08d1002 100644
--- a/Voyager/PayLoad (AMD)/types.h
+++ b/Voyager/PayLoad (AMD)/types.h
@@ -5,10 +5,18 @@
#include
#include
+#include
+#include
+#include "ia32.hpp"
+
#define VMEXIT_KEY 0xDEADBEEFDEADBEEF
-#define PORT_NUM 0x2F8
+#define PAGE_4KB 0x1000
+#define PAGE_2MB PAGE_4KB * 512
+#define PAGE_1GB PAGE_2MB * 512
+
+#define PORT_NUM_3 0x3E8
#define DBG_PRINT(arg) \
- __outbytestring(PORT_NUM, (unsigned char*)arg, sizeof arg);
+ __outbytestring(PORT_NUM_3, (unsigned char*)arg, sizeof arg);
#if WINVER == 2004
#define offset_vmcb_base 0x103B0
@@ -223,14 +231,13 @@ using u32 = unsigned int;
using u64 = unsigned long long;
using u128 = __m128;
+using guest_virt_t = u64;
+using guest_phys_t = u64;
+using host_virt_t = u64;
+using host_phys_t = u64;
+
namespace svm
{
- enum class vmexit_command_t
- {
- init_paging_tables = 0x111
- // add your commands here...
- };
-
typedef struct __declspec(align(16)) _guest_context
{
u8 gap0[8];
@@ -408,16 +415,86 @@ namespace svm
u64 lastexcepto; // +0x290
} vmcb, *pvmcb;
+ // AMD does not have a vmread/vmwrite instruction... only a vmload
+ // and vmsave instruction... this means I had to hunt down the damn
+ // VMCB location... this is the pointer chain to the VMCB...
+ //
+ // TODO: could sig scan for this in Voyager...
+ __forceinline auto get_vmcb() -> pvmcb
+ {
+ return *reinterpret_cast(
+ *reinterpret_cast(
+ *reinterpret_cast(
+ __readgsqword(0) + offset_vmcb_base)
+ + offset_vmcb_link) + offset_vmcb);
+ }
+
+ enum class vmexit_command_t
+ {
+ init_page_tables,
+ read_guest_phys,
+ write_guest_phys,
+ copy_guest_virt,
+ get_dirbase,
+ translate
+ };
+
+ enum class vmxroot_error_t
+ {
+ error_success,
+ pml4e_not_present,
+ pdpte_not_present,
+ pde_not_present,
+ pte_not_present,
+ vmxroot_translate_failure,
+ invalid_self_ref_pml4e,
+ invalid_mapping_pml4e,
+ invalid_host_virtual,
+ invalid_guest_physical,
+ invalid_guest_virtual,
+ page_table_init_failed
+ };
+
+ typedef union _command_t
+ {
+ struct _copy_phys
+ {
+ host_phys_t phys_addr;
+ guest_virt_t buffer;
+ u64 size;
+ } copy_phys;
+
+ struct _copy_virt
+ {
+ guest_phys_t dirbase_src;
+ guest_virt_t virt_src;
+ guest_phys_t dirbase_dest;
+ guest_virt_t virt_dest;
+ u64 size;
+ } copy_virt;
+
+ struct _translate_virt
+ {
+ guest_virt_t virt_src;
+ guest_phys_t phys_addr;
+ } translate_virt;
+
+ guest_phys_t dirbase;
+
+ } command_t, * pcommand_t;
+
using vcpu_run_t = pgs_base_struct (__fastcall*)(void*, guest_context*);
+
#pragma pack(push, 1)
typedef struct _voyager_t
{
- u64 vcpu_run_rva; // RVA from vcpu_run entry ---> back to original vcpu_run...
+ u64 vcpu_run_rva;
u64 hyperv_module_base;
u64 hyperv_module_size;
u64 record_base;
u64 record_size;
} voyager_t, * pvoyager_t;
#pragma pack(pop)
+
__declspec(dllexport) inline voyager_t voyager_context;
}
\ No newline at end of file
diff --git a/Voyager/PayLoad (AMD)/vmexit.cpp b/Voyager/PayLoad (AMD)/vmexit.cpp
new file mode 100644
index 0000000..c61846b
--- /dev/null
+++ b/Voyager/PayLoad (AMD)/vmexit.cpp
@@ -0,0 +1,27 @@
+#include "vmexit.h"
+#include "debug.h"
+
+namespace vmexit
+{
+ auto get_command(guest_virt_t command_ptr) -> svm::command_t
+ {
+ const auto vmcb = svm::get_vmcb();
+ const auto guest_dirbase = cr3{ vmcb->cr3 }.pml4_pfn << 12;
+
+ const auto command_page =
+ mm::map_guest_virt(guest_dirbase, command_ptr);
+
+ return *reinterpret_cast(command_page);
+ }
+
+ auto set_command(guest_virt_t command_ptr, svm::command_t& command_data) -> void
+ {
+ const auto vmcb = svm::get_vmcb();
+ const auto guest_dirbase = cr3{ vmcb->cr3 }.pml4_pfn << 12;
+
+ const auto command_page =
+ mm::map_guest_virt(guest_dirbase, command_ptr);
+
+ *reinterpret_cast(command_page) = command_data;
+ }
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (AMD)/vmexit.h b/Voyager/PayLoad (AMD)/vmexit.h
new file mode 100644
index 0000000..de0dcca
--- /dev/null
+++ b/Voyager/PayLoad (AMD)/vmexit.h
@@ -0,0 +1,8 @@
+#pragma once
+#include "mm.h"
+
+namespace vmexit
+{
+ auto get_command(guest_virt_t command_ptr) -> svm::command_t;
+ auto set_command(guest_virt_t command_ptr, svm::command_t& command_data) -> void;
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (AMD)/vmexit_handler.cpp b/Voyager/PayLoad (AMD)/vmexit_handler.cpp
index 8fde2f9..0403e65 100644
--- a/Voyager/PayLoad (AMD)/vmexit_handler.cpp
+++ b/Voyager/PayLoad (AMD)/vmexit_handler.cpp
@@ -1,31 +1,106 @@
#include "types.h"
-#include "pg_table.h"
+#include "mm.h"
+#include "vmexit.h"
+#include "debug.h"
-svm::pgs_base_struct vmexit_handler(void* unknown, svm::pguest_context context)
+auto vmexit_handler(void* unknown, svm::pguest_context context) -> svm::pgs_base_struct
{
- // AMD does not have a vmread/vmwrite instruction... only a vmload
- // and vmsave instruction... this means I had to hunt down the damn
- // VMCB location... this is the pointer chain to the VMCB...
- //
- // TODO: could sig scan for this in Voyager...
- const auto vmcb = *reinterpret_cast(
- *reinterpret_cast(
- *reinterpret_cast(
- __readgsqword(0) + offset_vmcb_base)
- + offset_vmcb_link) + offset_vmcb);
-
+ const auto vmcb = svm::get_vmcb();
if (vmcb->exitcode == VMEXIT_CPUID && context->rcx == VMEXIT_KEY)
{
switch ((svm::vmexit_command_t)context->rdx)
{
- case svm::vmexit_command_t::init_paging_tables:
- vmcb->rax = pg_table::init_pg_tables();
+ case svm::vmexit_command_t::init_page_tables:
+ {
+ vmcb->rax = (u64) mm::init();
+ break;
+ }
+ case svm::vmexit_command_t::get_dirbase:
+ {
+ auto command_data =
+ vmexit::get_command(context->r8);
+
+ command_data.dirbase =
+ cr3{ vmcb->cr3 }.pml4_pfn << 12;
+
+ vmcb->rax = (u64)svm::vmxroot_error_t::error_success;
+
+ vmexit::set_command(
+ context->r8, command_data);
+ break;
+ }
+ case svm::vmexit_command_t::read_guest_phys:
+ {
+ auto command_data =
+ vmexit::get_command(context->r8);
+
+ const auto guest_dirbase =
+ cr3{ vmcb->cr3 }.pml4_pfn << 12;
+
+ vmcb->rax = (u64)mm::read_guest_phys(
+ guest_dirbase,
+ command_data.copy_phys.phys_addr,
+ command_data.copy_phys.buffer,
+ command_data.copy_phys.size);
+
+ vmexit::set_command(
+ context->r8, command_data);
+ break;
+ }
+ case svm::vmexit_command_t::write_guest_phys:
+ {
+ auto command_data =
+ vmexit::get_command(context->r8);
+
+ const auto guest_dirbase =
+ cr3{ vmcb->cr3 }.pml4_pfn << 12;
+
+ vmcb->rax = (u64) mm::write_guest_phys(
+ guest_dirbase,
+ command_data.copy_phys.phys_addr,
+ command_data.copy_phys.buffer,
+ command_data.copy_phys.size);
+
+ vmexit::set_command(
+ context->r8, command_data);
+ break;
+ }
+ case svm::vmexit_command_t::copy_guest_virt:
+ {
+ auto command_data =
+ vmexit::get_command(context->r8);
+
+ auto virt_data = command_data.copy_virt;
+ vmcb->rax = (u64) mm::copy_guest_virt(
+ virt_data.dirbase_src,
+ virt_data.virt_src,
+ virt_data.dirbase_dest,
+ virt_data.virt_dest,
+ virt_data.size);
+ break;
+ }
+ case svm::vmexit_command_t::translate:
+ {
+ auto command_data =
+ vmexit::get_command(context->r8);
+
+ const auto guest_dirbase =
+ cr3{ vmcb->cr3 }.pml4_pfn << 12;
+
+ command_data.translate_virt.phys_addr =
+ mm::translate_guest_virtual(guest_dirbase,
+ command_data.translate_virt.virt_src);
+
+ vmcb->rax = (u64)svm::vmxroot_error_t::error_success;
+
+ vmexit::set_command(
+ context->r8, command_data);
break;
+ }
default:
break;
}
- // advance RIP and return back to VMLOAD/VMRUN...
vmcb->rip = vmcb->nrip;
return reinterpret_cast(__readgsqword(0));
}
diff --git a/Voyager/PayLoad (Intel)/PayLoad (Intel).vcxproj b/Voyager/PayLoad (Intel)/PayLoad (Intel).vcxproj
index 802739e..cd82d24 100644
--- a/Voyager/PayLoad (Intel)/PayLoad (Intel).vcxproj
+++ b/Voyager/PayLoad (Intel)/PayLoad (Intel).vcxproj
@@ -57,7 +57,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -66,7 +66,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -75,7 +75,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -84,7 +84,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -93,7 +93,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -102,7 +102,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -120,7 +120,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -129,7 +129,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -174,7 +174,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -183,7 +183,7 @@
Windows10false
- WindowsKernelModeDriver10.0
+ v142DynamicLibraryKMDFUniversal
@@ -332,6 +332,7 @@
falsetruefalse
+ WINVER=1809;%(PreprocessorDefinitions)true
@@ -652,7 +653,7 @@
falsetruefalse
- %(PreprocessorDefinitions);WINVER=2004;
+ %(PreprocessorDefinitions);WINVER=1511true
@@ -662,13 +663,17 @@
-
+
+
+
+
-
+
+
diff --git a/Voyager/PayLoad (Intel)/PayLoad (Intel).vcxproj.filters b/Voyager/PayLoad (Intel)/PayLoad (Intel).vcxproj.filters
index 43101bd..30ce426 100644
--- a/Voyager/PayLoad (Intel)/PayLoad (Intel).vcxproj.filters
+++ b/Voyager/PayLoad (Intel)/PayLoad (Intel).vcxproj.filters
@@ -14,7 +14,13 @@
Source Files
-
+
+ Source Files
+
+
+ Source Files
+
+ Source Files
@@ -25,7 +31,13 @@
Header Files
-
+
+ Header Files
+
+
+ Header Files
+
+ Header Files
diff --git a/Voyager/PayLoad (Intel)/debug.cpp b/Voyager/PayLoad (Intel)/debug.cpp
new file mode 100644
index 0000000..013c4ec
--- /dev/null
+++ b/Voyager/PayLoad (Intel)/debug.cpp
@@ -0,0 +1,69 @@
+#include "debug.h"
+
+auto dbg::debug_print_decimal(long long number) -> void
+{
+ if (number < 0)
+ {
+ __outbyte(PORT_NUM, '-');
+ number = -number;
+ }
+
+ for (auto d = 1000000000000000000; d != 0; d /= 10)
+ if ((number / d) != 0)
+ __outbyte(PORT_NUM, alphabet[(number / d) % 10]);
+}
+
+auto dbg::debug_print_hex(u64 number, const bool show_zeros) -> void
+{
+ for (auto d = 0x1000000000000000; d != 0; d /= 0x10)
+ if (show_zeros || (number / d) != 0)
+ __outbyte(PORT_NUM, alphabet[(number / d) % 0x10]);
+}
+
+auto dbg::print(const char* format, ...) -> void
+{
+ va_list args;
+ va_start(args, format);
+
+ while (format[0])
+ {
+ if (format[0] == '%')
+ {
+ switch (format[1])
+ {
+ case 'd':
+ debug_print_decimal(va_arg(args, int));
+ format += 2;
+ continue;
+ case 'x':
+ debug_print_hex(va_arg(args, u32), false);
+ format += 2;
+ continue;
+ case 'l':
+ if (format[2] == 'l')
+ {
+ switch (format[3])
+ {
+ case 'd':
+ debug_print_decimal(va_arg(args, u64));
+ format += 4;
+ continue;
+ case 'x':
+ debug_print_hex(va_arg(args, u64), false);
+ format += 4;
+ continue;
+ }
+ }
+ break;
+ case 'p':
+ debug_print_hex(va_arg(args, u64), true);
+ format += 2;
+ continue;
+ }
+ }
+
+ __outbyte(PORT_NUM, format[0]);
+ ++format;
+ }
+ va_end(args);
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (Intel)/debug.h b/Voyager/PayLoad (Intel)/debug.h
new file mode 100644
index 0000000..fda84d7
--- /dev/null
+++ b/Voyager/PayLoad (Intel)/debug.h
@@ -0,0 +1,13 @@
+#pragma once
+#include
+#include
+#include "types.h"
+
+#define PORT_NUM 0x2F8
+namespace dbg
+{
+ constexpr char alphabet[] = "0123456789ABCDEF";
+ auto debug_print_decimal(long long number) -> void;
+ auto debug_print_hex(u64 number, const bool show_zeros) -> void;
+ auto print(const char* format, ...) -> void;
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (Intel)/ia32.hpp b/Voyager/PayLoad (Intel)/ia32.hpp
index dc0400c..256a0c3 100644
--- a/Voyager/PayLoad (Intel)/ia32.hpp
+++ b/Voyager/PayLoad (Intel)/ia32.hpp
@@ -14132,7 +14132,7 @@ typedef union
};
UINT64_t flags;
-} pml4e_64;
+} pml4e;
/**
* @brief Format of a 4-Level Page-Directory-Pointer-Table Entry (PDPTE) that Maps a 1-GByte Page
@@ -14431,7 +14431,7 @@ typedef union
};
UINT64_t flags;
-} pdpte_64;
+} pdpte;
/**
* @brief Format of a 4-Level Page-Directory Entry that Maps a 2-MByte Page
@@ -14730,7 +14730,7 @@ typedef union
};
UINT64_t flags;
-} pde_64;
+} pde;
/**
* @brief Format of a 4-Level Page-Table Entry that Maps a 4-KByte Page
@@ -14891,7 +14891,7 @@ typedef union
};
UINT64_t flags;
-} pte_64;
+} pte;
/**
* @brief Format of a common Page-Table Entry
@@ -18281,7 +18281,7 @@ typedef union
};
UINT64_t flags;
-} ept_pml4;
+} ept_pml4e;
/**
* @brief Format of an EPT Page-Directory-Pointer-Table Entry (PDPTE) that Maps a 1-GByte Page
@@ -18412,7 +18412,7 @@ typedef union
};
UINT64_t flags;
-} epdpte_1gb;
+} ept_pdpte_1gb;
/**
* @brief Format of an EPT Page-Directory-Pointer-Table Entry (PDPTE) that References an EPT Page Directory
@@ -18489,7 +18489,7 @@ typedef union
};
UINT64_t flags;
-} epdpte;
+} ept_pdpte;
/**
* @brief Format of an EPT Page-Directory Entry (PDE) that Maps a 2-MByte Page
@@ -18697,7 +18697,7 @@ typedef union
};
UINT64_t flags;
-} epde;
+} ept_pde;
/**
* @brief Format of an EPT Page-Table Entry that Maps a 4-KByte Page
@@ -18820,7 +18820,7 @@ typedef union
};
UINT64_t flags;
-} epte;
+} ept_pte;
/**
* @brief Format of a common EPT Entry
diff --git a/Voyager/PayLoad (Intel)/mm.cpp b/Voyager/PayLoad (Intel)/mm.cpp
new file mode 100644
index 0000000..fd0e729
--- /dev/null
+++ b/Voyager/PayLoad (Intel)/mm.cpp
@@ -0,0 +1,360 @@
+#include "mm.h"
+
+auto mm::map_guest_phys(guest_phys_t phys_addr, map_type_t map_type) -> u64
+{
+ const auto host_phys =
+ translate_guest_physical(
+ phys_addr, map_type);
+
+ if (!host_phys)
+ return {};
+
+ return map_page(host_phys, map_type);
+}
+
+auto mm::map_guest_virt(guest_phys_t dirbase, guest_virt_t virt_addr, map_type_t map_type) -> u64
+{
+ const auto guest_phys =
+ translate_guest_virtual(
+ dirbase, virt_addr, map_type);
+
+ if (!guest_phys)
+ return {};
+
+ return map_guest_phys(guest_phys, map_type);
+}
+
+auto mm::map_page(host_phys_t phys_addr, map_type_t map_type) -> u64
+{
+ cpuid_eax_01 cpuid_value;
+ __cpuid((int*)&cpuid_value, 1);
+
+ mm::pt[(cpuid_value
+ .cpuid_additional_information
+ .initial_apic_id * 2)
+ + (unsigned)map_type].pfn = phys_addr >> 12;
+
+ __invlpg(reinterpret_cast(
+ get_map_virt(virt_addr_t{ phys_addr }.offset_4kb, map_type)));
+
+ return get_map_virt(virt_addr_t{ phys_addr }.offset_4kb, map_type);
+}
+
+auto mm::get_map_virt(u16 offset, map_type_t map_type) -> u64
+{
+ cpuid_eax_01 cpuid_value;
+ __cpuid((int*)&cpuid_value, 1);
+ virt_addr_t virt_addr{ MAPPING_ADDRESS_BASE };
+
+ virt_addr.pt_index = (cpuid_value
+ .cpuid_additional_information
+ .initial_apic_id * 2)
+ + (unsigned)map_type;
+
+ return virt_addr.value + offset;
+}
+
+auto mm::translate(host_virt_t host_virt) -> u64
+{
+ virt_addr_t virt_addr{ host_virt };
+ virt_addr_t cursor{ (u64)hyperv_pml4 };
+
+ if (!reinterpret_cast(cursor.value)[virt_addr.pml4_index].present)
+ return {};
+
+ cursor.pt_index = virt_addr.pml4_index;
+ if (!reinterpret_cast(cursor.value)[virt_addr.pdpt_index].present)
+ return {};
+
+ // handle 1gb large page...
+ if (reinterpret_cast(cursor.value)[virt_addr.pdpt_index].large_page)
+ return (reinterpret_cast(cursor.value)
+ [virt_addr.pdpt_index].pfn << 12) + virt_addr.offset_1gb;
+
+ cursor.pd_index = virt_addr.pml4_index;
+ cursor.pt_index = virt_addr.pdpt_index;
+ if (!reinterpret_cast(cursor.value)[virt_addr.pd_index].present)
+ return {};
+
+ // handle 2mb large page...
+ if (reinterpret_cast(cursor.value)[virt_addr.pd_index].large_page)
+ return (reinterpret_cast(cursor.value)
+ [virt_addr.pd_index].pfn << 12) + virt_addr.offset_2mb;
+
+ cursor.pdpt_index = virt_addr.pml4_index;
+ cursor.pd_index = virt_addr.pdpt_index;
+ cursor.pt_index = virt_addr.pd_index;
+ if (!reinterpret_cast(cursor.value)[virt_addr.pt_index].present)
+ return {};
+
+ return (reinterpret_cast(cursor.value)
+ [virt_addr.pt_index].pfn << 12) + virt_addr.offset_4kb;
+}
+
+auto mm::translate_guest_virtual(guest_phys_t dirbase, guest_virt_t guest_virt, map_type_t map_type) -> u64
+{
+ virt_addr_t virt_addr{ guest_virt };
+ const auto pml4 =
+ reinterpret_cast(map_guest_phys(dirbase, map_type));
+
+ if (!pml4[virt_addr.pml4_index].present)
+ return {};
+
+ const auto pdpt =
+ reinterpret_cast(map_guest_phys(
+ pml4[virt_addr.pml4_index].pfn << 12, map_type));
+
+ if (!pdpt[virt_addr.pdpt_index].present)
+ return {};
+
+ // handle 1gb pages...
+ if (pdpt[virt_addr.pdpt_index].large_page)
+ return (pdpt[virt_addr.pdpt_index].pfn << 12) + virt_addr.offset_1gb;
+
+ const auto pd =
+ reinterpret_cast(map_guest_phys(
+ pdpt[virt_addr.pdpt_index].pfn << 12, map_type));
+
+ if (!pd[virt_addr.pd_index].present)
+ return {};
+
+ // handle 2mb pages...
+ if (pd[virt_addr.pd_index].large_page)
+ return (pd[virt_addr.pd_index].pfn << 12) + virt_addr.offset_2mb;
+
+ const auto pt =
+ reinterpret_cast(map_guest_phys(
+ pd[virt_addr.pd_index].pfn << 12, map_type));
+
+ if (!pt[virt_addr.pt_index].present)
+ return {};
+
+ return (pt[virt_addr.pt_index].pfn << 12) + virt_addr.offset_4kb;
+}
+
+auto mm::translate_guest_physical(guest_phys_t phys_addr, map_type_t map_type) -> u64
+{
+ ept_pointer eptp;
+ phys_addr_t guest_phys{ phys_addr };
+ __vmx_vmread(VMCS_CTRL_EPT_POINTER, (size_t*)&eptp);
+
+ const auto epml4 = reinterpret_cast(
+ map_page(eptp.page_frame_number << 12, map_type));
+
+ const auto epdpt_large =
+ reinterpret_cast(map_page(
+ epml4[guest_phys.pml4_index].page_frame_number << 12, map_type));
+
+ // handle 1gb page...
+ if (epdpt_large[guest_phys.pdpt_index].large_page)
+ return (epdpt_large[guest_phys.pdpt_index].page_frame_number
+ * 0x1000 * 0x200 * 0x200) + EPT_LARGE_PDPTE_OFFSET(phys_addr);
+
+ const auto epdpt =
+ reinterpret_cast(epdpt_large);
+
+ const auto epd_large =
+ reinterpret_cast(map_page(
+ epdpt[guest_phys.pdpt_index].page_frame_number << 12, map_type));
+
+ // handle 2mb page...
+ if (epd_large[guest_phys.pd_index].large_page)
+ return (epd_large[guest_phys.pd_index].page_frame_number
+ * 0x1000 * 0x200) + EPT_LARGE_PDE_OFFSET(phys_addr);
+
+ const auto epd =
+ reinterpret_cast(epd_large);
+
+ const auto ept =
+ reinterpret_cast(map_page(
+ epd[guest_phys.pd_index].page_frame_number << 12, map_type));
+
+ auto result = ept[guest_phys.pt_index].page_frame_number << 12;
+ return result;
+}
+
+auto mm::init() -> vmxroot_error_t
+{
+ const auto pdpt_phys =
+ translate(reinterpret_cast(pdpt));
+
+ const auto pd_phys =
+ translate(reinterpret_cast(pd));
+
+ const auto pt_phys =
+ translate(reinterpret_cast(pt));
+
+ if (!pdpt_phys || !pd_phys || !pt_phys)
+ return vmxroot_error_t::invalid_host_virtual;
+
+ // setup mapping page table entries...
+ {
+ hyperv_pml4[MAPPING_PML4_IDX].present = true;
+ hyperv_pml4[MAPPING_PML4_IDX].pfn = pdpt_phys >> 12;
+ hyperv_pml4[MAPPING_PML4_IDX].user_supervisor = false;
+ hyperv_pml4[MAPPING_PML4_IDX].writeable = true;
+
+ pdpt[511].present = true;
+ pdpt[511].pfn = pd_phys >> 12;
+ pdpt[511].user_supervisor = false;
+ pdpt[511].rw = true;
+
+ pd[511].present = true;
+ pd[511].pfn = pt_phys >> 12;
+ pd[511].user_supervisor = false;
+ pd[511].rw = true;
+ }
+
+ // each core will have its own page it can use to map
+ // physical memory into virtual memory :^)
+ for (auto idx = 0u; idx < 512; ++idx)
+ {
+ pt[idx].present = true;
+ pt[idx].user_supervisor = false;
+ pt[idx].rw = true;
+ }
+
+ const auto mapped_pml4 =
+ reinterpret_cast(
+ mm::map_page(__readcr3()));
+
+ // check to make sure translate works...
