Commit 061c612b authored by Alexandre Julliard's avatar Alexandre Julliard

ntdll: Add a machine frame to the KiUserExceptionDispatcher stack on x86-64.

parent 8164c708
......@@ -612,6 +612,29 @@ NTSTATUS WINAPI dispatch_exception( EXCEPTION_RECORD *rec, CONTEXT *context )
* KiUserExceptionDispatcher (NTDLL.@)
*/
__ASM_GLOBAL_FUNC( KiUserExceptionDispatcher,
__ASM_SEH(".seh_pushframe\n\t")
__ASM_SEH(".seh_stackalloc 0x590\n\t")
__ASM_SEH(".seh_savereg %rbx,0x90\n\t")
__ASM_SEH(".seh_savereg %rbp,0xa0\n\t")
__ASM_SEH(".seh_savereg %rsi,0xa8\n\t")
__ASM_SEH(".seh_savereg %rdi,0xb0\n\t")
__ASM_SEH(".seh_savereg %r12,0xd8\n\t")
__ASM_SEH(".seh_savereg %r13,0xe0\n\t")
__ASM_SEH(".seh_savereg %r14,0xe8\n\t")
__ASM_SEH(".seh_savereg %r15,0xf0\n\t")
__ASM_SEH(".seh_endprologue\n\t")
__ASM_CFI(".cfi_signal_frame\n\t")
__ASM_CFI(".cfi_def_cfa_offset 0\n\t")
__ASM_CFI(".cfi_offset %rbx,0x90\n\t")
__ASM_CFI(".cfi_offset %rbp,0xa0\n\t")
__ASM_CFI(".cfi_offset %rsi,0xa8\n\t")
__ASM_CFI(".cfi_offset %rdi,0xb0\n\t")
__ASM_CFI(".cfi_offset %r12,0xd8\n\t")
__ASM_CFI(".cfi_offset %r13,0xe0\n\t")
__ASM_CFI(".cfi_offset %r14,0xe8\n\t")
__ASM_CFI(".cfi_offset %r15,0xf0\n\t")
__ASM_CFI(".cfi_offset %rip,0x590\n\t")
__ASM_CFI(".cfi_offset %rsp,0x5a8\n\t")
"cld\n\t"
/* some anticheats need this exact instruction here */
"mov " __ASM_NAME("pWow64PrepareForException") "(%rip),%rax\n\t"
......@@ -620,30 +643,10 @@ __ASM_GLOBAL_FUNC( KiUserExceptionDispatcher,
"mov %rsp,%rdx\n\t" /* context */
"lea 0x4f0(%rsp),%rcx\n\t" /* rec */
"call *%rax\n"
"1:\tmov 0xf8(%rsp),%rdx\n\t" /* context->Rip */
"mov 0x98(%rsp),%rcx\n\t" /* context->Rsp */
"mov %rdx,-0x8(%rcx)\n\t"
"mov %rbp,-0x10(%rcx)\n\t"
"mov %rdi,-0x18(%rcx)\n\t"
"mov %rsi,-0x20(%rcx)\n\t"
"lea -0x20(%rcx),%rbp\n\t"
"mov %rsp,%rdx\n\t" /* context */
"lea 0x4f0(%rsp),%rcx\n\t" /* rec */
__ASM_SEH(".seh_pushreg %rbp\n\t")
__ASM_SEH(".seh_pushreg %rdi\n\t")
__ASM_SEH(".seh_pushreg %rsi\n\t")
__ASM_SEH(".seh_setframe %rbp,0\n\t")
__ASM_SEH(".seh_endprologue\n\t")
__ASM_CFI(".cfi_signal_frame\n\t")
__ASM_CFI(".cfi_adjust_cfa_offset 0x20\n\t")
__ASM_CFI(".cfi_def_cfa %rbp,0x20\n\t")
__ASM_CFI(".cfi_rel_offset %rip,0x18\n\t")
__ASM_CFI(".cfi_rel_offset %rbp,0x10\n\t")
__ASM_CFI(".cfi_rel_offset %rdi,0x8\n\t")
__ASM_CFI(".cfi_rel_offset %rsi,0\n\t")
"1:\tmov %rsp,%rdx\n\t" /* context */
"lea 0x4f0(%rsp),%rcx\n\t" /* rec */
"call " __ASM_NAME("dispatch_exception") "\n\t"
"int3")
"int3" )
/*******************************************************************
......
