diff --git a/shellcode_hypervisor/main.c b/shellcode_hypervisor/main.c index 5f7a8c9..e9bbdd3 100644 --- a/shellcode_hypervisor/main.c +++ b/shellcode_hypervisor/main.c @@ -5,7 +5,6 @@ #include __attribute__((section(".entry_point"), naked)) uint32_t main(void) { - // We enter this function after CR3 was updated to 1:1 mapping // We need to point RSP/RBP to a good known valid address uint32_t ebax, ebx, ecx, edx; diff --git a/shellcode_hypervisor/utils.c b/shellcode_hypervisor/utils.c index 89283f1..44652a1 100644 --- a/shellcode_hypervisor/utils.c +++ b/shellcode_hypervisor/utils.c @@ -26,7 +26,6 @@ uint8_t hex_val[17]; __attribute__((noinline, optimize("O0"))) uint8_t * u64_to_hex_custom(uint64_t val, uint8_t *dest) { - const uint8_t hex_chars[] = "0123456789abcdef"; dest[16] = '\0'; diff --git a/shellcode_kernel/kernel_code.c b/shellcode_kernel/kernel_code.c index 95c8a9e..96eedff 100644 --- a/shellcode_kernel/kernel_code.c +++ b/shellcode_kernel/kernel_code.c @@ -96,7 +96,6 @@ static int mp3_enable_output(int be, int mode) { } static void patch_hv(void) { - // Install identity map for HV // HV Shellcode 1 it's updating CR3 uint64_t identity_cr3 = cave_hv_paging; // P, RW, US=0 @@ -156,7 +155,6 @@ static void patch_hv(void) { } void boot_linux(void) { - patch_hv(); memcpy((void *)PHYS_TO_DMAP(0xC0000), (void *)g_vbios, 0x10000); diff --git a/shellcode_kernel/main.c b/shellcode_kernel/main.c index 36857ab..a8ecbc2 100644 --- a/shellcode_kernel/main.c +++ b/shellcode_kernel/main.c @@ -12,7 +12,6 @@ shellcode_kernel_args args = { // acpi_wakeup_machdep __attribute__((section(".entry_point"))) uint32_t main(uint64_t add1, uint64_t add2) { - // We will do main checks on .text only with a reference to .data to avoid // fixed offsets first After NPTs are disabled, we can continue nornmally // using all the variables in .data that are embedded in shellcode @@ -69,7 +68,6 @@ __attribute__((section(".entry_point"))) uint32_t main(uint64_t add1, ret = ((uint64_t(*)(void))args_ptr->fun_hv_iommu_wait_completion)(); if (ret == 0) { - putc_uart(args_ptr->dmap_base, 'I'); putc_uart(args_ptr->dmap_base, 'O'); putc_uart(args_ptr->dmap_base, 'M'); @@ -85,7 +83,6 @@ __attribute__((section(".entry_point"))) uint32_t main(uint64_t add1, // Allow R/W on HV and Kernel area if (tmr_disable(args_ptr->dmap_base)) { - putc_uart(args_ptr->dmap_base, 'T'); putc_uart(args_ptr->dmap_base, 'M'); putc_uart(args_ptr->dmap_base, 'R'); @@ -276,7 +273,6 @@ __attribute__((noinline, optimize("O0"))) int tmr_disable(uint64_t dmap) { } void init_global_pointers(volatile shellcode_kernel_args *args_ptr) { - memcpy(&args, (void *)args_ptr, sizeof(args)); printf = (void (*)(const char *, ...))args.fun_printf; diff --git a/shellcode_kernel/utils.c b/shellcode_kernel/utils.c index 6eb18ea..7e71399 100644 --- a/shellcode_kernel/utils.c +++ b/shellcode_kernel/utils.c @@ -31,7 +31,6 @@ uint64_t va_to_pa_kernel(uint64_t va) { // Source: PS5_kldload uint64_t va_to_pa_custom(uint64_t va, uint64_t cr3_custom) { - uint64_t table_phys = cr3_custom & 0xFFFFFFFF; for (int level = 0; level < 4; level++) { diff --git a/source/hv_defeat.c b/source/hv_defeat.c index 56b495a..9002120 100644 --- a/source/hv_defeat.c +++ b/source/hv_defeat.c @@ -187,7 +187,6 @@ void handle_sigill(int sig) { } int stage4_force_vmcb_reload(void) { - int