+ if (translate((u64)mapped_pml4) != __readcr3())
+ return vmxroot_error_t::vmxroot_translate_failure;
+
+ // check to make sure the self ref pml4e is valid...
+ if (mapped_pml4[SELF_REF_PML4_IDX].pfn != __readcr3() >> 12)
+ return vmxroot_error_t::invalid_self_ref_pml4e;
+
+ // check to make sure the mapping pml4e is valid...
+ if (mapped_pml4[MAPPING_PML4_IDX].pfn != pdpt_phys >> 12)
+ return vmxroot_error_t::invalid_mapping_pml4e;
+
+ return vmxroot_error_t::error_success;
+}
+
+auto mm::read_guest_phys(guest_phys_t dirbase, guest_phys_t guest_phys,
+ guest_virt_t guest_virt, u64 size) -> vmxroot_error_t
+{
+ // handle reading over page boundaries of both src and dest...
+ while (size)
+ {
+ auto dest_current_size = PAGE_4KB -
+ virt_addr_t{ guest_virt }.offset_4kb;
+
+ if (size < dest_current_size)
+ dest_current_size = size;
+
+ auto src_current_size = PAGE_4KB -
+ phys_addr_t{ guest_phys }.offset_4kb;
+
+ if (size < src_current_size)
+ src_current_size = size;
+
+ auto current_size =
+ min(dest_current_size, src_current_size);
+
+ const auto mapped_dest =
+ reinterpret_cast(
+ map_guest_virt(dirbase, guest_virt, map_type_t::map_dest));
+
+ if (!mapped_dest)
+ return vmxroot_error_t::invalid_guest_virtual;
+
+ const auto mapped_src =
+ reinterpret_cast(
+ map_guest_phys(guest_phys, map_type_t::map_src));
+
+ if (!mapped_src)
+ return vmxroot_error_t::invalid_guest_physical;
+
+ memcpy(mapped_dest, mapped_src, current_size);
+ guest_phys += current_size;
+ guest_virt += current_size;
+ size -= current_size;
+ }
+
+ return vmxroot_error_t::error_success;
+}
+
+auto mm::write_guest_phys(guest_phys_t dirbase,
+ guest_phys_t guest_phys, guest_virt_t guest_virt, u64 size) -> vmxroot_error_t
+{
+ // handle reading over page boundaries of both src and dest...
+ while (size)
+ {
+ auto dest_current_size = PAGE_4KB -
+ virt_addr_t{ guest_virt }.offset_4kb;
+
+ if (size < dest_current_size)
+ dest_current_size = size;
+
+ auto src_current_size = PAGE_4KB -
+ phys_addr_t{ guest_phys }.offset_4kb;
+
+ if (size < src_current_size)
+ src_current_size = size;
+
+ auto current_size =
+ min(dest_current_size, src_current_size);
+
+ const auto mapped_src =
+ reinterpret_cast(
+ map_guest_virt(dirbase, guest_virt, map_type_t::map_src));
+
+ if (!mapped_src)
+ return vmxroot_error_t::invalid_guest_virtual;
+
+ const auto mapped_dest =
+ reinterpret_cast(
+ map_guest_phys(guest_phys, map_type_t::map_dest));
+
+ if (!mapped_src)
+ return vmxroot_error_t::invalid_guest_physical;
+
+ memcpy(mapped_dest, mapped_src, current_size);
+ guest_phys += current_size;
+ guest_virt += current_size;
+ size -= current_size;
+ }
+
+ return vmxroot_error_t::error_success;
+}
+
+auto mm::copy_guest_virt(guest_phys_t dirbase_src, guest_virt_t virt_src,
+ guest_virt_t dirbase_dest, guest_virt_t virt_dest, u64 size) -> vmxroot_error_t
+{
+ while (size)
+ {
+ auto dest_size = PAGE_4KB - virt_addr_t{ virt_dest }.offset_4kb;
+ if (size < dest_size)
+ dest_size = size;
+
+ auto src_size = PAGE_4KB - virt_addr_t{ virt_src }.offset_4kb;
+ if (size < src_size)
+ src_size = size;
+
+ const auto mapped_src =
+ reinterpret_cast(
+ map_guest_virt(dirbase_src, virt_src, map_type_t::map_src));
+
+ if (!mapped_src)
+ return vmxroot_error_t::invalid_guest_virtual;
+
+ const auto mapped_dest =
+ reinterpret_cast(
+ map_guest_virt(dirbase_dest, virt_dest, map_type_t::map_dest));
+
+ if (!mapped_dest)
+ return vmxroot_error_t::invalid_guest_virtual;
+
+ auto current_size = min(dest_size, src_size);
+ memcpy(mapped_dest, mapped_src, current_size);
+
+ virt_src += current_size;
+ virt_dest += current_size;
+ size -= current_size;
+ }
+
+ return vmxroot_error_t::error_success;
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (Intel)/mm.h b/Voyager/PayLoad (Intel)/mm.h
new file mode 100644
index 0000000..099850c
--- /dev/null
+++ b/Voyager/PayLoad (Intel)/mm.h
@@ -0,0 +1,165 @@
+#pragma once
+#include "types.h"
+#include "debug.h"
+
+#define SELF_REF_PML4_IDX 510
+#define MAPPING_PML4_IDX 100
+
+#define MAPPING_ADDRESS_BASE 0x0000327FFFE00000
+#define SELF_REF_PML4 0xFFFFFF7FBFDFE000
+
+#define EPT_LARGE_PDPTE_OFFSET(_) (((u64)(_)) & ((0x1000 * 0x200 * 0x200) - 1))
+#define EPT_LARGE_PDE_OFFSET(_) (((u64)(_)) & ((0x1000 * 0x200) - 1))
+
+#pragma section(".pdpt", read, write)
+#pragma section(".pd", read, write)
+#pragma section(".pt", read, write)
+
+namespace mm
+{
+ enum class map_type_t
+ {
+ map_src,
+ map_dest
+ };
+
+ typedef union _virt_addr_t
+ {
+ u64 value;
+ struct
+ {
+ u64 offset_4kb : 12;
+ u64 pt_index : 9;
+ u64 pd_index : 9;
+ u64 pdpt_index : 9;
+ u64 pml4_index : 9;
+ u64 reserved : 16;
+ };
+
+ struct
+ {
+ u64 offset_2mb : 21;
+ u64 pd_index : 9;
+ u64 pdpt_index : 9;
+ u64 pml4_index : 9;
+ u64 reserved : 16;
+ };
+
+ struct
+ {
+ u64 offset_1gb : 30;
+ u64 pdpt_index : 9;
+ u64 pml4_index : 9;
+ u64 reserved : 16;
+ };
+
+ } virt_addr_t, * pvirt_addr_t;
+ using phys_addr_t = virt_addr_t;
+
+ typedef union _pml4e
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 writeable : 1;
+ u64 user_supervisor : 1;
+ u64 page_write_through : 1;
+ u64 page_cache : 1;
+ u64 accessed : 1;
+ u64 ignore_1 : 1;
+ u64 page_size : 1;
+ u64 ignore_2 : 4;
+ u64 pfn : 36;
+ u64 reserved : 4;
+ u64 ignore_3 : 11;
+ u64 nx : 1;
+ };
+ } pml4e, * ppml4e;
+
+ typedef union _pdpte
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 rw : 1;
+ u64 user_supervisor : 1;
+ u64 page_write_through : 1;
+ u64 page_cache : 1;
+ u64 accessed : 1;
+ u64 ignore_1 : 1;
+ u64 large_page : 1;
+ u64 ignore_2 : 4;
+ u64 pfn : 36;
+ u64 reserved : 4;
+ u64 ignore_3 : 11;
+ u64 nx : 1;
+ };
+ } pdpte, * ppdpte;
+
+ typedef union _pde
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 rw : 1;
+ u64 user_supervisor : 1;
+ u64 page_write_through : 1;
+ u64 page_cache : 1;
+ u64 accessed : 1;
+ u64 ignore_1 : 1;
+ u64 large_page : 1;
+ u64 ignore_2 : 4;
+ u64 pfn : 36;
+ u64 reserved : 4;
+ u64 ignore_3 : 11;
+ u64 nx : 1;
+ };
+ } pde, * ppde;
+
+ typedef union _pte
+ {
+ u64 value;
+ struct
+ {
+ u64 present : 1;
+ u64 rw : 1;
+ u64 user_supervisor : 1;
+ u64 page_write_through : 1;
+ u64 page_cache : 1;
+ u64 accessed : 1;
+ u64 dirty : 1;
+ u64 access_type : 1;
+ u64 global : 1;
+ u64 ignore_2 : 3;
+ u64 pfn : 36;
+ u64 reserved : 4;
+ u64 ignore_3 : 7;
+ u64 pk : 4;
+ u64 nx : 1;
+ };
+ } pte, * ppte;
+
+ __declspec(allocate(".pdpt")) inline pdpte pdpt[512];
+ __declspec(allocate(".pd")) inline pde pd[512];
+ __declspec(allocate(".pt")) inline pte pt[512];
+
+ inline const ppml4e hyperv_pml4{ reinterpret_cast(SELF_REF_PML4) };
+
+ auto init() -> vmxroot_error_t;
+ auto map_guest_phys(guest_phys_t phys_addr, map_type_t map_type = map_type_t::map_src) -> u64;
+ auto map_guest_virt(guest_phys_t dirbase, guest_virt_t virt_addr, map_type_t map_type = map_type_t::map_src) -> u64;
+
+ auto map_page(host_phys_t phys_addr, map_type_t map_type = map_type_t::map_src) -> u64;
+ auto get_map_virt(u16 offset = 0u, map_type_t map_type = map_type_t::map_src) -> u64;
+
+ auto translate(host_virt_t host_virt) -> u64;
+ auto translate_guest_physical(guest_phys_t guest_phys, map_type_t map_type = map_type_t::map_src) -> u64;
+ auto translate_guest_virtual(guest_phys_t dirbase, guest_virt_t guest_virt, map_type_t map_type = map_type_t::map_src) -> u64;
+
+ auto read_guest_phys(guest_phys_t dirbase, guest_phys_t guest_phys, guest_virt_t guest_virt, u64 size) -> vmxroot_error_t;
+ auto write_guest_phys(guest_phys_t dirbase, guest_phys_t guest_phys, guest_virt_t guest_virt, u64 size) -> vmxroot_error_t;
+ auto copy_guest_virt(guest_phys_t dirbase_src, guest_virt_t virt_src, guest_virt_t dirbase_dest, guest_virt_t virt_dest, u64 size) -> vmxroot_error_t;
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (Intel)/pg_table.cpp b/Voyager/PayLoad (Intel)/pg_table.cpp
deleted file mode 100644
index e523f21..0000000
--- a/Voyager/PayLoad (Intel)/pg_table.cpp
+++ /dev/null
@@ -1,138 +0,0 @@
-#include "pg_table.h"
-
-namespace pg_table
-{
- void* translate(void* virtual_address, const ptable_entries entries)
- {
- virt_addr_t virt_addr{ virtual_address };
- virt_addr_t cursor{ hyperv_pml4 };
-
- if (entries) entries->pml4e = reinterpret_cast(cursor.value)[virt_addr.pml4_index];
- if (!reinterpret_cast(cursor.value)[virt_addr.pml4_index].present)
- return nullptr;
-
- // set the cursor to self reference so that when we read
- // the addresses pointed to by cursor its going to be a pdpt...
- cursor.pdpt_index = virt_addr_t{ hyperv_pml4 }.pml4_index;
- cursor.pd_index = virt_addr_t{ hyperv_pml4 }.pml4_index;
- cursor.pt_index = virt_addr.pml4_index;
- if (entries) entries->pdpte = reinterpret_cast(cursor.value)[virt_addr.pdpt_index];
-
- if (!reinterpret_cast(cursor.value)[virt_addr.pdpt_index].present)
- return nullptr;
-
- // set the cursor to self reference so that when we read
- // the addresses pointed to by cursor its going to be a pd...
- cursor.pdpt_index = virt_addr_t{ hyperv_pml4 }.pml4_index;
- cursor.pd_index = virt_addr.pml4_index;
- cursor.pt_index = virt_addr.pdpt_index;
- if (entries) entries->pde = reinterpret_cast(cursor.value)[virt_addr.pd_index];
-
- if (!reinterpret_cast(cursor.value)[virt_addr.pd_index].present)
- return nullptr;
-
- // set the cursor to self reference so that when we read
- // the addresses pointed to by cursor its going to be a pt...
- cursor.pdpt_index = virt_addr.pml4_index;
- cursor.pd_index = virt_addr.pdpt_index;
- cursor.pt_index = virt_addr.pd_index;
- if (entries) entries->pte = reinterpret_cast(cursor.value)[virt_addr.pt_index];
-
- if (!reinterpret_cast(cursor.value)[virt_addr.pt_index].present)
- return nullptr;
-
- return reinterpret_cast(
- reinterpret_cast(cursor.value)[virt_addr.pt_index].pfn << 12);
- }
-
- void* translate(void* virtual_address, u32 pml4_pfn, const ptable_entries entries)
- {
- virt_addr_t virt_addr{ virtual_address };
- const auto cursor = get_cursor_page();
-
- set_cursor_page(pml4_pfn);
- if (!reinterpret_cast(cursor)[virt_addr.pml4_index].present)
- return nullptr;
-
- if (entries) entries->pml4e = reinterpret_cast(cursor)[virt_addr.pml4_index];
- set_cursor_page(reinterpret_cast(cursor)[virt_addr.pml4_index].pfn);
- if (!reinterpret_cast(cursor)[virt_addr.pdpt_index].present)
- return nullptr;
-
- if (entries) entries->pdpte = reinterpret_cast(cursor)[virt_addr.pdpt_index];
- set_cursor_page(reinterpret_cast(cursor)[virt_addr.pdpt_index].pfn);
- if (!reinterpret_cast(cursor)[virt_addr.pd_index].present)
- return nullptr;
-
- if (entries) entries->pde = reinterpret_cast(cursor)[virt_addr.pd_index];
- set_cursor_page(reinterpret_cast(cursor)[virt_addr.pd_index].pfn);
- if (!reinterpret_cast(cursor)[virt_addr.pt_index].present)
- return nullptr;
-
- if (entries) entries->pte = reinterpret_cast(cursor)[virt_addr.pt_index];
- return reinterpret_cast(
- reinterpret_cast(cursor)[virt_addr.pt_index].pfn << 12);
- }
-
- void set_cursor_page(u32 phys_pfn)
- {
- cpuid_eax_01 cpuid_value;
- __cpuid((int*)&cpuid_value, 1);
- pg_table::pt[cpuid_value
- .cpuid_additional_information
- .initial_apic_id].pfn = phys_pfn;
-
- // flush tlb for this page and then ensure the instruction stream
- // is seralized as to not execute instructions out of order and access the page
- // before the TLB is flushed...
- __invlpg(get_cursor_page());
- _mm_lfence();
- }
-
- void* get_cursor_page()
- {
- cpuid_eax_01 cpuid_value;
- __cpuid((int*)&cpuid_value, 1);
- constexpr auto cursor_page = 0x00007F7FFFE00000;
-
- virt_addr_t virt_addr{ reinterpret_cast(cursor_page) };
- virt_addr.pt_index = cpuid_value
- .cpuid_additional_information
- .initial_apic_id;
-
- return virt_addr.value;
- }
-
- bool init_pg_tables()
- {
- auto pdpt_phys = reinterpret_cast(translate(pdpt));
- auto pd_phys = reinterpret_cast(translate(pd));
- auto pt_phys = reinterpret_cast(translate(pt));
-
- if (!pdpt_phys || !pd_phys || !pt_phys)
- return false;
-
- hyperv_pml4[254].present = true;
- hyperv_pml4[254].pfn = pdpt_phys >> 12;
- hyperv_pml4[254].user_supervisor = false;
- hyperv_pml4[254].rw = true;
-
- pdpt[511].present = true;
- pdpt[511].pfn = pd_phys >> 12;
- pdpt[511].user_supervisor = false;
- pdpt[511].rw = true;
-
- pd[511].present = true;
- pd[511].pfn = pt_phys >> 12;
- pd[511].user_supervisor = false;
- pd[511].rw = true;
-
- for (auto idx = 0u; idx < 512; ++idx)
- {
- pt[idx].present = true;
- pt[idx].user_supervisor = false;
- pt[idx].rw = true;
- }
- return true;
- }
-}
\ No newline at end of file
diff --git a/Voyager/PayLoad (Intel)/pg_table.h b/Voyager/PayLoad (Intel)/pg_table.h
deleted file mode 100644
index 42bce15..0000000
--- a/Voyager/PayLoad (Intel)/pg_table.h
+++ /dev/null
@@ -1,167 +0,0 @@
-#pragma once
-#include "types.h"
-#include "ia32.hpp"
-
-#pragma section(".pdpt", read, write)
-#pragma section(".pd", read, write)
-#pragma section(".pt", read, write)
-
-namespace pg_table
-{
- typedef union _virt_addr_t
- {
- void* value;
- struct
- {
- u64 offset : 12;
- u64 pt_index : 9;
- u64 pd_index : 9;
- u64 pdpt_index : 9;
- u64 pml4_index : 9;
- u64 reserved : 16;
- };
- } virt_addr_t, * pvirt_addr_t;
-
- typedef union _pml4e
- {
- u64 value;
- struct
- {
- u64 present : 1; // Must be 1, region invalid if 0.
- u64 rw : 1; // If 0, writes not allowed.
- u64 user_supervisor : 1; // If 0, user-mode accesses not allowed.
- u64 PageWriteThrough : 1; // Determines the memory type used to access PDPT.
- u64 page_cache : 1; // Determines the memory type used to access PDPT.
- u64 accessed : 1; // If 0, this entry has not been used for translation.
- u64 Ignored1 : 1;
- u64 page_size : 1; // Must be 0 for PML4E.
- u64 Ignored2 : 4;
- u64 pfn : 36; // The page frame number of the PDPT of this PML4E.
- u64 Reserved : 4;
- u64 Ignored3 : 11;
- u64 nx : 1; // If 1, instruction fetches not allowed.
- };
- } pml4e, * ppml4e;
-
- typedef union _pdpte
- {
- u64 value;
- struct
- {
- u64 present : 1; // Must be 1, region invalid if 0.
- u64 rw : 1; // If 0, writes not allowed.
- u64 user_supervisor : 1; // If 0, user-mode accesses not allowed.
- u64 PageWriteThrough : 1; // Determines the memory type used to access PD.
- u64 page_cache : 1; // Determines the memory type used to access PD.
- u64 accessed : 1; // If 0, this entry has not been used for translation.
- u64 Ignored1 : 1;
- u64 page_size : 1; // If 1, this entry maps a 1GB page.
- u64 Ignored2 : 4;
- u64 pfn : 36; // The page frame number of the PD of this PDPTE.
- u64 Reserved : 4;
- u64 Ignored3 : 11;
- u64 nx : 1; // If 1, instruction fetches not allowed.
- };
- } pdpte, * ppdpte;
-
- typedef union _pde
- {
- u64 value;
- struct
- {
- u64 present : 1; // Must be 1, region invalid if 0.
- u64 rw : 1; // If 0, writes not allowed.
- u64 user_supervisor : 1; // If 0, user-mode accesses not allowed.
- u64 PageWriteThrough : 1; // Determines the memory type used to access PT.
- u64 page_cache : 1; // Determines the memory type used to access PT.
- u64 accessed : 1; // If 0, this entry has not been used for translation.
- u64 Ignored1 : 1;
- u64 page_size : 1; // If 1, this entry maps a 2MB page.
- u64 Ignored2 : 4;
- u64 pfn : 36; // The page frame number of the PT of this PDE.
- u64 Reserved : 4;
- u64 Ignored3 : 11;
- u64 nx : 1; // If 1, instruction fetches not allowed.
- };
- } pde, * ppde;
-
- typedef union _pte
- {
- u64 value;
- struct
- {
- u64 present : 1; // Must be 1, region invalid if 0.
- u64 rw : 1; // If 0, writes not allowed.
- u64 user_supervisor : 1; // If 0, user-mode accesses not allowed.
- u64 PageWriteThrough : 1; // Determines the memory type used to access the memory.
- u64 page_cache : 1; // Determines the memory type used to access the memory.
- u64 accessed : 1; // If 0, this entry has not been used for translation.
- u64 Dirty : 1; // If 0, the memory backing this page has not been written to.
- u64 PageAccessType : 1; // Determines the memory type used to access the memory.
- u64 Global : 1; // If 1 and the PGE bit of CR4 is set, translations are global.
- u64 Ignored2 : 3;
- u64 pfn : 36; // The page frame number of the backing physical page.
- u64 reserved : 4;
- u64 Ignored3 : 7;
- u64 ProtectionKey : 4; // If the PKE bit of CR4 is set, determines the protection key.
- u64 nx : 1; // If 1, instruction fetches not allowed.
- };
- } pte, * ppte;
-
- typedef struct _table_entries
- {
- pg_table::pml4e pml4e;
- pg_table::pdpte pdpte;
- pg_table::pde pde;
- pg_table::pte pte;
- } table_entries, *ptable_entries;
-
- ///
- /// payload paging tables...
- ///
- __declspec(allocate(".pdpt")) inline pdpte pdpt[512];
- __declspec(allocate(".pd")) inline pde pd[512];
- __declspec(allocate(".pt")) inline pte pt[512];
-
- ///
- /// self referencing pml4e is at 255...
- ///
- inline const ppml4e hyperv_pml4{ reinterpret_cast(0x00007FBFDFEFF000) };
-
- ///
- /// only does address translation for hyper-v's context
- ///
- /// virtual address to be translated...
- /// optional
- /// returns a physical address...
- void* translate(void* virt_addr, const ptable_entries entries = nullptr);
-
- ///
- /// translates linear virtual addresses to linear physical addresses...
- ///
- /// virtual address to translate...
- /// page map level four page frame number...
- /// (optional) pointer to a table_entries structure...
- /// linear physical address...
- void* translate(void* virtual_address, u32 pml4_pfn, const ptable_entries entries = nullptr);
-
- ///
- // changes the cursor address to the specified physical address...
- // after doing so, the TLB entry for that address is going to be flushed...
- // a memory fence is applied to prevent out of order execution...
- ///
- /// pfn of the physical page to change the cursor too...
- void set_cursor_page(u32 phys_pfn);
-
- ///
- /// get the cursor page... each core has its own cursor page...
- ///
- /// cursor page for the current core...
- void* get_cursor_page();
-
- ///
- /// initalizes paging tables (connects pdpt->pd->pt)
- ///
- /// was the setup successful?
- bool init_pg_tables();
-}
\ No newline at end of file
diff --git a/Voyager/PayLoad (Intel)/types.h b/Voyager/PayLoad (Intel)/types.h
index 8267fd6..c3e7c79 100644
--- a/Voyager/PayLoad (Intel)/types.h
+++ b/Voyager/PayLoad (Intel)/types.h
@@ -3,10 +3,14 @@
#include
#include
-#define PORT_NUM 0x2F8
+#include
+#include
+#include "ia32.hpp"
+
#define VMEXIT_KEY 0xDEADBEEFDEADBEEF
-#define DBG_PRINT(arg) \
- __outbytestring(PORT_NUM, (unsigned char*)arg, sizeof arg);
+#define PAGE_4KB 0x1000
+#define PAGE_2MB PAGE_4KB * 512
+#define PAGE_1GB PAGE_2MB * 512
using u8 = unsigned char;
using u16 = unsigned short;
@@ -14,12 +18,65 @@ using u32 = unsigned int;
using u64 = unsigned long long;
using u128 = __m128;
+using guest_virt_t = u64;
+using guest_phys_t = u64;
+using host_virt_t = u64;
+using host_phys_t = u64;
+
enum class vmexit_command_t
{
- init_paging_tables = 0x111
- // add your commands here...
+ init_page_tables,
+ read_guest_phys,
+ write_guest_phys,
+ copy_guest_virt,
+ get_dirbase,
+ translate
+};
+
+enum class vmxroot_error_t
+{
+ error_success,
+ pml4e_not_present,
+ pdpte_not_present,
+ pde_not_present,
+ pte_not_present,
+ vmxroot_translate_failure,
+ invalid_self_ref_pml4e,
+ invalid_mapping_pml4e,
+ invalid_host_virtual,
+ invalid_guest_physical,
+ invalid_guest_virtual,
+ page_table_init_failed
};
+typedef union _command_t
+{
+ struct _copy_phys
+ {
+ host_phys_t phys_addr;
+ guest_virt_t buffer;
+ u64 size;
+ } copy_phys;
+
+ struct _copy_virt
+ {
+ guest_phys_t dirbase_src;
+ guest_virt_t virt_src;
+ guest_phys_t dirbase_dest;
+ guest_virt_t virt_dest;
+ u64 size;
+ } copy_virt;
+
+ struct _translate_virt
+ {
+ guest_virt_t virt_src;
+ guest_phys_t phys_addr;
+ } translate_virt;
+
+ guest_phys_t dirbase;
+
+} command_t, * pcommand_t;
+
typedef struct _context_t
{
u64 rax;
@@ -55,12 +112,12 @@ using vmexit_handler_t = void(__fastcall*)(pcontext_t context, void* unknown);
#pragma pack(push, 1)
typedef struct _voyager_t
{
- // RVA from golden record entry ---> back to original vmexit handler...
u64 vmexit_handler_rva;
u64 hyperv_module_base;
u64 hyperv_module_size;
- u64 record_base;
- u64 record_size;
+ u64 payload_base;
+ u64 payload_size;
} voyager_t, *pvoyager_t;
#pragma pack(pop)
+
__declspec(dllexport) inline voyager_t voyager_context;
\ No newline at end of file
diff --git a/Voyager/PayLoad (Intel)/vmexit.cpp b/Voyager/PayLoad (Intel)/vmexit.cpp
new file mode 100644
index 0000000..cc7a08d
--- /dev/null
+++ b/Voyager/PayLoad (Intel)/vmexit.cpp
@@ -0,0 +1,34 @@
+#include "vmexit.h"
+
+namespace vmexit
+{
+ auto get_command(guest_virt_t command_ptr) -> command_t
+ {
+ u64 guest_dirbase;
+ __vmx_vmread(VMCS_GUEST_CR3, &guest_dirbase);
+
+ // cr3 can contain other high bits so just to be safe
+ // get the pfn and bitshift it...
