search

DarthTon / HyperBone

Minimalistic VT-x hypervisor with hooks
MIT License
822 stars 262 forks source link

Windows 10 2004 VMLAUNCH failed #32

Open Hulkstance opened 4 years ago

Hulkstance commented 4 years ago

I tested it on Windows 10 2004 release and it BSODd with:

EXIT_REASON_INVALID_GUEST_STATE
Arguments:
Arg1: 0000000000000001
Arg2: 0000000000000021
Arg3: 0000000000000000
Arg4: 0000000000000000

image

VOID VmExitStartFailed( IN PGUEST_STATE GuestState )
{
    DPRINT(
        "HyperBone: CPU %d: %s: Failed to enter VM, reason %d, code %d\n",
        CPU_IDX, __FUNCTION__, 
        GuestState->ExitReason, GuestState->ExitQualification 
        );

    KeBugCheckEx( HYPERVISOR_ERROR, BUG_CHECK_INVALID_VM, GuestState->ExitReason, GuestState->ExitQualification, 0 );
}
nnnbbb commented 2 months ago

Maybe you can try to modify these places to support win10, my system version is win10 1909

https://github.com/DarthTon/HyperBone/blob/06642eddd8cd245d242cba7421e5b3293176dc00/src/Arch/Intel/VMX.c#L487

add

+ vmCpuCtl2Requested.Fields.EnableINVPCID = TRUE;

https://github.com/DarthTon/HyperBone/blob/06642eddd8cd245d242cba7421e5b3293176dc00/src/Arch/Intel/VmxExitHandlers.c#L342

add

+ if (data->Fields.Register == 4)
+   {
+        INT64 RSP = 0;
+        __vmx_vmread(GUEST_RSP, &RSP);
+        *regPtr = RSP;
+   }

https://github.com/DarthTon/HyperBone/blob/06642eddd8cd245d242cba7421e5b3293176dc00/src/Arch/Intel/VmxExitHandlers.c#L354

change

- __vmx_vmwrite( GUEST_CR3, *regPtr );
+ __vmx_vmwrite( GUEST_CR3, ( *regPtr & ~(1ULL << 63) ) );

Refer to this Blog