Skip to content

Commit

Permalink
Merge pull request #84 from kernelwernel/dev
Browse files Browse the repository at this point in the history 
Dev
  • Loading branch information
@kernelwernel
kernelwernel authored May 27, 2024
2 parents d0cd36a + b8b5de5 commit a545c89
Show file tree
Hide file tree
Showing 5 changed files with 2,591 additions and 458 deletions.
2 changes: 1 addition & 1 deletion TODO.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
- [ ] make a man file in markdown for the cli tool
- [ ] implement smbios version technique [here](https://github.com/Print3M/Anti-VM/blob/eb524ed89e783b36c149acc450b2350d4198b06b/detectors.cpp#L88)
- [ ] implement a display size technique for linux with EDID
- [ ] implement a technique that matches the CPU product name and match it with a database of core counts for that specific CPU product
- [X] implement a technique that matches the CPU product name and match it with a database of core counts for that specific CPU product
- [ ] add usage example in the .hpp file directly below the banner

# Distant plans
Expand Down
4 changes: 1 addition & 3 deletions auxiliary/updater.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,9 +88,7 @@ def update(filename):
" * - start of internal VM detection techniques => line __TECHNIQUES__",
" * - struct for internal core components => line __CORE__",
" * - start of public VM detection functions => line __PUBLIC__",
" * - start of externally defined variables => line __EXTERNAL__",
" */",
""
" * - start of externally defined variables => line __EXTERNAL__"
]

# replace the macro strings with the file line numbers
Expand Down
1 change: 1 addition & 0 deletions src/cli.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,6 +238,7 @@ int main(int argc, char* argv[]) {
checker(VM::UPTIME, "uptime");
checker(VM::ODD_CPU_THREADS, "unusual thread count");
checker(VM::INTEL_THREAD_MISMATCH, "Intel thread count mismatch");
checker(VM::XEON_THREAD_MISMATCH, "Intel Xeon thread count mismatch");

std::printf("\n");

Expand Down
251 changes: 225 additions & 26 deletions src/vmaware.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,17 +19,36 @@
* - Full credits: https://github.com/kernelwernel/VMAware#credits-and-contributors-%EF%B8%8F
* - License: GPL-3.0
*
*
* ================================ SECTIONS ==================================
* - enums for publicly accessible techniques => line 252
* - struct for internal cpu operations => line 447
* - struct for internal memoization => line 684
* - struct for internal utility functions => line 757
* - struct for internal core components => line 5713
* - start of internal VM detection techniques => line 1423
* - start of public VM detection functions => line 5786
* - start of externally defined variables => line 6053
* - enums for publicly accessible techniques => line 282
* - struct for internal cpu operations => line 480
* - struct for internal memoization => line 772
* - struct for internal utility functions => line 834
* - struct for internal core components => line 7073
* - start of internal VM detection techniques => line 1510
* - start of public VM detection functions => line 7187
* - start of externally defined variables => line 7487
*
*
* ================================ EXAMPLE ==================================
#include "vmaware.hpp"
#include <iostream>
int main() {
if (VM::detect()) {
std::cout << "Virtual machine detected!" << std::endl;
std::cout << "VM name: " << VM::brand() << std::endl;
} else {
std::cout << "Running in baremetal" << std::endl;
}
std::cout << "VM certainty: " << (int)VM::percentage() << "%" << std::endl;
}
*/


#if (defined(_MSC_VER) || defined(_WIN32) || defined(_WIN64) || defined(__MINGW32__))
#define MSVC 1
#define LINUX 0
Expand Down Expand Up @@ -348,7 +367,7 @@ struct VM {
UPTIME,
ODD_CPU_THREADS,
INTEL_THREAD_MISMATCH,
INTEL_XEON_THREAD_MISMATCH,
XEON_THREAD_MISMATCH,
EXTREME,
NO_MEMO,
WIN_HYPERV_DEFAULT,
Expand Down Expand Up @@ -589,20 +608,22 @@ struct VM {
#endif
}

[[nodiscard]] static std::string get_model() {
struct model_struct {
bool found;
bool is_xeon;
bool is_i_series;
std::string string;
};

