[reactos] 01/02: [NTOS:KD64] kdx86.c: Fix Dr7 check to verify whether debugger disabling is allowed (#7538)
https://git.reactos.org/?p=reactos.git;a=commitdiff;h=61feb649d188f6a9984772...
commit 61feb649d188f6a998477240cfe27712e5e72ac6 Author: Hermès Bélusca-Maïto hermes.belusca-maito@reactos.org AuthorDate: Fri Nov 22 16:19:41 2024 +0100 Commit: Hermès Bélusca-Maïto hermes.belusca-maito@reactos.org CommitDate: Tue Dec 3 19:02:21 2024 +0100
[NTOS:KD64] kdx86.c: Fix Dr7 check to verify whether debugger disabling is allowed (#7538)
Don't check the whole Dr7 value, but only the first 8 bits that correspond to the local/global enable breakpoints.
We cannot check the whole value because some of the Dr7 bits are reserved always set to 1 (bit 10), or describe other debug state.
References:
- https://en.wikipedia.org/wiki/X86_debug_register#DR7_-_Debug_control
- Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 3 (3A, 3B, 3C, & 3D): System Programming Guide https://www.intel.com/content/www/us/en/developer/articles/technical/intel-s... Section "19.2.4 Debug Control Register (DR7)" (pgs. 644-646) --- ntoskrnl/kd64/i386/kdx86.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-)
diff --git a/ntoskrnl/kd64/i386/kdx86.c b/ntoskrnl/kd64/i386/kdx86.c index a70eb464103..843f6e88b0d 100644 --- a/ntoskrnl/kd64/i386/kdx86.c +++ b/ntoskrnl/kd64/i386/kdx86.c @@ -426,23 +426,19 @@ NTSTATUS NTAPI KdpAllowDisable(VOID) { - LONG i; - ULONG Dr7; + ULONG i;
/* Loop every processor */ for (i = 0; i < KeNumberProcessors; i++) { - /* Get its DR7 */ - Dr7 = KiProcessorBlock[i]->ProcessorState.SpecialRegisters.KernelDr7; + PKPROCESSOR_STATE ProcessorState = &KiProcessorBlock[i]->ProcessorState;
- /* Check if any processor breakpoints are active */ - if (Dr7 != 0) - { - /* We can't allow running without a debugger then */ + /* If any processor breakpoints are active, + * we can't allow running without a debugger */ + if (ProcessorState->SpecialRegisters.KernelDr7 & 0xFF) return STATUS_ACCESS_DENIED; - } }
- /* No processor breakpoints; allow disabling the debugger */ + /* No processor breakpoints, allow disabling the debugger */ return STATUS_SUCCESS; }
-
Hermès Bélusca-Maïto