Make generic interface to define custom Exception bitmaps that return…

… to supervisor. This is i.e. needed for BOPping in NTVDM (VECTOR_UD) or for Interrupt hooking (VERTOR_NP).

So this generic call could be useful for hypervisors.

core/include/hax_core_interface.h

@@ -95,6 +95,7 @@ struct vm_t * hax_create_vm(int *vm_id);
 int hax_teardown_vm(struct vm_t *vm);
 int vcpu_event_pending(struct vcpu_t *vcpu);
 void vcpu_set_panic(struct vcpu_t *vcpu);
+void vcpu_setexcbmp(struct vcpu_t *vcpu, uint32_t excbmp);
 
 #ifdef __cplusplus
 }

core/include/vcpu.h

@@ -238,6 +238,8 @@ struct vcpu_t {
 #ifdef CONFIG_HAX_EPT2
     struct mmio_fetch_cache mmio_fetch;
 #endif  // CONFIG_HAX_EPT2
+
+	uint32_t user_excbmp;
 };
 
 #define vmx(v, field) v->vmx.field
@@ -264,6 +266,7 @@ int vcpu_put_fpu(struct vcpu_t *vcpu, struct fx_layout *fl);
 int vcpu_get_msr(struct vcpu_t *vcpu, uint64_t entry, uint64_t *val);
 int vcpu_put_msr(struct vcpu_t *vcpu, uint64_t entry, uint64_t val);
 void vcpu_debug(struct vcpu_t *vcpu, struct hax_debug_t *debug);
+void vcpu_setexcbmp(struct vcpu_t *vcpu, uint32_t excbmp);
 
 /* The declaration for OS wrapper code */
 int hax_vcpu_destroy_host(struct vcpu_t *cvcpu, void *vcpu_host);

core/include/vm.h

@@ -112,7 +112,7 @@ enum exit_status {
     HAX_EXIT_FAST_MMIO,
     HAX_EXIT_PAGEFAULT,
     HAX_EXIT_DEBUG,
-	HAX_EXIT_OPCODE
+	HAX_EXIT_NMI
 };
 
 enum run_flag {

core/vcpu.c

@@ -1309,6 +1309,7 @@ static void vcpu_update_exception_bitmap(struct vcpu_t *vcpu)
     if (vcpu->debug_control & HAX_DEBUG_USE_SW_BP) {
         exc_bitmap |= (1u << VECTOR_BP);
     }
+	exc_bitmap |= vcpu->user_excbmp;
     vmwrite(vcpu, VMX_EXCEPTION_BITMAP, exc_bitmap);
 }
 
@@ -1942,9 +1943,6 @@ static void vmwrite_cr(struct vcpu_t *vcpu)
                    ~(cr0_fixed_0 ^ cr0_fixed_1);
     }
 
-	// leecher1337
-	exc_bitmap |= 1u << VECTOR_UD;
-
     if (vtlb_active(vcpu)) {
         hax_debug("vTLB mode, cr0 %llx\n", vcpu->state->_cr0);
         vcpu->mmu->mmu_mode = MMU_MODE_VTLB;
@@ -2395,11 +2393,13 @@ static int exit_exc_nmi(struct vcpu_t *vcpu, struct hax_tunnel *htun)
             htun->debug.dr7 = 0;
             return HAX_EXIT;
         }
-		// leecher1337
-		case VECTOR_UD: {
+		default:
+		if (vcpu->user_excbmp & (1 << exit_intr_info.vector))
+		{
 			uint64_t va;
 
-			htun->_exit_status = HAX_EXIT_OPCODE;
+			htun->_exit_status = HAX_EXIT_NMI;
+			htun->nmi.exit_intr_info = exit_intr_info.raw;
 			va = vcpu->state->_cs.long_mode == 1 ? vcpu->state->_rip : vcpu->state->_cs.base + vcpu->state->_rip;
 			vcpu_read_guest_virtual(vcpu, va, vcpu->io_buf, INSTR_MAX_LEN, INSTR_MAX_LEN, 0);
 			return HAX_EXIT;
@@ -4120,6 +4120,13 @@ void vcpu_debug(struct vcpu_t *vcpu, struct hax_debug_t *debug)
     vcpu_update_exception_bitmap(vcpu);
 };
 
+void vcpu_setexcbmp(struct vcpu_t *vcpu, uint32_t excbmp)
+{
+	vcpu->user_excbmp = excbmp;
+	hax_error("set user_excbmp = %08X", vcpu->user_excbmp);
+	vcpu_update_exception_bitmap(vcpu);
+}
+
 static void vcpu_dump(struct vcpu_t *vcpu, uint32_t mask, const char *caption)
 {
     vcpu_vmread_all(vcpu);

include/hax_interface.h

@@ -153,6 +153,9 @@ struct hax_tunnel {
             uint64_t dr6;
             uint64_t dr7;
         } debug;
+		struct {
+			uint32_t exit_intr_info;
+		} nmi;
     };
     uint64_t apic_base;
 } PACKED;

platforms/windows/hax_entry.c

@@ -430,6 +430,10 @@ NTSTATUS HaxVcpuControl(PDEVICE_OBJECT DeviceObject,
             vcpu_debug(cvcpu, (struct hax_debug_t*)inBuf);
             break;
         }
+		case HAX_VCPU_IOCTL_SET_EXCBMP: {
+			vcpu_setexcbmp(cvcpu, *(uint32_t*)inBuf);
+			break;
+		}
         default:
             hax_error("Unknow vcpu ioctl %lx\n",
                       irpSp->Parameters.DeviceIoControl.IoControlCode);

platforms/windows/hax_entry.h

@@ -166,4 +166,7 @@ extern PDRIVER_OBJECT HaxDriverObject;
 #define HAX_IOCTL_VCPU_DEBUG \
         CTL_CODE(HAX_DEVICE_TYPE, 0x916, METHOD_BUFFERED, FILE_ANY_ACCESS)
 
+#define HAX_VCPU_IOCTL_SET_EXCBMP \
+        CTL_CODE(HAX_DEVICE_TYPE, 0x919, METHOD_BUFFERED, FILE_ANY_ACCESS)
+
 #endif // HAX_WINDOWS_HAX_ENTRY_H_