From d831b6d9b2d3fa02de1de784dfc8d2a4d0e4ad1d Mon Sep 17 00:00:00 2001
From: Cheat Engine <dark_byte@hotmail.com>
Date: Mon, 2 Aug 2021 14:05:04 +0200
Subject: [PATCH] some UEFI boot compatibility fixes

---
 DBVM UEFI/dbvmoffload.c    | 36 ++++++++++++++++++++++++++++---
 DBVM UEFI/dbvmoffloada.asm | 21 +++++++++++++++---
 DBVM UEFI/helpers.asm      | 12 +++++++----
 DBVM UEFI/helpers.h        |  1 +
 DBVM UEFI/main.c           | 44 +++++++++++++++-----------------------
 5 files changed, 77 insertions(+), 37 deletions(-)

diff --git a/DBVM UEFI/dbvmoffload.c b/DBVM UEFI/dbvmoffload.c
index 496cfdfc..eed9396d 100644
--- a/DBVM UEFI/dbvmoffload.c	
+++ b/DBVM UEFI/dbvmoffload.c	
@@ -15,6 +15,10 @@ typedef UINT16 WORD, *PWORD;
 typedef void *PVOID;
 
 
+UINT64 password1=0x76543210;
+DWORD password2=0xfedcba98;
+UINT64 password3=0x90909090;
+
 
 extern void enterVMM( void ); //declared in vmxoffloada.asm
 extern void enterVMMPrologue(void);
@@ -128,8 +132,9 @@ void cleanupMemory()
 
 
   st->BootServices->FreePages(originalstate->APEntryPage,1);
-  //st->BootServices->FreePages((EFI_PHYSICAL_ADDRESS)enterVMM2,1);
+  st->BootServices->FreePages((EFI_PHYSICAL_ADDRESS)enterVMM2,1);
 
+  st->BootServices->FreePages(originalstatePA, 1+(sizeof(OriginalState) / 4096));
 
   Print(L"Freed unused memory\n");
 
@@ -360,7 +365,7 @@ void InitializeDBVM(UINT64 vmm, int vmmsize)
 
     char something[201];
 
-    Input(L"Type something : ", something, 200);
+    //Input(L"Type something : ", something, 200);
 
 
 
@@ -639,10 +644,14 @@ void LaunchDBVM()
 
     Print(L"\nReturned from enterVMMPrologue\n");
 
-    Print(L"Testing:\n");
 
+    //return;
+
+
+    if (1)
     {
 
+      Print(L"Testing:\n");
       struct
       {
         unsigned int structsize;
@@ -668,22 +677,43 @@ void LaunchDBVM()
       dovmcall2(&vmcallinfo, 0x76543210, &freemem,&fullpages);
 
 
+
+      Print(L"Doing system test.  Before DR6=%x DR7=%x\n", getDR6(), getDR7());
+
       disableInterrupts();
       r=doSystemTest(); //check if the system behaves like it should
       enableInterrupts();
 
+      Print(L"After system test.  After DR6=%x DR7=%x\n", getDR6(), getDR7());
+
       if (r)
       {
         Print(L"Failed to pass test %d\n", r);
       }
+      else
+      {
+        Print(L"System Test Successful\n", r);
+
+      }
+
+
+
+
+      vmcallinfo.structsize=sizeof(vmcallinfo);
+      vmcallinfo.level2pass=0xfedcba98;
+      vmcallinfo.command=79; //HIDE DBVM MEMORY local cpu
+      dovmcall(&vmcallinfo, 0x76543210);
 
 
 
       Print(L"still alive\ndbvmversion=%x\nfreemem=%d (fullpages=%d)", dbvmversion, freemem, fullpages);
+
+
     }
 
     //DbgPrint("cpunr=%d\n",cpunr());
 
 
 
+
 }
diff --git a/DBVM UEFI/dbvmoffloada.asm b/DBVM UEFI/dbvmoffloada.asm
index e62c817c..91e9ed46 100644
--- a/DBVM UEFI/dbvmoffloada.asm	
+++ b/DBVM UEFI/dbvmoffloada.asm	
@@ -82,15 +82,22 @@ EXTERN InitStackPA
 
 GLOBAL doSystemTest
 doSystemTest:
+  sub rsp,8+4*8
+  mov [rsp+00h],rbx
+  mov [rsp+08h],rcx
+  mov [rsp+10h],rdx
+  mov rax,dr7
+  mov [rsp+18h],rax
+
   mov rax,0x402
   mov dr7,rax
   mov rax,dr7
   cmp rax,0x402
   je pass1
 
-  ;fail test1
   mov rax,1
-  ret
+  jmp doSystemTest_exit
+
 
 pass1:
   cpuid
@@ -100,10 +107,18 @@ pass1:
 
   ;fail test 2
   mov rax,2
-  ret
+  jmp doSystemTest_exit
 
 pass2:
   xor rax,rax
+
+doSystemTest_exit:
+  mov rbx,[rsp+18h]
+  mov dr7,rax
+  mov rdx,[rsp+10h]
+  mov rcx,[rsp+08h]
+  mov rbx,[rsp]
+  add rsp,8+4*8
   ret
 
