|
|
/*++
Module Name:
context.c
Abstract:
This module implements user-mode callable context manipulation routines. The interfaces exported from this module are portable, but they must be re-implemented for each architecture.
Author:
Revision History:
Ported to the IA64
27-Feb-1996 Revised to pass arguments to target thread by injecting arguments into the backing store.
--*/
#include "ntrtlp.h"
#include "kxia64.h"
#if defined(ALLOC_PRAGMA) && defined(NTOS_KERNEL_RUNTIME)
#pragma alloc_text(PAGE,RtlInitializeContext)
#pragma alloc_text(PAGE,RtlRemoteCall)
#endif
VOID RtlInitializeContext( IN HANDLE Process, OUT PCONTEXT Context, IN PVOID Parameter OPTIONAL, IN PVOID InitialPc OPTIONAL, IN PVOID InitialSp OPTIONAL )
/*++
Routine Description:
This function initializes a context structure so that it can be used in a subsequent call to NtCreateThread.
Arguments:
Context - Supplies a context buffer to be initialized by this routine.
InitialPc - Supplies an initial program counter value.
InitialSp - Supplies an initial stack pointer value.
Return Value:
Raises STATUS_BAD_INITIAL_STACK if the value of InitialSp is not properly aligned.
Raises STATUS_BAD_INITIAL_PC if the value of InitialPc is not properly aligned.
--*/
{ ULONGLONG Argument; ULONG_PTR Wow64Info; NTSTATUS Status; RTL_PAGED_CODE();
//
// Check for proper initial stack (0 mod 16).
//
if (((ULONG_PTR)InitialSp & 0xf) != 0) { RtlRaiseStatus(STATUS_BAD_INITIAL_STACK); }
//
// Check for proper plabel address alignment.
// Assumes InitialPc points to a plabel that must be 8-byte aligned.
//
if (((ULONG_PTR)InitialPc & 0x7) != 0) { //
// Misaligned, See if we are running in a Wow64 process
//
Status = ZwQueryInformationProcess(Process, ProcessWow64Information, &Wow64Info, sizeof(Wow64Info), NULL);
if (NT_SUCCESS(Status) && (Wow64Info == 0)) { //
// Native IA64 process must not be misaligned.
//
RtlRaiseStatus(STATUS_BAD_INITIAL_PC); } }
//
// Initialize the integer and floating registers to contain zeroes.
//
RtlZeroMemory(Context, sizeof(CONTEXT));
//
// Setup integer and control context.
//
Context->ContextFlags = CONTEXT_INTEGER | CONTEXT_CONTROL;
Context->RsBSPSTORE = Context->IntSp = (ULONG_PTR)InitialSp; Context->IntSp -= STACK_SCRATCH_AREA;
//
// InitialPc is the module entry point which is a function pointer
// in IA64. StIIP and IntGp are initiailized with actual IP and GP
// from the plabel in LdrInitializeThunk after the loader runs.
//
Context->IntS1 = Context->IntS0 = Context->StIIP = (ULONG_PTR)InitialPc; Context->IntGp = 0;
//
// Setup FPSR, PSR, and DCR
// N.B. Values to be determined.
//
Context->StFPSR = USER_FPSR_INITIAL; Context->StIPSR = USER_PSR_INITIAL; Context->ApDCR = USER_DCR_INITIAL;
//
// Set the initial context of the thread in a machine specific way.
// ie, pass the initial parameter to the RSE by saving it at the
// bottom of the backing store.
//
// Setup Frame Marker after RFI
// And other RSE states.
//
Argument = (ULONGLONG)Parameter; ZwWriteVirtualMemory(Process, (PVOID)((ULONG_PTR)Context->RsBSPSTORE), (PVOID)&Argument, sizeof(Argument), NULL); //
// N.b. The IFS must be reinitialized in LdrInitializeThunk
//
Context->StIFS = 0x8000000000000081ULL; // Valid, 1 local register, 0 output register
Context->RsBSP = Context->RsBSPSTORE; Context->RsRSC = USER_RSC_INITIAL; Context->ApUNAT = 0xFFFFFFFFFFFFFFFF; }
NTSTATUS RtlRemoteCall( HANDLE Process, HANDLE Thread, PVOID CallSite, ULONG ArgumentCount, PULONG_PTR Arguments, BOOLEAN PassContext, BOOLEAN AlreadySuspended )
/*++
Routine Description:
This function calls a procedure in another thread/process, using NtGetContext and NtSetContext. Parameters are passed to the target procedure via its stack.
Arguments:
Process - Handle of the target process
Thread - Handle of the target thread within that process
CallSite - Address of the procedure to call in the target process.
ArgumentCount - Number of parameters to pass to the target procedure.
Arguments - Pointer to the array of parameters to pass.
PassContext - TRUE if an additional parameter is to be passed that points to a context record.
AlreadySuspended - TRUE if the target thread is already in a suspended or waiting state.