+ guest_dirbase = cr3{ guest_dirbase }.pml4_pfn << 12;
+
+ const auto command_page =
+ mm::map_guest_virt(guest_dirbase, command_ptr);
+
+ return *reinterpret_cast(command_page);
+ }
+
+ auto set_command(guest_virt_t command_ptr, command_t& command_data) -> void
+ {
+ u64 guest_dirbase;
+ __vmx_vmread(VMCS_GUEST_CR3, &guest_dirbase);
+
+ // cr3 can contain other high bits so just to be safe
+ // get the pfn and bitshift it...
+ guest_dirbase = cr3{ guest_dirbase }.pml4_pfn << 12;
+
+ const auto command_page =
+ mm::map_guest_virt(guest_dirbase, command_ptr);
+
+ *reinterpret_cast(command_page) = command_data;
+ }
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (Intel)/vmexit.h b/Voyager/PayLoad (Intel)/vmexit.h
new file mode 100644
index 0000000..8049ff7
--- /dev/null
+++ b/Voyager/PayLoad (Intel)/vmexit.h
@@ -0,0 +1,9 @@
+#pragma once
+#include "mm.h"
+#include "debug.h"
+
+namespace vmexit
+{
+ auto get_command(guest_virt_t command_ptr) -> command_t;
+ auto set_command(guest_virt_t command_ptr, command_t& command_data) -> void;
+}
\ No newline at end of file
diff --git a/Voyager/PayLoad (Intel)/vmexit_handler.cpp b/Voyager/PayLoad (Intel)/vmexit_handler.cpp
index 191c73b..b456ccf 100644
--- a/Voyager/PayLoad (Intel)/vmexit_handler.cpp
+++ b/Voyager/PayLoad (Intel)/vmexit_handler.cpp
@@ -1,4 +1,4 @@
-#include "pg_table.h"
+#include "vmexit.h"
#if WINVER > 1803
void vmexit_handler(pcontext_t* context, void* unknown)
@@ -6,6 +6,7 @@ void vmexit_handler(pcontext_t* context, void* unknown)
void vmexit_handler(pcontext_t context, void* unknown)
#endif
{
+
#if WINVER > 1803
pcontext_t guest_registers = *context;
#else
@@ -18,15 +19,113 @@ void vmexit_handler(pcontext_t context, void* unknown)
{
if (guest_registers->rcx == VMEXIT_KEY)
{
- switch ((vmexit_command_t)(guest_registers->rdx))
+ switch ((vmexit_command_t)guest_registers->rdx)
+ {
+ case vmexit_command_t::init_page_tables:
+ {
+ guest_registers->rax = (u64) mm::init();
+ break;
+ }
+ case vmexit_command_t::get_dirbase:
+ {
+ auto command_data =
+ vmexit::get_command(guest_registers->r8);
+
+ u64 guest_dirbase;
+ __vmx_vmread(VMCS_GUEST_CR3, &guest_dirbase);
+
+ // cr3 can contain other high bits so just to be safe
+ // get the pfn and bitshift it...
+ guest_dirbase = cr3{ guest_dirbase }.pml4_pfn << 12;
+ command_data.dirbase = guest_dirbase;
+ guest_registers->rax = (u64) vmxroot_error_t::error_success;
+
+ vmexit::set_command(
+ guest_registers->r8, command_data);
+ break;
+ }
+ case vmexit_command_t::read_guest_phys:
+ {
+ auto command_data =
+ vmexit::get_command(guest_registers->r8);
+
+ u64 guest_dirbase;
+ __vmx_vmread(VMCS_GUEST_CR3, &guest_dirbase);
+ // from 1809-1909 PCIDE is enabled in CR4 and so cr3 contains some other stuff...
+ guest_dirbase = cr3{ guest_dirbase }.pml4_pfn << 12;
+
+ guest_registers->rax =
+ (u64) mm::read_guest_phys(
+ guest_dirbase,
+ command_data.copy_phys.phys_addr,
+ command_data.copy_phys.buffer,
+ command_data.copy_phys.size);
+
+ vmexit::set_command(
+ guest_registers->r8, command_data);
+ break;
+ }
+ case vmexit_command_t::write_guest_phys:
+ {
+ auto command_data =
+ vmexit::get_command(guest_registers->r8);
+
+ u64 guest_dirbase;
+ __vmx_vmread(VMCS_GUEST_CR3, &guest_dirbase);
+ // from 1809-1909 PCIDE is enabled in CR4 and so cr3 contains some other stuff...
+ guest_dirbase = cr3{ guest_dirbase }.pml4_pfn << 12;
+
+ guest_registers->rax =
+ (u64) mm::write_guest_phys(
+ guest_dirbase,
+ command_data.copy_phys.phys_addr,
+ command_data.copy_phys.buffer,
+ command_data.copy_phys.size);
+
+ vmexit::set_command(
+ guest_registers->r8, command_data);
+ break;
+ }
+ case vmexit_command_t::copy_guest_virt:
+ {
+ auto command_data =
+ vmexit::get_command(guest_registers->r8);
+
+ auto virt_data = command_data.copy_virt;
+ guest_registers->rax =
+ (u64)mm::copy_guest_virt(
+ virt_data.dirbase_src,
+ virt_data.virt_src,
+ virt_data.dirbase_dest,
+ virt_data.virt_dest,
+ virt_data.size);
+ break;
+ }
+ case vmexit_command_t::translate:
{
- case vmexit_command_t::init_paging_tables:
- guest_registers->rax = pg_table::init_pg_tables();
+ auto command_data =
+ vmexit::get_command(guest_registers->r8);
+
+ u64 guest_dirbase;
+ __vmx_vmread(VMCS_GUEST_CR3, &guest_dirbase);
+ guest_dirbase = cr3{ guest_dirbase }.pml4_pfn << 12;
+
+ command_data.translate_virt.phys_addr =
+ mm::translate_guest_virtual(guest_dirbase,
+ command_data.translate_virt.virt_src);
+
+ guest_registers->rax =
+ (u64) vmxroot_error_t::error_success;
+
+ vmexit::set_command(
+ guest_registers->r8, command_data);
break;
+ }
default:
break;
}
+ // advance instruction pointer...
size_t rip, exec_len;
__vmx_vmread(VMCS_GUEST_RIP, &rip);
__vmx_vmread(VMCS_VMEXIT_INSTRUCTION_LENGTH, &exec_len);
@@ -35,8 +134,7 @@ void vmexit_handler(pcontext_t context, void* unknown)
}
}
- // since there are alot of contexts being created and switched about,
- // all hooks are done relative inside of hyper-v...
+ // call original vmexit handler...
reinterpret_cast(
reinterpret_cast(&vmexit_handler) -
voyager_context.vmexit_handler_rva)(context, unknown);
diff --git a/Voyager/Voyager.sln b/Voyager/Voyager.sln
index 1458968..0ad851d 100644
--- a/Voyager/Voyager.sln
+++ b/Voyager/Voyager.sln
@@ -3,12 +3,16 @@ Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 16
VisualStudioVersion = 16.0.30503.244
MinimumVisualStudioVersion = 10.0.40219.1
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Voyager", "Voyager\Voyager.vcxproj", "{540D433F-C2DF-49A6-895C-F5C74B014777}"
-EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "PayLoad (Intel)", "PayLoad (Intel)\PayLoad (Intel).vcxproj", "{223D1FDE-331E-4028-9083-1673A5161C99}"
EndProject
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "PayLoad (AMD)", "PayLoad (AMD)\PayLoad (AMD).vcxproj", "{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}"
EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Voyager", "Voyager\Voyager.vcxproj", "{540D433F-C2DF-49A6-895C-F5C74B014777}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "example", "example\example.vcxproj", "{1770C4FB-345F-40DD-B4A2-2A5DC8A50866}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libvoyager", "libvoyager\libvoyager.vcxproj", "{F468E79E-CC93-4A7F-844E-984117B5B08B}"
+EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
1507|x64 = 1507|x64
@@ -21,33 +25,14 @@ Global
1903|x64 = 1903|x64
1909|x64 = 1909|x64
2004|x64 = 2004|x64
+ Release|x64 = Release|x64
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1507|x64.ActiveCfg = 1507|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1507|x64.Build.0 = 1507|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1511|x64.ActiveCfg = 1511|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1511|x64.Build.0 = 1511|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1607|x64.ActiveCfg = 1607|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1607|x64.Build.0 = 1607|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1703|x64.ActiveCfg = 1703|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1703|x64.Build.0 = 1703|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1709|x64.ActiveCfg = 1709|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1709|x64.Build.0 = 1709|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1803|x64.ActiveCfg = 1803|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1803|x64.Build.0 = 1803|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1809|x64.ActiveCfg = 1809|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1809|x64.Build.0 = 1809|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1903|x64.ActiveCfg = 1903|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1903|x64.Build.0 = 1903|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1909|x64.ActiveCfg = 1909|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.1909|x64.Build.0 = 1909|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.2004|x64.ActiveCfg = 2004|x64
- {540D433F-C2DF-49A6-895C-F5C74B014777}.2004|x64.Build.0 = 2004|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1507|x64.ActiveCfg = 1507|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1507|x64.Build.0 = 1507|x64
- {223D1FDE-331E-4028-9083-1673A5161C99}.1511|x64.ActiveCfg = 1607|x64
- {223D1FDE-331E-4028-9083-1673A5161C99}.1511|x64.Build.0 = 1607|x64
- {223D1FDE-331E-4028-9083-1673A5161C99}.1511|x64.Deploy.0 = 1607|x64
+ {223D1FDE-331E-4028-9083-1673A5161C99}.1511|x64.ActiveCfg = 1511|x64
+ {223D1FDE-331E-4028-9083-1673A5161C99}.1511|x64.Build.0 = 1511|x64
+ {223D1FDE-331E-4028-9083-1673A5161C99}.1511|x64.Deploy.0 = 1511|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1607|x64.ActiveCfg = 1607|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1607|x64.Build.0 = 1607|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1703|x64.ActiveCfg = 1703|x64
@@ -56,14 +41,16 @@ Global
{223D1FDE-331E-4028-9083-1673A5161C99}.1709|x64.Build.0 = 1709|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1803|x64.ActiveCfg = 1803|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1803|x64.Build.0 = 1803|x64
- {223D1FDE-331E-4028-9083-1673A5161C99}.1809|x64.ActiveCfg = 1909|x64
- {223D1FDE-331E-4028-9083-1673A5161C99}.1809|x64.Build.0 = 1909|x64
+ {223D1FDE-331E-4028-9083-1673A5161C99}.1809|x64.ActiveCfg = 1809|x64
+ {223D1FDE-331E-4028-9083-1673A5161C99}.1809|x64.Build.0 = 1809|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1903|x64.ActiveCfg = 1903|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1903|x64.Build.0 = 1903|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1909|x64.ActiveCfg = 1909|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.1909|x64.Build.0 = 1909|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.2004|x64.ActiveCfg = 2004|x64
{223D1FDE-331E-4028-9083-1673A5161C99}.2004|x64.Build.0 = 2004|x64
+ {223D1FDE-331E-4028-9083-1673A5161C99}.Release|x64.ActiveCfg = 2004|x64
+ {223D1FDE-331E-4028-9083-1673A5161C99}.Release|x64.Build.0 = 2004|x64
{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.1507|x64.ActiveCfg = 1507|x64
{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.1507|x64.Build.0 = 1507|x64
{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.1511|x64.ActiveCfg = 1511|x64
@@ -84,6 +71,74 @@ Global
{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.1909|x64.Build.0 = 1909|x64
{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.2004|x64.ActiveCfg = 2004|x64
{C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.2004|x64.Build.0 = 2004|x64
+ {C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|x64.ActiveCfg = 2004|x64
+ {C5122D8B-DEC8-458F-9342-3A4AC3152BEF}.Release|x64.Build.0 = 2004|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1507|x64.ActiveCfg = 1507|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1507|x64.Build.0 = 1507|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1511|x64.ActiveCfg = 1511|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1511|x64.Build.0 = 1511|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1607|x64.ActiveCfg = 1607|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1607|x64.Build.0 = 1607|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1703|x64.ActiveCfg = 1703|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1703|x64.Build.0 = 1703|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1709|x64.ActiveCfg = 1709|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1709|x64.Build.0 = 1709|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1803|x64.ActiveCfg = 1803|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1803|x64.Build.0 = 1803|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1809|x64.ActiveCfg = 1809|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1809|x64.Build.0 = 1809|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1903|x64.ActiveCfg = 1903|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1903|x64.Build.0 = 1903|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1909|x64.ActiveCfg = 1909|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.1909|x64.Build.0 = 1909|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.2004|x64.ActiveCfg = 2004|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.2004|x64.Build.0 = 2004|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.Release|x64.ActiveCfg = 2004|x64
+ {540D433F-C2DF-49A6-895C-F5C74B014777}.Release|x64.Build.0 = 2004|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1507|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1507|x64.Build.0 = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1511|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1511|x64.Build.0 = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1607|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1607|x64.Build.0 = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1703|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1703|x64.Build.0 = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1709|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1709|x64.Build.0 = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1803|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1803|x64.Build.0 = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1809|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1809|x64.Build.0 = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1903|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1903|x64.Build.0 = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1909|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.1909|x64.Build.0 = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.2004|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.2004|x64.Build.0 = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.Release|x64.ActiveCfg = Release|x64
+ {1770C4FB-345F-40DD-B4A2-2A5DC8A50866}.Release|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1507|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1507|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1511|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1511|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1607|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1607|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1703|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1703|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1709|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1709|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1803|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1803|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1809|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1809|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1903|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1903|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1909|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.1909|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.2004|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.2004|x64.Build.0 = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.Release|x64.ActiveCfg = Release|x64
+ {F468E79E-CC93-4A7F-844E-984117B5B08B}.Release|x64.Build.0 = Release|x64
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
diff --git a/Voyager/Voyager/BootMgfw.c b/Voyager/Voyager/BootMgfw.c
index 242cef9..124a8d4 100644
--- a/Voyager/Voyager/BootMgfw.c
+++ b/Voyager/Voyager/BootMgfw.c
@@ -1,7 +1,7 @@
#include "BootMgfw.h"
#include "SplashScreen.h"
-SHITHOOK BootMgfwShitHook;
+INLINE_HOOK BootMgfwShitHook;
EFI_STATUS EFIAPI RestoreBootMgfw(VOID)
{
UINTN HandleCount = NULL;
@@ -200,10 +200,10 @@ EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE ImageHandle)
#if WINVER >= 1703
Print(L"BootMgfw.BlImgStartBootApplication -> 0x%p\n", ArchStartBootApplication);
- MakeShitHook(&BootMgfwShitHook, ArchStartBootApplication, &ArchStartBootApplicationHook, TRUE);
+ MakeInlineHook(&BootMgfwShitHook, ArchStartBootApplication, &ArchStartBootApplicationHook, TRUE);
#else
Print(L"BootMgfw.BlImgStartBootApplication -> 0x%p\n", RESOLVE_RVA(ArchStartBootApplication, 5, 1));
- MakeShitHook(&BootMgfwShitHook, RESOLVE_RVA(ArchStartBootApplication, 5, 1), &ArchStartBootApplicationHook, TRUE);
+ MakeInlineHook(&BootMgfwShitHook, RESOLVE_RVA(ArchStartBootApplication, 5, 1), &ArchStartBootApplicationHook, TRUE);
#endif
return EFI_SUCCESS;
}
@@ -211,19 +211,11 @@ EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE ImageHandle)
EFI_STATUS EFIAPI ArchStartBootApplicationHook(VOID* AppEntry, VOID* ImageBase, UINT32 ImageSize, UINT8 BootOption, VOID* ReturnArgs)
{
// disable ArchStartBootApplication shithook
- DisableShitHook(&BootMgfwShitHook);
+ DisableInlineHook(&BootMgfwShitHook);
// on 1703 and below, winload does not export any functions
if (!GetExport(ImageBase, "BlLdrLoadImage"))
{
- VOID* HvlpTransferToHypervisor =
- FindPattern(
- ImageBase,
- ImageSize,
- TRANS_TO_HV_SIG,
- TRANS_TO_HV_MASK
- );
-
VOID* ImgLoadPEImageEx =
FindPattern(
ImageBase,
@@ -232,31 +224,17 @@ EFI_STATUS EFIAPI ArchStartBootApplicationHook(VOID* AppEntry, VOID* ImageBase,
LOAD_PE_IMG_MASK
);
- MmMapPhysicalMemory =
- RESOLVE_RVA(
- FindPattern(
- ImageBase,
- ImageSize,
- MAP_PHYSICAL_SIG,
- MAP_PHYSICAL_MASK),
- 5, 1);
-
gST->ConOut->ClearScreen(gST->ConOut);
gST->ConOut->OutputString(gST->ConOut, AsciiArt);
Print(L"\n");
Print(L"Hyper-V PayLoad Size -> 0x%x\n", PayLoadSize());
Print(L"winload.BlImgLoadPEImageEx -> 0x%p\n", RESOLVE_RVA(ImgLoadPEImageEx, 10, 6));
- Print(L"winload.HvlpTransferToHypervisor -> 0x%p\n", RESOLVE_RVA(HvlpTransferToHypervisor, 13, 9));
-
- MakeShitHook(&TransferControlShitHook, RESOLVE_RVA(HvlpTransferToHypervisor, 13, 9), &TransferToHyperV, TRUE);
- MakeShitHook(&WinLoadImageShitHook, RESOLVE_RVA(ImgLoadPEImageEx, 10, 6), &BlImgLoadPEImageEx, TRUE);
+ MakeInlineHook(&WinLoadImageShitHook, RESOLVE_RVA(ImgLoadPEImageEx, 10, 6), &BlImgLoadPEImageEx, TRUE);
}
else // else the installed windows version is between 2004 and 1709
{
VOID* LdrLoadImage = GetExport(ImageBase, "BlLdrLoadImage");
- MmMapPhysicalMemory = GetExport(ImageBase, "BlMmMapPhysicalAddressEx");
-
VOID* ImgAllocateImageBuffer =
FindPattern(
ImageBase,
@@ -273,8 +251,8 @@ EFI_STATUS EFIAPI ArchStartBootApplicationHook(VOID* AppEntry, VOID* ImageBase,
Print(L"winload.BlLdrLoadImage -> 0x%p\n", LdrLoadImage);
Print(L"winload.BlImgAllocateImageBuffer -> 0x%p\n", RESOLVE_RVA(ImgAllocateImageBuffer, 5, 1));
- MakeShitHook(&WinLoadImageShitHook, LdrLoadImage, &BlLdrLoadImage, TRUE);
- MakeShitHook(&WinLoadAllocateImageHook, RESOLVE_RVA(ImgAllocateImageBuffer, 5, 1), &BlImgAllocateImageBuffer, TRUE);
+ MakeInlineHook(&WinLoadImageShitHook, LdrLoadImage, &BlLdrLoadImage, TRUE);
+ MakeInlineHook(&WinLoadAllocateImageHook, RESOLVE_RVA(ImgAllocateImageBuffer, 5, 1), &BlImgAllocateImageBuffer, TRUE);
}
return ((IMG_ARCH_START_BOOT_APPLICATION)BootMgfwShitHook.Address)(AppEntry, ImageBase, ImageSize, BootOption, ReturnArgs);
}
\ No newline at end of file
diff --git a/Voyager/Voyager/BootMgfw.h b/Voyager/Voyager/BootMgfw.h
index 5fde795..2a23dfb 100644
--- a/Voyager/Voyager/BootMgfw.h
+++ b/Voyager/Voyager/BootMgfw.h
@@ -20,7 +20,7 @@ static_assert(sizeof(START_BOOT_APPLICATION_SIG) == sizeof(START_BOOT_APPLICATIO
#define PAYLOAD_PATH L"\\efi\\microsoft\\boot\\payload.dll"
#define WINDOWS_BOOTMGFW_BACKUP_PATH L"\\efi\\microsoft\\boot\\bootmgfw.efi.backup"
-extern SHITHOOK BootMgfwShitHook;
+extern INLINE_HOOK BootMgfwShitHook;
typedef EFI_STATUS(EFIAPI* IMG_ARCH_START_BOOT_APPLICATION)(VOID*, VOID*, UINT32, UINT8, VOID*);
///
@@ -54,4 +54,4 @@ EFI_STATUS EFIAPI InstallBootMgfwHooks(EFI_HANDLE BootMgfwPath);
/// Unknown
/// Unknown
/// original function's return value...
-EFI_STATUS EFIAPI ArchStartBootApplicationHook(VOID* AppEntry, VOID* ImageBase, UINT32 ImageSize, UINT8 BootOption, VOID* ReturnArgs);
+EFI_STATUS EFIAPI ArchStartBootApplicationHook(VOID* AppEntry, VOID* ImageBase, UINT32 ImageSize, UINT8 BootOption, VOID* ReturnArgs);
\ No newline at end of file
diff --git a/Voyager/Voyager/Hv.c b/Voyager/Voyager/Hv.c
index 85d5965..88ec1d1 100644
--- a/Voyager/Voyager/Hv.c
+++ b/Voyager/Voyager/Hv.c
@@ -1,5 +1,6 @@
#include "Hv.h"
+PVOYAGER_T PayLoadDataPtr = NULL;
VOID* MapModule(PVOYAGER_T VoyagerData, UINT8* ImageBase)
{
if (!VoyagerData || !ImageBase)
@@ -13,10 +14,7 @@ VOID* MapModule(PVOYAGER_T VoyagerData, UINT8* ImageBase)
if (ntHeaders->Signature != EFI_IMAGE_NT_SIGNATURE)
return NULL;
- // Map headers (no reason not too here, memory is unaccessable from guest lol)
MemCopy(VoyagerData->ModuleBase, ImageBase, ntHeaders->OptionalHeader.SizeOfHeaders);
-
- // Map sections
EFI_IMAGE_SECTION_HEADER* sections = (EFI_IMAGE_SECTION_HEADER*)((UINT8*)&ntHeaders->OptionalHeader + ntHeaders->FileHeader.SizeOfOptionalHeader);
for (UINT32 i = 0; i < ntHeaders->FileHeader.NumberOfSections; ++i)
{
@@ -32,7 +30,6 @@ VOID* MapModule(PVOYAGER_T VoyagerData, UINT8* ImageBase)
}
}
- // set exported pointer to voyager context...
EFI_IMAGE_EXPORT_DIRECTORY* ExportDir = (EFI_IMAGE_EXPORT_DIRECTORY*)(
VoyagerData->ModuleBase + ntHeaders->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress);
@@ -125,7 +122,7 @@ VOID MakeVoyagerData
UINT64 VmExitFunction = VmExitHandlerCallRip + *(INT32*)((UINT64)(VmExitHandlerCall + 1)); // + 1 to skip E8 (call) and read 4 bytes (RVA)
VoyagerData->VmExitHandlerRva = ((UINT64)PayLoadEntry(PayLoadBase)) - (UINT64)VmExitFunction;
}
- else
+ else // else AMD
{
VOID* VmExitHandlerCall =
FindPattern(
@@ -167,7 +164,7 @@ VOID* HookVmExit(VOID* HypervBase, VOID* HypervSize, VOID* VmExitHook)
*(INT32*)((UINT64)(VmExitHandlerCall + 1)) = NewVmExitRVA;
return VmExitFunction;
}
- else
+ else // else AMD
{
VOID* VmExitHandlerCall =
FindPattern(
diff --git a/Voyager/Voyager/Hv.h b/Voyager/Voyager/Hv.h
index 6d42f54..32d24bd 100644
--- a/Voyager/Voyager/Hv.h
+++ b/Voyager/Voyager/Hv.h
@@ -1,6 +1,7 @@
#pragma once
#include "PayLoad.h"
+extern PVOYAGER_T PayLoadDataPtr;
#if WINVER == 2004
#define INTEL_VMEXIT_HANDLER_SIG "\x65\xC6\x04\x25\x6D\x00\x00\x00\x00\x48\x8B\x4C\x24\x00\x48\x8B\x54\x24\x00\xE8\x00\x00\x00\x00\xE9"
#define INTEL_VMEXIT_HANDLER_MASK "xxxxxxxxxxxxx?xxxx?x????x"
diff --git a/Voyager/Voyager/HvLoader.c b/Voyager/Voyager/HvLoader.c
index 5e07874..09eee9e 100644
--- a/Voyager/Voyager/HvLoader.c
+++ b/Voyager/Voyager/HvLoader.c
@@ -1,9 +1,9 @@
#include "HvLoader.h"
-SHITHOOK HvLoadImageHook;
-SHITHOOK HvLoadImageBufferHook;
-SHITHOOK HvLoadAllocImageHook;
-SHITHOOK TransferControlShitHook;
+INLINE_HOOK HvLoadImageHook;
+INLINE_HOOK HvLoadImageBufferHook;
+INLINE_HOOK HvLoadAllocImageHook;
+INLINE_HOOK TransferControlShitHook;
BOOLEAN HvExtendedAllocation = FALSE;
BOOLEAN HvHookedHyperV = FALSE;
@@ -29,7 +29,7 @@ EFI_STATUS EFIAPI HvBlImgLoadPEImageFromSourceBuffer
)
{
// disable hook and call the original...