[[nodiscard]] static model_struct get_model() {
const std::string brand = get_brand();

constexpr const char* intel_i_series_regex = "i[0-9]-[A-Z0-9]{1,7}";
constexpr const char* intel_xeon_series_regex = "[DEW]-[A-Z0-9]{1,7}";

constexpr std::array<const char*, 2> regex_templates {{
intel_i_series_regex,
intel_xeon_series_regex
}};

std::string match_str = "";

for (const auto regex : regex_templates) {
auto match = [&](const char* regex) -> bool {
std::regex pattern(regex);

auto words_begin = std::sregex_iterator(brand.begin(), brand.end(), pattern);
Expand All @@ -614,11 +635,32 @@ struct VM {
}

if (!match_str.empty()) {
return match_str;
return true;
}

return false;
};

bool found = false;
bool is_xeon = false;
bool is_i_series = false;
std::string string = "";

if (cpu::is_intel()) {
if (match(intel_i_series_regex)) {
found = true;
is_i_series = true;
string = match_str;
} else if (match(intel_xeon_series_regex)) {
found = true;
is_xeon = true;
string = match_str;
}
}

return "";
// no AMD (for now)

return model_struct{ found, is_xeon, is_i_series, string };
};

#if (CPP >= 17)
Expand Down Expand Up @@ -5877,7 +5919,7 @@ struct VM {
/**
* @brief Check for CPUs that don't match their thread count
* @category All, x86
* @links https://en.wikipedia.org/wiki/List_of_Intel_Core_processors
* @link https://en.wikipedia.org/wiki/List_of_Intel_Core_processors
*/
[[nodiscard]] static bool intel_thread_mismatch() try {
if (core::disabled(INTEL_THREAD_MISMATCH)) {
Expand All @@ -5891,15 +5933,19 @@ struct VM {
return false;
}

const std::string model = cpu::get_model();
const cpu::model_struct model = cpu::get_model();

debug("INTEL_THREAD_MISMATCH: CPU model = ", model);
if (!model.found) {
return false;
}

if (model.empty()) {
if (!model.is_i_series) {
return false;
}

std::unordered_map<std::string, u8> thread_database = {
debug("INTEL_THREAD_MISMATCH: CPU model = ", model.string);

const std::unordered_map<std::string, u8> thread_database = {
// i3 series
{ "i3-1000G1", 4 },
{ "i3-1000G4", 4 },
Expand Down Expand Up @@ -6856,11 +6902,11 @@ struct VM {
};

// basically means "if there's 0 matches in the database, return false"
if (thread_database.count(model) == 0) {
if (thread_database.count(model.string) == 0) {
return false;
}

const u8 threads = thread_database.at(model);
const u8 threads = thread_database.at(model.string);

debug("INTEL_THREAD_MISMATCH: thread in database = ", static_cast<u32>(threads));

Expand All @@ -6873,6 +6919,158 @@ struct VM {
}


/**
* @brief Check for Intel Xeon CPUs that don't match their thread count
* @category All, x86
* @link https://en.wikipedia.org/wiki/List_of_Intel_Core_processors
*/
[[nodiscard]] static bool xeon_thread_mismatch() try {
if (core::disabled(XEON_THREAD_MISMATCH)) {
return false;
}

#if (!x86)
return false;
#else
if (!cpu::is_intel()) {
return false;
}

const cpu::model_struct model = cpu::get_model();

if (!model.found) {
return false;
}

if (!model.is_i_series) {
return false;
}

debug("XEON_THREAD_MISMATCH: CPU model = ", model.string);

