Skip to content
This repository has been archived by the owner on Sep 1, 2024. It is now read-only.

Fix Multi-Core HookManager and MsrBitmap Inconsistencies #31

Merged
merged 2 commits into from
Jun 28, 2024
Merged

Fix Multi-Core HookManager and MsrBitmap Inconsistencies #31

merged 2 commits into from
Jun 28, 2024

Conversation

memN0ps
Copy link
Owner

@memN0ps memN0ps commented Jun 28, 2024

Summary

This PR addresses critical issues related to the handling of HookManager and MsrBitmap across multiple cores, ensuring consistency and stability in the hypervisor.

Key Changes

  1. Bug Fix: Global HookManager

    • Issue: HookManager was initialized per-thread, causing different ntoskrnl base addresses across threads, leading to crashes.
    • Solution: Implemented a single global HookManager to maintain consistent ntoskrnl base addresses across all threads.

  2. Bug Fix: Shared MsrBitmap

    • Issue: MsrBitmap was managed per-thread, causing inconsistent ntoskrnl virtual/physical addresses and sizes across processors, leading to crashes.
    • Solution: MsrBitmap is now managed within the global HookManager for consistent MSR settings across all processors.

  3. Bug 3: Page Table Mapping Issues:

    • Issue: This issue is still unsolved and could be related to the APIC (Advanced Programmable Interrupt Controller). It involves crashes during unhooking operations because the system incorrectly treats split pages as large pages. Core 0 recognized the split, which performed the hook, but other cores didn't.

Related Issues

@memN0ps
Initialize SHARED_HOOK_MANAGER and update usages
f34cc33 
- Added lazy_static initialization for SHARED_HOOK_MANAGER.
- Updated functions to use SHARED_HOOK_MANAGER.
- Ensured thread-safe access and proper initialization of HookManager.
- Related to #29 and #28.
@memN0ps
Bug Fix: MsrBitmap is shared per-thread
2b2832b 
- Hooking MSR per-processor at boot-time gave incorrect ntoskrnl va/pa/size for all other processors other than 0 because other threads updated the ntoskrnl va/pa/size, which means parsing ntos would cause a crash.
@memN0ps memN0ps merged commit 20d8310 into main Jun 28, 2024
1 check passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@memN0ps