- DisableShitHook(&HvLoadImageBufferHook);
+ DisableInlineHook(&HvLoadImageBufferHook);
EFI_STATUS Result = ((HV_LDR_LOAD_IMAGE_BUFFER)HvLoadImageBufferHook.Address)
(
a1,
@@ -51,59 +51,40 @@ EFI_STATUS EFIAPI HvBlImgLoadPEImageFromSourceBuffer
// keep hooking until we have extended hyper-v allocation and hooked into hyper-v...
if(!HvExtendedAllocation && !HvHookedHyperV)
- EnableShitHook(&HvLoadImageBufferHook);
+ EnableInlineHook(&HvLoadImageBufferHook);
if (HvExtendedAllocation && !HvHookedHyperV)
{
HvHookedHyperV = TRUE;
- EFI_IMAGE_DOS_HEADER* HypervDosHeader = *ImageBase;
- if (HypervDosHeader->e_magic != EFI_IMAGE_DOS_SIGNATURE)
- return Result;
-
- EFI_IMAGE_NT_HEADERS64* HypervNtHeader = (UINT64)HypervDosHeader + HypervDosHeader->e_lfanew;
- if (HypervNtHeader->Signature != EFI_IMAGE_NT_SIGNATURE)
- return Result;
-
- EFI_IMAGE_SECTION_HEADER* pSection = ((UINT64)&HypervNtHeader->OptionalHeader) +
- HypervNtHeader->FileHeader.SizeOfOptionalHeader;
-
- for (UINT16 idx = 0; idx < HypervNtHeader->FileHeader.NumberOfSections; ++idx, ++pSection)
- {
- if (!AsciiStrCmp(&pSection->Name, ".reloc"))
- {
- VOYAGER_T VoyagerData;
-
- //
- // the payload's base address needs to be page aligned in
- // order for the paging table sections to be page aligned...
- //
- UINT32 PageRemainder = (0x1000 - (((*ImageBase + pSection->VirtualAddress + pSection->Misc.VirtualSize) << 52) >> 52));
- MakeVoyagerData
- (
- &VoyagerData,
- *ImageBase,
- *ImageSize,
- *ImageBase + pSection->VirtualAddress + pSection->Misc.VirtualSize + PageRemainder,
- PayLoadSize()
- );
-
- HookVmExit
- (
- VoyagerData.HypervModuleBase,
- VoyagerData.HypervModuleSize,
- MapModule(&VoyagerData, PayLoad)
- );
-
- // make the .reloc section RWX and increase the sections size...
- pSection->Characteristics = SECTION_RWX;
- pSection->Misc.VirtualSize += PayLoadSize();
- }
- }
+ VOYAGER_T VoyagerData;
+
+ // add a new section to hyper-v called "payload", then fill in voyager data
+ // and hook the vmexit handler...
+ MakeVoyagerData
+ (
+ &VoyagerData,
+ *ImageBase,
+ *ImageSize,
+ AddSection
+ (
+ *ImageBase,
+ "payload",
+ PayLoadSize(),
+ SECTION_RWX
+ ),
+ PayLoadSize()
+ );
+
+ HookVmExit
+ (
+ VoyagerData.HypervModuleBase,
+ VoyagerData.HypervModuleSize,
+ MapModule(&VoyagerData, PayLoad)
+ );
// extend the size of the image in hyper-v's nt headers and LDR data entry...
// this is required, if this is not done, then hyper-v will simply not be loaded...
- HypervNtHeader->OptionalHeader.SizeOfImage += PayLoadSize();
- *ImageSize += PayLoadSize();
+ *ImageSize += NT_HEADER(*ImageBase)->OptionalHeader.SizeOfImage;
}
return Result;
}
@@ -126,7 +107,7 @@ EFI_STATUS EFIAPI HvBlImgLoadPEImageEx
)
{
// disable shithook and call the original...
- DisableShitHook(&HvLoadImageHook);
+ DisableInlineHook(&HvLoadImageHook);
EFI_STATUS Result = ((HV_LDR_LOAD_IMAGE)HvLoadImageHook.Address)
(
DeviceId,
@@ -146,59 +127,40 @@ EFI_STATUS EFIAPI HvBlImgLoadPEImageEx
// keep hooking until we have extended hyper-v allocation and hooked into hyper-v...
if(!HvExtendedAllocation && !HvHookedHyperV)
- EnableShitHook(&HvLoadImageHook);
+ EnableInlineHook(&HvLoadImageHook);
if (HvExtendedAllocation && !HvHookedHyperV)
{
HvHookedHyperV = TRUE;
- EFI_IMAGE_DOS_HEADER* HypervDosHeader = *ImageBase;
- if (HypervDosHeader->e_magic != EFI_IMAGE_DOS_SIGNATURE)
- return Result;
-
- EFI_IMAGE_NT_HEADERS64* HypervNtHeader = (UINT64)HypervDosHeader + HypervDosHeader->e_lfanew;
- if (HypervNtHeader->Signature != EFI_IMAGE_NT_SIGNATURE)
- return Result;
-
- EFI_IMAGE_SECTION_HEADER* pSection = ((UINT64)&HypervNtHeader->OptionalHeader) +
- HypervNtHeader->FileHeader.SizeOfOptionalHeader;
-
- for (UINT16 idx = 0; idx < HypervNtHeader->FileHeader.NumberOfSections; ++idx, ++pSection)
- {
- if (!AsciiStrCmp(&pSection->Name, ".reloc"))
- {
- VOYAGER_T VoyagerData;
-
- //
- // the payload's base address needs to be page aligned in
- // order for the paging table sections to be page aligned...
- //
- UINT32 PageRemainder = (0x1000 - (((*ImageBase + pSection->VirtualAddress + pSection->Misc.VirtualSize) << 52) >> 52));
- MakeVoyagerData
- (
- &VoyagerData,
- *ImageBase,
- *ImageSize,
- *ImageBase + pSection->VirtualAddress + pSection->Misc.VirtualSize + PageRemainder,
- PayLoadSize()
- );
-
- HookVmExit
- (
- VoyagerData.HypervModuleBase,
- VoyagerData.HypervModuleSize,
- MapModule(&VoyagerData, PayLoad)
- );
-
- // make the .reloc section RWX and increase the sections size...
- pSection->Characteristics = SECTION_RWX;
- pSection->Misc.VirtualSize += PayLoadSize();
- }
- }
+ VOYAGER_T VoyagerData;
+
+ // add a new section to hyper-v called "payload", then fill in voyager data
+ // and hook the vmexit handler...
+ MakeVoyagerData
+ (
+ &VoyagerData,
+ *ImageBase,
+ *ImageSize,
+ AddSection
+ (
+ *ImageBase,
+ "payload",
+ PayLoadSize(),
+ SECTION_RWX
+ ),
+ PayLoadSize()
+ );
+
+ HookVmExit
+ (
+ VoyagerData.HypervModuleBase,
+ VoyagerData.HypervModuleSize,
+ MapModule(&VoyagerData, PayLoad)
+ );
// extend the size of the image in hyper-v's nt headers and LDR data entry...
// this is required, if this is not done, then hyper-v will simply not be loaded...
- HypervNtHeader->OptionalHeader.SizeOfImage += PayLoadSize();
- *ImageSize += PayLoadSize();
+ *ImageSize = NT_HEADER(*ImageBase)->OptionalHeader.SizeOfImage;
}
return Result;
}
@@ -223,7 +185,7 @@ UINT64 EFIAPI HvBlImgAllocateImageBuffer
}
// disable shithook and call the original function....
- DisableShitHook(&HvLoadAllocImageHook);
+ DisableInlineHook(&HvLoadAllocImageHook);
UINT64 Result = ((ALLOCATE_IMAGE_BUFFER)HvLoadAllocImageHook.Address)
(
imageBuffer,
@@ -236,30 +198,7 @@ UINT64 EFIAPI HvBlImgAllocateImageBuffer
// continue shithooking this function until we have extended the allocation of hyper-v...
if(!HvExtendedAllocation)
- EnableShitHook(&HvLoadAllocImageHook);
+ EnableInlineHook(&HvLoadAllocImageHook);
return Result;
-}
-
-VOID TransferToHyperV(UINT64 Pml4PhysicalAddress, VOID* Unknown, VOID* AssemblyStub, VOID* Unknown2)
-{
- PML4E_T SelfRefEntry;
- PPML4E_T Pml4 = NULL;
- MmMapPhysicalMemory(&Pml4, Pml4PhysicalAddress, 0x1000, NULL, NULL);
-
- // setup self referencing paging table entry...
- Pml4[255].Value = NULL;
- Pml4[255].Present = TRUE;
- Pml4[255].Pfn = Pml4PhysicalAddress >> 12;
- Pml4[255].UserSuperVisor = FALSE;
- Pml4[255].ReadWrite = TRUE;
-
- DisableShitHook(&TransferControlShitHook);
- ((VOID(__fastcall*)(VOID*, VOID*, VOID*, VOID*))TransferControlShitHook.Address)
- (
- Pml4PhysicalAddress,
- Unknown,
- AssemblyStub,
- Unknown2
- );
}
\ No newline at end of file
diff --git a/Voyager/Voyager/HvLoader.h b/Voyager/Voyager/HvLoader.h
index 375d893..5e12c27 100644
--- a/Voyager/Voyager/HvLoader.h
+++ b/Voyager/Voyager/HvLoader.h
@@ -1,13 +1,13 @@
#pragma once
#include "PayLoad.h"
#include "Hv.h"
-#include "ShitHook.h"
+#include "InlineHook.h"
#include "PagingTables.h"
-extern SHITHOOK HvLoadImageHook;
-extern SHITHOOK HvLoadAllocImageHook;
-extern SHITHOOK HvLoadImageBufferHook;
-extern SHITHOOK TransferControlShitHook;
+extern INLINE_HOOK HvLoadImageHook;
+extern INLINE_HOOK HvLoadAllocImageHook;
+extern INLINE_HOOK HvLoadImageBufferHook;
+extern INLINE_HOOK TransferControlShitHook;
#define HV_ALLOCATE_IMAGE_BUFFER_SIG "\xE8\x00\x00\x00\x00\x8B\xF8\x85\xC0\x79\x0A"
#define HV_ALLOCATE_IMAGE_BUFFER_MASK "x????xxxxxx"
@@ -21,14 +21,6 @@ static_assert(sizeof(HV_LOAD_PE_IMG_FROM_BUFFER_SIG) == sizeof(HV_LOAD_PE_IMG_FR
#define HV_LOAD_PE_IMG_MASK "xxxx?x????xxxxxxx????xxx"
static_assert(sizeof(HV_LOAD_PE_IMG_SIG) == sizeof(HV_LOAD_PE_IMG_MASK), "signature and mask do not match size...");
-// 1703-1511
-//
-// winload.HvlpTransferToHypervisor is used to transfer control to hyper-v...
-// on 2004-1709, this function is going to be inside of hvloader.dll...
-#define TRANS_TO_HV_SIG "\x48\x8B\x51\x10\x48\x8B\x49\x18\xE8"
-#define TRANS_TO_HV_MASK "xxxxxxxxx"
-static_assert(sizeof(TRANS_TO_HV_SIG) == sizeof(TRANS_TO_HV_MASK), "signature and mask do not match size...");
-
typedef EFI_STATUS(EFIAPI* ALLOCATE_IMAGE_BUFFER)(VOID** imageBuffer, UINTN imageSize, UINT32 memoryType,
UINT32 attributes, VOID* unused, UINT32 Value);
@@ -131,18 +123,4 @@ EFI_STATUS EFIAPI HvBlImgLoadPEImageFromSourceBuffer
VOID* a13,
VOID* a14,
VOID* a15
-);
-
-///
-/// called when the hypervisor is started...
-///
-/// the physical address of hyper-v's pml4...
-///
-/// assembly stub to set CR3...
-VOID TransferToHyperV
-(
- UINT64 Pml4PhysicalAddress,
- VOID* Unknown,
- VOID* AssemblyStub,
- VOID* Unknown2
);
\ No newline at end of file
diff --git a/Voyager/Voyager/ShitHook.c b/Voyager/Voyager/InlineHook.c
similarity index 70%
rename from Voyager/Voyager/ShitHook.c
rename to Voyager/Voyager/InlineHook.c
index 6d1ff4c..a36a1d2 100644
--- a/Voyager/Voyager/ShitHook.c
+++ b/Voyager/Voyager/InlineHook.c
@@ -1,6 +1,6 @@
-#include "ShitHook.h"
+#include "InlineHook.h"
-VOID MakeShitHook(PSHITHOOK Hook, VOID* HookFrom, VOID* HookTo, BOOLEAN Install)
+VOID MakeInlineHook(PINLINE_HOOK_T Hook, VOID* HookFrom, VOID* HookTo, BOOLEAN Install)
{
unsigned char JmpCode[14] =
{
@@ -19,15 +19,15 @@ VOID MakeShitHook(PSHITHOOK Hook, VOID* HookFrom, VOID* HookTo, BOOLEAN Install)
// setup hook...
MemCopy(JmpCode + 6, &HookTo, sizeof HookTo);
MemCopy(Hook->JmpCode, JmpCode, sizeof JmpCode);
- if (Install) EnableShitHook(Hook);
+ if (Install) EnableInlineHook(Hook);
}
-VOID EnableShitHook(PSHITHOOK Hook)
+VOID EnableInlineHook(PINLINE_HOOK_T Hook)
{
MemCopy(Hook->Address, Hook->JmpCode, sizeof Hook->JmpCode);
}
-VOID DisableShitHook(PSHITHOOK Hook)
+VOID DisableInlineHook(PINLINE_HOOK_T Hook)
{
MemCopy(Hook->Address, Hook->Code, sizeof Hook->Code);
}
\ No newline at end of file
diff --git a/Voyager/Voyager/InlineHook.h b/Voyager/Voyager/InlineHook.h
new file mode 100644
index 0000000..598580f
--- /dev/null
+++ b/Voyager/Voyager/InlineHook.h
@@ -0,0 +1,15 @@
+#pragma once
+#include "Utils.h"
+
+typedef struct _INLINE_HOOK
+{
+ unsigned char Code[14];
+ unsigned char JmpCode[14];
+
+ void* Address;
+ void* HookAddress;
+} INLINE_HOOK, *PINLINE_HOOK_T;
+
+VOID MakeInlineHook(PINLINE_HOOK_T Hook, VOID* HookFrom, VOID* HookTo, BOOLEAN Install);
+VOID EnableInlineHook(PINLINE_HOOK_T Hook);
+VOID DisableInlineHook(PINLINE_HOOK_T Hook);
\ No newline at end of file
diff --git a/Voyager/Voyager/PagingTables.h b/Voyager/Voyager/PagingTables.h
index c6d2e8a..0859713 100644
--- a/Voyager/Voyager/PagingTables.h
+++ b/Voyager/Voyager/PagingTables.h
@@ -52,15 +52,15 @@ typedef union _PML4E_T
UINT64 Present : 1; // Must be 1, region invalid if 0.
UINT64 ReadWrite : 1; // If 0, writes not allowed.
UINT64 UserSuperVisor : 1; // If 0, user-mode accesses not allowed.
- UINT64 PageWriteThrough : 1; // Determines the memory type used to access PDPT.
+ UINT64 page_write_through : 1; // Determines the memory type used to access PDPT.
UINT64 page_cache : 1; // Determines the memory type used to access PDPT.
UINT64 accessed : 1; // If 0, this entry has not been used for translation.
- UINT64 Ignored1 : 1;
+ UINT64 ignore_1 : 1;
UINT64 LargePage : 1; // Must be 0 for PML4E.
- UINT64 Ignored2 : 4;
+ UINT64 ignore_2 : 4;
UINT64 Pfn : 36; // The page frame number of the PDPT of this PML4E.
- UINT64 Reserved : 4;
- UINT64 Ignored3 : 11;
+ UINT64 reserved : 4;
+ UINT64 ignore_3 : 11;
UINT64 nx : 1; // If 1, instruction fetches not allowed.
};
} PML4E_T, * PPML4E_T;
@@ -73,15 +73,15 @@ typedef union _PDPTE
UINT64 Present : 1; // Must be 1, region invalid if 0.
UINT64 ReadWrite : 1; // If 0, writes not allowed.
UINT64 UserSuperVisor : 1; // If 0, user-mode accesses not allowed.
- UINT64 PageWriteThrough : 1; // Determines the memory type used to access PD.
+ UINT64 page_write_through : 1; // Determines the memory type used to access PD.
UINT64 page_cache : 1; // Determines the memory type used to access PD.
UINT64 accessed : 1; // If 0, this entry has not been used for translation.
- UINT64 Ignored1 : 1;
+ UINT64 ignore_1 : 1;
UINT64 LargePage : 1; // If 1, this entry maps a 1GB page.
- UINT64 Ignored2 : 4;
+ UINT64 ignore_2 : 4;
UINT64 Pfn : 36; // The page frame number of the PD of this PDPTE.
- UINT64 Reserved : 4;
- UINT64 Ignored3 : 11;
+ UINT64 reserved : 4;
+ UINT64 ignore_3 : 11;
UINT64 nx : 1; // If 1, instruction fetches not allowed.
};
} PDPTE_T, * PPDPTE_T;
@@ -94,15 +94,15 @@ typedef union _PDE
UINT64 Present : 1; // Must be 1, region invalid if 0.
UINT64 ReadWrite : 1; // If 0, writes not allowed.
UINT64 UserSuperVisor : 1; // If 0, user-mode accesses not allowed.
- UINT64 PageWriteThrough : 1; // Determines the memory type used to access PT.
+ UINT64 page_write_through : 1; // Determines the memory type used to access PT.
UINT64 page_cache : 1; // Determines the memory type used to access PT.
UINT64 accessed : 1; // If 0, this entry has not been used for translation.
- UINT64 Ignored1 : 1;
+ UINT64 ignore_1 : 1;
UINT64 LargePage : 1; // If 1, this entry maps a 2MB page.
- UINT64 Ignored2 : 4;
+ UINT64 ignore_2 : 4;
UINT64 Pfn : 36; // The page frame number of the PT of this PDE.
- UINT64 Reserved : 4;
- UINT64 Ignored3 : 11;
+ UINT64 reserved : 4;
+ UINT64 ignore_3 : 11;
UINT64 nx : 1; // If 1, instruction fetches not allowed.
};
} PDE_T, * PPDE_T;
@@ -115,17 +115,17 @@ typedef union _PTE
UINT64 Present : 1; // Must be 1, region invalid if 0.
UINT64 ReadWrite : 1; // If 0, writes not allowed.
UINT64 UserSuperVisor : 1; // If 0, user-mode accesses not allowed.
- UINT64 PageWriteThrough : 1; // Determines the memory type used to access the memory.
+ UINT64 page_write_through : 1; // Determines the memory type used to access the memory.
UINT64 page_cache : 1; // Determines the memory type used to access the memory.
UINT64 accessed : 1; // If 0, this entry has not been used for translation.
- UINT64 Dirty : 1; // If 0, the memory backing this page has not been written to.
- UINT64 PageAccessType : 1; // Determines the memory type used to access the memory.
- UINT64 Global : 1; // If 1 and the PGE bit of CR4 is set, translations are global.
- UINT64 Ignored2 : 3;
+ UINT64 dirty : 1; // If 0, the memory backing this page has not been written to.
+ UINT64 access_type : 1; // Determines the memory type used to access the memory.
+ UINT64 global : 1; // If 1 and the PGE bit of CR4 is set, translations are global.
+ UINT64 ignore_2 : 3;
UINT64 Pfn : 36; // The page frame number of the backing physical page.
UINT64 reserved : 4;
- UINT64 Ignored3 : 7;
- UINT64 ProtectionKey : 4; // If the PKE bit of CR4 is set, determines the protection key.
+ UINT64 ignore_3 : 7;
+ UINT64 pk : 4; // If the PKE bit of CR4 is set, determines the protection key.
UINT64 nx : 1; // If 1, instruction fetches not allowed.
};
} PTE_T, *PPTE_T;
diff --git a/Voyager/Voyager/PayLoad.c b/Voyager/Voyager/PayLoad.c
index f6aef22..8a9be5c 100644
--- a/Voyager/Voyager/PayLoad.c
+++ b/Voyager/Voyager/PayLoad.c
@@ -4,14 +4,6 @@
// to read the payload from disk and delete it after...
VOID* PayLoad = NULL;
-PPTE_T PayLoadPt = NULL;
-PPDE_T PayLoadPd = NULL;
-PPDPTE_T PayLoadPdPt = NULL;
-
-UINT64 PayLoadPtPhysAddr = NULL;
-UINT64 PayLoadPdPhysAddr = NULL;
-UINT64 PayLoadPdPtPhysAddr = NULL;
-
UINT32 PayLoadSize(VOID)
{
EFI_IMAGE_DOS_HEADER* RecordDosImageHeader = PayLoad;
@@ -38,6 +30,48 @@ VOID* PayLoadEntry(VOID* ModuleBase)
return (UINT64)ModuleBase + RecordNtHeaders->OptionalHeader.AddressOfEntryPoint;
}
+// programmed by: hMihaiDavid
+// taken from: https://github.com/hMihaiDavid/addscn/blob/master/addscn/addscn.cpp#L89
+VOID* AddSection(VOID* ImageBase, CHAR8* SectionName, UINT32 VirtualSize, UINT32 Characteristics)
+{
+ EFI_IMAGE_DOS_HEADER* dosHeader = (EFI_IMAGE_DOS_HEADER*)ImageBase;
+ EFI_IMAGE_NT_HEADERS64* ntHeaders = (EFI_IMAGE_NT_HEADERS64*)((UINT64)ImageBase + dosHeader->e_lfanew);
+
+ UINT16 sizeOfOptionalHeader = ntHeaders->FileHeader.SizeOfOptionalHeader;
+ EFI_IMAGE_FILE_HEADER* fileHeader = &(ntHeaders->FileHeader);
+
+ EFI_IMAGE_SECTION_HEADER* firstSectionHeader =
+ (EFI_IMAGE_SECTION_HEADER*)(((UINT64)fileHeader) +
+ sizeof(EFI_IMAGE_FILE_HEADER) + sizeOfOptionalHeader);
+
+ UINT32 numberOfSections = ntHeaders->FileHeader.NumberOfSections;
+ UINT32 sectionAlignment = ntHeaders->OptionalHeader.SectionAlignment;
+ UINT32 fileAlignment = ntHeaders->OptionalHeader.FileAlignment;
+
+ EFI_IMAGE_SECTION_HEADER* newSectionHeader = &firstSectionHeader[numberOfSections];
+ EFI_IMAGE_SECTION_HEADER* lastSectionHeader = &firstSectionHeader[numberOfSections - 1];
+
+ MemCopy(&newSectionHeader->Name, SectionName, AsciiStrLen(SectionName));
+ newSectionHeader->Misc.VirtualSize = VirtualSize;
+ newSectionHeader->VirtualAddress =
+ P2ALIGNUP(lastSectionHeader->VirtualAddress +
+ lastSectionHeader->Misc.VirtualSize, sectionAlignment);
+
+ newSectionHeader->SizeOfRawData = P2ALIGNUP(VirtualSize, fileAlignment);
+ newSectionHeader->Characteristics = Characteristics;
+
+ newSectionHeader->PointerToRawData =
+ (UINT32)(lastSectionHeader->PointerToRawData +
+ lastSectionHeader->SizeOfRawData);
+
+ ++ntHeaders->FileHeader.NumberOfSections;
+ ntHeaders->OptionalHeader.SizeOfImage =
+ P2ALIGNUP(newSectionHeader->VirtualAddress +
+ newSectionHeader->Misc.VirtualSize, sectionAlignment);
+
+ return ((UINT64)ImageBase) + newSectionHeader->VirtualAddress;
+}
+
EFI_STATUS LoadPayLoadFromDisk(VOID** PayLoadBufferPtr)
{
EFI_STATUS Result = EFI_SUCCESS;
diff --git a/Voyager/Voyager/PayLoad.h b/Voyager/Voyager/PayLoad.h
index 2e791a0..bf73b5a 100644
--- a/Voyager/Voyager/PayLoad.h
+++ b/Voyager/Voyager/PayLoad.h
@@ -3,14 +3,22 @@
#include "PagingTables.h"
#include
-extern VOID* PayLoad;
-extern PPTE_T PayLoadPt;
-extern PPDE_T PayLoadPd;
-extern PPDPTE_T PayLoadPdPt;
-extern UINT64 PayLoadPtPhysAddr;
-extern UINT64 PayLoadPdPhysAddr;
-extern UINT64 PayLoadPdPtPhysAddr;
+#define NT_HEADER(x) ((EFI_IMAGE_NT_HEADERS64*)(((UINT64)(x)) + ((EFI_IMAGE_DOS_HEADER*)(x))->e_lfanew))
+
+#define SECTION_RWX ((EFI_IMAGE_SCN_MEM_WRITE | \
+ EFI_IMAGE_SCN_CNT_CODE | \
+ EFI_IMAGE_SCN_CNT_UNINITIALIZED_DATA | \
+ EFI_IMAGE_SCN_MEM_EXECUTE | \
+ EFI_IMAGE_SCN_CNT_INITIALIZED_DATA | \
+ EFI_IMAGE_SCN_MEM_READ))
+// Source: https://blogs.oracle.com/jwadams/macros-and-powers-of-two
+// align x down to the nearest multiple of align. align must be a power of 2.
