archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/base/ntos/vdm/i386/vdmop0f.asm

643 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. title "Opcode 0f Instruction Emulation"
  2. ;++
  3. ;
  4. ;Copyright (c) 1991 Microsoft Corporation
  5. ;
  6. ;Module Name:
  7. ;
  8. ; vdmop0f.asm
  9. ;
  10. ;Abstract:
  11. ;
  12. ; This module contains the support for the 0f opcodes that are emulated
  13. ; (such as LMSW, mov to/from CR0, mov to/from DR?).
  14. ;
  15. ;
  16. ;Author:
  17. ;
  18. ; Dave Hastings (daveh) 23-Feb-1992
  19. ;
  20. ;Notes:
  21. ;
  22. ; This file needs to be modified for Kenr's NPX changes, i.e. what to
  23. ; do with CR0 values
  24. ;
  25. ;
  26. ;Revision History:
  27. ;
  28. ;--
  29. .386p
  31. .xlist
  32. include ks386.inc
  33. include callconv.inc ; calling convention macros
  34. include mi386.inc
  35. include vdm.inc
  37. page ,132
  38. ; Force assume into place
  40. _PAGE SEGMENT DWORD PUBLIC 'CODE'
  41. ASSUME DS:NOTHING, ES:NOTHING, SS:NOTHING, FS:NOTHING, GS:NOTHING
  42. _PAGE ENDS
  44. _PAGE SEGMENT DWORD USE32 PUBLIC 'CODE'
  45. ASSUME DS:NOTHING, ES:NOTHING, SS:NOTHING, FS:NOTHING, GS:NOTHING
  47. extrn OpcodeInvalid:proc
  48. VdmOpcodeInvalid equ OpcodeInvalid
  50. extrn CheckEip:proc
  51. extrn VdmDecodeOperand:proc
  52. extrn RegTab:dword
  53. EXTRNP ___KeGetCurrentThread,0
  54. extrn KiVdmSetUserCR0:proc
  55. extrn _VdmUserCr0MapOut:byte
  57. ;
  58. ; This table is used to dispatch the special register moves
  59. ;
  60. ; WARNING Trx not implemented.
  62. SpecialRegTab dd offset VdmOpcodeGetCrx
  63. dd offset VdmOpcodeGetDrx
  64. dd offset VdmOpcodeSetCrx
  65. dd offset VdmOpcodeSetDrx
  66. ; dd offset VdmOpcodeGetTrx
  67. dd offset VdmOpcodeInvalid
  68. dd offset VdmOpcodeInvalid
  69. ; dd offset VdmOpcodeSetTrx
  70. dd offset VdmOpcodeInvalid
  72. ;
  73. ; This table is used to locate the debug register contents in the trap frame
  74. ; The values for DR4, DR5 should never be used, since these registers are
  75. ; reserved by intel
  76. ;
  77. DrTab dd TsDr0
  78. dd TsDr1
  79. dd TsDr2
  80. dd TsDr3
  81. dd 0BADF00Dh ; hopefully this will fault if used (dr4)
  82. dd 0BADF00Dh ; hopefully this will fault if used (dr5)
  83. dd TsDr6
  84. dd TsDr7
  86. _PAGE ENDS
  89. _PAGE SEGMENT DWORD USE32 PUBLIC 'CODE'
  90. ASSUME DS:FLAT, ES:NOTHING, SS:FLAT, FS:NOTHING, GS:NOTHING
  92. page ,132
  93. subttl "Emulate 0f opcodes"
  94. ;++
  95. ;
  96. ; Routine Description:
  97. ;
  98. ; This routine dispatches for the opcode 0f emulation. Currently,
  99. ; only LMSW, MOV to/from CR0, and MOV to /from DRx are emulated.
  100. ; The others cause access violations in user mode.
  101. ;
  102. ; Interrupts are disabled upon entry, and enabled upon exit
  103. ;
  104. ; Arguments:
  105. ;
  106. ; esi = address of reg info
  107. ;
  108. ; Returns:
  109. ;
  110. ; EAX = true if the opcode was emulated.
