Skip to content

added QEMU disk serial #375

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
NotRequiem merged 4 commits into from
May 13, 2025
Merged

added QEMU disk serial #375

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ab31960
sync with dev
May 13, 2025
463c823
Merge branch 'dev' of https://github.com/NotRequiem/VMAware into dev
May 13, 2025
4b0a51a
added qemu drivers/disk serials
May 13, 2025
e4d07ad
removed hyper-v driver checks
May 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion docs/documentation.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -495,7 +495,6 @@ VMAware provides a convenient way to not only check for VMs, but also have the f
| `VM::DEVICE_STRING` | Check if bogus device string would be accepted | 🪟 | 25% | | | | | [link](https://github.com/kernelwernel/VMAware/blob/8cb2491b1c7d2cb7300d1d698b7c64c953b4ae75/src/vmaware.hpp#L6821) |
| `VM::BLUESTACKS_FOLDERS` | Check for the presence of BlueStacks-specific folders | 🐧 | 5% | | | | | [link](https://github.com/kernelwernel/VMAware/blob/8cb2491b1c7d2cb7300d1d698b7c64c953b4ae75/src/vmaware.hpp#L6842) |
| `VM::CPUID_SIGNATURE` | Check for signatures in leaf 0x40000001 in CPUID | 🐧🪟🍏 | 95% | | | | | [link](https://github.com/kernelwernel/VMAware/blob/8cb2491b1c7d2cb7300d1d698b7c64c953b4ae75/src/vmaware.hpp#L6865) |
| `VM::KVM_BITMASK` | Check for KVM CPUID bitmask range for reserved values | 🐧🪟🍏 | 40% | | | | | [link](https://github.com/kernelwernel/VMAware/blob/8cb2491b1c7d2cb7300d1d698b7c64c953b4ae75/src/vmaware.hpp#L6893) |
| `VM::KGT_SIGNATURE` | Check for Intel KGT (Trusty branch) hypervisor signature in CPUID | 🐧🪟🍏 | 80% | | | | | [link](https://github.com/kernelwernel/VMAware/blob/8cb2491b1c7d2cb7300d1d698b7c64c953b4ae75/src/vmaware.hpp#L6931) |
| `VM::QEMU_VIRTUAL_DMI` | Check for presence of QEMU in the /sys/devices/virtual/dmi/id directory | 🐧 | 40% | | | | | [link](https://github.com/kernelwernel/VMAware/blob/8cb2491b1c7d2cb7300d1d698b7c64c953b4ae75/src/vmaware.hpp#L6956) |
| `VM::QEMU_USB` | Check for presence of QEMU in the /sys/kernel/debug/usb/devices directory | 🐧 | 20% | | | | | [link](https://github.com/kernelwernel/VMAware/blob/8cb2491b1c7d2cb7300d1d698b7c64c953b4ae75/src/vmaware.hpp#L6986) |
Expand Down
4 changes: 0 additions & 4 deletions src/cli.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -371,7 +371,6 @@ bool is_unsupported(VM::enum_flags flag) {
case VM::GENERAL_HOSTNAME:
case VM::BLUESTACKS_FOLDERS:
case VM::CPUID_SIGNATURE:
case VM::KVM_BITMASK:
case VM::KGT_SIGNATURE:
case VM::QEMU_VIRTUAL_DMI:
case VM::QEMU_USB:
Expand Down Expand Up @@ -440,7 +439,6 @@ bool is_unsupported(VM::enum_flags flag) {
case VM::SCREEN_RESOLUTION:
case VM::DEVICE_STRING:
case VM::CPUID_SIGNATURE:
case VM::KVM_BITMASK:
case VM::KGT_SIGNATURE:
case VM::DRIVER_NAMES:
case VM::DISK_SERIAL:
Expand Down Expand Up @@ -485,7 +483,6 @@ bool is_unsupported(VM::enum_flags flag) {
case VM::INTEL_THREAD_MISMATCH:
case VM::XEON_THREAD_MISMATCH:
case VM::CPUID_SIGNATURE:
case VM::KVM_BITMASK:
case VM::KGT_SIGNATURE:
case VM::AMD_SEV:
case VM::AMD_THREAD_MISMATCH:
Expand Down Expand Up @@ -903,7 +900,6 @@ void general() {
checker(VM::DEVICE_STRING, "bogus device string");
checker(VM::BLUESTACKS_FOLDERS, "BlueStacks folders");
checker(VM::CPUID_SIGNATURE, "CPUID signatures");
checker(VM::KVM_BITMASK, "KVM CPUID reserved bitmask");
checker(VM::KGT_SIGNATURE, "Intel KGT signature");
checker(VM::QEMU_VIRTUAL_DMI, "QEMU virtual DMI directory");
checker(VM::QEMU_USB, "QEMU USB");
Expand Down
87 changes: 27 additions & 60 deletions src/vmaware.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -247,7 +247,7 @@
#elif VMA_CPLUSPLUS >= 202002L
# define CPP 20
# ifdef __VMAWARE_DEBUG__
# pragma message("using C++20")