+#define P2ALIGNDOWN(x, align) ((x) & -(align))
+// align x up to the nearest multiple of align. align must be a power of 2.
+#define P2ALIGNUP(x, align) (-(-(x) & -(align)))
+
+extern VOID* PayLoad;
#pragma pack(push, 1)
typedef struct _VOYAGER_T
{
@@ -26,5 +34,6 @@ typedef struct _VOYAGER_T
#define PAYLOAD_PATH L"\\efi\\microsoft\\boot\\payload.dll"
UINT32 PayLoadSize(VOID);
+VOID* PayLoadEntry(VOID* ModuleBase);
EFI_STATUS LoadPayLoadFromDisk(VOID** PayLoadBufferPtr);
-VOID* PayLoadEntry(VOID* ModuleBase);
\ No newline at end of file
+VOID* AddSection(VOID* ImageBase, CHAR8* SectionName, UINT32 VirtualSize, UINT32 Characteristics);
\ No newline at end of file
diff --git a/Voyager/Voyager/ShitHook.h b/Voyager/Voyager/ShitHook.h
deleted file mode 100644
index 2ae77e2..0000000
--- a/Voyager/Voyager/ShitHook.h
+++ /dev/null
@@ -1,15 +0,0 @@
-#pragma once
-#include "Utils.h"
-
-typedef struct _SHITHOOK
-{
- unsigned char Code[14];
- unsigned char JmpCode[14];
-
- void* Address;
- void* HookAddress;
-} SHITHOOK, *PSHITHOOK;
-
-VOID MakeShitHook(PSHITHOOK Hook, VOID* HookFrom, VOID* HookTo, BOOLEAN Install);
-VOID EnableShitHook(PSHITHOOK Hook);
-VOID DisableShitHook(PSHITHOOK Hook);
\ No newline at end of file
diff --git a/Voyager/Voyager/Utils.h b/Voyager/Voyager/Utils.h
index 969cee6..c965081 100644
--- a/Voyager/Voyager/Utils.h
+++ b/Voyager/Voyager/Utils.h
@@ -17,6 +17,7 @@
#define SEC_TO_MS(seconds) seconds * 1000000
#define SECTION_RWX (EFI_IMAGE_SCN_MEM_READ | EFI_IMAGE_SCN_MEM_WRITE | EFI_IMAGE_SCN_MEM_EXECUTE)
+void __outdword(unsigned short, unsigned long);
VOID __outbytestring(UINT16 Port, UINT8* Buffer, UINT32 Count);
void __outbyte(unsigned short Port, unsigned char Data);
#pragma intrinsic(__outbytestring)
diff --git a/Voyager/Voyager/Voyager.vcxproj b/Voyager/Voyager/Voyager.vcxproj
index 0b8e642..93f2ba6 100644
--- a/Voyager/Voyager/Voyager.vcxproj
+++ b/Voyager/Voyager/Voyager.vcxproj
@@ -271,6 +271,9 @@
UefiHiiLib.lib;UefiHiiServicesLib.lib;UefiSortLib.lib;UefiShellLib.lib;GlueLib.lib;BaseLib.lib;BaseDebugPrintErrorLevelLib.lib;BasePrintLib.lib;UefiLib.lib;UefiBootServicesTableLib.lib;UefiRuntimeServicesTableLib.lib;UefiDevicePathLibDevicePathProtocol.lib;UefiDebugLibConOut.lib;UefiMemoryLib.lib;UefiMemoryAllocationLib.lib;BaseSynchronizationLib.lib;UefiFileHandleLib.lib;UefiApplicationEntryPoint.libtrueEfiMain
+ true
+ Voyager.map
+ truetrue
@@ -300,6 +303,9 @@
UefiHiiLib.lib;UefiHiiServicesLib.lib;UefiSortLib.lib;UefiShellLib.lib;GlueLib.lib;BaseLib.lib;BaseDebugPrintErrorLevelLib.lib;BasePrintLib.lib;UefiLib.lib;UefiBootServicesTableLib.lib;UefiRuntimeServicesTableLib.lib;UefiDevicePathLibDevicePathProtocol.lib;UefiDebugLibConOut.lib;UefiMemoryLib.lib;UefiMemoryAllocationLib.lib;BaseSynchronizationLib.lib;UefiFileHandleLib.lib;UefiApplicationEntryPoint.libtrueEfiMain
+ true
+ Voyager.map
+ truetrue
@@ -329,6 +335,9 @@
UefiHiiLib.lib;UefiHiiServicesLib.lib;UefiSortLib.lib;UefiShellLib.lib;GlueLib.lib;BaseLib.lib;BaseDebugPrintErrorLevelLib.lib;BasePrintLib.lib;UefiLib.lib;UefiBootServicesTableLib.lib;UefiRuntimeServicesTableLib.lib;UefiDevicePathLibDevicePathProtocol.lib;UefiDebugLibConOut.lib;UefiMemoryLib.lib;UefiMemoryAllocationLib.lib;BaseSynchronizationLib.lib;UefiFileHandleLib.lib;UefiApplicationEntryPoint.libtrueEfiMain
+ true
+ Voyager.map
+ truetrue
@@ -358,6 +367,9 @@
UefiHiiLib.lib;UefiHiiServicesLib.lib;UefiSortLib.lib;UefiShellLib.lib;GlueLib.lib;BaseLib.lib;BaseDebugPrintErrorLevelLib.lib;BasePrintLib.lib;UefiLib.lib;UefiBootServicesTableLib.lib;UefiRuntimeServicesTableLib.lib;UefiDevicePathLibDevicePathProtocol.lib;UefiDebugLibConOut.lib;UefiMemoryLib.lib;UefiMemoryAllocationLib.lib;BaseSynchronizationLib.lib;UefiFileHandleLib.lib;UefiApplicationEntryPoint.libtrueEfiMain
+ true
+ Voyager.map
+ truetrue
@@ -387,6 +399,9 @@
UefiHiiLib.lib;UefiHiiServicesLib.lib;UefiSortLib.lib;UefiShellLib.lib;GlueLib.lib;BaseLib.lib;BaseDebugPrintErrorLevelLib.lib;BasePrintLib.lib;UefiLib.lib;UefiBootServicesTableLib.lib;UefiRuntimeServicesTableLib.lib;UefiDevicePathLibDevicePathProtocol.lib;UefiDebugLibConOut.lib;UefiMemoryLib.lib;UefiMemoryAllocationLib.lib;BaseSynchronizationLib.lib;UefiFileHandleLib.lib;UefiApplicationEntryPoint.libtrueEfiMain
+ true
+ Voyager.map
+ truetrue
@@ -416,6 +431,9 @@
UefiHiiLib.lib;UefiHiiServicesLib.lib;UefiSortLib.lib;UefiShellLib.lib;GlueLib.lib;BaseLib.lib;BaseDebugPrintErrorLevelLib.lib;BasePrintLib.lib;UefiLib.lib;UefiBootServicesTableLib.lib;UefiRuntimeServicesTableLib.lib;UefiDevicePathLibDevicePathProtocol.lib;UefiDebugLibConOut.lib;UefiMemoryLib.lib;UefiMemoryAllocationLib.lib;BaseSynchronizationLib.lib;UefiFileHandleLib.lib;UefiApplicationEntryPoint.libtrueEfiMain
+ true
+ Voyager.map
+ truetrue
@@ -445,6 +463,9 @@
UefiHiiLib.lib;UefiHiiServicesLib.lib;UefiSortLib.lib;UefiShellLib.lib;GlueLib.lib;BaseLib.lib;BaseDebugPrintErrorLevelLib.lib;BasePrintLib.lib;UefiLib.lib;UefiBootServicesTableLib.lib;UefiRuntimeServicesTableLib.lib;UefiDevicePathLibDevicePathProtocol.lib;UefiDebugLibConOut.lib;UefiMemoryLib.lib;UefiMemoryAllocationLib.lib;BaseSynchronizationLib.lib;UefiFileHandleLib.lib;UefiApplicationEntryPoint.libtrueEfiMain
+ true
+ Voyager.map
+ truetrue
@@ -474,6 +495,9 @@
UefiHiiLib.lib;UefiHiiServicesLib.lib;UefiSortLib.lib;UefiShellLib.lib;GlueLib.lib;BaseLib.lib;BaseDebugPrintErrorLevelLib.lib;BasePrintLib.lib;UefiLib.lib;UefiBootServicesTableLib.lib;UefiRuntimeServicesTableLib.lib;UefiDevicePathLibDevicePathProtocol.lib;UefiDebugLibConOut.lib;UefiMemoryLib.lib;UefiMemoryAllocationLib.lib;BaseSynchronizationLib.lib;UefiFileHandleLib.lib;UefiApplicationEntryPoint.libtrueEfiMain
+ true
+ Voyager.map
+ truetrue
@@ -503,6 +527,9 @@
UefiHiiLib.lib;UefiHiiServicesLib.lib;UefiSortLib.lib;UefiShellLib.lib;GlueLib.lib;BaseLib.lib;BaseDebugPrintErrorLevelLib.lib;BasePrintLib.lib;UefiLib.lib;UefiBootServicesTableLib.lib;UefiRuntimeServicesTableLib.lib;UefiDevicePathLibDevicePathProtocol.lib;UefiDebugLibConOut.lib;UefiMemoryLib.lib;UefiMemoryAllocationLib.lib;BaseSynchronizationLib.lib;UefiFileHandleLib.lib;UefiApplicationEntryPoint.libtrueEfiMain
+ true
+ Voyager.map
+ truetrue
@@ -532,6 +559,10 @@
UefiHiiLib.lib;UefiHiiServicesLib.lib;UefiSortLib.lib;UefiShellLib.lib;GlueLib.lib;BaseLib.lib;BaseDebugPrintErrorLevelLib.lib;BasePrintLib.lib;UefiLib.lib;UefiBootServicesTableLib.lib;UefiRuntimeServicesTableLib.lib;UefiDevicePathLibDevicePathProtocol.lib;UefiDebugLibConOut.lib;UefiMemoryLib.lib;UefiMemoryAllocationLib.lib;BaseSynchronizationLib.lib;UefiFileHandleLib.lib;UefiApplicationEntryPoint.libtrueEfiMain
+ true
+
+
+ truetrue
@@ -541,7 +572,7 @@
-
+
@@ -553,7 +584,7 @@
-
+
diff --git a/Voyager/Voyager/Voyager.vcxproj.filters b/Voyager/Voyager/Voyager.vcxproj.filters
index dcaf7bc..929c672 100644
--- a/Voyager/Voyager/Voyager.vcxproj.filters
+++ b/Voyager/Voyager/Voyager.vcxproj.filters
@@ -20,9 +20,6 @@
Source Files
-
- Source Files
- Source Files
@@ -38,6 +35,9 @@
Source Files
+
+ Source Files
+
@@ -46,9 +46,6 @@
Header Files
-
- Header Files
- Header Files
@@ -67,5 +64,8 @@
Header Files
+
+ Header Files
+
\ No newline at end of file
diff --git a/Voyager/Voyager/WinLoad.c b/Voyager/Voyager/WinLoad.c
index 4125d5c..1c32256 100644
--- a/Voyager/Voyager/WinLoad.c
+++ b/Voyager/Voyager/WinLoad.c
@@ -1,7 +1,7 @@
#include "WinLoad.h"
-SHITHOOK WinLoadImageShitHook;
-SHITHOOK WinLoadAllocateImageHook;
+INLINE_HOOK WinLoadImageShitHook;
+INLINE_HOOK WinLoadAllocateImageHook;
BOOLEAN HyperVloading = FALSE;
BOOLEAN InstalledHvLoaderHook = FALSE;
@@ -34,7 +34,7 @@ EFI_STATUS EFIAPI BlLdrLoadImage
HyperVloading = TRUE;
// disable shithook and call the original function...
- DisableShitHook(&WinLoadImageShitHook);
+ DisableInlineHook(&WinLoadImageShitHook);
EFI_STATUS Result = ((LDR_LOAD_IMAGE)WinLoadImageShitHook.Address)
(
Arg1,
@@ -57,80 +57,41 @@ EFI_STATUS EFIAPI BlLdrLoadImage
// continue hooking until we inject/hook into hyper-v...
if (!HookedHyperV)
- EnableShitHook(&WinLoadImageShitHook);
-
- if (StrStr(ModulePath, L"hvloader.dll"))
- {
- PLDR_DATA_TABLE_ENTRY TableEntry = *lplpTableEntry;
- VOID* HvlpTransferToHypervisor =
- FindPattern(
- TableEntry->ModuleBase,
- TableEntry->SizeOfImage,
- TRANS_TO_HV_SIG,
- TRANS_TO_HV_MASK
- );
-
- MakeShitHook
- (
- &TransferControlShitHook,
- RESOLVE_RVA(HvlpTransferToHypervisor, 13, 9),
- &TransferToHyperV,
- TRUE
- );
- }
+ EnableInlineHook(&WinLoadImageShitHook);
if (!StrCmp(ModuleName, L"hv.exe"))
{
HookedHyperV = TRUE;
+ VOYAGER_T VoyagerData;
PLDR_DATA_TABLE_ENTRY TableEntry = *lplpTableEntry;
- EFI_IMAGE_DOS_HEADER* HypervDosHeader = TableEntry->ModuleBase;
- if (HypervDosHeader->e_magic != EFI_IMAGE_DOS_SIGNATURE)
- return Result;
-
- EFI_IMAGE_NT_HEADERS64* HypervNtHeader = (UINT64)HypervDosHeader + HypervDosHeader->e_lfanew;
- if (HypervNtHeader->Signature != EFI_IMAGE_NT_SIGNATURE)
- return Result;
-
- EFI_IMAGE_SECTION_HEADER* pSection = ((UINT64)&HypervNtHeader->OptionalHeader) +
- HypervNtHeader->FileHeader.SizeOfOptionalHeader;
-
- for (UINT16 idx = 0; idx < HypervNtHeader->FileHeader.NumberOfSections; ++idx, ++pSection)
- {
- if (!AsciiStrCmp(&pSection->Name, ".reloc"))
- {
- VOYAGER_T VoyagerData;
- //
- // the payload's base address needs to be page aligned in
- // order for the paging table sections to be page aligned...
- //
- UINT32 PageRemainder = (0x1000 - (((TableEntry->ModuleBase + pSection->VirtualAddress + pSection->Misc.VirtualSize) << 52) >> 52));
- MakeVoyagerData
- (
- &VoyagerData,
- TableEntry->ModuleBase,
- TableEntry->SizeOfImage,
- TableEntry->ModuleBase + pSection->VirtualAddress + pSection->Misc.VirtualSize + PageRemainder,
- PayLoadSize()
- );
-
- HookVmExit
- (
- VoyagerData.HypervModuleBase,
- VoyagerData.HypervModuleSize,
- MapModule(&VoyagerData, PayLoad)
- );
+ // add a new section to hyper-v called "payload", then fill in voyager data
+ // and hook the vmexit handler...
+ MakeVoyagerData
+ (
+ &VoyagerData,
+ TableEntry->ModuleBase,
+ TableEntry->SizeOfImage,
+ AddSection
+ (
+ TableEntry->ModuleBase,
+ "payload",
+ PayLoadSize(),
+ SECTION_RWX
+ ),
+ PayLoadSize()
+ );
- // make the .reloc section RWX and increase the sections size...
- pSection->Characteristics = SECTION_RWX;
- pSection->Misc.VirtualSize += PayLoadSize();
- }
- }
+ HookVmExit
+ (
+ VoyagerData.HypervModuleBase,
+ VoyagerData.HypervModuleSize,
+ MapModule(&VoyagerData, PayLoad)
+ );
// extend the size of the image in hyper-v's nt headers and LDR data entry...
// this is required, if this is not done, then hyper-v will simply not be loaded...
- HypervNtHeader->OptionalHeader.SizeOfImage += PayLoadSize();
- TableEntry->SizeOfImage += PayLoadSize();
+ TableEntry->SizeOfImage = NT_HEADER(TableEntry->ModuleBase)->OptionalHeader.SizeOfImage;
}
return Result;
}
@@ -154,7 +115,7 @@ EFI_STATUS EFIAPI BlImgLoadPEImageEx
)
{
// disable shithook and call the original function...
- DisableShitHook(&WinLoadImageShitHook);
+ DisableInlineHook(&WinLoadImageShitHook);
EFI_STATUS Result = ((LDR_LOAD_IMAGE)WinLoadImageShitHook.Address)
(
a1,
@@ -175,7 +136,7 @@ EFI_STATUS EFIAPI BlImgLoadPEImageEx
// continue hooking BlImgLoadPEImageEx until we have shithooked hvloader...
if (!InstalledHvLoaderHook)
- EnableShitHook(&WinLoadImageShitHook);
+ EnableInlineHook(&WinLoadImageShitHook);
if (StrStr(ImagePath, L"hvloader.efi"))
{
@@ -207,11 +168,12 @@ EFI_STATUS EFIAPI BlImgLoadPEImageEx
);
#if WINVER == 1703
- MakeShitHook(&HvLoadImageBufferHook, RESOLVE_RVA(LoadImage, 5, 1), &HvBlImgLoadPEImageFromSourceBuffer, TRUE);
+ MakeInlineHook(&HvLoadImageBufferHook, RESOLVE_RVA(LoadImage, 5, 1), &HvBlImgLoadPEImageFromSourceBuffer, TRUE);
#elif WINVER <= 1607
- MakeShitHook(&HvLoadImageHook, RESOLVE_RVA(LoadImage, 10, 6), &HvBlImgLoadPEImageEx, TRUE);
+ MakeInlineHook(&HvLoadImageHook, RESOLVE_RVA(LoadImage, 10, 6), &HvBlImgLoadPEImageEx, TRUE);
#endif
- MakeShitHook(&HvLoadAllocImageHook, RESOLVE_RVA(AllocImage, 5, 1), &HvBlImgAllocateImageBuffer, TRUE);
+
+ MakeInlineHook(&HvLoadAllocImageHook, RESOLVE_RVA(AllocImage, 5, 1), &HvBlImgAllocateImageBuffer, TRUE);
InstalledHvLoaderHook = TRUE;
}
return Result;
@@ -248,7 +210,7 @@ UINT64 EFIAPI BlImgAllocateImageBuffer
}
// disable shithook and call the original function...
- DisableShitHook(&WinLoadAllocateImageHook);
+ DisableInlineHook(&WinLoadAllocateImageHook);
UINT64 Result = ((ALLOCATE_IMAGE_BUFFER)WinLoadAllocateImageHook.Address)
(
imageBuffer,
@@ -261,7 +223,7 @@ UINT64 EFIAPI BlImgAllocateImageBuffer
// keep hooking until we extend an allocation...
if(!ExtendedAllocation)
- EnableShitHook(&WinLoadAllocateImageHook);
+ EnableInlineHook(&WinLoadAllocateImageHook);
return Result;
}
\ No newline at end of file
diff --git a/Voyager/Voyager/WinLoad.h b/Voyager/Voyager/WinLoad.h
index 1c1377f..b5a2456 100644
--- a/Voyager/Voyager/WinLoad.h
+++ b/Voyager/Voyager/WinLoad.h
@@ -1,8 +1,9 @@
#pragma once
#include "HvLoader.h"
+#include "PayLoad.h"
-extern SHITHOOK WinLoadImageShitHook;
-extern SHITHOOK WinLoadAllocateImageHook;
+extern INLINE_HOOK WinLoadImageShitHook;
+extern INLINE_HOOK WinLoadAllocateImageHook;
// 2004-1511 winload.BlImgAllocateImageBuffer
#define ALLOCATE_IMAGE_BUFFER_SIG "\xE8\x00\x00\x00\x00\x8B\xD8\x85\xC0\x78\x7C\x21\x7C\x24\x00\x45\x33\xC0"
@@ -16,12 +17,6 @@ extern SHITHOOK WinLoadAllocateImageHook;
#define LOAD_PE_IMG_SIG "\x48\x89\x44\x24\x00\xE8\x00\x00\x00\x00\x44\x8B\xF0\x85\xC0\x79\x11"
#define LOAD_PE_IMG_MASK "xxxx?x????xxxxxxx"
-// 1703-1511
-//
-// winload.HvlpTransferToHypervisor is used to transfer control to hyper-v...
-// on 2004-1709, this function is going to be inside of hvloader.dll...