  111. ; reginfo updated
  112. ; EAX = false if the opcode was not emulated
  113. ;
  114. ;
  115. public VdmOpcode0f
  116. VdmOpcode0f proc
  119. push ebp
  120. mov ebp,esp
  121. push edi
  123. ;
  124. ; Construct address of next opcode byte, and check for gp fault
  125. ;
  126. inc [esi].RiEip
  127. call CheckEip
  128. test al,0fh
  129. jz of40 ; Gp fault, report error
  131. mov edi,[esi].RiCsBase
  132. add edi,[esi].RiEip
  133. movzx edx,byte ptr [edi]
  134. cmp edx,MI_LMSW_OPCODE
  135. jne of10
  137. call VdmOpcodeLmsw
  138. jmp of30 ; return
  140. of10: cmp edx,MI_CLTS_OPCODE
  141. jne of20
  143. call VdmOpcodeClts
  144. jmp of30 ; return
  146. of20: cmp edx,MI_GET_CRx_OPCODE
  147. jb of40 ; return error
  149. cmp edx,MI_SET_TRx_OPCODE
  150. ja of40 ; return error
  152. sub edx,MI_GET_CRx_OPCODE
  153. call SpecialRegTab[edx * 4]
  155. of30:
  156. pop edi
  157. mov esp,ebp
  158. pop ebp
  160. ret
  162. of40: xor eax,eax
  163. jmp of30
  165. VdmOpcode0f endp
  167. page ,132
  168. subttl "Emulate LMSW"
  169. ;++
  170. ;
  171. ; Routine Desription:
  172. ;
  173. ; This routine emulates the LMSW instruction. It allows the dos
  174. ; application to set or clear EM and MP. It forces MP to be set
  175. ; when EM is clear. It ignores to change any of the other bits.
  176. ;
  177. ; Arguments:
  178. ;
  179. ; esi = pointer to reg info
  180. ;
  181. ; Returns:
  182. ;
  183. ; EAX = true if the opcode was emulated.
  184. ; reginfo updated
  185. ; EAX = false if the opcode was not emulated.
  186. ;
  187. public VdmOpcodeLmsw
  188. VdmOpcodeLmsw proc
  190. push ebp
  191. mov ebp,esp
  192. push edi
  193. push esi
  194. push ebx
  195. ;
  196. ; Check reg field of mod r/m byte to see if this is really an Lmsw
  197. ;
  199. inc [esi].RiEip
  200. call CheckEip
  201. test al,0fh
  202. jz ol30 ; gp fault
  204. mov edi,[esi].RiEip
  205. add edi,[esi].RiCsBase
  206. movzx edx,byte ptr [edi]
  207. and edx,MI_REGMASK
  208. cmp edx,MI_REGLMSW ; check for the additional opcode bits
  209. jne ol40 ; not lmsw, return error.
  211. ;
  212. ; Turn off the 32 bit operand prefix (lmsw always uses 16 bit operands)
  213. ;
  214. and [esi].RiPrefixFlags,NOT PREFIX_OPER32
  215. ;
  216. ; Get the linear address of the value to put into the MSW.
  217. ;
  218. mov eax,1 ; read operand
  219. call VdmDecodeOperand
  221. test al,0fh
  222. jz ol30 ; error reading operand
  224. mov edi,[esi].RiOperand
  225. mov eax,[edi]
  227. call KiVdmSetUserCR0
  229. mov eax,1 ; indicate success
  230. ol30: pop ebx
  231. pop esi
  232. pop edi
  233. mov esp,ebp
  234. pop ebp
  235. ret
  237. ol40: xor eax,eax
  238. jmp ol30
  240. VdmOpcodeLmsw endp
  242. page ,132
  243. subttl "Emulate CLTS"
  244. ;++
  245. ;
  246. ; Routine Description:
  247. ;
  248. ; This routine emulates CLTS by ignoring it.
