Merge pull request #84 from kernelwernel/dev

Dev

Author: kernelwernel

TODO.md

@@ -32,7 +32,7 @@
 - [ ] make a man file in markdown for the cli tool
 - [ ] implement smbios version technique [here](https://github.com/Print3M/Anti-VM/blob/eb524ed89e783b36c149acc450b2350d4198b06b/detectors.cpp#L88)
 - [ ] implement a display size technique for linux with EDID 
-- [ ] implement a technique that matches the CPU product name and match it with a database of core counts for that specific CPU product
+- [X] implement a technique that matches the CPU product name and match it with a database of core counts for that specific CPU product
 - [ ] add usage example in the .hpp file directly below the banner
 
 # Distant plans

auxiliary/updater.py

@@ -88,9 +88,7 @@ def update(filename):
         " * - start of internal VM detection techniques => line __TECHNIQUES__",
         " * - struct for internal core components       => line __CORE__",
         " * - start of public VM detection functions    => line __PUBLIC__",
-        " * - start of externally defined variables     => line __EXTERNAL__",
-        " */",
-        ""
+        " * - start of externally defined variables     => line __EXTERNAL__"
     ]
 
     # replace the macro strings with the file line numbers

src/cli.cpp

@@ -238,6 +238,7 @@ int main(int argc, char* argv[]) {
         checker(VM::UPTIME, "uptime");
         checker(VM::ODD_CPU_THREADS, "unusual thread count");
         checker(VM::INTEL_THREAD_MISMATCH, "Intel thread count mismatch");
+        checker(VM::XEON_THREAD_MISMATCH, "Intel Xeon thread count mismatch");
 
         std::printf("\n");
 

src/vmaware.hpp

@@ -19,17 +19,36 @@
  *  - Full credits: https://github.com/kernelwernel/VMAware#credits-and-contributors-%EF%B8%8F
  *  - License: GPL-3.0
  *
+ * 
  * ================================ SECTIONS ==================================
- * - enums for publicly accessible techniques  => line 252
- * - struct for internal cpu operations        => line 447
- * - struct for internal memoization           => line 684
- * - struct for internal utility functions     => line 757
- * - struct for internal core components       => line 5713
- * - start of internal VM detection techniques => line 1423
- * - start of public VM detection functions    => line 5786
- * - start of externally defined variables     => line 6053
+ * - enums for publicly accessible techniques  => line 282
+ * - struct for internal cpu operations        => line 480
+ * - struct for internal memoization           => line 772
+ * - struct for internal utility functions     => line 834
+ * - struct for internal core components       => line 7073
+ * - start of internal VM detection techniques => line 1510
+ * - start of public VM detection functions    => line 7187
+ * - start of externally defined variables     => line 7487
+ * 
+ * 
+ * ================================ EXAMPLE ==================================
+#include "vmaware.hpp"
+#include <iostream>
+
+int main() {
+    if (VM::detect()) {
+        std::cout << "Virtual machine detected!" << std::endl;
+        std::cout << "VM name: " << VM::brand() << std::endl;
+    } else {
+        std::cout << "Running in baremetal" << std::endl;
+    }
+    
+    std::cout << "VM certainty: " << (int)VM::percentage() << "%" << std::endl;
+}
+
  */
 
+
 #if (defined(_MSC_VER) || defined(_WIN32) || defined(_WIN64) || defined(__MINGW32__))
 #define MSVC 1
 #define LINUX 0
@@ -348,7 +367,7 @@ struct VM {
         UPTIME,
         ODD_CPU_THREADS,
         INTEL_THREAD_MISMATCH,
-        INTEL_XEON_THREAD_MISMATCH,
+        XEON_THREAD_MISMATCH,
         EXTREME,
         NO_MEMO,
         WIN_HYPERV_DEFAULT,
@@ -589,20 +608,22 @@ struct VM {
 #endif
         }
 
-        [[nodiscard]] static std::string get_model() {
+        struct model_struct {
+            bool found;
+            bool is_xeon;
+            bool is_i_series;
+            std::string string;
+        };
+
+        [[nodiscard]] static model_struct get_model() {
             const std::string brand = get_brand();
 
             constexpr const char* intel_i_series_regex    = "i[0-9]-[A-Z0-9]{1,7}";
             constexpr const char* intel_xeon_series_regex = "[DEW]-[A-Z0-9]{1,7}";
 