-#define TRANS_TO_HV_SIG "\x48\x8B\x51\x10\x48\x8B\x49\x18\xE8"
-#define TRANS_TO_HV_MASK "xxxxxxxxx"
static_assert(sizeof(ALLOCATE_IMAGE_BUFFER_SIG) == sizeof(ALLOCATE_IMAGE_BUFFER_MASK), "signature and mask do not match size!");
typedef UINT64 (EFIAPI* ALLOCATE_IMAGE_BUFFER)(VOID** imageBuffer, UINTN imageSize, UINT32 memoryType,
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi10.h b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi10.h
index e292227..b9b9904 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi10.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi10.h
@@ -397,7 +397,7 @@ typedef struct {
UINT64 Signature;
UINT8 Checksum;
UINT8 OemId[6];
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 RsdtAddress;
} EFI_ACPI_1_0_ROOT_SYSTEM_DESCRIPTION_POINTER;
@@ -491,7 +491,7 @@ typedef struct {
UINT32 FirmwareWakingVector;
UINT32 GlobalLock;
UINT32 Flags;
- UINT8 Reserved[40];
+ UINT8 reserved[40];
} EFI_ACPI_1_0_FIRMWARE_ACPI_CONTROL_STRUCTURE;
///
@@ -559,7 +559,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 IoApicAddress;
UINT32 SystemVectorBase;
} EFI_ACPI_1_0_IO_APIC_STRUCTURE;
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi20.h b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi20.h
index 8ee1f7f..5f28094 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi20.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi20.h
@@ -54,7 +54,7 @@ typedef struct {
UINT8 AddressSpaceId;
UINT8 RegisterBitWidth;
UINT8 RegisterBitOffset;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 Address;
} EFI_ACPI_2_0_GENERIC_ADDRESS_STRUCTURE;
@@ -84,7 +84,7 @@ typedef struct {
UINT32 Length;
UINT64 XsdtAddress;
UINT8 ExtendedChecksum;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_2_0_ROOT_SYSTEM_DESCRIPTION_POINTER;
///
@@ -235,7 +235,7 @@ typedef struct {
UINT32 Flags;
UINT64 XFirmwareWakingVector;
UINT8 Version;
- UINT8 Reserved[31];
+ UINT8 reserved[31];
} EFI_ACPI_2_0_FIRMWARE_ACPI_CONTROL_STRUCTURE;
///
@@ -312,7 +312,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 IoApicAddress;
UINT32 GlobalSystemInterruptBase;
} EFI_ACPI_2_0_IO_APIC_STRUCTURE;
@@ -356,7 +356,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 LocalApicAddress;
} EFI_ACPI_2_0_LOCAL_APIC_ADDRESS_OVERRIDE_STRUCTURE;
@@ -367,7 +367,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 GlobalSystemInterruptBase;
UINT64 IoSapicAddress;
} EFI_ACPI_2_0_IO_SAPIC_STRUCTURE;
@@ -381,7 +381,7 @@ typedef struct {
UINT8 AcpiProcessorId;
UINT8 LocalSapicId;
UINT8 LocalSapicEid;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT32 Flags;
} EFI_ACPI_2_0_PROCESSOR_LOCAL_SAPIC_STRUCTURE;
@@ -397,7 +397,7 @@ typedef struct {
UINT8 ProcessorEid;
UINT8 IoSapicVector;
UINT32 GlobalSystemInterrupt;
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_ACPI_2_0_PLATFORM_INTERRUPT_SOURCES_STRUCTURE;
///
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi30.h b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi30.h
index 608968d..2504345 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi30.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi30.h
@@ -37,7 +37,7 @@ typedef PACKED struct {
UINT8 GenFlag;
UINT8 SpecificFlag;
UINT8 RevisionId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 AddrSpaceGranularity;
UINT64 AddrRangeMin;
UINT64 AddrRangeMax;
@@ -109,7 +109,7 @@ typedef struct {
UINT32 Length;
UINT64 XsdtAddress;
UINT8 ExtendedChecksum;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_3_0_ROOT_SYSTEM_DESCRIPTION_POINTER;
///
@@ -270,7 +270,7 @@ typedef struct {
UINT32 Flags;
UINT64 XFirmwareWakingVector;
UINT8 Version;
- UINT8 Reserved[31];
+ UINT8 reserved[31];
} EFI_ACPI_3_0_FIRMWARE_ACPI_CONTROL_STRUCTURE;
///
@@ -357,7 +357,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 IoApicAddress;
UINT32 GlobalSystemInterruptBase;
} EFI_ACPI_3_0_IO_APIC_STRUCTURE;
@@ -388,7 +388,7 @@ typedef struct {
UINT32 GlobalSystemInterrupt;
UINT32 PlatformInterruptSourceFlags;
UINT8 CpeiProcessorOverride;
- UINT8 Reserved[31];
+ UINT8 reserved[31];
} EFI_ACPI_3_0_PLATFORM_INTERRUPT_APIC_STRUCTURE;
//
@@ -425,7 +425,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 LocalApicAddress;
} EFI_ACPI_3_0_LOCAL_APIC_ADDRESS_OVERRIDE_STRUCTURE;
@@ -436,7 +436,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 GlobalSystemInterruptBase;
UINT64 IoSapicAddress;
} EFI_ACPI_3_0_IO_SAPIC_STRUCTURE;
@@ -451,7 +451,7 @@ typedef struct {
UINT8 AcpiProcessorId;
UINT8 LocalSapicId;
UINT8 LocalSapicEid;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT32 Flags;
UINT32 ACPIProcessorUIDValue;
} EFI_ACPI_3_0_PROCESSOR_LOCAL_SAPIC_STRUCTURE;
@@ -544,7 +544,7 @@ typedef struct {
UINT32 Flags;
UINT8 LocalSapicEid;
UINT8 ProximityDomain31To8[3];
- UINT8 Reserved[4];
+ UINT8 reserved[4];
} EFI_ACPI_3_0_PROCESSOR_LOCAL_APIC_SAPIC_AFFINITY_STRUCTURE;
///
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi40.h b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi40.h
index fafafa4..53217d1 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi40.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi40.h
@@ -67,7 +67,7 @@ typedef struct {
UINT32 Length;
UINT64 XsdtAddress;
UINT8 ExtendedChecksum;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_4_0_ROOT_SYSTEM_DESCRIPTION_POINTER;
///
@@ -326,7 +326,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 IoApicAddress;
UINT32 GlobalSystemInterruptBase;
} EFI_ACPI_4_0_IO_APIC_STRUCTURE;
@@ -357,7 +357,7 @@ typedef struct {
UINT32 GlobalSystemInterrupt;
UINT32 PlatformInterruptSourceFlags;
UINT8 CpeiProcessorOverride;
- UINT8 Reserved[31];
+ UINT8 reserved[31];
} EFI_ACPI_4_0_PLATFORM_INTERRUPT_APIC_STRUCTURE;
//
@@ -394,7 +394,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 LocalApicAddress;
} EFI_ACPI_4_0_LOCAL_APIC_ADDRESS_OVERRIDE_STRUCTURE;
@@ -405,7 +405,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 GlobalSystemInterruptBase;
UINT64 IoSapicAddress;
} EFI_ACPI_4_0_IO_SAPIC_STRUCTURE;
@@ -420,7 +420,7 @@ typedef struct {
UINT8 AcpiProcessorId;
UINT8 LocalSapicId;
UINT8 LocalSapicEid;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT32 Flags;
UINT32 ACPIProcessorUIDValue;
} EFI_ACPI_4_0_PROCESSOR_LOCAL_SAPIC_STRUCTURE;
@@ -452,7 +452,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 X2ApicId;
UINT32 Flags;
UINT32 AcpiProcessorUid;
@@ -467,7 +467,7 @@ typedef struct {
UINT16 Flags;
UINT32 AcpiProcessorUid;
UINT8 LocalX2ApicLint;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_4_0_LOCAL_X2APIC_NMI_STRUCTURE;
///
@@ -603,7 +603,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT8 Reserved[8];
+ UINT8 reserved[8];
} EFI_ACPI_4_0_CORRECTED_PLATFORM_ERROR_POLLING_TABLE_HEADER;
///
@@ -678,7 +678,7 @@ typedef struct {
UINT32 MultipleUncorrectableErrors:1;
UINT32 MultipleCorrectableErrors:1;
UINT32 ErrorDataEntryCount:10;
- UINT32 Reserved:18;
+ UINT32 reserved:18;
} EFI_ACPI_4_0_ERROR_BLOCK_STATUS;
///
@@ -807,7 +807,7 @@ typedef struct {
UINT16 SwitchToPollingThresholdWindow:1;
UINT16 ErrorThresholdValue:1;
UINT16 ErrorThresholdWindow:1;
- UINT16 Reserved:10;
+ UINT16 reserved:10;
} EFI_ACPI_4_0_HARDWARE_ERROR_NOTIFICATION_CONFIGURATION_WRITE_ENABLE_STRUCTURE;
///
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi50.h b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi50.h
index 23f5f3f..9b31c8e 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi50.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi50.h
@@ -189,7 +189,7 @@ typedef struct {
UINT32 Length;
UINT64 XsdtAddress;
UINT8 ExtendedChecksum;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_5_0_ROOT_SYSTEM_DESCRIPTION_POINTER;
///
@@ -456,7 +456,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 IoApicAddress;
UINT32 GlobalSystemInterruptBase;
} EFI_ACPI_5_0_IO_APIC_STRUCTURE;
@@ -487,7 +487,7 @@ typedef struct {
UINT32 GlobalSystemInterrupt;
UINT32 PlatformInterruptSourceFlags;
UINT8 CpeiProcessorOverride;
- UINT8 Reserved[31];
+ UINT8 reserved[31];
} EFI_ACPI_5_0_PLATFORM_INTERRUPT_APIC_STRUCTURE;
//
@@ -524,7 +524,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 LocalApicAddress;
} EFI_ACPI_5_0_LOCAL_APIC_ADDRESS_OVERRIDE_STRUCTURE;
@@ -535,7 +535,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 GlobalSystemInterruptBase;
UINT64 IoSapicAddress;
} EFI_ACPI_5_0_IO_SAPIC_STRUCTURE;
@@ -550,7 +550,7 @@ typedef struct {
UINT8 AcpiProcessorId;
UINT8 LocalSapicId;
UINT8 LocalSapicEid;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT32 Flags;
UINT32 ACPIProcessorUIDValue;
} EFI_ACPI_5_0_PROCESSOR_LOCAL_SAPIC_STRUCTURE;
@@ -582,7 +582,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 X2ApicId;
UINT32 Flags;
UINT32 AcpiProcessorUid;
@@ -597,7 +597,7 @@ typedef struct {
UINT16 Flags;
UINT32 AcpiProcessorUid;
UINT8 LocalX2ApicLint;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_5_0_LOCAL_X2APIC_NMI_STRUCTURE;
///
@@ -606,7 +606,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 GicId;
UINT32 AcpiProcessorUid;
UINT32 Flags;
@@ -768,7 +768,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT8 Reserved[8];
+ UINT8 reserved[8];
} EFI_ACPI_5_0_CORRECTED_PLATFORM_ERROR_POLLING_TABLE_HEADER;
///
@@ -885,7 +885,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT8 PlatformCommunicationChannelIdentifier;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
// Memory Power Node Structure
// Memory Power State Characteristics
} EFI_ACPI_5_0_MEMORY_POWER_STATUS_TABLE;
@@ -933,7 +933,7 @@ typedef struct {
typedef struct {
UINT8 Flag;
- UINT8 Reserved;
+ UINT8 reserved;
UINT16 MemoryPowerNodeId;
UINT32 Length;
UINT64 AddressBase;
@@ -950,7 +950,7 @@ typedef struct {
typedef struct {
UINT16 MemoryPowerNodeCount;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_5_0_MPST_MEMORY_POWER_NODE_TABLE;
///
@@ -959,7 +959,7 @@ typedef struct {
typedef struct {
UINT8 PowerStateStructureID;
UINT8 Flag;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 AveragePowerConsumedInMPS0;
UINT32 RelativePowerSavingToMPS0;
UINT64 ExitLatencyToMPS0;
@@ -971,7 +971,7 @@ typedef struct {
typedef struct {
UINT16 MemoryPowerStateCharacteristicsCount;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_5_0_MPST_MEMORY_POWER_STATE_CHARACTERISTICS_TABLE;
///
@@ -979,7 +979,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_ACPI_5_0_MEMORY_TOPOLOGY_TABLE;
///
@@ -992,7 +992,7 @@ typedef struct {
///
typedef struct {
UINT8 Type;
- UINT8 Reserved;
+ UINT8 reserved;
UINT16 Length;
UINT16 Flags;
UINT16 Reserved1;
@@ -1011,7 +1011,7 @@ typedef struct {
typedef struct {
EFI_ACPI_5_0_PMMT_COMMON_MEMORY_AGGREGATOR_DEVICE_STRUCTURE Header;
UINT16 SocketIdentifier;
- UINT16 Reserved;
+ UINT16 reserved;
//EFI_ACPI_5_0_PMMT_MEMORY_CONTROLLER_MEMORY_AGGREGATOR_DEVICE_STRUCTURE MemoryController[];
} EFI_ACPI_5_0_PMMT_SOCKET_MEMORY_AGGREGATOR_DEVICE_STRUCTURE;
@@ -1026,7 +1026,7 @@ typedef struct {
UINT32 WriteBandwidth;
UINT16 OptimalAccessUnit;
UINT16 OptimalAccessAlignment;
- UINT16 Reserved;
+ UINT16 reserved;
UINT16 NumberOfProximityDomains;
//UINT32 ProximityDomain[NumberOfProximityDomains];
//EFI_ACPI_5_0_PMMT_DIMM_MEMORY_AGGREGATOR_DEVICE_STRUCTURE PhysicalComponent[];
@@ -1038,7 +1038,7 @@ typedef struct {
typedef struct {
EFI_ACPI_5_0_PMMT_COMMON_MEMORY_AGGREGATOR_DEVICE_STRUCTURE Header;
UINT16 PhysicalComponentIdentifier;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 SizeOfDimm;
UINT32 SmbiosHandle;
} EFI_ACPI_5_0_PMMT_DIMM_MEMORY_AGGREGATOR_DEVICE_STRUCTURE;
@@ -1159,7 +1159,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_5_0_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 64-bit processor-relative physical address of the Basic Boot Performance Table.
///
@@ -1171,7 +1171,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_5_0_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 64-bit processor-relative physical address of the S3 Performance Table.
///
@@ -1183,7 +1183,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_5_0_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// Timer value logged at the beginning of firmware image execution.
/// This may not always be zero or near zero.
@@ -1348,7 +1348,7 @@ typedef struct {
UINT32 MultipleUncorrectableErrors:1;
UINT32 MultipleCorrectableErrors:1;
UINT32 ErrorDataEntryCount:10;
- UINT32 Reserved:18;
+ UINT32 reserved:18;
} EFI_ACPI_5_0_ERROR_BLOCK_STATUS;
///
@@ -1477,7 +1477,7 @@ typedef struct {
UINT16 SwitchToPollingThresholdWindow:1;
UINT16 ErrorThresholdValue:1;
UINT16 ErrorThresholdWindow:1;
- UINT16 Reserved:10;
+ UINT16 reserved:10;
} EFI_ACPI_5_0_HARDWARE_ERROR_NOTIFICATION_CONFIGURATION_WRITE_ENABLE_STRUCTURE;
///
@@ -1801,7 +1801,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT32 Flags;
- UINT64 Reserved;
+ UINT64 reserved;
} EFI_ACPI_5_0_PLATFORM_COMMUNICATION_CHANNEL_TABLE_HEADER;
///
@@ -1833,7 +1833,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[6];
+ UINT8 reserved[6];
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_5_0_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
@@ -1850,7 +1850,7 @@ typedef struct {
typedef struct {
UINT8 Command;
- UINT8 Reserved:7;
+ UINT8 reserved:7;
UINT8 GenerateSci:1;
} EFI_ACPI_5_0_PCCT_GENERIC_SHARED_MEMORY_REGION_COMMAND;
@@ -1859,7 +1859,7 @@ typedef struct {
UINT8 SciDoorbell:1;
UINT8 Error:1;
UINT8 PlatformNotification:1;
- UINT8 Reserved:4;
+ UINT8 reserved:4;
UINT8 Reserved1;
} EFI_ACPI_5_0_PCCT_GENERIC_SHARED_MEMORY_REGION_STATUS;
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi51.h b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi51.h
index 90f0d98..84a8878 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi51.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi51.h
@@ -70,7 +70,7 @@ typedef struct {
UINT32 Length;
UINT64 XsdtAddress;
UINT8 ExtendedChecksum;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_5_1_ROOT_SYSTEM_DESCRIPTION_POINTER;
///
@@ -348,7 +348,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 IoApicAddress;
UINT32 GlobalSystemInterruptBase;
} EFI_ACPI_5_1_IO_APIC_STRUCTURE;
@@ -379,7 +379,7 @@ typedef struct {
UINT32 GlobalSystemInterrupt;
UINT32 PlatformInterruptSourceFlags;
UINT8 CpeiProcessorOverride;
- UINT8 Reserved[31];
+ UINT8 reserved[31];
} EFI_ACPI_5_1_PLATFORM_INTERRUPT_APIC_STRUCTURE;
//
@@ -416,7 +416,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 LocalApicAddress;
} EFI_ACPI_5_1_LOCAL_APIC_ADDRESS_OVERRIDE_STRUCTURE;
@@ -427,7 +427,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 GlobalSystemInterruptBase;
UINT64 IoSapicAddress;
} EFI_ACPI_5_1_IO_SAPIC_STRUCTURE;
@@ -442,7 +442,7 @@ typedef struct {
UINT8 AcpiProcessorId;
UINT8 LocalSapicId;
UINT8 LocalSapicEid;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT32 Flags;
UINT32 ACPIProcessorUIDValue;
} EFI_ACPI_5_1_PROCESSOR_LOCAL_SAPIC_STRUCTURE;
@@ -474,7 +474,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 X2ApicId;
UINT32 Flags;
UINT32 AcpiProcessorUid;
@@ -489,7 +489,7 @@ typedef struct {
UINT16 Flags;
UINT32 AcpiProcessorUid;
UINT8 LocalX2ApicLint;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_5_1_LOCAL_X2APIC_NMI_STRUCTURE;
///
@@ -498,7 +498,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 CPUInterfaceNumber;
UINT32 AcpiProcessorUid;
UINT32 Flags;
@@ -567,7 +567,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 DiscoveryRangeBaseAddress;
UINT32 DiscoveryRangeLength;
} EFI_ACPI_5_1_GICR_STRUCTURE;
@@ -723,7 +723,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT8 Reserved[8];
+ UINT8 reserved[8];
} EFI_ACPI_5_1_CORRECTED_PLATFORM_ERROR_POLLING_TABLE_HEADER;
///
@@ -840,7 +840,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT8 PlatformCommunicationChannelIdentifier;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
// Memory Power Node Structure
// Memory Power State Characteristics
} EFI_ACPI_5_1_MEMORY_POWER_STATUS_TABLE;
@@ -888,7 +888,7 @@ typedef struct {
typedef struct {
UINT8 Flag;
- UINT8 Reserved;
+ UINT8 reserved;
UINT16 MemoryPowerNodeId;
UINT32 Length;
UINT64 AddressBase;
@@ -905,7 +905,7 @@ typedef struct {
typedef struct {
UINT16 MemoryPowerNodeCount;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_5_1_MPST_MEMORY_POWER_NODE_TABLE;
///
@@ -914,7 +914,7 @@ typedef struct {
typedef struct {
UINT8 PowerStateStructureID;
UINT8 Flag;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 AveragePowerConsumedInMPS0;
UINT32 RelativePowerSavingToMPS0;
UINT64 ExitLatencyToMPS0;
@@ -926,7 +926,7 @@ typedef struct {
typedef struct {
UINT16 MemoryPowerStateCharacteristicsCount;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_5_1_MPST_MEMORY_POWER_STATE_CHARACTERISTICS_TABLE;
///
@@ -934,7 +934,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_ACPI_5_1_MEMORY_TOPOLOGY_TABLE;
///
@@ -947,7 +947,7 @@ typedef struct {
///
typedef struct {
UINT8 Type;
- UINT8 Reserved;
+ UINT8 reserved;
UINT16 Length;
UINT16 Flags;
UINT16 Reserved1;
@@ -966,7 +966,7 @@ typedef struct {
typedef struct {
EFI_ACPI_5_1_PMMT_COMMON_MEMORY_AGGREGATOR_DEVICE_STRUCTURE Header;
UINT16 SocketIdentifier;
- UINT16 Reserved;
+ UINT16 reserved;
//EFI_ACPI_5_1_PMMT_MEMORY_CONTROLLER_MEMORY_AGGREGATOR_DEVICE_STRUCTURE MemoryController[];
} EFI_ACPI_5_1_PMMT_SOCKET_MEMORY_AGGREGATOR_DEVICE_STRUCTURE;
@@ -981,7 +981,7 @@ typedef struct {
UINT32 WriteBandwidth;
UINT16 OptimalAccessUnit;
UINT16 OptimalAccessAlignment;
- UINT16 Reserved;
+ UINT16 reserved;
UINT16 NumberOfProximityDomains;
//UINT32 ProximityDomain[NumberOfProximityDomains];
//EFI_ACPI_5_1_PMMT_DIMM_MEMORY_AGGREGATOR_DEVICE_STRUCTURE PhysicalComponent[];
@@ -993,7 +993,7 @@ typedef struct {
typedef struct {
EFI_ACPI_5_1_PMMT_COMMON_MEMORY_AGGREGATOR_DEVICE_STRUCTURE Header;
UINT16 PhysicalComponentIdentifier;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 SizeOfDimm;
UINT32 SmbiosHandle;
} EFI_ACPI_5_1_PMMT_DIMM_MEMORY_AGGREGATOR_DEVICE_STRUCTURE;
@@ -1112,7 +1112,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_5_1_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 64-bit processor-relative physical address of the Basic Boot Performance Table.
///
@@ -1124,7 +1124,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_5_1_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 64-bit processor-relative physical address of the S3 Performance Table.
///
@@ -1136,7 +1136,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_5_1_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// Timer value logged at the beginning of firmware image execution.
/// This may not always be zero or near zero.
@@ -1250,7 +1250,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT64 CntControlBasePhysicalAddress;
- UINT32 Reserved;
+ UINT32 reserved;
UINT32 SecurePL1TimerGSIV;
UINT32 SecurePL1TimerFlags;
UINT32 NonSecurePL1TimerGSIV;
@@ -1288,7 +1288,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT16 Length;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 CntCtlBase;
UINT32 GTBlockTimerCount;
UINT32 GTBlockTimerOffset;
@@ -1299,7 +1299,7 @@ typedef struct {
///
typedef struct {
UINT8 GTFrameNumber;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT64 CntBaseX;
UINT64 CntEL0BaseX;
UINT32 GTxPhysicalTimerGSIV;
@@ -1327,7 +1327,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT16 Length;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 RefreshFramePhysicalAddress;
UINT64 WatchdogControlFramePhysicalAddress;
UINT32 WatchdogTimerGSIV;
@@ -1364,7 +1364,7 @@ typedef struct {
UINT32 MultipleUncorrectableErrors:1;
UINT32 MultipleCorrectableErrors:1;
UINT32 ErrorDataEntryCount:10;
- UINT32 Reserved:18;
+ UINT32 reserved:18;
} EFI_ACPI_5_1_ERROR_BLOCK_STATUS;
///
@@ -1493,7 +1493,7 @@ typedef struct {
UINT16 SwitchToPollingThresholdWindow:1;
UINT16 ErrorThresholdValue:1;
UINT16 ErrorThresholdWindow:1;
- UINT16 Reserved:10;
+ UINT16 reserved:10;
} EFI_ACPI_5_1_HARDWARE_ERROR_NOTIFICATION_CONFIGURATION_WRITE_ENABLE_STRUCTURE;
///
@@ -1817,7 +1817,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT32 Flags;
- UINT64 Reserved;
+ UINT64 reserved;
} EFI_ACPI_5_1_PLATFORM_COMMUNICATION_CHANNEL_TABLE_HEADER;
///
@@ -1849,7 +1849,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[6];
+ UINT8 reserved[6];
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_5_1_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
@@ -1866,7 +1866,7 @@ typedef struct {
typedef struct {
UINT8 Command;
- UINT8 Reserved:7;
+ UINT8 reserved:7;
UINT8 GenerateSci:1;
} EFI_ACPI_5_1_PCCT_GENERIC_SHARED_MEMORY_REGION_COMMAND;
@@ -1875,7 +1875,7 @@ typedef struct {
UINT8 SciDoorbell:1;
UINT8 Error:1;
UINT8 PlatformNotification:1;
- UINT8 Reserved:4;
+ UINT8 reserved:4;
UINT8 Reserved1;
} EFI_ACPI_5_1_PCCT_GENERIC_SHARED_MEMORY_REGION_STATUS;
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi60.h b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi60.h
index 30f1c01..9c9541c 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi60.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi60.h
@@ -69,7 +69,7 @@ typedef struct {
UINT32 Length;
UINT64 XsdtAddress;
UINT8 ExtendedChecksum;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_6_0_ROOT_SYSTEM_DESCRIPTION_POINTER;
///
@@ -349,7 +349,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 IoApicAddress;
UINT32 GlobalSystemInterruptBase;
} EFI_ACPI_6_0_IO_APIC_STRUCTURE;
@@ -380,7 +380,7 @@ typedef struct {
UINT32 GlobalSystemInterrupt;
UINT32 PlatformInterruptSourceFlags;
UINT8 CpeiProcessorOverride;
- UINT8 Reserved[31];
+ UINT8 reserved[31];
} EFI_ACPI_6_0_PLATFORM_INTERRUPT_APIC_STRUCTURE;
//
@@ -417,7 +417,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 LocalApicAddress;
} EFI_ACPI_6_0_LOCAL_APIC_ADDRESS_OVERRIDE_STRUCTURE;
@@ -428,7 +428,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 GlobalSystemInterruptBase;
UINT64 IoSapicAddress;
} EFI_ACPI_6_0_IO_SAPIC_STRUCTURE;
@@ -443,7 +443,7 @@ typedef struct {
UINT8 AcpiProcessorId;
UINT8 LocalSapicId;
UINT8 LocalSapicEid;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT32 Flags;
UINT32 ACPIProcessorUIDValue;
} EFI_ACPI_6_0_PROCESSOR_LOCAL_SAPIC_STRUCTURE;
@@ -475,7 +475,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 X2ApicId;
UINT32 Flags;
UINT32 AcpiProcessorUid;
@@ -490,7 +490,7 @@ typedef struct {
UINT16 Flags;
UINT32 AcpiProcessorUid;
UINT8 LocalX2ApicLint;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_6_0_LOCAL_X2APIC_NMI_STRUCTURE;
///
@@ -499,7 +499,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 CPUInterfaceNumber;
UINT32 AcpiProcessorUid;
UINT32 Flags;
@@ -570,7 +570,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 DiscoveryRangeBaseAddress;
UINT32 DiscoveryRangeLength;
} EFI_ACPI_6_0_GICR_STRUCTURE;
@@ -581,7 +581,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 GicItsId;
UINT64 PhysicalBaseAddress;
UINT32 Reserved2;
@@ -738,7 +738,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT8 Reserved[8];
+ UINT8 reserved[8];
} EFI_ACPI_6_0_CORRECTED_PLATFORM_ERROR_POLLING_TABLE_HEADER;
///
@@ -855,7 +855,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT8 PlatformCommunicationChannelIdentifier;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
// Memory Power Node Structure
// Memory Power State Characteristics
} EFI_ACPI_6_0_MEMORY_POWER_STATUS_TABLE;
@@ -903,7 +903,7 @@ typedef struct {
typedef struct {
UINT8 Flag;
- UINT8 Reserved;
+ UINT8 reserved;
UINT16 MemoryPowerNodeId;
UINT32 Length;
UINT64 AddressBase;
@@ -920,7 +920,7 @@ typedef struct {
typedef struct {
UINT16 MemoryPowerNodeCount;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_6_0_MPST_MEMORY_POWER_NODE_TABLE;
///
@@ -929,7 +929,7 @@ typedef struct {
typedef struct {
UINT8 PowerStateStructureID;
UINT8 Flag;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 AveragePowerConsumedInMPS0;
UINT32 RelativePowerSavingToMPS0;
UINT64 ExitLatencyToMPS0;
@@ -941,7 +941,7 @@ typedef struct {
typedef struct {
UINT16 MemoryPowerStateCharacteristicsCount;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_6_0_MPST_MEMORY_POWER_STATE_CHARACTERISTICS_TABLE;
///
@@ -949,7 +949,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_ACPI_6_0_MEMORY_TOPOLOGY_TABLE;
///
@@ -962,7 +962,7 @@ typedef struct {
///
typedef struct {
UINT8 Type;
- UINT8 Reserved;
+ UINT8 reserved;
UINT16 Length;
UINT16 Flags;
UINT16 Reserved1;
@@ -981,7 +981,7 @@ typedef struct {
typedef struct {
EFI_ACPI_6_0_PMMT_COMMON_MEMORY_AGGREGATOR_DEVICE_STRUCTURE Header;
UINT16 SocketIdentifier;
- UINT16 Reserved;
+ UINT16 reserved;
//EFI_ACPI_6_0_PMMT_MEMORY_CONTROLLER_MEMORY_AGGREGATOR_DEVICE_STRUCTURE MemoryController[];
} EFI_ACPI_6_0_PMMT_SOCKET_MEMORY_AGGREGATOR_DEVICE_STRUCTURE;
@@ -996,7 +996,7 @@ typedef struct {
UINT32 WriteBandwidth;
UINT16 OptimalAccessUnit;
UINT16 OptimalAccessAlignment;
- UINT16 Reserved;
+ UINT16 reserved;
UINT16 NumberOfProximityDomains;
//UINT32 ProximityDomain[NumberOfProximityDomains];
//EFI_ACPI_6_0_PMMT_DIMM_MEMORY_AGGREGATOR_DEVICE_STRUCTURE PhysicalComponent[];
@@ -1008,7 +1008,7 @@ typedef struct {
typedef struct {
EFI_ACPI_6_0_PMMT_COMMON_MEMORY_AGGREGATOR_DEVICE_STRUCTURE Header;
UINT16 PhysicalComponentIdentifier;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 SizeOfDimm;
UINT32 SmbiosHandle;
} EFI_ACPI_6_0_PMMT_DIMM_MEMORY_AGGREGATOR_DEVICE_STRUCTURE;
@@ -1127,7 +1127,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_6_0_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 64-bit processor-relative physical address of the Basic Boot Performance Table.