  249. ;
  250. ; Arguments:
  251. ;
  252. ; esi = pointer to reg info
  253. ;
  254. ; Returns:
  255. ;
  256. ; eax = 1
  257. ;
  258. public VdmOpcodeClts
  259. VdmOpcodeClts proc
  260. inc [esi].RiEip ; skip second byte
  261. mov eax,1
  262. ret
  263. VdmOpcodeClts endp
  265. page ,132
  266. subttl "Emulate GetCRx"
  267. ;++
  268. ;
  269. ; Routine Description:
  270. ;
  271. ; This routine emulates the GetCRx opcodes. For now, it returns the
  272. ; contents of CR0 unmodified, and 0 for all other CR?
  273. ;
  274. ; Arguments:
  275. ;
  276. ; esi = pointer to reg info
  277. ;
  278. ; Returns:
  279. ;
  280. ; eax = true if the opcode was emulated
  281. ; reginfo updated.
  282. ; eax = false if the opcode was not emulated.
  283. ;
  284. public VdmOpcodeGetCrx
  285. VdmOpcodeGetCrx proc
  287. push ebp
  288. mov ebp,esp
  289. push edi
  291. inc [esi].RiEip
  292. call CheckEip
  293. test al,0fh
  294. jz ogc40 ; Gp fault, report error
  296. mov edi,[esi].RiEip
  297. add edi,[esi].RiCsBase
  298. inc [esi].RiEip
  299. movzx edx,byte ptr [edi]
  300. ;
  301. ; Verify the Mod field for mov special
  302. ;
  303. and edx,MI_MODMASK
  304. cmp edx,MI_MODMOVSPEC ; require for mov to/from special
  305. jne short ogc50 ; return error
  307. movzx edx,byte ptr [edi]
  308. test edx,MI_REGMASK ; mov from CR0?
  309. mov eax,0 ; assume 0
  310. jne short ogc30
  312. mov edi, PCR[PcPrcbData+PbCurrentThread]
  313. mov edi,[edi].ThInitialStack ; (edi) = fp save area
  314. sub edi, NPX_FRAME_LENGTH
  315. mov edi,[edi].FpCr0NpxState ; get users bits
  316. and edi, CR0_MP+CR0_EM+CR0_PE ; mask
  317. movzx edi,_VdmUserCr0MapOut[edi] ; map to real settings
  319. mov eax, cr0 ; read CR0
  320. and eax, not (CR0_MP+CR0_EM+CR0_TS) ; clear npx bits
  321. or eax, edi ; set npx bits
  323. ;
  324. ; Pull the destination register from the R/M field
  325. ;
  326. ogc30: and edx,MI_RMMASK
  327. mov edi,[esi].RiTrapFrame
  328. mov edx,RegTab[edx * 4] ; get register offset
  329. mov [edx + edi],eax ; store CR? contents into register
  330. mov eax,1
  331. ogc40: pop edi
  332. mov esp,ebp
  333. pop ebp
  334. ret
  336. ogc50: xor eax,eax
  337. jmp ogc40
  339. VdmOpcodeGetCrx endp
  342. page ,132
  343. subttl "Emulate SetCRx"
  344. ;++
  345. ;
  346. ; Routine Description:
  347. ;
  348. ; This routine emulates the SetCRx opcodes. For now, it only emulates
  349. ; set CR0, and only for the same conditions as LMSW. It causes a fault
  350. ; for all other CR?
  351. ;
  352. ; Arguments:
  353. ;
  354. ; esi = pointer to reg info
  355. ;
  356. ; Returns:
  357. ;
  358. ; eax = true if the opcode was emulated
  359. ; reginfo updated.
  360. ; eax = false if the opcode was not emulated.
  361. ;
  362. public VdmOpcodeSetCrx
  363. VdmOpcodeSetCrx proc
  365. push ebp
  366. mov ebp,esp
  367. push edi
  368. push esi
  369. push ebx
  371. inc [esi].RiEip
  372. call CheckEip
  373. test al,0fh
  374. jz osc40 ; Gp fault, report error
  376. mov edi,[esi].RiEip
  377. add edi,[esi].RiCsBase
  378. inc [esi].RiEip
  379. movzx edx,byte ptr [edi]
  380. ;
  381. ; Verify the Mod field for mov special
  382. ;
  383. and edx,MI_MODMASK
  384. cmp edx,MI_MODMOVSPEC ; require for mov to/from special
  385. jne osc50 ; return error
  387. movzx edx,byte ptr [edi]
  388. test edx,MI_REGMASK ; mov to CR0?
