github.com/nicocha30/gvisor-ligolo@v0.0.0-20230726075806-989fa2c0a413/pkg/sentry/platform/kvm/bluepill.go (about) 1 // Copyright 2018 The gVisor Authors. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package kvm 16 17 import ( 18 "fmt" 19 20 "golang.org/x/sys/unix" 21 "github.com/nicocha30/gvisor-ligolo/pkg/ring0" 22 "github.com/nicocha30/gvisor-ligolo/pkg/sentry/arch" 23 "github.com/nicocha30/gvisor-ligolo/pkg/sighandling" 24 ) 25 26 // bluepill enters guest mode. 27 func bluepill(*vCPU) 28 29 // sighandler is the signal entry point. 30 func sighandler() 31 32 // dieTrampoline is the assembly trampoline. This calls dieHandler. 33 // 34 // This uses an architecture-specific calling convention, documented in 35 // dieArchSetup and the assembly implementation for dieTrampoline. 36 func dieTrampoline() 37 38 // Return the start address of the functions above. 39 // 40 // In Go 1.17+, Go references to assembly functions resolve to an ABIInternal 41 // wrapper function rather than the function itself. We must reference from 42 // assembly to get the ABI0 (i.e., primary) address. 43 func addrOfSighandler() uintptr 44 func addrOfDieTrampoline() uintptr 45 46 var ( 47 // bounceSignal is the signal used for bouncing KVM. 48 // 49 // We use SIGCHLD because it is not masked by the runtime, and 50 // it will be ignored properly by other parts of the kernel. 51 bounceSignal = unix.SIGCHLD 52 53 // bounceSignalMask has only bounceSignal set. 54 bounceSignalMask = uint64(1 << (uint64(bounceSignal) - 1)) 55 56 // bounce is the interrupt vector used to return to the kernel. 57 bounce = uint32(ring0.VirtualizationException) 58 59 // savedHandler is a pointer to the previous handler. 60 // 61 // This is called by bluepillHandler. 62 savedHandler uintptr 63 64 // savedSigsysHandler is a pointer to the previos handler of the SIGSYS signals. 65 savedSigsysHandler uintptr 66 67 // dieTrampolineAddr is the address of dieTrampoline. 68 dieTrampolineAddr uintptr 69 ) 70 71 // _SYS_KVM_RETURN_TO_HOST is the system call that is used to transition 72 // to host. 73 const _SYS_KVM_RETURN_TO_HOST = ^uintptr(0) 74 75 // redpill invokes a syscall with -1. 76 // 77 //go:nosplit 78 func redpill() { 79 unix.RawSyscall(_SYS_KVM_RETURN_TO_HOST, 0, 0, 0) 80 } 81 82 // dieHandler is called by dieTrampoline. 83 // 84 //go:nosplit 85 func dieHandler(c *vCPU) { 86 throw(c.dieState.message) 87 } 88 89 // die is called to set the vCPU up to panic. 90 // 91 // This loads vCPU state, and sets up a call for the trampoline. 92 // 93 //go:nosplit 94 func (c *vCPU) die(context *arch.SignalContext64, msg string) { 95 // Save the death message, which will be thrown. 96 c.dieState.message = msg 97 98 // Setup the trampoline. 99 dieArchSetup(c, context, &c.dieState.guestRegs) 100 } 101 102 func init() { 103 // Install the handler. 104 if err := sighandling.ReplaceSignalHandler(bluepillSignal, addrOfSighandler(), &savedHandler); err != nil { 105 panic(fmt.Sprintf("Unable to set handler for signal %d: %v", bluepillSignal, err)) 106 } 107 108 // Extract the address for the trampoline. 109 dieTrampolineAddr = addrOfDieTrampoline() 110 }