///
@@ -1139,7 +1139,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_6_0_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 64-bit processor-relative physical address of the S3 Performance Table.
///
@@ -1151,7 +1151,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_6_0_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// Timer value logged at the beginning of firmware image execution.
/// This may not always be zero or near zero.
@@ -1265,7 +1265,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT64 CntControlBasePhysicalAddress;
- UINT32 Reserved;
+ UINT32 reserved;
UINT32 SecurePL1TimerGSIV;
UINT32 SecurePL1TimerFlags;
UINT32 NonSecurePL1TimerGSIV;
@@ -1303,7 +1303,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT16 Length;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 CntCtlBase;
UINT32 GTBlockTimerCount;
UINT32 GTBlockTimerOffset;
@@ -1314,7 +1314,7 @@ typedef struct {
///
typedef struct {
UINT8 GTFrameNumber;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT64 CntBaseX;
UINT64 CntEL0BaseX;
UINT32 GTxPhysicalTimerGSIV;
@@ -1342,7 +1342,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT16 Length;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 RefreshFramePhysicalAddress;
UINT64 WatchdogControlFramePhysicalAddress;
UINT32 WatchdogTimerGSIV;
@@ -1361,7 +1361,7 @@ typedef struct {
//
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_ACPI_6_0_NVDIMM_FIRMWARE_INTERFACE_TABLE;
//
@@ -1548,7 +1548,7 @@ typedef struct {
UINT32 MultipleUncorrectableErrors:1;
UINT32 MultipleCorrectableErrors:1;
UINT32 ErrorDataEntryCount:10;
- UINT32 Reserved:18;
+ UINT32 reserved:18;
} EFI_ACPI_6_0_ERROR_BLOCK_STATUS;
///
@@ -1680,7 +1680,7 @@ typedef struct {
UINT16 SwitchToPollingThresholdWindow:1;
UINT16 ErrorThresholdValue:1;
UINT16 ErrorThresholdWindow:1;
- UINT16 Reserved:10;
+ UINT16 reserved:10;
} EFI_ACPI_6_0_HARDWARE_ERROR_NOTIFICATION_CONFIGURATION_WRITE_ENABLE_STRUCTURE;
///
@@ -2004,7 +2004,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT32 Flags;
- UINT64 Reserved;
+ UINT64 reserved;
} EFI_ACPI_6_0_PLATFORM_COMMUNICATION_CHANNEL_TABLE_HEADER;
///
@@ -2038,7 +2038,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[6];
+ UINT8 reserved[6];
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_6_0_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
@@ -2055,7 +2055,7 @@ typedef struct {
typedef struct {
UINT8 Command;
- UINT8 Reserved:7;
+ UINT8 reserved:7;
UINT8 GenerateSci:1;
} EFI_ACPI_6_0_PCCT_GENERIC_SHARED_MEMORY_REGION_COMMAND;
@@ -2064,7 +2064,7 @@ typedef struct {
UINT8 SciDoorbell:1;
UINT8 Error:1;
UINT8 PlatformNotification:1;
- UINT8 Reserved:4;
+ UINT8 reserved:4;
UINT8 Reserved1;
} EFI_ACPI_6_0_PCCT_GENERIC_SHARED_MEMORY_REGION_STATUS;
@@ -2085,7 +2085,7 @@ typedef struct {
UINT8 Length;
UINT32 DoorbellInterrupt;
UINT8 DoorbellInterruptFlags;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_6_0_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
@@ -2104,7 +2104,7 @@ typedef struct {
UINT8 Length;
UINT32 DoorbellInterrupt;
UINT8 DoorbellInterruptFlags;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_6_0_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi61.h b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi61.h
index 3cebc68..d9ba04e 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi61.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi61.h
@@ -69,7 +69,7 @@ typedef struct {
UINT32 Length;
UINT64 XsdtAddress;
UINT8 ExtendedChecksum;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_6_1_ROOT_SYSTEM_DESCRIPTION_POINTER;
///
@@ -349,7 +349,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 IoApicAddress;
UINT32 GlobalSystemInterruptBase;
} EFI_ACPI_6_1_IO_APIC_STRUCTURE;
@@ -380,7 +380,7 @@ typedef struct {
UINT32 GlobalSystemInterrupt;
UINT32 PlatformInterruptSourceFlags;
UINT8 CpeiProcessorOverride;
- UINT8 Reserved[31];
+ UINT8 reserved[31];
} EFI_ACPI_6_1_PLATFORM_INTERRUPT_APIC_STRUCTURE;
//
@@ -417,7 +417,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 LocalApicAddress;
} EFI_ACPI_6_1_LOCAL_APIC_ADDRESS_OVERRIDE_STRUCTURE;
@@ -428,7 +428,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 GlobalSystemInterruptBase;
UINT64 IoSapicAddress;
} EFI_ACPI_6_1_IO_SAPIC_STRUCTURE;
@@ -443,7 +443,7 @@ typedef struct {
UINT8 AcpiProcessorId;
UINT8 LocalSapicId;
UINT8 LocalSapicEid;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT32 Flags;
UINT32 ACPIProcessorUIDValue;
} EFI_ACPI_6_1_PROCESSOR_LOCAL_SAPIC_STRUCTURE;
@@ -475,7 +475,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 X2ApicId;
UINT32 Flags;
UINT32 AcpiProcessorUid;
@@ -490,7 +490,7 @@ typedef struct {
UINT16 Flags;
UINT32 AcpiProcessorUid;
UINT8 LocalX2ApicLint;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_6_1_LOCAL_X2APIC_NMI_STRUCTURE;
///
@@ -499,7 +499,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 CPUInterfaceNumber;
UINT32 AcpiProcessorUid;
UINT32 Flags;
@@ -570,7 +570,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 DiscoveryRangeBaseAddress;
UINT32 DiscoveryRangeLength;
} EFI_ACPI_6_1_GICR_STRUCTURE;
@@ -581,7 +581,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 GicItsId;
UINT64 PhysicalBaseAddress;
UINT32 Reserved2;
@@ -738,7 +738,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT8 Reserved[8];
+ UINT8 reserved[8];
} EFI_ACPI_6_1_CORRECTED_PLATFORM_ERROR_POLLING_TABLE_HEADER;
///
@@ -855,7 +855,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT8 PlatformCommunicationChannelIdentifier;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
// Memory Power Node Structure
// Memory Power State Characteristics
} EFI_ACPI_6_1_MEMORY_POWER_STATUS_TABLE;
@@ -903,7 +903,7 @@ typedef struct {
typedef struct {
UINT8 Flag;
- UINT8 Reserved;
+ UINT8 reserved;
UINT16 MemoryPowerNodeId;
UINT32 Length;
UINT64 AddressBase;
@@ -920,7 +920,7 @@ typedef struct {
typedef struct {
UINT16 MemoryPowerNodeCount;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_6_1_MPST_MEMORY_POWER_NODE_TABLE;
///
@@ -929,7 +929,7 @@ typedef struct {
typedef struct {
UINT8 PowerStateStructureID;
UINT8 Flag;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 AveragePowerConsumedInMPS0;
UINT32 RelativePowerSavingToMPS0;
UINT64 ExitLatencyToMPS0;
@@ -941,7 +941,7 @@ typedef struct {
typedef struct {
UINT16 MemoryPowerStateCharacteristicsCount;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_6_1_MPST_MEMORY_POWER_STATE_CHARACTERISTICS_TABLE;
///
@@ -949,7 +949,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_ACPI_6_1_MEMORY_TOPOLOGY_TABLE;
///
@@ -962,7 +962,7 @@ typedef struct {
///
typedef struct {
UINT8 Type;
- UINT8 Reserved;
+ UINT8 reserved;
UINT16 Length;
UINT16 Flags;
UINT16 Reserved1;
@@ -981,7 +981,7 @@ typedef struct {
typedef struct {
EFI_ACPI_6_1_PMMT_COMMON_MEMORY_AGGREGATOR_DEVICE_STRUCTURE Header;
UINT16 SocketIdentifier;
- UINT16 Reserved;
+ UINT16 reserved;
//EFI_ACPI_6_1_PMMT_MEMORY_CONTROLLER_MEMORY_AGGREGATOR_DEVICE_STRUCTURE MemoryController[];
} EFI_ACPI_6_1_PMMT_SOCKET_MEMORY_AGGREGATOR_DEVICE_STRUCTURE;
@@ -996,7 +996,7 @@ typedef struct {
UINT32 WriteBandwidth;
UINT16 OptimalAccessUnit;
UINT16 OptimalAccessAlignment;
- UINT16 Reserved;
+ UINT16 reserved;
UINT16 NumberOfProximityDomains;
//UINT32 ProximityDomain[NumberOfProximityDomains];
//EFI_ACPI_6_1_PMMT_DIMM_MEMORY_AGGREGATOR_DEVICE_STRUCTURE PhysicalComponent[];
@@ -1008,7 +1008,7 @@ typedef struct {
typedef struct {
EFI_ACPI_6_1_PMMT_COMMON_MEMORY_AGGREGATOR_DEVICE_STRUCTURE Header;
UINT16 PhysicalComponentIdentifier;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 SizeOfDimm;
UINT32 SmbiosHandle;
} EFI_ACPI_6_1_PMMT_DIMM_MEMORY_AGGREGATOR_DEVICE_STRUCTURE;
@@ -1127,7 +1127,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_6_1_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 64-bit processor-relative physical address of the Basic Boot Performance Table.
///
@@ -1139,7 +1139,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_6_1_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 64-bit processor-relative physical address of the S3 Performance Table.
///
@@ -1151,7 +1151,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_6_1_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// Timer value logged at the beginning of firmware image execution.
/// This may not always be zero or near zero.
@@ -1265,7 +1265,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT64 CntControlBasePhysicalAddress;
- UINT32 Reserved;
+ UINT32 reserved;
UINT32 SecurePL1TimerGSIV;
UINT32 SecurePL1TimerFlags;
UINT32 NonSecurePL1TimerGSIV;
@@ -1303,7 +1303,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT16 Length;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 CntCtlBase;
UINT32 GTBlockTimerCount;
UINT32 GTBlockTimerOffset;
@@ -1314,7 +1314,7 @@ typedef struct {
///
typedef struct {
UINT8 GTFrameNumber;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT64 CntBaseX;
UINT64 CntEL0BaseX;
UINT32 GTxPhysicalTimerGSIV;
@@ -1342,7 +1342,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT16 Length;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 RefreshFramePhysicalAddress;
UINT64 WatchdogControlFramePhysicalAddress;
UINT32 WatchdogTimerGSIV;
@@ -1361,7 +1361,7 @@ typedef struct {
//
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_ACPI_6_1_NVDIMM_FIRMWARE_INTERFACE_TABLE;
//
@@ -1554,7 +1554,7 @@ typedef struct {
UINT32 MultipleUncorrectableErrors:1;
UINT32 MultipleCorrectableErrors:1;
UINT32 ErrorDataEntryCount:10;
- UINT32 Reserved:18;
+ UINT32 reserved:18;
} EFI_ACPI_6_1_ERROR_BLOCK_STATUS;
///
@@ -1691,7 +1691,7 @@ typedef struct {
UINT16 SwitchToPollingThresholdWindow:1;
UINT16 ErrorThresholdValue:1;
UINT16 ErrorThresholdWindow:1;
- UINT16 Reserved:10;
+ UINT16 reserved:10;
} EFI_ACPI_6_1_HARDWARE_ERROR_NOTIFICATION_CONFIGURATION_WRITE_ENABLE_STRUCTURE;
///
@@ -2036,7 +2036,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT32 Flags;
- UINT64 Reserved;
+ UINT64 reserved;
} EFI_ACPI_6_1_PLATFORM_COMMUNICATION_CHANNEL_TABLE_HEADER;
///
@@ -2070,7 +2070,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[6];
+ UINT8 reserved[6];
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_6_1_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
@@ -2087,7 +2087,7 @@ typedef struct {
typedef struct {
UINT8 Command;
- UINT8 Reserved:7;
+ UINT8 reserved:7;
UINT8 GenerateSci:1;
} EFI_ACPI_6_1_PCCT_GENERIC_SHARED_MEMORY_REGION_COMMAND;
@@ -2096,7 +2096,7 @@ typedef struct {
UINT8 SciDoorbell:1;
UINT8 Error:1;
UINT8 PlatformNotification:1;
- UINT8 Reserved:4;
+ UINT8 reserved:4;
UINT8 Reserved1;
} EFI_ACPI_6_1_PCCT_GENERIC_SHARED_MEMORY_REGION_STATUS;
@@ -2117,7 +2117,7 @@ typedef struct {
UINT8 Length;
UINT32 DoorbellInterrupt;
UINT8 DoorbellInterruptFlags;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_6_1_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
@@ -2136,7 +2136,7 @@ typedef struct {
UINT8 Length;
UINT32 DoorbellInterrupt;
UINT8 DoorbellInterruptFlags;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_6_1_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi62.h b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi62.h
index 7dcd9ff..4a25d0a 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi62.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/Acpi62.h
@@ -166,7 +166,7 @@ typedef struct {
UINT32 Length;
UINT64 XsdtAddress;
UINT8 ExtendedChecksum;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_6_2_ROOT_SYSTEM_DESCRIPTION_POINTER;
///
@@ -446,7 +446,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 IoApicAddress;
UINT32 GlobalSystemInterruptBase;
} EFI_ACPI_6_2_IO_APIC_STRUCTURE;
@@ -477,7 +477,7 @@ typedef struct {
UINT32 GlobalSystemInterrupt;
UINT32 PlatformInterruptSourceFlags;
UINT8 CpeiProcessorOverride;
- UINT8 Reserved[31];
+ UINT8 reserved[31];
} EFI_ACPI_6_2_PLATFORM_INTERRUPT_APIC_STRUCTURE;
//
@@ -514,7 +514,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 LocalApicAddress;
} EFI_ACPI_6_2_LOCAL_APIC_ADDRESS_OVERRIDE_STRUCTURE;
@@ -525,7 +525,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT8 IoApicId;
- UINT8 Reserved;
+ UINT8 reserved;
UINT32 GlobalSystemInterruptBase;
UINT64 IoSapicAddress;
} EFI_ACPI_6_2_IO_SAPIC_STRUCTURE;
@@ -540,7 +540,7 @@ typedef struct {
UINT8 AcpiProcessorId;
UINT8 LocalSapicId;
UINT8 LocalSapicEid;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT32 Flags;
UINT32 ACPIProcessorUIDValue;
} EFI_ACPI_6_2_PROCESSOR_LOCAL_SAPIC_STRUCTURE;
@@ -572,7 +572,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 X2ApicId;
UINT32 Flags;
UINT32 AcpiProcessorUid;
@@ -587,7 +587,7 @@ typedef struct {
UINT16 Flags;
UINT32 AcpiProcessorUid;
UINT8 LocalX2ApicLint;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
} EFI_ACPI_6_2_LOCAL_X2APIC_NMI_STRUCTURE;
///
@@ -596,7 +596,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 CPUInterfaceNumber;
UINT32 AcpiProcessorUid;
UINT32 Flags;
@@ -667,7 +667,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT64 DiscoveryRangeBaseAddress;
UINT32 DiscoveryRangeLength;
} EFI_ACPI_6_2_GICR_STRUCTURE;
@@ -678,7 +678,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 GicItsId;
UINT64 PhysicalBaseAddress;
UINT32 Reserved2;
@@ -824,7 +824,7 @@ typedef struct {
UINT8 Type;
UINT8 Length;
UINT32 ProximityDomain;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 ItsId;
} EFI_ACPI_6_2_GIC_ITS_AFFINITY_STRUCTURE;
@@ -847,7 +847,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT8 Reserved[8];
+ UINT8 reserved[8];
} EFI_ACPI_6_2_CORRECTED_PLATFORM_ERROR_POLLING_TABLE_HEADER;
///
@@ -967,7 +967,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT8 PlatformCommunicationChannelIdentifier;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
// Memory Power Node Structure
// Memory Power State Characteristics
} EFI_ACPI_6_2_MEMORY_POWER_STATUS_TABLE;
@@ -1015,7 +1015,7 @@ typedef struct {
typedef struct {
UINT8 Flag;
- UINT8 Reserved;
+ UINT8 reserved;
UINT16 MemoryPowerNodeId;
UINT32 Length;
UINT64 AddressBase;
@@ -1032,7 +1032,7 @@ typedef struct {
typedef struct {
UINT16 MemoryPowerNodeCount;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_6_2_MPST_MEMORY_POWER_NODE_TABLE;
///
@@ -1041,7 +1041,7 @@ typedef struct {
typedef struct {
UINT8 PowerStateStructureID;
UINT8 Flag;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 AveragePowerConsumedInMPS0;
UINT32 RelativePowerSavingToMPS0;
UINT64 ExitLatencyToMPS0;
@@ -1053,7 +1053,7 @@ typedef struct {
typedef struct {
UINT16 MemoryPowerStateCharacteristicsCount;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_6_2_MPST_MEMORY_POWER_STATE_CHARACTERISTICS_TABLE;
///
@@ -1061,7 +1061,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_ACPI_6_2_MEMORY_TOPOLOGY_TABLE;
///
@@ -1074,7 +1074,7 @@ typedef struct {
///
typedef struct {
UINT8 Type;
- UINT8 Reserved;
+ UINT8 reserved;
UINT16 Length;
UINT16 Flags;
UINT16 Reserved1;
@@ -1093,7 +1093,7 @@ typedef struct {
typedef struct {
EFI_ACPI_6_2_PMMT_COMMON_MEMORY_AGGREGATOR_DEVICE_STRUCTURE Header;
UINT16 SocketIdentifier;
- UINT16 Reserved;
+ UINT16 reserved;
//EFI_ACPI_6_2_PMMT_MEMORY_CONTROLLER_MEMORY_AGGREGATOR_DEVICE_STRUCTURE MemoryController[];
} EFI_ACPI_6_2_PMMT_SOCKET_MEMORY_AGGREGATOR_DEVICE_STRUCTURE;
@@ -1108,7 +1108,7 @@ typedef struct {
UINT32 WriteBandwidth;
UINT16 OptimalAccessUnit;
UINT16 OptimalAccessAlignment;
- UINT16 Reserved;
+ UINT16 reserved;
UINT16 NumberOfProximityDomains;
//UINT32 ProximityDomain[NumberOfProximityDomains];
//EFI_ACPI_6_2_PMMT_DIMM_MEMORY_AGGREGATOR_DEVICE_STRUCTURE PhysicalComponent[];
@@ -1120,7 +1120,7 @@ typedef struct {
typedef struct {
EFI_ACPI_6_2_PMMT_COMMON_MEMORY_AGGREGATOR_DEVICE_STRUCTURE Header;
UINT16 PhysicalComponentIdentifier;
- UINT16 Reserved;
+ UINT16 reserved;
UINT32 SizeOfDimm;
UINT32 SmbiosHandle;
} EFI_ACPI_6_2_PMMT_DIMM_MEMORY_AGGREGATOR_DEVICE_STRUCTURE;
@@ -1239,7 +1239,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_6_2_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 64-bit processor-relative physical address of the Basic Boot Performance Table.
///
@@ -1251,7 +1251,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_6_2_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 64-bit processor-relative physical address of the S3 Performance Table.
///
@@ -1263,7 +1263,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_6_2_FPDT_PERFORMANCE_RECORD_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
///
/// Timer value logged at the beginning of firmware image execution.
/// This may not always be zero or near zero.
