From 3c391dc0b64c05fc21c85d0021808d88da8e8a1b Mon Sep 17 00:00:00 2001
From: Daniel Rossier <205909+daniel-rossier@users.noreply.github.com>
Date: Sun, 14 Jul 2024 18:50:48 +0200
Subject: [PATCH] WiP: booting into the first instructions of the ME

---
 linux/linux/soo/core/injector.c     | 16 +++++++++++-----
 linux/linux/soo/core/me_access.c    | 15 +++++++++++----
 linux/linux/soo/kernel/hypervisor.c | 15 +++++++++------
 3 files changed, 31 insertions(+), 15 deletions(-)

diff --git a/linux/linux/soo/core/injector.c b/linux/linux/soo/core/injector.c
index 678f38e30a..fc6b45a2cd 100644
--- a/linux/linux/soo/core/injector.c
+++ b/linux/linux/soo/core/injector.c
@@ -63,24 +63,30 @@ size_t current_size = 0;
  * @return slotID or -1 if no slotID available.
  */
 int inject_ME(void *buffer, size_t size) {
-	int slotID;
+        int *val;
         void *me = NULL;
+        int slotID;
 
         DBG("Original contents at address: 0x%08x\n with size %d bytes\n", (unsigned long) buffer, size);
 
 	/* Allocate a contiguous memory region to host the ME*/
-        me = kmalloc(size, GFP_KERNEL);
+        me = kzalloc(size, GFP_KERNEL);
         BUG_ON(!me);
 
-        memcpy(me, buffer, size);
+        val = kzalloc(sizeof(int), GFP_KERNEL);
+        BUG_ON(!val);
 
+        memcpy(me, buffer, size);
+        
         /* Now, the virtual address can be converted to the physical one in the
          * soo_hypercall() function */
 
-        soo_hypercall(AVZ_INJECT_ME, me, &slotID, &size);
+        soo_hypercall(AVZ_INJECT_ME, me, val, NULL);
+        slotID = *val;
 
         kfree(me);
-	
+        kfree(val);
+
         return slotID;
 }
 
diff --git a/linux/linux/soo/core/me_access.c b/linux/linux/soo/core/me_access.c
index 58dd509c7d..e0b432d983 100644
--- a/linux/linux/soo/core/me_access.c
+++ b/linux/linux/soo/core/me_access.c
@@ -33,13 +33,20 @@
 
 int get_ME_state(unsigned int ME_slotID)
 {
-	int val;
+	int *val;
+        int state;
 
-	val = ME_slotID;
+        val = kzalloc(sizeof(int), GFP_KERNEL);
+        BUG_ON(!val);
 
-	soo_hypercall(AVZ_GET_ME_STATE, NULL, &val, NULL);
+        *val = ME_slotID;
 
-	return val;
+        soo_hypercall(AVZ_GET_ME_STATE, NULL, val, NULL);
+        state = *val;
+
+        kfree(val);
+
+        return state;
 }
 
 /*
diff --git a/linux/linux/soo/kernel/hypervisor.c b/linux/linux/soo/kernel/hypervisor.c
index 1087c766e1..f6dd5c9910 100644
--- a/linux/linux/soo/kernel/hypervisor.c
+++ b/linux/linux/soo/kernel/hypervisor.c
@@ -33,17 +33,20 @@
 
 void avz_ME_unpause(domid_t domain_id, addr_t vbstore_pfn)
 {
-	struct domctl op;
+        struct domctl *op;
 
-	lprintk("Trying to unpause ME domain %d...", domain_id);
+        op = kzalloc(sizeof(struct domctl), GFP_KERNEL);
+        BUG_ON(!op);
 
-	op.cmd = DOMCTL_unpauseME;
+        lprintk("Trying to unpause ME domain %d...", domain_id);
 
-	op.domain = domain_id;
+        op->cmd = DOMCTL_unpauseME;
+
+	op->domain = domain_id;
 
-	op.u.unpause_ME.vbstore_pfn = vbstore_pfn;
+	op->u.unpause_ME.vbstore_pfn = vbstore_pfn;
 
-	avz_hypercall(__HYPERVISOR_domctl, (long) &op, 0 ,0 ,0);
+	avz_hypercall(__HYPERVISOR_domctl, virt_to_phys(op), 0 ,0 ,0);
 }
 
 #if defined(CONFIG_SOO) && !defined(CONFIG_LINUXVIRT)