[28/43] windbg: implemented windbg_read_ks_regs

Message ID	150642400352.3900.13935192906711901682.stgit@Misha-PC.lan02.inno
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Mihail Abakumov <mikhail.abakumov@ispras.ru> To: qemu-devel@nongnu.org Date: Tue, 26 Sep 2017 14:06:43 +0300 Message-ID: <150642400352.3900.13935192906711901682.stgit@Misha-PC.lan02.inno> In-Reply-To: <150642384156.3900.3326424823772221077.stgit@Misha-PC.lan02.inno> References: <150642384156.3900.3326424823772221077.stgit@Misha-PC.lan02.inno> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] [PATCH 28/43] windbg: implemented windbg_read_ks_regs Precedence: list Cc: sw@weilnetz.de, lprosek@redhat.com, dovgaluk@ispras.ru, rkagan@virtuozzo.com, pbonzini@redhat.com, den@openvz.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
Series	Windbg supporting \| expand [00/43] Windbg supporting [01/43] windbg: added empty windbgstub files [02/43] windbg: added windbg's KD header file [03/43] windbg: modified windbgkd.h [04/43] windbg: added '-windbg' option [05/43] windbg: added helper features [06/43] windbg: added WindbgState [07/43] windbg: added chardev [08/43] windbg: hook to wrmsr operation [09/43] windbg: handler of fs/gs register [10/43] windbg: structures for parsing data stream [11/43] windbg: parsing data stream [12/43] windbg: send data and control packets [13/43] windbg: handler of parsing context [14/43] windbg: init DBGKD_ANY_WAIT_STATE_CHANGE [15/43] windbg: sized data buffer [16/43] windbg: generate ExceptionStateChange [17/43] windbg: generate LoadSymbolsStateChange [18/43] windbg: windbg_vm_stop [19/43] windbg: implemented windbg_process_control_packet [20/43] windbg: implemented windbg_process_data_packet [21/43] windbg: implemented windbg_process_manipulate_packet [22/43] windbg: implemented kd_api_read_virtual_memory and kd_api_read_virtual_memory [23/43] windbg: kernel's structures [24/43] windbg: implemented kd_api_get_context and kd_api_set_context [25/43] windbg: implemented kd_api_read_control_space and kd_api_write_control_space [26/43] windbg: implemented windbg_read_context [27/43] windbg: implemented windbg_write_context [28/43] windbg: implemented windbg_read_ks_regs [29/43] windbg: implemented windbg_write_ks_regs [30/43] windbg: implemented windbg_set_sr [31/43] windbg: implemented windbg_set_dr [32/43] windbg: implemented windbg_set_dr7 [33/43] windbg: implemented windbg_hw_breakpoint_insert and windbg_hw_breakpoint_remove [34/43] windbg: implemented kd_api_write_breakpoint and kd_api_restore_breakpoint [35/43] windbg: debug exception subscribing [36/43] windbg: implemented kd_api_continue [37/43] windbg: implemented kd_api_read_io_space and kd_api_write_io_space [38/43] windbg: implemented kd_api_read_physical_memory and kd_api_write_physical_memory [39/43] windbg: implemented kd_api_get_version [40/43] windbg: implemented kd_api_read_msr and kd_api_write_msr [41/43] windbg: implemented kd_api_search_memory [42/43] windbg: implemented kd_api_fill_memory [43/43] windbg: implemented kd_api_query_memory

Message ID

150642400352.3900.13935192906711901682.stgit@Misha-PC.lan02.inno

State

New

Headers

From: Mihail Abakumov <mikhail.abakumov@ispras.ru>
To: qemu-devel@nongnu.org
Date: Tue, 26 Sep 2017 14:06:43 +0300
Message-ID: <150642400352.3900.13935192906711901682.stgit@Misha-PC.lan02.inno>
In-Reply-To: <150642384156.3900.3326424823772221077.stgit@Misha-PC.lan02.inno>
References: <150642384156.3900.3326424823772221077.stgit@Misha-PC.lan02.inno>
User-Agent: StGit/0.17.1-dirty
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] [PATCH 28/43] windbg: implemented windbg_read_ks_regs
Precedence: list
Cc: sw@weilnetz.de, lprosek@redhat.com, dovgaluk@ispras.ru,
	rkagan@virtuozzo.com, pbonzini@redhat.com, den@openvz.org
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Series

Windbg supporting | expand

Commit Message

Mikhail Abakumov Sept. 26, 2017, 11:06 a.m. UTC

Signed-off-by: Mihail Abakumov <mikhail.abakumov@ispras.ru>
Signed-off-by: Pavel Dovgalyuk <dovgaluk@ispras.ru>
Signed-off-by: Dmitriy Koltunov <koltunov@ispras.ru>
---
 windbgstub-utils.c |   38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

