mirrors/pafish
1
0
Fork 0
mirror of https://github.com/a0rtega/pafish synced 2024-11-22 06:11:18 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add rdtsc method + vmexit, gcc -O0 due to cpu.c problems, minor code style changes

Browse Source
This commit is contained in:
Alberto Ortega 2015-04-01 19:44:21 +02:00
parent f5750fd1df
commit a5987cb387
5 changed files with 41 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pafish/Makefile.linux
View File

@ -9,7 +9,7 @@ LINKOBJ = $(OBJ)
LIBS = -lwsock32 -liphlpapi -lsetupapi -lmpr -s
INCS =
BIN = Output/MingW/pafish.exe
CFLAGS = $(INCS) -Wall -Wextra -O1
CFLAGS = $(INCS) -Wall -Wextra -O0
all: $(BIN)

2
pafish/Makefile.win
View File

@ -9,7 +9,7 @@ LINKOBJ = $(OBJ)
LIBS = -L"C:/MinGW32/lib" -lwsock32 -liphlpapi -lsetupapi -lmpr -s
INCS = -I"C:/MinGW32/include"
BIN = Output/MingW/pafish.exe
CFLAGS = $(INCS) -Wall -Wextra -O1
CFLAGS = $(INCS) -Wall -Wextra -O0
all: $(BIN)

33
pafish/cpu.c
View File

@ -6,15 +6,26 @@
#include "types.h"
#include "cpu.h"
static inline int rdtsc_diff() {
static inline unsigned long long rdtsc_diff() {
unsigned long long ret, ret2;
unsigned eax, edx;
__asm__ volatile("rdtsc" : "=a" (eax), "=d" (edx));
ret = ((unsigned long long)eax) | (((unsigned long long)edx) << 32);
__asm__ volatile("rdtsc" : "=a" (eax), "=d" (edx));
ret2 = ((unsigned long long)eax) | (((unsigned long long)edx) << 32);
return ret2 - ret;
}
static inline unsigned long long rdtsc_diff_vmexit() {
unsigned long long ret, ret2;
unsigned eax, edx;
__asm__ volatile("rdtsc" : "=a" (eax), "=d" (edx));
ret = ((unsigned long long)eax) | (((unsigned long long)edx) << 32);
/* vm exit forced here. it uses: eax = 0; cpuid; */
__asm__ volatile("cpuid" : /* no output */ : "a"(0x00));
/**/
__asm__ volatile("rdtsc" : "=a" (eax), "=d" (edx));
ret2 = ((unsigned long long)eax) | (((unsigned long long)edx) << 32);
return ret2 - ret;
}
@ -41,13 +52,27 @@ static inline int cpuid_hv_bit() {
}
int cpu_rdtsc() {
int i, avg = 0, diff;
int i;
unsigned long long diff, avg = 0;
for (i = 0; i < 10; i++) {
diff = rdtsc_diff();
avg = avg + diff;
Sleep(500);
}
return (avg / 10) > 750 ? TRUE : FALSE;
avg = avg / 10;
return (avg < 750 && avg > 0) ? FALSE : TRUE;
}
int cpu_rdtsc_force_vmexit() {
int i;
unsigned long long diff, avg = 0;
for (i = 0; i < 10; i++) {
diff = rdtsc_diff_vmexit();
avg = avg + diff;
Sleep(500);
}
avg = avg / 10;
return (avg < 1000 && avg > 0) ? FALSE : TRUE;
}
int cpu_hv() {

2
pafish/cpu.h
View File

@ -4,6 +4,8 @@
int cpu_rdtsc();
int cpu_rdtsc_force_vmexit();
int cpu_hv();
void cpu_write_vendor(char *);

8
pafish/main.c
View File

@ -93,6 +93,14 @@ int main(void)
}
else print_not_traced();
printf("[*] Checking the difference between CPU timestamp counters (rdtsc) forcing VM exit ... ");
if (cpu_rdtsc_force_vmexit() == TRUE) {
print_traced();
write_log("CPU VM traced by checking the difference between CPU timestamp counters (rdtsc) forcing VM exit");
write_trace("hi_CPU_VM_rdtsc_force_vm_exit");
}
else print_not_traced();
printf("[*] Checking hypervisor bit in cpuid feature bits ... ");
if (cpu_hv() == TRUE) {
print_traced();