Proper custom GDT, IDT and Page Tables will be done later as too comp…

…lex.
memN0ps · Dec 21, 2023 · c230bff · c230bff
1 parent 1735f32
commit c230bff
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -12,8 +12,6 @@ A lightweight, memory-safe, and blazingly fast Rust-based type-2 research hyperv
 
 - **Efficient VM Exit Handling**: Implements optimized handling for various VM exit reasons like `Cpuid`, `Rdmsr`, `Wrmsr`, `Invd`, `Rdtsc`, `EptViolation`, `EptMisconfiguration`, `Invept`, `Invvpid`, `Xsetbv`. This ensures minimal performance overhead and responsive virtual machine operations.
 
-- **Robust Isolation Mechanisms**: Custom Global Descriptor Table (GDT), Interrupt Descriptor Table (IDT), and Page Tables are used for enhanced security. This design decision prevents potential vulnerabilities from using the host's `ntoskrnl.exe` `CR3` or a usermode process's `CR3`, fortifying the hypervisor against sophisticated attacks. [Further reading on the importance of these structures](https://www.unknowncheats.me/forum/2779560-post4.html).
-
 - **Integrated Extended Page Tables (EPT)**: Incorporates Memory Type Range Registers (MTRR) with EPT for efficient memory mapping and management. This feature ensures that memory types are correctly identified and handled, optimizing performance and stability in virtualized environments.
 
 
@@ -23,6 +21,8 @@ A lightweight, memory-safe, and blazingly fast Rust-based type-2 research hyperv
 
 - **EPT Hook Development**: Planning to implement EPT hooks for sophisticated memory control and monitoring within guest VMs. This will allow for more granular memory management and potentially enable advanced features like memory introspection or modification.
 
+- **Robust Isolation Mechanisms**: Custom Global Descriptor Table (GDT), Interrupt Descriptor Table (IDT), and Page Tables will be used for enhanced security. This design decision will prevent potential vulnerabilities from using the host's `ntoskrnl.exe` `CR3` or a usermode process's `CR3`, fortifying the hypervisor against sophisticated attacks. [Further reading on the importance of these structures](https://www.unknowncheats.me/forum/2779560-post4.html).
+
 - **Stability Enhancements**: Addressing the `CRITICAL_PROCESS_DIED (ef)` BSOD issue is a top priority.
 
 ## Installation

diff --git a/hypervisor/src/intel/vmcs.rs b/hypervisor/src/intel/vmcs.rs
@@ -217,8 +217,9 @@ impl Vmcs {
     pub fn setup_host_registers_state(context: &CONTEXT, host_descriptor_table: &Box<DescriptorTables, KernelAlloc>, host_paging: &Box<PageTables, PhysicalAllocator>) -> Result<(), HypervisorError> {
         unsafe { vmwrite(vmcs::host::CR0, controlregs::cr0().bits() as u64) };
 
-        let pml4_pa = host_paging.get_pml4_pa()?;
-        vmwrite(vmcs::host::CR3, pml4_pa);
+        // We can use custom page tables later, this is half implemented.
+        let _pml4_pa = host_paging.get_pml4_pa()?;
+        unsafe { vmwrite(vmcs::host::CR3, crate::utils::nt::NTOSKRNL_CR3) };
 
         unsafe { vmwrite(vmcs::host::CR4, controlregs::cr4().bits() as u64) };