Check warning on line 250 in src/vmaware.hpp

View workflow job for this annotation

GitHub Actions / Analyze (cpp, gcc-14, Ninja Multi-Config, Debug, ON) 

using C++20 [-W#pragma-messages]
# endif

#elif VMA_CPLUSPLUS >= 201703L
Expand Down Expand Up @@ -592,7 +592,6 @@
DEVICE_STRING,
BLUESTACKS_FOLDERS,
CPUID_SIGNATURE,
KVM_BITMASK,
KGT_SIGNATURE,
QEMU_VIRTUAL_DMI,
QEMU_USB,
Expand Down Expand Up @@ -837,7 +836,7 @@
cpu::leaf::brand3
}};

std::string b(48, '\n');
std::string b(48, '\0');

union Regs {
u32 i[4];
Expand Down Expand Up @@ -1984,7 +1983,7 @@
return true;
}

// Otherwise map to your enums:
// Otherwise map to our enums:
switch (v.size) {
case 4: // "qemu" or "vbox"
return core::add(v.data[0] == 'q'
Expand Down Expand Up @@ -5618,43 +5617,6 @@
}


/**
* @brief Check for KVM CPUID bitmask range for reserved values
* @category x86
* @implements VM::KVM_BITMASK
*/
[[nodiscard]] static bool kvm_bitmask() {
#if (!x86)
return false;
#else
u32 eax, ebx, ecx, edx = 0;
cpu::cpuid(eax, ebx, ecx, edx, 0x40000000);

// KVM brand and max leaf check
if (!(
(eax == 0x40000001) &&
(ebx == 0x4b4d564b) &&
(ecx == 0x564b4d56) &&
(edx == 0x4d)
)) {
return false;
}

cpu::cpuid(eax, ebx, ecx, edx, 0x40000001);

if (
(eax & (1 << 8)) &&
(((eax >> 13) & 0b1111111111) == 0) &&
((eax >> 24) == 0)
) {
return core::add(brands::KVM);
}

return false;
#endif
}


/**
* @brief Check for Intel KGT (Trusty branch) hypervisor signature in CPUID
* @link https://github.com/intel/ikgt-core/blob/7dfd4d1614d788ec43b02602cce7a272ef8d5931/vmm/vmexit/vmexit_cpuid.c
Expand Down Expand Up @@ -6274,8 +6236,8 @@
};

static constexpr std::array<u8, 16> hex_positions = { {
2, 3, 4, 5, 6, 7, 8, 9,
11,12,13,14,15,16,17,18
2, 3, 4, 5, 6, 7, 8, 9,
11,12,13,14,15,16,17,18
} };

