On 05.02.2017 07:45, Andrew Wesie wrote:
On Sun, Feb 5, 2017 at 12:31 AM, Sebastian Lackner sebastian@fds-team.de wrote:
Wouldn't it make more sense to add a proper implementation for all debug registers? We already have the signal_i386 code for an example how to do it, and other functions like NtGetContextThread also support querying the debug registers (even on x86_64).
I looked at NtGetContextThread and I was wary of adding a server call to save_context.
Looking at the i386 version, it seems that NtGetContextThread caches the debug registers so that save_context doesn't need to do a server call. I can add something similar for x86_64, if there isn't a reason not to.
-Andrew
I think a version similar to how its done on i386 would be perfectly fine. The biggest problem is probably the limited amount of TEB space we have available, but it also shouldn't hurt to use fields after SpareBytes1. If you have any questions, feel free to ask!
Best regards, Sebastian