Question about reading/writing virtual memory and contexts

[untyper]

// read from virtual memory in another process
void read_virt_mem(vcpu* cpu);

The read/write virtual memory functions accept an argument of type vcpu. Within the vcpu struct the current guest context is defined. Is the current guest context the program that's currently active and being interacted with by the user or am I misunderstanding something?

[jonomango]

The read/write virtual memory functions accept an argument of type vcpu. Within the vcpu struct the current guest context is defined. Is the current guest context the program that's currently active and being interacted with by the user or am I misunderstanding something?

You are correct. However, those functions shouldn't be called directly. They're meant to be hypercall handlers and will be executed when the guest executes a hypercall (like this, for example). Instead, use read_guest_virtual_memory() which is the corresponding function that is meant to be called from root-mode (and ONLY root-mode).

[untyper]

Hey, thanks for your response! What's the difference between read_guest_virtual_memory() and hv::read_virt_mem() ? Is one intended for reading usermode virtual address spaces and the other kernelmode virtual spaces? Or do both functions accomplish the same thing?

How would I go about reading a usermode processes virtual memory? Which function would be appropriate for that occasion?

I also noticed that read_guest_virtual_memory() doesn't have a write_guest_virtual_memory() counterpart, if the functions above are meant for different tasks then how would I go about implementing this write function?

[untyper]

After reading some more and trying out the functions myself I figured out that hv::read_virt_mem() can indeed be used to read the usermode VA's aswell. I guess access to the CR3 makes things really flexible.

Sorry for wasting your time and thanks for the great hypervisor @jonomango 😅

[jonomango]

Yes, all the stuff in here is meant to be used by the guest, while read_guest_virtual_memory() is used internally by the hypervisor. Adding a write_guest_virtual_memory() function would be useful, it is just more difficult to recover from failures due to partial writes.