Return Value:
Status - Status value
--*/
{ NTSTATUS Status; CONTEXT Context; ULONG_PTR ContextAddress; ULONG_PTR NewSp; ULONG_PTR NewBsp; ULONGLONG ArgumentsCopy[9]; PVOID ptr; ULONG ShiftCount; SHORT RNatSaveIndex, TotalFrameSize, Temp; BOOLEAN RnatSaved = FALSE; ULONG Count = 0;
RTL_PAGED_CODE();
if ((ArgumentCount > 8) || (PassContext && (ArgumentCount > 7))) { return STATUS_INVALID_PARAMETER; }
//
// If necessary, suspend the guy before with we mess with his stack.
//
if (AlreadySuspended == FALSE) { Status = NtSuspendThread(Thread, NULL); if (NT_SUCCESS(Status) == FALSE) { return(Status); } }
//
// Get the context record of the target thread.
//
Context.ContextFlags = CONTEXT_FULL; Status = NtGetContextThread(Thread, &Context); if (NT_SUCCESS(Status) == FALSE) { if (AlreadySuspended == FALSE) { NtResumeThread(Thread, NULL); } return(Status); }
if (AlreadySuspended) { Context.IntV0 = STATUS_ALERTED; }
//
// Pass the parameters to the other thread via the backing store (r32-r39).
// The context record is passed on the stack of the target thread.
// N.B. Align the context record address, stack pointer, and allocate
// stack scratch area.
//
ContextAddress = (((ULONG_PTR)Context.IntSp + 0xf) & ~0xfi64) - sizeof(CONTEXT); NewSp = ContextAddress - STACK_SCRATCH_AREA; Status = NtWriteVirtualMemory(Process, (PVOID)ContextAddress, &Context, sizeof(CONTEXT), NULL);
if (NT_SUCCESS(Status) == FALSE) { if (AlreadySuspended == FALSE) { NtResumeThread(Thread, NULL); } return(Status); }
RtlZeroMemory((PVOID)ArgumentsCopy, sizeof(ArgumentsCopy));
TotalFrameSize = (SHORT)(Context.StIFS & PFS_SIZE_MASK); RNatSaveIndex = (SHORT)((Context.RsBSP >> 3) & NAT_BITS_PER_RNAT_REG); Temp = RNatSaveIndex + TotalFrameSize - NAT_BITS_PER_RNAT_REG; while (Temp >= 0) { TotalFrameSize++; Temp -= NAT_BITS_PER_RNAT_REG; } NewBsp = Context.RsBSP + TotalFrameSize * sizeof(ULONGLONG); Context.RsBSP = NewBsp;
if (PassContext) { ShiftCount = (ULONG) (NewBsp & 0x1F8) >> 3; Context.RsRNAT &= ~(0x1i64 << ShiftCount); ArgumentsCopy[Count++] = ContextAddress; NewBsp += sizeof(ULONGLONG); }
for (; ArgumentCount != 0 ; ArgumentCount--) { if ((NewBsp & 0x1F8) == 0x1F8) { ArgumentsCopy[Count++] = Context.RsRNAT; Context.RsRNAT = -1i64; NewBsp += sizeof(ULONGLONG); } ShiftCount = (ULONG)(NewBsp & 0x1F8) >> 3; Context.RsRNAT &= ~(0x1i64 << ShiftCount); ArgumentsCopy[Count++] = (ULONGLONG)(*Arguments++); NewBsp += sizeof(ULONGLONG); }
if ((NewBsp & 0x1F8) == 0x1F8) { ArgumentsCopy[Count++] = Context.RsRNAT; Context.RsRNAT = -1i64; NewBsp += sizeof(ULONGLONG); }
//
// Copy the arguments onto the target backing store.
//
if (Count) { Status = NtWriteVirtualMemory(Process, (PVOID)Context.RsBSP, ArgumentsCopy, Count * sizeof(ULONGLONG), NULL );
if (NT_SUCCESS(Status) == FALSE) { if (AlreadySuspended == FALSE) { NtResumeThread(Thread, NULL); } return(Status); } }
//
// set up RSE
//
Context.RsRSC = (RSC_MODE_LY<<RSC_MODE) | (RSC_BE_LITTLE<<RSC_BE) | (0x3<<RSC_PL);
Count = ArgumentCount + (PassContext ? 1 : 0);
//
// Inject all arguments as local stack registers in the target RSE frame
//
Context.StIFS = (0x3i64 << 62) | Count | (Count << PFS_SIZE_SHIFT);
//
// Set the address of the target code into IIP, the new target stack
// into sp, setup ap, and reload context to make it happen.
//
Context.IntSp = (ULONG_PTR)NewSp;
//
// Set IP to the target call site PLABEL and GP to zero. IIP and GP
// will be computed inside NtSetContextThread.
//
Context.StIIP = (ULONGLONG)CallSite; Context.IntGp = 0;
//
// sanitize the floating pointer status register
//
SANITIZE_FSR(Context.StFPSR, UserMode);
Status = NtSetContextThread(Thread, &Context); if (!AlreadySuspended) { NtResumeThread(Thread, NULL); }
return( Status ); }
|