......@@ -4644,6 +4644,15 @@ test_kiuserexceptiondispatcher_regs;
static ULONG64 test_kiuserexceptiondispatcher_saved_r12;
struct machine_frame
{
ULONG64 rip;
ULONG64 cs;
ULONG64 eflags;
ULONG64 rsp;
ULONG64 ss;
};
static DWORD dbg_except_continue_handler(EXCEPTION_RECORD *rec, EXCEPTION_REGISTRATION_RECORD *frame,
CONTEXT *context, EXCEPTION_REGISTRATION_RECORD **dispatcher)
{
......@@ -4689,15 +4698,29 @@ static LONG WINAPI dbg_except_continue_vectored_handler(struct _EXCEPTION_POINTE
static void * WINAPI hook_KiUserExceptionDispatcher(EXCEPTION_RECORD *rec, CONTEXT *context)
{
struct machine_frame *frame = (struct machine_frame *)(((ULONG_PTR)(rec + 1) + 0x0f) & ~0x0f);
CONTEXT_EX *xctx = (CONTEXT_EX *)(context + 1);
trace("rec %p, context %p.\n", rec, context);
trace("context->Rip %#Ix, context->Rsp %#Ix, ContextFlags %#lx.\n",
context->Rip, context->Rsp, context->ContextFlags);
trace("machine frame %p: rip=%Ix cs=%Ix eflags=%Ix rsp=%Ix ss=%Ix\n",
frame, frame->rip, frame->cs, frame->eflags, frame->rsp, frame->ss);
hook_called = TRUE;
/* Broken on Win2008, probably rec offset in stack is different. */
ok(rec->ExceptionCode == 0x80000003 || rec->ExceptionCode == 0xceadbeef || broken(!rec->ExceptionCode),
"Got unexpected ExceptionCode %#lx.\n", rec->ExceptionCode);
ok( !((ULONG_PTR)context & 15), "unaligned context %p\n", context );
ok( xctx->All.Offset == -sizeof(CONTEXT), "wrong All.Offset %lx\n", xctx->All.Offset );
ok( xctx->All.Length >= sizeof(CONTEXT) + offsetof(CONTEXT_EX, align), "wrong All.Length %lx\n", xctx->All.Length );
ok( xctx->Legacy.Offset == -sizeof(CONTEXT), "wrong Legacy.Offset %lx\n", xctx->All.Offset );
ok( xctx->Legacy.Length == sizeof(CONTEXT), "wrong Legacy.Length %lx\n", xctx->All.Length );
ok( (void *)(xctx + 1) == (void *)rec, "wrong ptrs %p / %p\n", xctx, rec );
ok( frame->rip == context->Rip, "wrong rip %Ix / %Ix\n", frame->rip, context->Rip );
ok( frame->rsp == context->Rsp, "wrong rsp %Ix / %Ix\n", frame->rsp, context->Rsp );
hook_KiUserExceptionDispatcher_rip = (void *)context->Rip;
hook_exception_address = rec->ExceptionAddress;
memcpy(pKiUserExceptionDispatcher, saved_KiUserExceptionDispatcher_bytes,
......
......@@ -341,21 +341,29 @@ enum i386_trap_code
#endif
};
/* stack layout when calling an exception raise function */
struct stack_layout
struct machine_frame
{
CONTEXT context;
CONTEXT_EX context_ex;
EXCEPTION_RECORD rec;
ULONG64 align;
char xstate[0]; /* If xstate is present it is allocated
* dynamically to provide 64 byte alignment. */
ULONG64 rip;
ULONG64 cs;
ULONG64 eflags;
ULONG64 rsp;
ULONG64 ss;
};
C_ASSERT((offsetof(struct stack_layout, xstate) == sizeof(struct stack_layout)));
C_ASSERT( sizeof(XSTATE) == 0x140 );
C_ASSERT( sizeof(struct stack_layout) == 0x590 ); /* Should match the size in call_user_exception_dispatcher(). */
/* stack layout when calling KiUserExceptionDispatcher */
struct exc_stack_layout
{
CONTEXT context; /* 000 */
CONTEXT_EX context_ex; /* 4d0 */
EXCEPTION_RECORD rec; /* 4f0 */
ULONG64 align; /* 588 */
struct machine_frame machine_frame; /* 590 */
ULONG64 align2; /* 5b8 */
XSTATE xstate; /* 5c0 */
};
C_ASSERT( offsetof(struct exc_stack_layout, rec) == 0x4f0 );
C_ASSERT( offsetof(struct exc_stack_layout, machine_frame) == 0x590 );
C_ASSERT( sizeof(struct exc_stack_layout) == 0x700 );
/* flags to control the behavior of the syscall dispatcher */
#define SYSCALL_HAVE_XSAVE 1
......@@ -1379,7 +1387,7 @@ static void setup_raise_exception( ucontext_t *sigcontext, EXCEPTION_RECORD *rec
{
void *stack_ptr = (void *)(RSP_sig(sigcontext) & ~15);
CONTEXT *context = &xcontext->c;
struct stack_layout *stack;
struct exc_stack_layout *stack;
size_t stack_size;
NTSTATUS status;
XSTATE *src_xs;
......@@ -1411,28 +1419,23 @@ static void setup_raise_exception( ucontext_t *sigcontext, EXCEPTION_RECORD *rec
/* fix up instruction pointer in context for EXCEPTION_BREAKPOINT */