Comments

Ladi Prosek Oct. 3, 2017, 12:36 p.m. UTC | #1

On Tue, Sep 26, 2017 at 1:06 PM, Mihail Abakumov
<mikhail.abakumov@ispras.ru> wrote:
> Signed-off-by: Mihail Abakumov <mikhail.abakumov@ispras.ru>
> Signed-off-by: Pavel Dovgalyuk <dovgaluk@ispras.ru>
> Signed-off-by: Dmitriy Koltunov <koltunov@ispras.ru>
> ---
>  windbgstub-utils.c |   38 ++++++++++++++++++++++++++++++++++++++
>  1 file changed, 38 insertions(+)
>
> diff --git a/windbgstub-utils.c b/windbgstub-utils.c
> index 73ff98dfbc..537ba9e2aa 100755
> --- a/windbgstub-utils.c
> +++ b/windbgstub-utils.c
> @@ -587,6 +587,44 @@ static int windbg_write_context(CPUState *cpu, uint8_t *buf, int len,
>  static int windbg_read_ks_regs(CPUState *cpu, uint8_t *buf, int len,
>                                 int offset)
>  {
> +    CPUArchState *env = cpu->env_ptr;
> +    const bool new_mem = (len != sizeof(CPU_KSPECIAL_REGISTERS)
> +                       || offset != 0);
> +    CPU_KSPECIAL_REGISTERS *ckr;
> +    if (new_mem) {
> +        ckr = g_new(CPU_KSPECIAL_REGISTERS, 1);
> +    } else {
> +        ckr = (CPU_KSPECIAL_REGISTERS *) buf;
> +    }
> +
> +    memset(ckr, 0, len);

Buffer overrun on len > sizeof(CPU_KSPECIAL_REGISTERS).

> +    ckr->Cr0 = ldl_p(&env->cr[0]);
> +    ckr->Cr2 = ldl_p(&env->cr[2]);
> +    ckr->Cr3 = ldl_p(&env->cr[3]);
> +    ckr->Cr4 = ldl_p(&env->cr[4]);
> +
> +    ckr->KernelDr0 = ldtul_p(&env->dr[0]);
> +    ckr->KernelDr1 = ldtul_p(&env->dr[1]);
> +    ckr->KernelDr2 = ldtul_p(&env->dr[2]);
> +    ckr->KernelDr3 = ldtul_p(&env->dr[3]);
> +    ckr->KernelDr6 = ldtul_p(&env->dr[6]);
> +    ckr->KernelDr7 = ldtul_p(&env->dr[7]);
> +
> +    ckr->Gdtr.Pad = lduw_p(&env->gdt.selector);
> +    ckr->Idtr.Pad = lduw_p(&env->idt.selector);
> +
> +    ckr->Gdtr.Limit = lduw_p(&env->gdt.limit);
> +    ckr->Gdtr.Base  = ldtul_p(&env->gdt.base);
> +    ckr->Idtr.Limit = lduw_p(&env->idt.limit);
> +    ckr->Idtr.Base  = ldtul_p(&env->idt.base);
> +    ckr->Tr         = lduw_p(&env->tr.selector);
> +    ckr->Ldtr       = lduw_p(&env->ldt.selector);
> +
> +    if (new_mem) {
> +        memcpy(buf, (uint8_t *) ckr + offset, len);
> +        g_free(ckr);
> +    }
>      return 0;
>  }
>
>

diff --git a/windbgstub-utils.c b/windbgstub-utils.c
index 73ff98dfbc..537ba9e2aa 100755
--- a/windbgstub-utils.c
+++ b/windbgstub-utils.c
@@ -587,6 +587,44 @@  static int windbg_write_context(CPUState *cpu, uint8_t *buf, int len,
 static int windbg_read_ks_regs(CPUState *cpu, uint8_t *buf, int len,
                                int offset)
 {
+    CPUArchState *env = cpu->env_ptr;
+    const bool new_mem = (len != sizeof(CPU_KSPECIAL_REGISTERS)
+                       || offset != 0);
+    CPU_KSPECIAL_REGISTERS *ckr;
+    if (new_mem) {
+        ckr = g_new(CPU_KSPECIAL_REGISTERS, 1);
+    } else {
+        ckr = (CPU_KSPECIAL_REGISTERS *) buf;
+    }
+
+    memset(ckr, 0, len);
+
+    ckr->Cr0 = ldl_p(&env->cr[0]);
+    ckr->Cr2 = ldl_p(&env->cr[2]);
+    ckr->Cr3 = ldl_p(&env->cr[3]);
+    ckr->Cr4 = ldl_p(&env->cr[4]);
+
+    ckr->KernelDr0 = ldtul_p(&env->dr[0]);
+    ckr->KernelDr1 = ldtul_p(&env->dr[1]);
+    ckr->KernelDr2 = ldtul_p(&env->dr[2]);
+    ckr->KernelDr3 = ldtul_p(&env->dr[3]);
+    ckr->KernelDr6 = ldtul_p(&env->dr[6]);
+    ckr->KernelDr7 = ldtul_p(&env->dr[7]);
+
+    ckr->Gdtr.Pad = lduw_p(&env->gdt.selector);
+    ckr->Idtr.Pad = lduw_p(&env->idt.selector);
+
+    ckr->Gdtr.Limit = lduw_p(&env->gdt.limit);
+    ckr->Gdtr.Base  = ldtul_p(&env->gdt.base);
+    ckr->Idtr.Limit = lduw_p(&env->idt.limit);
+    ckr->Idtr.Base  = ldtul_p(&env->idt.base);
+    ckr->Tr         = lduw_p(&env->tr.selector);
+    ckr->Ldtr       = lduw_p(&env->ldt.selector);
+
+    if (new_mem) {
+        memcpy(buf, (uint8_t *) ckr + offset, len);
+        g_free(ckr);
+    }
     return 0;
 }

[28/43] windbg: implemented windbg_read_ks_regs

Commit Message

Comments

Patch