github.com/nicocha30/gvisor-ligolo@v0.0.0-20230726075806-989fa2c0a413/pkg/ring0/kernel.go

github.com/nicocha30/gvisor-ligolo@v0.0.0-20230726075806-989fa2c0a413/pkg/ring0/kernel.go (about)

     1  // Copyright 2018 The gVisor Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package ring0
    16  
    17  import (
    18  	"github.com/nicocha30/gvisor-ligolo/pkg/sentry/arch/fpu"
    19  )
    20  
    21  // Init initializes a new kernel.
    22  //
    23  //go:nosplit
    24  func (k *Kernel) Init(maxCPUs int) {
    25  	k.init(maxCPUs)
    26  }
    27  
    28  // Halt halts execution.
    29  func Halt()
    30  
    31  // defaultHooks implements hooks.
    32  type defaultHooks struct{}
    33  
    34  // KernelSyscall implements Hooks.KernelSyscall.
    35  //
    36  // +checkescape:all
    37  //
    38  //go:nosplit
    39  func (defaultHooks) KernelSyscall() {
    40  	Halt()
    41  }
    42  
    43  // KernelException implements Hooks.KernelException.
    44  //
    45  // +checkescape:all
    46  //
    47  //go:nosplit
    48  func (defaultHooks) KernelException(Vector) {
    49  	Halt()
    50  }
    51  
    52  // kernelSyscall is a trampoline.
    53  //
    54  // When in amd64, it is called with %rip on the upper half, so it can
    55  // NOT access to any global data which is not mapped on upper and must
    56  // call to function pointers or interfaces to switch to the lower half
    57  // so that callee can access to global data.
    58  //
    59  // +checkescape:hard,stack
    60  //
    61  //go:nosplit
    62  func kernelSyscall(c *CPU) {
    63  	c.hooks.KernelSyscall()
    64  }
    65  
    66  // kernelException is a trampoline.
    67  //
    68  // When in amd64, it is called with %rip on the upper half, so it can
    69  // NOT access to any global data which is not mapped on upper and must
    70  // call to function pointers or interfaces to switch to the lower half
    71  // so that callee can access to global data.
    72  //
    73  // +checkescape:hard,stack
    74  //
    75  //go:nosplit
    76  func kernelException(c *CPU, vector Vector) {
    77  	c.hooks.KernelException(vector)
    78  }
    79  
    80  // Init initializes a new CPU.
    81  //
    82  // Init allows embedding in other objects.
    83  func (c *CPU) Init(k *Kernel, cpuID int, hooks Hooks) {
    84  	c.self = c    // Set self reference.
    85  	c.kernel = k  // Set kernel reference.
    86  	c.init(cpuID) // Perform architectural init.
    87  	c.floatingPointState = fpu.NewState()
    88  
    89  	// Require hooks.
    90  	if hooks != nil {
    91  		c.hooks = hooks
    92  	} else {
    93  		c.hooks = defaultHooks{}
    94  	}
    95  }