for (u8 idx : hex_positions) {
Expand All @@ -6286,6 +6248,18 @@
return str[10] == '-';
};

auto is_qemu_serial = [](const char* str, u8 len) -> bool {
constexpr const char* prefix = "QM0000";
constexpr size_t prefix_len = 6;
if (len < prefix_len)
return false;
for (size_t i = 0; i < prefix_len; ++i) {
if (str[i] != prefix[i])
return false;
}
return true;
};

for (u8 drive = 0; drive < MAX_PHYSICAL_DRIVES; drive++) {
wchar_t path[32];
swprintf_s(path, L"\\\\.\\PhysicalDrive%u", drive);
Expand Down Expand Up @@ -6327,9 +6301,7 @@
if (!DeviceIoControl(hDevice, IOCTL_STORAGE_QUERY_PROPERTY,
&query, sizeof(query), buffer, header.Size,
&bytesReturned, nullptr)) {
if (buffer != stackBuf) {
LocalFree(buffer);
}
if (buffer != stackBuf) LocalFree(buffer);
CloseHandle(hDevice);
continue;
}
Expand All @@ -6347,33 +6319,30 @@
constexpr size_t BUF_SZ = 256;
char upperSerial[BUF_SZ] = { 0 };

size_t copyLen;
if (serialLen < (BUF_SZ - 1)) {
copyLen = serialLen;
}
else {
copyLen = BUF_SZ - 1;
}
size_t copyLen = (serialLen < BUF_SZ - 1) ? serialLen : BUF_SZ - 1;

for (size_t i = 0; i < copyLen; ++i) {
char c = serial[i];
upperSerial[i] = (c >= 'a' && c <= 'z') ? char(c - 32) : c;
}
upperSerial[copyLen] = '\0';

if (is_qemu_serial(upperSerial, static_cast<u8>(copyLen))) {
result = core::add(brands::QEMU);
if (buffer != stackBuf) LocalFree(buffer);
CloseHandle(hDevice);
return result;
}

if (is_vbox_serial(upperSerial, static_cast<u8>(copyLen))) {
result = core::add(brands::VBOX);
if (buffer != stackBuf) {
LocalFree(buffer);
}
if (buffer != stackBuf) LocalFree(buffer);
CloseHandle(hDevice);
return result;
}
}

if (buffer != stackBuf) {
LocalFree(buffer);
}
if (buffer != stackBuf) LocalFree(buffer);
CloseHandle(hDevice);
}

Expand Down Expand Up @@ -10518,7 +10487,6 @@
case DEVICE_STRING: return "DEVICE_STRING";
case BLUESTACKS_FOLDERS: return "BLUESTACKS_FOLDERS";
case CPUID_SIGNATURE: return "CPUID_SIGNATURE";
case KVM_BITMASK: return "KVM_BITMASK";
case KGT_SIGNATURE: return "KGT_SIGNATURE";
case QEMU_VIRTUAL_DMI: return "QEMU_VIRTUAL_DMI";
case QEMU_USB: return "QEMU_USB";
Expand Down Expand Up @@ -11090,7 +11058,6 @@
std::make_pair(VM::DEVICE_STRING, VM::core::technique(25, VM::device_string)),
std::make_pair(VM::BLUESTACKS_FOLDERS, VM::core::technique(5, VM::bluestacks)),
std::make_pair(VM::CPUID_SIGNATURE, VM::core::technique(95, VM::cpuid_signature)),
std::make_pair(VM::KVM_BITMASK, VM::core::technique(40, VM::kvm_bitmask)),
std::make_pair(VM::KGT_SIGNATURE, VM::core::technique(80, VM::intel_kgt_signature)),
std::make_pair(VM::QEMU_VIRTUAL_DMI, VM::core::technique(40, VM::qemu_virtual_dmi)),
std::make_pair(VM::QEMU_USB, VM::core::technique(20, VM::qemu_USB)),
Expand Down
Loading