v2: Added definition for MSR_LSTAR instead of hard-coding it in.
Signed-off-by: Derek Lesho dereklesho52@Gmail.com --- dlls/ntoskrnl.exe/instr.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+)
diff --git a/dlls/ntoskrnl.exe/instr.c b/dlls/ntoskrnl.exe/instr.c index 67cdd327ee..2e5b95cbe6 100644 --- a/dlls/ntoskrnl.exe/instr.c +++ b/dlls/ntoskrnl.exe/instr.c @@ -473,6 +473,8 @@ WINE_DEFAULT_DEBUG_CHANNEL(int); #define REX_R 4 #define REX_W 8
+#define MSR_LSTAR 0xc0000082 + #define REGMODRM_MOD( regmodrm, rex ) ((regmodrm) >> 6) #define REGMODRM_REG( regmodrm, rex ) (((regmodrm) >> 3) & 7) | (((rex) & REX_R) ? 8 : 0) #define REGMODRM_RM( regmodrm, rex ) (((regmodrm) & 7) | (((rex) & REX_B) ? 8 : 0)) @@ -586,6 +588,12 @@ static BYTE *INSTR_GetOperandAddr( CONTEXT *context, BYTE *instr, }
+static void fake_syscall_function(void) +{ + TRACE("() stub\n"); +} + + /*********************************************************************** * emulate_instruction * @@ -757,6 +765,25 @@ static DWORD emulate_instruction( EXCEPTION_RECORD *rec, CONTEXT *context ) context->Rip += prefixlen + 3; return ExceptionContinueExecution; } + case 0x32: /* rdmsr */ + { + int reg = context->Rcx & 0xffffffff; + TRACE("rdmsr CR 0x%08x\n", reg); + switch (reg) + { + case MSR_LSTAR: + { + ULONGLONG syscall_address = (ULONGLONG) fake_syscall_function; + + context->Rdx = (syscall_address >> 32) & 0xffffffff; + context->Rax = syscall_address & 0xffffffff; + } + break; + default: return ExceptionContinueSearch; + } + context->Rip += prefixlen + 2; + return ExceptionContinueExecution; + } case 0xb6: /* movzx Eb, Gv */ case 0xb7: /* movzx Ew, Gv */ {