 GLOBAL enterVMM
diff --git a/DBVM UEFI/helpers.asm b/DBVM UEFI/helpers.asm
index f7f07934..71354b39 100644
--- a/DBVM UEFI/helpers.asm	
+++ b/DBVM UEFI/helpers.asm	
@@ -6,6 +6,10 @@ BITS 64
 ;3=rdx
 ;4=rcx
 
+extern password1
+extern password2
+extern password3
+
 GLOBAL testfunction
 
 testfunction:
@@ -332,11 +336,10 @@ enableInterrupts:
 
 GLOBAL dovmcall
 dovmcall:
-  push rdx
   mov rax,rdi
-  mov rdx,rsi
+  mov rdx,[rel password1]
+  mov rcx,[rel password3]
   vmcall
-  pop rdx
   ret
 
 GLOBAL dovmcall2
@@ -347,7 +350,8 @@ dovmcall2:
   mov r9,rcx
 
   mov rax,rdi
-  mov rdx,rsi
+  mov rdx,[rel password1]
+  mov rcx,[rel password3]
   vmcall
   mov [r8],rax
   mov [r9],rdx
diff --git a/DBVM UEFI/helpers.h b/DBVM UEFI/helpers.h
index f0636b5d..6cba104b 100644
--- a/DBVM UEFI/helpers.h	
+++ b/DBVM UEFI/helpers.h	
@@ -85,6 +85,7 @@ extern int brk(void);
 extern unsigned long long readMSR(int msr);
 extern void writeMSR(int msr, unsigned long long value);
 VOID *AllocatePersistentMemory(int size);
+VOID *FreePersistentMemory(void *memory, int size);
 
 EFI_STATUS AllocatePages(IN EFI_ALLOCATE_TYPE            Type,  IN EFI_MEMORY_TYPE              MemoryType,  IN UINTN                        NoPages,  OUT EFI_PHYSICAL_ADDRESS        *Memory  );
 extern void setCR0(UINT64 newcr0);
diff --git a/DBVM UEFI/main.c b/DBVM UEFI/main.c
index 15f20456..0b51ccbf 100644
--- a/DBVM UEFI/main.c	
+++ b/DBVM UEFI/main.c	
@@ -123,29 +123,11 @@ inline uint64_t rdmsr(uint32_t msr_id)
     return msr_value;
 }*/
 
-EFIAPI VOID FunctionX (IN VOID *Buffer)
-{
-  UINT64 t1,t2,t3, a;
-  t1=getTSC();
-  t2=readMSR(0x10);
-  t3=getTSC();
-  a=readMSR(0x3b);
-  Print(L"AP CPU %d:\n      %ld - %ld - %ld\n      Adjust:%ld\n", (int)Buffer, t1,t2,t3, a);
-
-  writeMSR(0x3b,-getTSC());
-
-  t1=getTSC();
-  t2=readMSR(0x10);
-  t3=getTSC();
-  a=readMSR(0x3b);
-
-  Print(L"AP CPU %d:\n      %ld - %ld - %ld\n      Adjust:%ld\n", (int)Buffer, t1,t2,t3, a);
-}
 
 
 EFIAPI VOID LaunchDBVMAP (IN VOID *Buffer)
 {
-  writeMSR(0x3b,0);
+ // writeMSR(0x3b,0);
   Print(L"AP CPU %d entering DBVM mode\n", (int)Buffer);
 
   Print(L"CR0 before = 0x%lx\n", getCR0());
@@ -196,7 +178,7 @@ efi_main (EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
 
 
   Print(L"efi_main at %lx\n",(UINT64)efi_main);
-  FunctionX(NULL);
+  //FunctionX(NULL);
 /*
   Print(L"Testing 2:\n");
 
@@ -273,8 +255,13 @@ efi_main (EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
   }
 
 
+  UINT64 debugsilicon=readMSR(0xc80);
 
-  Input(L"Type something : ", something, 200);
+  Print(L"debugsilicon(0xc80)=%lx\n",debugsilicon);
+
+
+
+  //Input(L"Type something : ", something, 200);
 
 
   EFI_MP_SERVICES_PROTOCOL *MpProto=NULL;
@@ -314,7 +301,7 @@ efi_main (EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
     }
   }
 
-  Input(L"Type something : ", something, 200);
+ // Input(L"Type something : ", something, 200);
 
 
 
@@ -456,10 +443,10 @@ efi_main (EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
 
 
 
-  Input(L"Type something : ", something, 200);
+  //Input(L"Type something : ", something, 200);
   Print(L"\n");
 
-  if (StrnCmp(something,L"Q",2)!=0)
+ // if (StrnCmp(something,L"Q",2)!=0)
   {
     Print(L"launching DBVM\n");
 
@@ -473,7 +460,7 @@ efi_main (EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
 
     Print(L"Main DBVM CPU loaded. Loading AP cpu\'s:");
 
-    Input(L"Type something : ", something, 200);
+   // Input(L"Type something : ", something, 200);
 
 
     int i;
@@ -493,9 +480,12 @@ efi_main (EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
 
   cleanupMemory();
 
-  Input(L"Type something : ", something, 200);
 
-  Print(L"Something is %S", something);
+
+
+  //Input(L"Type something : ", something, 200);
+
+ // Print(L"Something is %S", something);
 
 
   SystemTable->BootServices->Exit(ImageHandle, 1,0,NULL);