-            constexpr std::array<const char*, 2> regex_templates {{
-                intel_i_series_regex,
-                intel_xeon_series_regex
-            }};
-
             std::string match_str = "";
 
-            for (const auto regex : regex_templates) {
+            auto match = [&](const char* regex) -> bool {
                 std::regex pattern(regex);
 
                 auto words_begin  = std::sregex_iterator(brand.begin(), brand.end(), pattern);
@@ -614,11 +635,32 @@ struct VM {
                 }
 
                 if (!match_str.empty()) {
-                    return match_str;
+                    return true;
+                }
+
+                return false;
+            };
+
+            bool found        = false;
+            bool is_xeon      = false;
+            bool is_i_series  = false;
+            std::string string = "";
+
+            if (cpu::is_intel()) {
+                if (match(intel_i_series_regex)) {
+                    found       = true;
+                    is_i_series = true;
+                    string       = match_str;
+                } else if (match(intel_xeon_series_regex)) {
+                    found   = true;
+                    is_xeon = true;
+                    string   = match_str;
                 }
             }
 
-            return "";
+            // no AMD (for now)
+
+            return model_struct{ found, is_xeon, is_i_series, string };
         };
 
 #if (CPP >= 17)
@@ -5877,7 +5919,7 @@ struct VM {
     /**
      * @brief Check for CPUs that don't match their thread count
      * @category All, x86
-     * @links https://en.wikipedia.org/wiki/List_of_Intel_Core_processors
+     * @link https://en.wikipedia.org/wiki/List_of_Intel_Core_processors
      */ 
     [[nodiscard]] static bool intel_thread_mismatch() try {
         if (core::disabled(INTEL_THREAD_MISMATCH)) {
@@ -5891,15 +5933,19 @@ struct VM {
                 return false;
             }
 
-            const std::string model = cpu::get_model();
+            const cpu::model_struct model = cpu::get_model();
 
-            debug("INTEL_THREAD_MISMATCH: CPU model = ", model);
+            if (!model.found) {
+                return false;
+            }
 
-            if (model.empty()) {
+            if (!model.is_i_series) {
                 return false;
             }
 
-            std::unordered_map<std::string, u8> thread_database = {
+            debug("INTEL_THREAD_MISMATCH: CPU model = ", model.string);
+
+            const std::unordered_map<std::string, u8> thread_database = {
                 // i3 series
                 { "i3-1000G1", 4 },
                 { "i3-1000G4", 4 },
@@ -6856,11 +6902,11 @@ struct VM {
             };
 
             // basically means "if there's 0 matches in the database, return false"
-            if (thread_database.count(model) == 0) {
+            if (thread_database.count(model.string) == 0) {
                 return false;
             }
 
-            const u8 threads = thread_database.at(model);
+            const u8 threads = thread_database.at(model.string);
 
             debug("INTEL_THREAD_MISMATCH: thread in database = ", static_cast<u32>(threads));
 