  389. jne osc50 ; no, return error
  391. ;
  392. ; Get the source register from the R/M field
  393. ;
  394. and edx,MI_RMMASK
  395. mov edi,[esi].RiTrapFrame
  396. mov edx,RegTab[edx * 4] ; get register offset
  397. mov eax,[edx + edi] ; get CR? contents from register
  399. call KiVdmSetUserCR0
  401. mov eax,1
  402. osc40: pop ebx
  403. pop esi
  404. pop edi
  405. mov esp,ebp
  406. pop ebp
  407. ret
  409. osc50: xor eax,eax
  410. jmp osc40
  412. VdmOpcodeSetCrx endp
  414. page ,132
  415. subttl "Emulate GetDRx"
  416. ;++
  417. ;
  418. ; Routine Description:
  419. ;
  420. ; This routine emulates the GetDRx opcodes. For DR0-DR3, it returns the
  421. ; values from the user mode trap frame. For DR4-DR5, it returns 0. For
  422. ; DR6 and DR7, it returns the bits from the user mode trap frame that are
  423. ; settable from user mode.
  424. ;
  425. ; Arguments:
  426. ;
  427. ; esi = pointer to reg info
  428. ;
  429. ; Returns:
  430. ;
  431. ; eax = true if the opcode was emulated
  432. ; reginfo updated.
  433. ; eax = false if the opcode was not emulated.
  434. ;
  435. public VdmOpcodeGetDrx
  436. VdmOpcodeGetDrx proc
  438. ModRm equ [ebp - 4]
  440. push ebp
  441. mov ebp,esp
  442. sub esp,4
  443. push edi
  444. push ecx
  446. inc [esi].RiEip
  447. call CheckEip
  448. test al,0fh
  449. jz ogd50 ; Gp fault, report error
  451. mov edi,[esi].RiEip
  452. add edi,[esi].RiCsBase
  453. inc [esi].RiEip
  454. movzx edx,byte ptr [edi]
  455. mov ModRm,edx
  456. ;
  457. ; Verify the Mod field
  458. ;
  459. and edx,MI_MODMASK
  460. cmp edx,MI_MODMOVSPEC ; require for mov special
  461. jne ogd60 ; return error
  463. mov edi,[esi].RiTrapFrame
  464. ;
  465. ; Get the Dr number
  466. ;
  467. mov edx,ModRm
  468. and edx,MI_REGMASK
  469. shr edx,MI_REGSHIFT
  470. ;
  471. ; If it is DR4 or DR5, set the destination register to zero
  472. ;
  473. cmp edx,4
  474. jb ogd20
  476. cmp edx,5
  477. ja ogd20
  479. mov eax,0 ; set the destination to zero
  480. jmp ogd40
  481. ;
  482. ; Otherwise, use the actual user mode register contents
  483. ;
  484. ogd20: mov ecx,DrTab[edx * 4]
  485. mov eax,[edi + ecx] ; get register value
  486. cmp edx,6 ; do we need to sanitize?
  487. jb ogd40 ; no.
  489. cmp edx,7
  490. je ogd30
  492. and eax,DR6_LEGAL
  493. jmp ogd40
  495. ogd30: and eax,DR7_LEGAL
  496. ;
  497. ; Get destination register from opcode, and store Dr contents
  498. ;
  499. ogd40: mov edx,ModRm
  500. and edx,MI_RMMASK
  501. mov ecx,RegTab[edx * 4]
  502. mov [ecx + edi],eax ; set user mode register
  504. mov eax,1 ; indicate success
  505. ogd50: pop ecx
  506. pop edi
  507. mov esp,ebp
  508. pop ebp
  509. ret
  511. ogd60: xor eax,eax ; indicate error
  512. jmp ogd50
  514. VdmOpcodeGetDrx endp
  516. page ,132
  517. subttl "Emulate SetDRx"
  518. ;++
  519. ;
  520. ; Routine Description:
  521. ;
  522. ; This routine emulates the SetDRx opcodes. For DR0-DR3, it will set
  523. ; the user mode register to any linear address up to 16MB. For DR4-DR5,
  524. ; it will ignore the instruction. For DR6 and DR7, it will set the bits
  525. ; that are user mode setable. For DR7, it also translates the global
  526. ; bits to local bits.
