┏━┓┏┓ ╻ ╻┏┳┓┏━╸
┣━┫┣┻┓┗┳┛┃┃┃┣╸
╹ ╹┗━┛ ╹ ╹ ╹┗━╸
┏━┓┏━╸┏━╸╻ ╻┏━┓┏━┓╻╻ ╻┏━╸
┣┳┛┣╸ ┃ ┃ ┃┣┳┛┗━┓┃┃┏┛┣╸
╹┗╸┗━╸┗━╸┗━┛╹┗╸┗━┛╹┗┛ ┗━╸
╻ ╻╻ ╻┏━┓┏━╸┏━┓╻ ╻╻┏━┓┏━┓┏━┓
┣━┫┗┳┛┣━┛┣╸ ┣┳┛┃┏┛┃┗━┓┃ ┃┣┳┛
╹ ╹ ╹ ╹ ┗━╸╹┗╸┗┛ ╹┗━┛┗━┛╹┗╸ 7_O_/
╻ ╻┏┓ ┏━┓┏━┓┏━┓╻ ╻ (/
┃ ┃┣┻┓┣┳┛┣━┫┣┳┛┗┳┛ /\/'
┗━╸╹┗━┛╹┗╸╹ ╹╹┗╸ ╹ 7
sources/
Recursive hypervisor library code.
sources/drivers/vmm_rec/
Static recursive hypervisor library.
sources/drivers/vmm_rec_env/
Implementation of a remote attestation prover using Abyme library.
sources/drivers/82579LM/
Bare metal UEFI Intel e1000e network controller driver.
sources/drivers/eric/
ERIC PCIe peripheral UEFI driver.
ERIC can be used as : a DMA attack platform as well as a remote attestation
verifier.
Submodules
abyme-challenge/
There is the implementation of challenges sent from ERIC prover to Abyme
verifier in a remote attestation scheme.
edk2/
Submodule for QEMU/OVMF firmware needed if using QEMU
dependencies : acpica; nasm
$ git submodule update --init
$ make -C BaseTools
$ . ./edksetup.sh BaseTools
$ cat Conf/target.txt
$ OvmfPkg/build.sh \
-a IA32 -a X64 \
-D SECURE_BOOT_ENABLE \
-D TPM2_ENABLE -D TPM2_CONFIG_ENABLE \
-D FD_SIZE_2MB -D EXCLUDE_SHELL_FROM_FD
For SMM debugging go and see :
https://casualhacking.io/blog/2019/12/3/using-optionrom-to-overwrite-smmsmi-handlers-in-qemu
gnu-efi/
Submodule for GNU efi toolchain to build efi applications
$ make
uefi-gdb/
Submodule for efi applications and drivers debugging with gdb
Working directories to create if needed (rules associated in make targets)
img-arch/
Archlinux cdrom and distro disk to be used with QEMU target
$ wget https://<archrepo>/archlinux-yyyy.mm.dd-x86_64.iso -O arch.iso
$ qemu-img create -f qcow2 vdisk.qcow2 10G
And install eventually archlinux on vdisk.qcow2
Note that you can work using the live disk only
HackingThings/abyme
A tiny bare-metal recursive hypervisor library developped for security
CNOASSERTION