[ros-diffs] [reactos] 01/02: [NTOS:KD64] kdx86.c: Fix Dr7 check to verify whether debugger disabling is allowed (#7538)

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=61feb649d188f6a998477… commit 61feb649d188f6a998477240cfe27712e5e72ac6 Author: Hermès Bélusca-Maïto &lt;hermes.belusca-maito(a)reactos.org&gt; AuthorDate: Fri Nov 22 16:19:41 2024 +0100 Commit: Hermès Bélusca-Maïto &lt;hermes.belusca-maito(a)reactos.org&gt; CommitDate: Tue Dec 3 19:02:21 2024 +0100 [NTOS:KD64] kdx86.c: Fix Dr7 check to verify whether debugger disabling is allowed (#7538) Don't check the whole Dr7 value, but only the first 8 bits that correspond to the local/global enable breakpoints. We cannot check the whole value because some of the Dr7 bits are reserved always set to 1 (bit 10), or describe other debug state. References: - https://en.wikipedia.org/wiki/X86_debug_register#DR7_-_Debug_control - Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 3 (3A, 3B, 3C, & 3D): System Programming Guide https://www.intel.com/content/www/us/en/developer/articles/technical/intel-… Section "19.2.4 Debug Control Register (DR7)" (pgs. 644-646) --- ntoskrnl/kd64/i386/kdx86.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/ntoskrnl/kd64/i386/kdx86.c b/ntoskrnl/kd64/i386/kdx86.c index a70eb464103..843f6e88b0d 100644 --- a/ntoskrnl/kd64/i386/kdx86.c +++ b/ntoskrnl/kd64/i386/kdx86.c @@ -426,23 +426,19 @@ NTSTATUS NTAPI KdpAllowDisable(VOID) { - LONG i; - ULONG Dr7; + ULONG i; /* Loop every processor */ for (i = 0; i < KeNumberProcessors; i++) { - /* Get its DR7 */ - Dr7 = KiProcessorBlock[i]->ProcessorState.SpecialRegisters.KernelDr7; + PKPROCESSOR_STATE ProcessorState = &KiProcessorBlock[i]->ProcessorState; - /* Check if any processor breakpoints are active */ - if (Dr7 != 0) - { - /* We can't allow running without a debugger then */ + /* If any processor breakpoints are active, + * we can't allow running without a debugger */ + if (ProcessorState->SpecialRegisters.KernelDr7 & 0xFF) return STATUS_ACCESS_DENIED; - } } - /* No processor breakpoints; allow disabling the debugger */ + /* No processor breakpoints, allow disabling the debugger */ return STATUS_SUCCESS; }