[ros-diffs] [reactos] 06/19: [NTOS:KE:X64] Fix bugs in KeContextToTrapFrame and KeTrapFrameToContext

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=fe6752f852ab1d8af90a7… commit fe6752f852ab1d8af90a726092879273c31b4c15 Author: Timo Kreuzer <timo.kreuzer(a)reactos.org> AuthorDate: Mon Feb 12 19:21:50 2018 +0100 Commit: Timo Kreuzer <timo.kreuzer(a)reactos.org> CommitDate: Sat Oct 31 14:23:16 2020 +0100 [NTOS:KE:X64] Fix bugs in KeContextToTrapFrame and KeTrapFrameToContext Set valid EFlags, the non-volatiles need to be taken from the exception frame, because the ones from the trap frame might not be set. --- ntoskrnl/ke/amd64/context.c | 44 +++++++++++++++++++++++++++++++++----------- 1 file changed, 33 insertions(+), 11 deletions(-) diff --git a/ntoskrnl/ke/amd64/context.c b/ntoskrnl/ke/amd64/context.c index 3e21cae3197..61c286cd69d 100644 --- a/ntoskrnl/ke/amd64/context.c +++ b/ntoskrnl/ke/amd64/context.c @@ -56,8 +56,7 @@ KeContextToTrapFrame(IN PCONTEXT Context, } /* Handle floating point registers */ - if ((ContextFlags & CONTEXT_FLOATING_POINT) && - ((Context->SegCs & MODE_MASK) != KernelMode)) + if ((ContextFlags & CONTEXT_FLOATING_POINT)) { TrapFrame->MxCsr = Context->MxCsr; TrapFrame->Xmm0 = Context->Xmm0; @@ -84,24 +83,35 @@ KeContextToTrapFrame(IN PCONTEXT Context, /* Handle control registers */ if (ContextFlags & CONTEXT_CONTROL) { - /* Check if this was a Kernel Trap */ + /* RIP, RSP, EFLAGS */ + TrapFrame->Rip = Context->Rip; + TrapFrame->Rsp = Context->Rsp; + TrapFrame->EFlags = Context->EFlags; + if ((Context->SegCs & MODE_MASK) == KernelMode) { /* Set valid selectors */ TrapFrame->SegCs = KGDT64_R0_CODE; TrapFrame->SegSs = KGDT64_R0_DATA; + + /* Set valid EFLAGS */ + TrapFrame->EFlags &= (EFLAGS_USER_SANITIZE | EFLAGS_INTERRUPT_MASK); } else { /* Copy selectors */ TrapFrame->SegCs = Context->SegCs; + if (TrapFrame->SegCs != (KGDT64_R3_CODE | RPL_MASK)) + { + TrapFrame->SegCs = (KGDT64_R3_CMCODE | RPL_MASK); + } + TrapFrame->SegSs = Context->SegSs; - } - /* RIP, RSP, EFLAGS */ - TrapFrame->Rip = Context->Rip; - TrapFrame->Rsp = Context->Rsp; - TrapFrame->EFlags = Context->EFlags; + /* Set valid EFLAGS */ + TrapFrame->EFlags &= EFLAGS_USER_SANITIZE; + TrapFrame->EFlags |= EFLAGS_INTERRUPT_MASK; + } } /* Handle segment selectors */ @@ -136,6 +146,18 @@ KeContextToTrapFrame(IN PCONTEXT Context, TrapFrame->Dr3 = Context->Dr3; TrapFrame->Dr6 = Context->Dr6; TrapFrame->Dr7 = Context->Dr7; + + if ((Context->SegCs & MODE_MASK) != KernelMode) + { + if (TrapFrame->Dr0 > (ULONG64)MmHighestUserAddress) + TrapFrame->Dr0 = 0; + if (TrapFrame->Dr1 > (ULONG64)MmHighestUserAddress) + TrapFrame->Dr1 = 0; + if (TrapFrame->Dr2 > (ULONG64)MmHighestUserAddress) + TrapFrame->Dr2 = 0; + if (TrapFrame->Dr3 > (ULONG64)MmHighestUserAddress) + TrapFrame->Dr3 = 0; + } } /* Restore IRQL */ @@ -164,11 +186,8 @@ KeTrapFrameToContext(IN PKTRAP_FRAME TrapFrame, if (ContextFlags & CONTEXT_INTEGER) { Context->Rax = TrapFrame->Rax; - Context->Rbx = TrapFrame->Rbx; Context->Rcx = TrapFrame->Rcx; Context->Rdx = TrapFrame->Rdx; - Context->Rsi = TrapFrame->Rsi; - Context->Rdi = TrapFrame->Rdi; Context->Rbp = TrapFrame->Rbp; Context->R8 = TrapFrame->R8; Context->R9 = TrapFrame->R9; @@ -177,6 +196,9 @@ KeTrapFrameToContext(IN PKTRAP_FRAME TrapFrame, if (ExceptionFrame) { + Context->Rbx = ExceptionFrame->Rbx; + Context->Rsi = ExceptionFrame->Rsi; + Context->Rdi = ExceptionFrame->Rdi; Context->R12 = ExceptionFrame->R12; Context->R13 = ExceptionFrame->R13; Context->R14 = ExceptionFrame->R14;