const std::unordered_map<std::string, u8> xeon_thread_database = {
// Xeon D
{ "D-1518", 8 },
{ "D-1520", 8 },
{ "D-1521", 8 },
{ "D-1527", 8 },
{ "D-1528", 12 },
{ "D-1529", 8 },
{ "D-1531", 12 },
{ "D-1537", 16 },
{ "D-1539", 16 },
{ "D-1540", 16 },
{ "D-1541", 16 },
{ "D-1548", 16 },
{ "D-1557", 24 },
{ "D-1559", 24 },
{ "D-1567", 24 },
{ "D-1571", 32 },
{ "D-1577", 32 },
{ "D-1581", 32 },
{ "D-1587", 32 },
{ "D-1513N", 8 },
{ "D-1523N", 8 },
{ "D-1533N", 12 },
{ "D-1543N", 16 },
{ "D-1553N", 16 },
{ "D-1602", 4 },
{ "D-1612", 8 },
{ "D-1622", 8 },
{ "D-1627", 8 },
{ "D-1632", 16 },
{ "D-1637", 12 },
{ "D-1623N", 8 },
{ "D-1633N", 12 },
{ "D-1649N", 16 },
{ "D-1653N", 16 },
{ "D-2141I", 16 },
{ "D-2161I", 24 },
{ "D-2191", 36 },
{ "D-2123IT", 8 },
{ "D-2142IT", 16 },
{ "D-2143IT", 16 },
{ "D-2163IT", 24 },
{ "D-2173IT", 28 },
{ "D-2183IT", 32 },
{ "D-2145NT", 16 },
{ "D-2146NT", 16 },
{ "D-2166NT", 24 },
{ "D-2177NT", 28 },
{ "D-2187NT", 32 },

// Xeon E
{ "E-2104G", 4 },
{ "E-2124", 4 },
{ "E-2124G", 4 },
{ "E-2126G", 6 },
{ "E-2134", 8 },
{ "E-2136", 12 },
{ "E-2144G", 8 },
{ "E-2146G", 12 },
{ "E-2174G", 8 },
{ "E-2176G", 12 },
{ "E-2186G", 12 },
{ "E-2176M", 12 },
{ "E-2186M", 12 },
{ "E-2224", 4 },
{ "E-2224G", 4 },
{ "E-2226G", 6 },
{ "E-2234", 8 },
{ "E-2236", 12 },
{ "E-2244G", 8 },
{ "E-2246G", 12 },
{ "E-2274G", 8 },
{ "E-2276G", 12 },
{ "E-2278G", 16 },
{ "E-2286G", 12 },
{ "E-2288G", 16 },
{ "E-2276M", 12 },
{ "E-2286M", 16 },

// Xeon W
{ "W-2102", 4 },
{ "W-2104", 4 },
{ "W-2123", 8 },
{ "W-2125", 8 },
{ "W-2133", 12 },
{ "W-2135", 12 },
{ "W-2140B", 16 },
{ "W-2145", 16 },
{ "W-2150B", 20 },
{ "W-2155", 20 },
{ "W-2170B", 28 },
{ "W-2175", 28 },
{ "W-2191B", 36 },
{ "W-2195", 36 },
{ "W-3175X", 56 },
{ "W-3223", 16 },
{ "W-3225", 16 },
{ "W-3235", 24 },
{ "W-3245", 32 },
{ "W-3245M", 32 },
{ "W-3265", 48 },
{ "W-3265M", 48 },
{ "W-3275", 56 },
{ "W-3275M", 56 }
};

if (xeon_thread_database.count(model.string) == 0) {
return false;
}

const u8 threads = xeon_thread_database.at(model.string);

debug("XEON_THREAD_MISMATCH: thread in database = ", static_cast<u32>(threads));

return (std::thread::hardware_concurrency() != threads);
#endif
}
catch (...) {
debug("INTEL_THREAD_MISMATCH: catched error, returned false");
return false;
}

struct core {
MSVC_DISABLE_WARNING(PADDING)
struct technique {
Expand Down Expand Up @@ -7462,7 +7660,8 @@ const std::map<VM::u8, VM::core::technique> VM::core::table = {
{ VM::MUTEX, { 85, VM::mutex }},
{ VM::UPTIME, { 10, VM::uptime }},
{ VM::ODD_CPU_THREADS, { 80, VM::odd_cpu_threads }},
{ VM::INTEL_THREAD_MISMATCH, { 70, VM::intel_thread_mismatch }}
{ VM::INTEL_THREAD_MISMATCH, { 85, VM::intel_thread_mismatch }},
{ VM::XEON_THREAD_MISMATCH, { 85, VM::xeon_thread_mismatch }}

// __TABLE_LABEL, add your technique above
// { VM::FUNCTION, { POINTS, FUNCTION_POINTER }}
Expand Down
Loading

0 comments on commit a545c89

Please sign in to comment.