@@ -6873,6 +6919,158 @@ struct VM {
     }
 
 
+    /**
+     * @brief Check for Intel Xeon CPUs that don't match their thread count
+     * @category All, x86
+     * @link https://en.wikipedia.org/wiki/List_of_Intel_Core_processors
+     */ 
+    [[nodiscard]] static bool xeon_thread_mismatch() try {
+        if (core::disabled(XEON_THREAD_MISMATCH)) {
+            return false;
+        }
+
+        #if (!x86)
+            return false;
+        #else
+            if (!cpu::is_intel()) {
+                return false;
+            }
+
+            const cpu::model_struct model = cpu::get_model();
+
+            if (!model.found) {
+                return false;
+            }
+
+            if (!model.is_i_series) {
+                return false;
+            }
+
+            debug("XEON_THREAD_MISMATCH: CPU model = ", model.string);
+
+            const std::unordered_map<std::string, u8> xeon_thread_database = {
+                // Xeon D
+                { "D-1518", 8 },
+                { "D-1520", 8 },
+                { "D-1521", 8 },
+                { "D-1527", 8 },
+                { "D-1528", 12 },
+                { "D-1529", 8 },
+                { "D-1531", 12 },
+                { "D-1537", 16 },
+                { "D-1539", 16 },
+                { "D-1540", 16 },
+                { "D-1541", 16 },
+                { "D-1548", 16 },
+                { "D-1557", 24 },
+                { "D-1559", 24 },
+                { "D-1567", 24 },
+                { "D-1571", 32 },
+                { "D-1577", 32 },
+                { "D-1581", 32 },
+                { "D-1587", 32 },
+                { "D-1513N", 8 },
+                { "D-1523N", 8 },
+                { "D-1533N", 12 },
+                { "D-1543N", 16 },
+                { "D-1553N", 16 },
+                { "D-1602", 4 },
+                { "D-1612", 8 },
+                { "D-1622", 8 },
+                { "D-1627", 8 },
+                { "D-1632", 16 },
+                { "D-1637", 12 },
+                { "D-1623N", 8 },
+                { "D-1633N", 12 },
+                { "D-1649N", 16 },
+                { "D-1653N", 16 },
+                { "D-2141I", 16 },
+                { "D-2161I", 24 },
+                { "D-2191", 36 },
+                { "D-2123IT", 8 },
+                { "D-2142IT", 16 },
+                { "D-2143IT", 16 },
+                { "D-2163IT", 24 },
+                { "D-2173IT", 28 },
+                { "D-2183IT", 32 },
+                { "D-2145NT", 16 },
+                { "D-2146NT", 16 },
+                { "D-2166NT", 24 },
+                { "D-2177NT", 28 },
+                { "D-2187NT", 32 },
+
+                // Xeon E
+                { "E-2104G", 4 },
+                { "E-2124", 4 },
+                { "E-2124G", 4 },
+                { "E-2126G", 6 },
+                { "E-2134", 8 },
+                { "E-2136", 12 },
+                { "E-2144G", 8 },
+                { "E-2146G", 12 },
+                { "E-2174G", 8 },
+                { "E-2176G", 12 },
+                { "E-2186G", 12 },
+                { "E-2176M", 12 },
+                { "E-2186M", 12 },
+                { "E-2224", 4 },
+                { "E-2224G", 4 },
+                { "E-2226G", 6 },
+                { "E-2234", 8 },
+                { "E-2236", 12 },
+                { "E-2244G", 8 },
+                { "E-2246G", 12 },
+                { "E-2274G", 8 },
+                { "E-2276G", 12 },
+                { "E-2278G", 16 },
+                { "E-2286G", 12 },
+                { "E-2288G", 16 },
+                { "E-2276M", 12 },
+                { "E-2286M", 16 },
+
+                // Xeon W
+                { "W-2102", 4 },
+                { "W-2104", 4 },
+                { "W-2123", 8 },
+                { "W-2125", 8 },
+                { "W-2133", 12 },
+                { "W-2135", 12 },
+                { "W-2140B", 16 },
+                { "W-2145", 16 },
+                { "W-2150B", 20 },
+                { "W-2155", 20 },
+                { "W-2170B", 28 },
+                { "W-2175", 28 },
+                { "W-2191B", 36 },
+                { "W-2195", 36 },
+                { "W-3175X", 56 },
+                { "W-3223", 16 },
+                { "W-3225", 16 },
+                { "W-3235", 24 },
+                { "W-3245", 32 },
+                { "W-3245M", 32 },
+                { "W-3265", 48 },
+                { "W-3265M", 48 },
+                { "W-3275", 56 },
+                { "W-3275M", 56 }
+            };
+
+            if (xeon_thread_database.count(model.string) == 0) {
+                return false;
+            }
+
+            const u8 threads = xeon_thread_database.at(model.string);
+
+            debug("XEON_THREAD_MISMATCH: thread in database = ", static_cast<u32>(threads));
+
+            return (std::thread::hardware_concurrency() != threads);
+        #endif
+    }
+    catch (...) {
+        debug("INTEL_THREAD_MISMATCH: catched error, returned false");
+        return false;
+    }
+
     struct core {
         MSVC_DISABLE_WARNING(PADDING)
         struct technique {
@@ -7462,7 +7660,8 @@ const std::map<VM::u8, VM::core::technique> VM::core::table = {
     { VM::MUTEX, { 85, VM::mutex }},
     { VM::UPTIME, { 10, VM::uptime }},
     { VM::ODD_CPU_THREADS, { 80, VM::odd_cpu_threads }},
-    { VM::INTEL_THREAD_MISMATCH, { 70, VM::intel_thread_mismatch }}
+    { VM::INTEL_THREAD_MISMATCH, { 85, VM::intel_thread_mismatch }},
+    { VM::XEON_THREAD_MISMATCH, { 85, VM::xeon_thread_mismatch }}
 
     // __TABLE_LABEL, add your technique above
     // { VM::FUNCTION, { POINTS, FUNCTION_POINTER }}