ret = 0; auto old_handler = signal(SIGILL, handle_sigill); @@ -239,7 +238,6 @@ int stage5_remove_xotext(void) { } int stage6_kernel_pmap_invalidate_all(void) { - DEBUG_PRINT("HV-Defeat [stage6] invalidate paging entries\n"); static uint64_t two_zero_pages[PAGE_SIZE * 2] = {0}; diff --git a/source/iommu.c b/source/iommu.c index f5836f4..09a0343 100644 --- a/source/iommu.c +++ b/source/iommu.c @@ -37,7 +37,6 @@ int iommu_init(void) { // Submit a single 16-byte command and wait for completion void iommu_submit_cmd(const void *cmd) { - if (iommu->mmio_va == 0) iommu_init(); diff --git a/source/loader.c b/source/loader.c index cf439c7..ff93d91 100644 --- a/source/loader.c +++ b/source/loader.c @@ -21,7 +21,6 @@ #define MINI_SYSCORE_PID 1 uint64_t alloc_page(void) { - void *page = mmap(NULL, PAGE_SIZE, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, -1, 0); @@ -64,7 +63,6 @@ void install_page(uintptr_t pml4, vm_offset_t va, vm_paddr_t pa, int bits) { } void pte_store(uintptr_t ptep, uint64_t pte) { - static_assert((PAGE_SIZE % 0x1000) == 0, "PAGE_SIZE should be a multiple of 0x1000"); @@ -123,7 +121,6 @@ static const char *get_overridden_filename(const char *filename) { } long find_and_get_size_of_file(const char *filename, char *found_path) { - char full_path[256]; struct stat st; @@ -131,7 +128,6 @@ long find_and_get_size_of_file(const char *filename, char *found_path) { int num_paths = sizeof(file_paths) / sizeof(file_paths[0]); for (int i = 0; i < num_paths; i++) { - snprintf(full_path, sizeof(full_path), "%s%s", file_paths[i], filename); if (stat(full_path, &st) == 0) { @@ -151,7 +147,6 @@ int find_and_read_file(const char *filename, void *buf, size_t bufsize) { int num_paths = sizeof(file_paths) / sizeof(file_paths[0]); for (int i = 0; i < num_paths; i++) { - snprintf(full_path, sizeof(full_path), "%s%s", file_paths[i], filename); if (stat(full_path, &st) == 0) { diff --git a/source/main.c b/source/main.c index 3faa50a..8037a06 100644 --- a/source/main.c +++ b/source/main.c @@ -9,7 +9,6 @@ #include int main(void) { - if (setup_env()) { notify("Something went wrong while initiating.\nPlease make sure your fw " "is supported."); @@ -56,7 +55,6 @@ int setup_env(void) { } int prepare_resume(void) { - if (env_offset.KERNEL_CODE_CAVE == 0) { printf("Error: missing code cave offset\n"); return -1; diff --git a/source/utils.c b/source/utils.c index c0c7ab5..3bdf273 100644 --- a/source/utils.c +++ b/source/utils.c @@ -93,7 +93,6 @@ uint64_t va_to_pa_kernel(uint64_t va) { return va_to_pa_custom(va, cr3); } // Source: PS5_kldload uint64_t va_to_pa_custom(uint64_t va, uint64_t cr3_custom) { - uint64_t table_phys = cr3_custom & 0xFFFFFFFF; for (int level = 0; level < 4; level++) { @@ -123,7 +122,6 @@ uint64_t pa_to_dmap(uint64_t pa) { return dmap + pa; } // Set RW bit on all levels if needed and remove eXecute Only bit void page_chain_set_rw(uint64_t va) { - uint64_t table_phys = cr3; for (int level = 0; level < 4; level++) { @@ -164,7 +162,6 @@ void page_chain_set_rw(uint64_t va) { // Remove Global bit on last level uint64_t page_remove_global(uint64_t va) { - uint64_t table_phys = cr3; for (int level = 0; level < 4; level++) { @@ -188,7 +185,6 @@ uint64_t page_remove_global(uint64_t va) { } if (level == 3) { - PAGE_CLEAR_G(entry); kwrite(entry_va, &entry, sizeof(entry));