  527. ;
  528. ; Arguments:
  529. ;
  530. ; esi = pointer to reg info
  531. ;
  532. ; Returns:
  533. ;
  534. ; eax = true if the opcode was emulated
  535. ; reginfo updated.
  536. ; eax = false if the opcode was not emulated.
  537. ;
  538. public VdmOpcodeSetDrx
  539. VdmOpcodeSetDrx proc
  541. ModRm equ [ebp - 4]
  543. push ebp
  544. mov ebp,esp
  545. sub esp,4
  546. push edi
  547. push ecx
  549. inc [esi].RiEip
  550. call CheckEip
  551. test al,0fh
  552. jz osd80 ; Gp fault, report error
  554. mov edi,[esi].RiEip
  555. add edi,[esi].RiCsBase
  556. inc [esi].RiEip
  557. movzx edx,byte ptr [edi]
  558. mov ModRm,edx
  559. ;
  560. ; Verify the Mod field
  561. ;
  562. and edx,MI_MODMASK
  563. cmp edx,MI_MODMOVSPEC ; require for mov special
  564. jne osd90 ; return error
  565. ;
  566. ; Get value to put into debug register
  567. ;
  568. mov edi,[esi].RiTrapFrame
  569. mov edx,ModRm
  570. and edx,MI_RMMASK
  571. mov edx,RegTab[edx * 4]
  572. mov eax,[edi + edx]
  573. ;
  574. ; Determine which debug register it goes into, and sanitize appropriately
  575. ;
  576. mov edx,ModRm
  577. and edx,MI_REGMASK
  578. shr edx,MI_REGSHIFT
  579. cmp edx,4
  580. jnb osd20
  581. ;
  582. ; DR0-DR4, make linear address < 16MB
  583. ;
  584. and eax,MAX_VDM_ADDR
  585. jmp osd60
  587. osd20: cmp edx,6
  588. jnb osd30
  589. ;
  590. ; DR4-DR5, just return
  591. ;
  592. jmp osd70 ; return success
  594. osd30: cmp edx,6
  595. jne osd40
  597. ;
  598. ; DR6, mask for legal bits
  599. ;
  600. and eax,DR6_LEGAL
  601. jmp osd60
  603. ;
  604. ; DR7, mask for legal bits, and translate g to l, and activate debug
  605. ;
  606. osd40: mov ecx,eax
  607. and ecx,DR7_GLOBAL
  608. shr ecx,1 ; translate the G to L by shifting
  609. or eax,ecx ; put in any new bits
  610. and eax,DR7_LEGAL ; sanitize the value
  612. ;
  613. ; Put the value into the user mode register
  614. ;
  615. osd60: mov ecx,DrTab[edx * 4]
  616. mov [edi + ecx],eax
  617. cmp edx,7
  618. jne osd70
  620. mov ecx,eax
  621. stdCall ___KeGetCurrentThread
  622. test ecx,DR7_ACTIVE
  623. jz osd65
  625. mov byte ptr [eax].ThDebugActive,1 ; set debugging active for this thread
  626. jmp osd70
  628. osd65: mov byte ptr [eax].ThDebugActive,0
  629. osd70: mov eax,1
  630. osd80: pop ecx
  631. pop edi
  632. mov esp,ebp
  633. pop ebp
  634. ret
  636. osd90: xor eax,eax
  637. jmp osd80
  639. VdmOpcodeSetDrx endp
  641. _PAGE ends
  643. end