@@ -1377,7 +1377,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT64 CntControlBasePhysicalAddress;
- UINT32 Reserved;
+ UINT32 reserved;
UINT32 SecurePL1TimerGSIV;
UINT32 SecurePL1TimerFlags;
UINT32 NonSecurePL1TimerGSIV;
@@ -1415,7 +1415,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT16 Length;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 CntCtlBase;
UINT32 GTBlockTimerCount;
UINT32 GTBlockTimerOffset;
@@ -1426,7 +1426,7 @@ typedef struct {
///
typedef struct {
UINT8 GTFrameNumber;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT64 CntBaseX;
UINT64 CntEL0BaseX;
UINT32 GTxPhysicalTimerGSIV;
@@ -1454,7 +1454,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT16 Length;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 RefreshFramePhysicalAddress;
UINT64 WatchdogControlFramePhysicalAddress;
UINT32 WatchdogTimerGSIV;
@@ -1473,7 +1473,7 @@ typedef struct {
//
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_ACPI_6_2_NVDIMM_FIRMWARE_INTERFACE_TABLE;
//
@@ -1726,7 +1726,7 @@ typedef struct {
UINT32 MultipleUncorrectableErrors:1;
UINT32 MultipleCorrectableErrors:1;
UINT32 ErrorDataEntryCount:10;
- UINT32 Reserved:18;
+ UINT32 reserved:18;
} EFI_ACPI_6_2_ERROR_BLOCK_STATUS;
///
@@ -1866,7 +1866,7 @@ typedef struct {
UINT16 SwitchToPollingThresholdWindow:1;
UINT16 ErrorThresholdValue:1;
UINT16 ErrorThresholdWindow:1;
- UINT16 Reserved:10;
+ UINT16 reserved:10;
} EFI_ACPI_6_2_HARDWARE_ERROR_NOTIFICATION_CONFIGURATION_WRITE_ENABLE_STRUCTURE;
///
@@ -2051,7 +2051,7 @@ typedef struct {
///
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
- UINT8 Reserved[4];
+ UINT8 reserved[4];
} EFI_ACPI_6_2_HETEROGENEOUS_MEMORY_ATTRIBUTE_TABLE_HEADER;
///
@@ -2071,7 +2071,7 @@ typedef struct {
///
typedef struct {
UINT16 Type;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 Length;
} EFI_ACPI_6_2_HMAT_STRUCTURE_HEADER;
@@ -2082,7 +2082,7 @@ typedef struct {
UINT16 ProcessorProximityDomainValid:1;
UINT16 MemoryProximityDomainValid:1;
UINT16 ReservationHint:1;
- UINT16 Reserved:13;
+ UINT16 reserved:13;
} EFI_ACPI_6_2_HMAT_STRUCTURE_MEMORY_SUBSYSTEM_ADDRESS_RANGE_FLAGS;
///
@@ -2090,7 +2090,7 @@ typedef struct {
///
typedef struct {
UINT16 Type;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 Length;
EFI_ACPI_6_2_HMAT_STRUCTURE_MEMORY_SUBSYSTEM_ADDRESS_RANGE_FLAGS Flags;
UINT8 Reserved1[2];
@@ -2106,7 +2106,7 @@ typedef struct {
///
typedef struct {
UINT8 MemoryHierarchy:5;
- UINT8 Reserved:3;
+ UINT8 reserved:3;
} EFI_ACPI_6_2_HMAT_STRUCTURE_SYSTEM_LOCALITY_LATENCY_AND_BANDWIDTH_INFO_FLAGS;
///
@@ -2114,7 +2114,7 @@ typedef struct {
///
typedef struct {
UINT16 Type;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 Length;
EFI_ACPI_6_2_HMAT_STRUCTURE_SYSTEM_LOCALITY_LATENCY_AND_BANDWIDTH_INFO_FLAGS Flags;
UINT8 DataType;
@@ -2141,7 +2141,7 @@ typedef struct {
///
typedef struct {
UINT16 Type;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 Length;
UINT32 MemoryProximityDomain;
UINT8 Reserved1[4];
@@ -2332,7 +2332,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT32 Flags;
- UINT64 Reserved;
+ UINT64 reserved;
} EFI_ACPI_6_2_PLATFORM_COMMUNICATION_CHANNEL_TABLE_HEADER;
///
@@ -2368,7 +2368,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[6];
+ UINT8 reserved[6];
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_6_2_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
@@ -2385,7 +2385,7 @@ typedef struct {
typedef struct {
UINT8 Command;
- UINT8 Reserved:7;
+ UINT8 reserved:7;
UINT8 NotifyOnCompletion:1;
} EFI_ACPI_6_2_PCCT_GENERIC_SHARED_MEMORY_REGION_COMMAND;
@@ -2394,7 +2394,7 @@ typedef struct {
UINT8 PlatformInterrupt:1;
UINT8 Error:1;
UINT8 PlatformNotification:1;
- UINT8 Reserved:4;
+ UINT8 reserved:4;
UINT8 Reserved1;
} EFI_ACPI_6_2_PCCT_GENERIC_SHARED_MEMORY_REGION_STATUS;
@@ -2415,7 +2415,7 @@ typedef struct {
UINT8 Length;
UINT32 PlatformInterrupt;
UINT8 PlatformInterruptFlags;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_6_2_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
@@ -2434,7 +2434,7 @@ typedef struct {
UINT8 Length;
UINT32 PlatformInterrupt;
UINT8 PlatformInterruptFlags;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 BaseAddress;
UINT64 AddressLength;
EFI_ACPI_6_2_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
@@ -2456,7 +2456,7 @@ typedef struct {
UINT8 Length;
UINT32 PlatformInterrupt;
UINT8 PlatformInterruptFlags;
- UINT8 Reserved;
+ UINT8 reserved;
UINT64 BaseAddress;
UINT32 AddressLength;
EFI_ACPI_6_2_GENERIC_ADDRESS_STRUCTURE DoorbellRegister;
@@ -2498,7 +2498,7 @@ typedef struct {
typedef struct {
EFI_ACPI_DESCRIPTION_HEADER Header;
UINT8 TriggerCount;
- UINT8 Reserved[3];
+ UINT8 reserved[3];
UINT32 TriggerIdentifierArrayOffset;
} EFI_ACPI_6_2_PLATFORM_DEBUG_TRIGGER_TABLE_HEADER;
@@ -2514,7 +2514,7 @@ typedef struct {
UINT16 SubChannelIdentifer:8;
UINT16 Runtime:1;
UINT16 WaitForCompletion:1;
- UINT16 Reserved:6;
+ UINT16 reserved:6;
} EFI_ACPI_6_2_PDTT_PCC_IDENTIFIER;
///
@@ -2553,7 +2553,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
} EFI_ACPI_6_2_PPTT_STRUCTURE_HEADER;
///
@@ -2568,7 +2568,7 @@ typedef struct {
typedef struct {
UINT32 PhysicalPackage:1;
UINT32 AcpiProcessorIdValid:1;
- UINT32 Reserved:30;
+ UINT32 reserved:30;
} EFI_ACPI_6_2_PPTT_STRUCTURE_PROCESSOR_FLAGS;
///
@@ -2577,7 +2577,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
EFI_ACPI_6_2_PPTT_STRUCTURE_PROCESSOR_FLAGS Flags;
UINT32 Parent;
UINT32 AcpiProcessorId;
@@ -2595,7 +2595,7 @@ typedef struct {
UINT32 CacheTypeValid:1;
UINT32 WritePolicyValid:1;
UINT32 LineSizeValid:1;
- UINT32 Reserved:25;
+ UINT32 reserved:25;
} EFI_ACPI_6_2_PPTT_STRUCTURE_CACHE_FLAGS;
///
@@ -2617,7 +2617,7 @@ typedef struct {
UINT8 AllocationType:2;
UINT8 CacheType:2;
UINT8 WritePolicy:1;
- UINT8 Reserved:3;
+ UINT8 reserved:3;
} EFI_ACPI_6_2_PPTT_STRUCTURE_CACHE_ATTRIBUTES;
///
@@ -2626,7 +2626,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
EFI_ACPI_6_2_PPTT_STRUCTURE_CACHE_FLAGS Flags;
UINT32 NextLevelOfCache;
UINT32 Size;
@@ -2642,7 +2642,7 @@ typedef struct {
typedef struct {
UINT8 Type;
UINT8 Length;
- UINT8 Reserved[2];
+ UINT8 reserved[2];
UINT32 VendorId;
UINT64 Level1Id;
UINT64 Level2Id;
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/PeImage.h b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/PeImage.h
index 7c55317..810da86 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/PeImage.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/IndustryStandard/PeImage.h
@@ -709,7 +709,7 @@ typedef struct {
UINT32 OffsetToData;
UINT32 Size;
UINT32 CodePage;
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_IMAGE_RESOURCE_DATA_ENTRY;
///
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/Protocol/DevicePath.h b/Voyager/Voyager/edk2/MdePkg/Include/Protocol/DevicePath.h
index b68bfa2..6c3e69f 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/Protocol/DevicePath.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/Protocol/DevicePath.h
@@ -357,7 +357,7 @@ typedef struct {
///
/// Reserved for the future.
///
- UINT32 Reserved;
+ UINT32 reserved;
///
/// Fibre Channel World Wide Number.
///
@@ -377,7 +377,7 @@ typedef struct {
///
/// Reserved for the future.
///
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 8 byte array containing Fibre Channel End Device Port Name.
///
@@ -397,7 +397,7 @@ typedef struct {
///
/// Reserved for the future.
///
- UINT32 Reserved;
+ UINT32 reserved;
///
/// 1394 Global Unique ID (GUID).
///
@@ -687,7 +687,7 @@ typedef struct {
///
/// Reserved.
///
- UINT32 Reserved;
+ UINT32 reserved;
///
/// The baud rate setting for the UART style device. A value of 0
/// means that the device's default baud rate will be used.
@@ -764,7 +764,7 @@ typedef struct {
///
/// Reserved for future use.
///
- UINT32 Reserved;
+ UINT32 reserved;
///
/// SAS Address for Serial Attached SCSI Target.
///
@@ -1126,7 +1126,7 @@ typedef struct {
///
typedef struct {
EFI_DEVICE_PATH_PROTOCOL Header;
- UINT32 Reserved;
+ UINT32 reserved;
UINT64 StartingOffset;
UINT64 EndingOffset;
} MEDIA_RELATIVE_OFFSET_RANGE_DEVICE_PATH;
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/Protocol/GraphicsOutput.h b/Voyager/Voyager/edk2/MdePkg/Include/Protocol/GraphicsOutput.h
index d32f9bc..4c93b20 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/Protocol/GraphicsOutput.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/Protocol/GraphicsOutput.h
@@ -138,7 +138,7 @@ typedef struct {
UINT8 Blue;
UINT8 Green;
UINT8 Red;
- UINT8 Reserved;
+ UINT8 reserved;
} EFI_GRAPHICS_OUTPUT_BLT_PIXEL;
typedef union {
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/Protocol/LoadedImage.h b/Voyager/Voyager/edk2/MdePkg/Include/Protocol/LoadedImage.h
index 1d9d143..3ed394d 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/Protocol/LoadedImage.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/Protocol/LoadedImage.h
@@ -59,7 +59,7 @@ typedef struct {
EFI_HANDLE DeviceHandle; ///< The device handle that the EFI Image was loaded from.
EFI_DEVICE_PATH_PROTOCOL *FilePath; ///< A pointer to the file path portion specific to DeviceHandle
///< that the EFI Image was loaded from.
- VOID *Reserved; ///< Reserved. DO NOT USE.
+ VOID *reserved; ///< Reserved. DO NOT USE.
//
// Images load options
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/Uefi/UefiMultiPhase.h b/Voyager/Voyager/edk2/MdePkg/Include/Uefi/UefiMultiPhase.h
index 9ca307f..77615d0 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/Uefi/UefiMultiPhase.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/Uefi/UefiMultiPhase.h
@@ -174,7 +174,7 @@ typedef struct {
///
/// Reserved field that must be set to 0.
///
- UINT32 Reserved;
+ UINT32 reserved;
} EFI_TABLE_HEADER;
///
diff --git a/Voyager/Voyager/edk2/MdePkg/Include/Uefi/UefiSpec.h b/Voyager/Voyager/edk2/MdePkg/Include/Uefi/UefiSpec.h
index 3adb6ec..94a42df 100644
--- a/Voyager/Voyager/edk2/MdePkg/Include/Uefi/UefiSpec.h
+++ b/Voyager/Voyager/edk2/MdePkg/Include/Uefi/UefiSpec.h
@@ -1885,7 +1885,7 @@ typedef struct {
EFI_REINSTALL_PROTOCOL_INTERFACE ReinstallProtocolInterface;
EFI_UNINSTALL_PROTOCOL_INTERFACE UninstallProtocolInterface;
EFI_HANDLE_PROTOCOL HandleProtocol;
- VOID *Reserved;
+ VOID *reserved;
EFI_REGISTER_PROTOCOL_NOTIFY RegisterProtocolNotify;
EFI_LOCATE_HANDLE LocateHandle;
EFI_LOCATE_DEVICE_PATH LocateDevicePath;
@@ -2139,7 +2139,7 @@ typedef union {
/// The SysReq key must be pressed (1) or must not be pressed (0).
///
UINT32 SysReqPressed : 1;
- UINT32 Reserved : 16;
+ UINT32 reserved : 16;
///
/// Specifies the actual number of entries in EFI_KEY_OPTION.Keys, from 0-3. If
/// zero, then only the shift state is considered. If more than one, then the boot option will
diff --git a/Voyager/example/example.vcxproj b/Voyager/example/example.vcxproj
new file mode 100644
index 0000000..72d0e1c
--- /dev/null
+++ b/Voyager/example/example.vcxproj
@@ -0,0 +1,67 @@
+
+
+
+
+ Release
+ x64
+
+
+
+ 16.0
+ Win32Proj
+ {1770c4fb-345f-40dd-b4a2-2a5dc8a50866}
+ example
+ 10.0
+
+
+
+ Application
+ false
+ v142
+ true
+ MultiByte
+
+
+
+
+
+
+
+
+
+
+
+ false
+
+
+
+ Level3
+ true
+ true
+ true
+ NDEBUG;_CONSOLE;%(PreprocessorDefinitions);_CRT_SECURE_NO_WARNINGS
+ true
+ stdcpp17
+
+
+ Console
+ true
+ true
+ true
+ libvoyager.lib;%(AdditionalDependencies)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Voyager/example/example.vcxproj.filters b/Voyager/example/example.vcxproj.filters
new file mode 100644
index 0000000..5eb1299
--- /dev/null
+++ b/Voyager/example/example.vcxproj.filters
@@ -0,0 +1,38 @@
+
+
+
+
+ {4FC737F1-C7A5-4376-A066-2A32D752A2FF}
+ cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx
+
+
+ {93995380-89BD-4b04-88EB-625FBE52EBFB}
+ h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd
+
+
+ {a575c9e1-1d0c-410a-8456-2743e2f93f86}
+
+
+
+
+ Source Files
+
+
+ Source Files
+
+
+
+
+ Header Files
+
+
+ Header Files\util
+
+
+ Header Files\util
+
+
+ Header Files
+
+
+
\ No newline at end of file
diff --git a/Usermode Example/Example.vcxproj.user b/Voyager/example/example.vcxproj.user
similarity index 100%
rename from Usermode Example/Example.vcxproj.user
rename to Voyager/example/example.vcxproj.user
diff --git a/Voyager/example/libvoyager.hpp b/Voyager/example/libvoyager.hpp
new file mode 100644
index 0000000..259de96
--- /dev/null
+++ b/Voyager/example/libvoyager.hpp
@@ -0,0 +1,151 @@
+#pragma once
+#include
+#include
+
+#define VMEXIT_KEY 0xDEADBEEFDEADBEEF
+#define PAGE_4KB 0x1000
+#define PAGE_2MB PAGE_4KB * 512
+#define PAGE_1GB PAGE_2MB * 512
+
+using u8 = unsigned char;
+using u16 = unsigned short;
+using u32 = unsigned int;
+using u64 = unsigned long long;
+
+namespace voyager
+{
+ // code comments itself...
+ using guest_virt_t = u64;
+ using guest_phys_t = u64;
+ using host_virt_t = u64;
+ using host_phys_t = u64;
+
+ enum class vmexit_command_t
+ {
+ init_page_tables,
+ read_guest_phys,
+ write_guest_phys,
+ copy_guest_virt,
+ get_dirbase,
+ translate
+ };
+
+ enum class vmxroot_error_t
+ {
+ error_success,
+ pml4e_not_present,
+ pdpte_not_present,
+ pde_not_present,
+ pte_not_present,
+ vmxroot_translate_failure,
+ invalid_self_ref_pml4e,
+ invalid_mapping_pml4e,
+ invalid_host_virtual,
+ invalid_guest_physical,
+ invalid_guest_virtual,
+ page_table_init_failed
+ };
+
+ typedef union _command_t
+ {
+ struct _copy_phys
+ {
+ host_phys_t phys_addr;
+ guest_virt_t buffer;
+ u64 size;
+ } copy_phys;
+
+ struct _copy_virt
+ {
+ guest_phys_t dirbase_src;
+ guest_virt_t virt_src;
+ guest_phys_t dirbase_dest;
+ guest_virt_t virt_dest;
+ u64 size;
+ } copy_virt;
+
+ struct _translate_virt
+ {
+ guest_virt_t virt_src;
+ guest_phys_t phys_addr;
+ } translate_virt;
+
+ guest_phys_t dirbase;
+
+ } command_t, * pcommand_t;
+
+ ///
+ /// this function is used to cause a vmexit as though its calling a function...
+ ///
+ extern "C" auto hypercall(u64 key, vmexit_command_t, pcommand_t command)->vmxroot_error_t;
+
+ ///
+ /// gets the current cores CR3 value (current address space pml4)...
+ ///
+ /// returns the guest cr3 value...
+ auto current_dirbase()->guest_phys_t;
+
+ ///
+ /// initalizies page tables for all cores...
+ ///
+ /// status of the initalization...
+ auto init()->vmxroot_error_t;
+
+ ///
+ /// translate a linear virtual address of the current address space
+ /// to a linear physical address...
+ ///
+ /// virtual address in the vmexiting core's address space...
+ /// guest physical address...
+ auto translate(guest_virt_t virt_addr)->guest_phys_t;
+
+ ///
+ /// reads guest physical memory...
+ ///
+ /// physical address to read...
+ /// buffer (guest virtual address) to read into...
+ /// number of bytes to read (can only be 0x1000 or less)...
+ /// STATUS_SUCCESS if the read was successful...
+ auto read_phys(guest_phys_t phys_addr, guest_virt_t buffer, u64 size)->vmxroot_error_t;
+
+ ///
+ /// write guest physical memory...
+ ///
+ /// physical address to read
+ /// guest virtual address to write from...
+ /// number of bytes to write
+ ///
+ auto write_phys(guest_phys_t phys_addr, guest_virt_t buffer, u64 size)->vmxroot_error_t;
+
+ ///
+ /// copy guest virtual memory between virtual address spaces...
+ ///
+ /// dirbase of the source address space
+ /// virtual address in the source address space
+ /// dirbase of the destination address space
+ /// virtual address of the destination address
+ /// size to copy between address spaces
+ /// returns error_success on successful copy and invalid_guest_virt when an address is invalid...
+ auto copy_virt(guest_phys_t dirbase_src, guest_virt_t virt_src, guest_phys_t dirbase_dest,
+ guest_virt_t virt_dest, u64 size)->vmxroot_error_t;
+
+ template
+ auto rpm(guest_phys_t dirbase, guest_virt_t virt_addr) -> T
+ {
+ T buffer;
+ auto result = copy_virt(dirbase, virt_addr,
+ current_dirbase(), (guest_virt_t)&buffer, sizeof T);
+
+ if (result != vmxroot_error_t::error_success)
+ return {};
+
+ return buffer;
+ }
+
+ template
+ auto wpm(guest_phys_t dirbase, guest_virt_t virt_addr, const T& data) -> void
+ {
+ copy_virt(dirbase, (guest_virt_t)&data,
+ dirbase, virt_addr, sizeof T);
+ }
+}
\ No newline at end of file
diff --git a/Voyager/example/libvoyager.lib b/Voyager/example/libvoyager.lib
new file mode 100644
index 0000000..a1d7c85
Binary files /dev/null and b/Voyager/example/libvoyager.lib differ
diff --git a/Voyager/example/main.cpp b/Voyager/example/main.cpp
new file mode 100644
index 0000000..9d2550e
--- /dev/null
+++ b/Voyager/example/main.cpp
@@ -0,0 +1,81 @@
+#include
+#include "libvoyager.hpp"
+#include "util/util.hpp"
+#include "vdm_ctx/vdm_ctx.hpp"
+
+int __cdecl main(int argc, char** argv)
+{
+ vdm::read_phys_t _read_phys =
+ [&](void* addr, void* buffer, std::size_t size) -> bool
+ {
+ const auto read_result =
+ voyager::read_phys((u64)addr, (u64)buffer, size);
+
+ return read_result ==
+ voyager::vmxroot_error_t::error_success;
+ };
+
+ vdm::write_phys_t _write_phys =
+ [&](void* addr, void* buffer, std::size_t size) -> bool
+ {
+ const auto write_result =
+ voyager::write_phys((u64)addr, (u64)buffer, size);
+
+ return write_result ==
+ voyager::vmxroot_error_t::error_success;
+ };
+
+ std::printf("[+] voyager init result -> 0x%x (0x0 == success)\n", voyager::init());
+ std::printf("[+] current dirbase -> 0x%p\n", voyager::current_dirbase());
+ std::printf("[+] please wait... this may take up to 30 seconds...\n");
+
+ const auto nt_shutdown_system =
+ util::get_kmodule_export(
+ "ntoskrnl.exe", vdm::syscall_hook.first);
+
+ const auto nt_shutdown_phys =
+ voyager::translate(reinterpret_cast<
+ voyager::guest_virt_t>(nt_shutdown_system));
+
+ std::printf("NtShutdownSystem -> 0x%p\n", nt_shutdown_system);
+ std::printf("NtShutdownSystem (phys) -> 0x%p\n", nt_shutdown_phys);
+ vdm::syscall_address.store(reinterpret_cast(nt_shutdown_phys));
+
+ vdm::vdm_ctx vdm(_read_phys, _write_phys);
+ const auto ntoskrnl_base =
+ reinterpret_cast(
+ util::get_kmodule_base("ntoskrnl.exe"));
+
+ const auto ntoskrnl_memcpy =
+ util::get_kmodule_export("ntoskrnl.exe", "memcpy");
+
+ std::printf("[+] %s physical address -> 0x%p\n", vdm::syscall_hook.first, vdm::syscall_address.load());
+ std::printf("[+] %s page offset -> 0x%x\n", vdm::syscall_hook.first, vdm::nt_page_offset);
+ std::printf("[+] ntoskrnl base address -> 0x%p\n", ntoskrnl_base);
+ std::printf("[+] ntoskrnl memcpy address -> 0x%p\n", ntoskrnl_memcpy);
+
+ short mz_bytes = 0;
+ vdm.syscall(
+ ntoskrnl_memcpy,
+ &mz_bytes,
+ ntoskrnl_base,
+ sizeof mz_bytes
+ );
+
+ std::printf("[+] ntoskrnl MZ -> 0x%x\n", mz_bytes);
+ const auto explorer_dirbase =
+ vdm.get_dirbase(util::get_pid("explorer.exe"));
+
+ const auto ntdll_base =
+ reinterpret_cast(
+ GetModuleHandleA("ntdll.dll"));
+
+ std::printf("explorer.exe dirbase -> 0x%p\n", explorer_dirbase);
+ std::printf("current process dirbase -> %p\n", voyager::current_dirbase());
+ std::printf("ntdll.dll base -> 0x%p\n", ntdll_base);
+ std::printf("ntdll.dll MZ in explorer.exe -> 0x%x\n",
+ voyager::rpm(explorer_dirbase, ntdll_base));
+
+ std::printf("[+] press any key to close...\n");
+ std::getchar();
+}
diff --git a/Voyager/example/util/nt.hpp b/Voyager/example/util/nt.hpp
new file mode 100644
index 0000000..1c236ee
--- /dev/null
+++ b/Voyager/example/util/nt.hpp
@@ -0,0 +1,89 @@
+#pragma once
+#include
+#include
+
+#pragma comment(lib, "ntdll.lib")
+#define PAGE_4KB 0x1000
+
+constexpr auto SystemModuleInformation = 11;
+typedef struct _RTL_PROCESS_MODULE_INFORMATION
+{
+ HANDLE Section;
+ PVOID MappedBase;
+ PVOID ImageBase;
+ ULONG ImageSize;
+ ULONG Flags;
+ USHORT LoadOrderIndex;
+ USHORT InitOrderIndex;
+ USHORT LoadCount;
+ USHORT OffsetToFileName;
+ UCHAR FullPathName[256];
+} RTL_PROCESS_MODULE_INFORMATION, * PRTL_PROCESS_MODULE_INFORMATION;
+
+typedef struct _RTL_PROCESS_MODULES
+{
+ ULONG NumberOfModules;
+ RTL_PROCESS_MODULE_INFORMATION Modules[1];
+} RTL_PROCESS_MODULES, * PRTL_PROCESS_MODULES;
+
+typedef LARGE_INTEGER PHYSICAL_ADDRESS, * PPHYSICAL_ADDRESS;
+
+using PEPROCESS = PVOID;
+using PsLookupProcessByProcessId = NTSTATUS(__fastcall*)(
+ HANDLE ProcessId,
+ PEPROCESS* Process
+);
+
+typedef union
+{
+ std::uint64_t flags;
+ struct
+ {
+ std::uint64_t reserved1 : 3;
+
+ /**
+ * @brief Page-level Write-Through
+ *
+ * [Bit 3] Controls the memory type used to access the first paging structure of the current paging-structure hierarchy.
+ * This bit is not used if paging is disabled, with PAE paging, or with 4-level paging if CR4.PCIDE=1.
+ *
+ * @see Vol3A[4.9(PAGING AND MEMORY TYPING)]
+ */
+ std::uint64_t page_level_write_through : 1;
+#define CR3_PAGE_LEVEL_WRITE_THROUGH_BIT 3
+#define CR3_PAGE_LEVEL_WRITE_THROUGH_FLAG 0x08
+#define CR3_PAGE_LEVEL_WRITE_THROUGH_MASK 0x01
+#define CR3_PAGE_LEVEL_WRITE_THROUGH(_) (((_) >> 3) & 0x01)
+
+ /**
+ * @brief Page-level Cache Disable
+ *
+ * [Bit 4] Controls the memory type used to access the first paging structure of the current paging-structure hierarchy.
+ * This bit is not used if paging is disabled, with PAE paging, or with 4-level paging2 if CR4.PCIDE=1.
+ *
+ * @see Vol3A[4.9(PAGING AND MEMORY TYPING)]
+ */
+ std::uint64_t page_level_cache_disable : 1;
+#define CR3_PAGE_LEVEL_CACHE_DISABLE_BIT 4
+#define CR3_PAGE_LEVEL_CACHE_DISABLE_FLAG 0x10
+#define CR3_PAGE_LEVEL_CACHE_DISABLE_MASK 0x01
+#define CR3_PAGE_LEVEL_CACHE_DISABLE(_) (((_) >> 4) & 0x01)
+ std::uint64_t reserved2 : 7;
+
+ /**
+ * @brief Address of page directory
+ *
+ * [Bits 47:12] Physical address of the 4-KByte aligned page directory (32-bit paging) or PML4 table (64-bit paging) used
+ * for linear-address translation.
+ *
+ * @see Vol3A[4.3(32-BIT PAGING)]
+ * @see Vol3A[4.5(4-LEVEL PAGING)]
+ */
+ std::uint64_t pml4_pfn : 36;
+#define CR3_ADDRESS_OF_PAGE_DIRECTORY_BIT 12
+#define CR3_ADDRESS_OF_PAGE_DIRECTORY_FLAG 0xFFFFFFFFF000
+#define CR3_ADDRESS_OF_PAGE_DIRECTORY_MASK 0xFFFFFFFFF
+#define CR3_ADDRESS_OF_PAGE_DIRECTORY(_) (((_) >> 12) & 0xFFFFFFFFF)
+ std::uint64_t reserved3 : 16;
+ };
+} cr3;
\ No newline at end of file
diff --git a/Voyager/example/util/util.hpp b/Voyager/example/util/util.hpp
new file mode 100644
index 0000000..efbbf63
--- /dev/null
+++ b/Voyager/example/util/util.hpp
@@ -0,0 +1,264 @@
+#pragma once
+#include
+#include
+
+#include
+#include
+#include
+#include
+#include
+#include