if (rec->ExceptionCode == EXCEPTION_BREAKPOINT) context->Rip--;
stack_size = sizeof(*stack) + 0x20;
if ((src_xs = xstate_from_context( context )))
{
stack_size += (ULONG_PTR)stack_ptr - 0x20 - (((ULONG_PTR)stack_ptr - 0x20
- sizeof(XSTATE)) & ~(ULONG_PTR)63);
}
stack_size = (ULONG_PTR)stack_ptr - (((ULONG_PTR)stack_ptr - sizeof(*stack)) & ~(ULONG_PTR)63);
stack = virtual_setup_exception( stack_ptr, stack_size, rec );
stack->rec = *rec;
stack->context = *context;
if (src_xs)
{
XSTATE *dst_xs = (XSTATE *)stack->xstate;
stack->rec = *rec;
stack->context = *context;
stack->machine_frame.rip = context->Rip;
stack->machine_frame.rsp = context->Rsp;
assert( !((ULONG_PTR)dst_xs & 63) );
context_init_xstate( &stack->context, stack->xstate );
memset( dst_xs, 0, offsetof(XSTATE, YmmContext) );
dst_xs->CompactionMask = xstate_compaction_enabled ? 0x8000000000000004 : 0;
if ((src_xs = xstate_from_context( context )))
{
assert( !((ULONG_PTR)&stack->xstate & 63) );
context_init_xstate( &stack->context, &stack->xstate );
memset( &stack->xstate, 0, offsetof(XSTATE, YmmContext) );
stack->xstate.CompactionMask = xstate_compaction_enabled ? 0x8000000000000004 : 0;
if (src_xs->Mask & 4)
{
dst_xs->Mask = 4;
memcpy( &dst_xs->YmmContext, &src_xs->YmmContext, sizeof(dst_xs->YmmContext) );
stack->xstate.Mask = 4;
memcpy( &stack->xstate.YmmContext, &src_xs->YmmContext, sizeof(stack->xstate.YmmContext) );
}
}
else
......@@ -1517,27 +1520,26 @@ void call_raise_user_exception_dispatcher(void)
NTSTATUS call_user_exception_dispatcher( EXCEPTION_RECORD *rec, CONTEXT *context )
{
struct syscall_frame *frame = amd64_thread_data()->syscall_frame;
struct stack_layout *stack;
ULONG64 rsp;
struct exc_stack_layout *stack;
NTSTATUS status = NtSetContextThread( GetCurrentThread(), context );
if (status) return status;
rsp = (context->Rsp - 0x20) & ~15;
stack = (struct stack_layout *)rsp - 1;
stack = (struct exc_stack_layout *)((context->Rsp - sizeof(*stack)) & ~(ULONG_PTR)63);
memmove( &stack->context, context, sizeof(*context) );
if ((context->ContextFlags & CONTEXT_XSTATE) == CONTEXT_XSTATE)
{
rsp = (rsp - sizeof(XSTATE)) & ~63;
stack = (struct stack_layout *)rsp - 1;
assert( !((ULONG_PTR)stack->xstate & 63) );
memmove( &stack->context, context, sizeof(*context) );
context_init_xstate( &stack->context, stack->xstate );
memcpy( stack->xstate, &frame->xstate, sizeof(frame->xstate) );
assert( !((ULONG_PTR)&stack->xstate & 63) );
context_init_xstate( &stack->context, &stack->xstate );
memcpy( &stack->xstate, &frame->xstate, sizeof(frame->xstate) );
}
else memmove( &stack->context, context, sizeof(*context) );
else context_init_xstate( &stack->context, NULL );
stack->rec = *rec;
/* fix up instruction pointer in context for EXCEPTION_BREAKPOINT */
if (stack->rec.ExceptionCode == EXCEPTION_BREAKPOINT) stack->context.Rip--;
stack->machine_frame.rip = stack->context.Rip;
stack->machine_frame.rsp = stack->context.Rsp;
frame->rbp = stack->context.Rbp;
frame->rsp = (ULONG64)stack;
frame->rip = (ULONG64)pKiUserExceptionDispatcher;
......
......@@ -386,6 +386,14 @@ NTSTATUS WINAPI BTCpuResetToConsistentState( EXCEPTION_POINTERS *ptrs )
{
CONTEXT *context = ptrs->ContextRecord;
I386_CONTEXT wow_context;
struct machine_frame
{
ULONG64 rip;
ULONG64 cs;
ULONG64 eflags;
ULONG64 rsp;
ULONG64 ss;
} *machine_frame;
if (context->SegCs == cs64_sel) return STATUS_SUCCESS; /* exception in 64-bit code, nothing to do */
......@@ -397,6 +405,10 @@ NTSTATUS WINAPI BTCpuResetToConsistentState( EXCEPTION_POINTERS *ptrs )
context->Rip = (ULONG64)syscall_32to64;
context->SegCs = cs64_sel;
context->Rsp = context->R14;
/* fixup machine frame */
machine_frame = (struct machine_frame *)(((ULONG_PTR)(ptrs->ExceptionRecord + 1) + 15) & ~15);
machine_frame->rip = context->Rip;
machine_frame->rsp = context->Rsp;
return STATUS_SUCCESS;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment