Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=47571 Signed-off-by: Brendan Shanks bshanks@codeweavers.com --- dlls/ntdll/Makefile.in | 1 + dlls/ntdll/signal_i386.c | 2 + dlls/ntdll/signal_x86_64.c | 3 + dlls/ntdll/umip.c | 787 +++++++++++++++++++++++++++++++++++++ dlls/ntdll/umip.h | 21 + 5 files changed, 814 insertions(+) create mode 100644 dlls/ntdll/umip.c create mode 100644 dlls/ntdll/umip.h

diff --git a/dlls/ntdll/Makefile.in b/dlls/ntdll/Makefile.in index 9b4d70f6e8..999fc1abf5 100644 --- a/dlls/ntdll/Makefile.in +++ b/dlls/ntdll/Makefile.in @@ -50,6 +50,7 @@ C_SRCS = \ thread.c \ threadpool.c \ time.c \ + umip.c \ version.c \ virtual.c \ wcstring.c diff --git a/dlls/ntdll/signal_i386.c b/dlls/ntdll/signal_i386.c index a43599e375..94a828dcdf 100644 --- a/dlls/ntdll/signal_i386.c +++ b/dlls/ntdll/signal_i386.c @@ -59,6 +59,7 @@ #include "ntdll_misc.h" #include "wine/exception.h" #include "wine/debug.h" +#include "umip.h"

#ifdef HAVE_VALGRIND_MEMCHECK_H #include <valgrind/memcheck.h> @@ -2440,6 +2441,7 @@ void signal_init_process(void) #endif

wine_ldt_init_locking( ldt_lock, ldt_unlock ); + umip_add_handler(); return;

error: diff --git a/dlls/ntdll/signal_x86_64.c b/dlls/ntdll/signal_x86_64.c index feb2e69d3f..ebfef1c685 100644 --- a/dlls/ntdll/signal_x86_64.c +++ b/dlls/ntdll/signal_x86_64.c @@ -67,6 +67,7 @@ #include "wine/list.h" #include "ntdll_misc.h" #include "wine/debug.h" +#include "umip.h"

#ifdef HAVE_VALGRIND_MEMCHECK_H #include <valgrind/memcheck.h> @@ -3350,6 +3351,8 @@ void signal_init_process(void) sig_act.sa_sigaction = trap_handler; if (sigaction( SIGTRAP, &sig_act, NULL ) == -1) goto error; #endif + + umip_add_handler(); return;

error: diff --git a/dlls/ntdll/umip.c b/dlls/ntdll/umip.c new file mode 100644 index 0000000000..c05211568b --- /dev/null +++ b/dlls/ntdll/umip.c @@ -0,0 +1,787 @@ +/* + * Emulation for instructions covered by User-Mode Instruction Prevention + * + * Copyright (C) 2019 Brendan Shanks for CodeWeavers + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* + * User-Mode Instruction Prevention (UMIP) is an x86 feature that prevents user-space + * code (CPL > 0) from executing the sgdt, sidt, sldt, smsw, and str instructions. + * If one of these instructions is executed, a general protection fault is issued. + * + * UMIP was first implemented by the AMD Zen2 and Intel Sunny Cove microarchitectures + * (both released in 2019). + * + * On Linux: + * 32-bit processes: the kernel traps the GPF and emulates sgdt, sidt, and smsw. + * sldt and str are not emulated. + * + * 64-bit processes: no emulation is done for any instructions. + * A kernel patch to add emulation for sgdt, sidt, and smsw + * has been accepted and should be in v5.4. + * + * When the kernel doesn't emulate an instruction, the process receives a SIGSEGV. + * This file contains exception handlers for 32- and 64-bit code to emulate all + * instructions not emulated by the Linux kernel. + */ + +#include <stdarg.h> +#include <string.h> + +#define NONAMELESSUNION +#include "windef.h" +#include "winbase.h" +#include "winternl.h" +#define WIN32_NO_STATUS +#include "ddk/wdm.h" +#include "excpt.h" +#include "wine/asm.h" +#include "wine/debug.h" + +WINE_DEFAULT_DEBUG_CHANNEL(seh); + +/* Dummy base addresses are the same as used by the kernel */ +#define UMIP_DUMMY_GDT_BASE 0xfffffffffffe0000ULL +#define UMIP_DUMMY_IDT_BASE 0xffffffffffff0000ULL +#define UMIP_DUMMY_GDT_IDT_LIMIT 0 + +#define UMIP_GDT_IDT_BASE_SIZE_64BIT 8 +#define UMIP_GDT_IDT_LIMIT_SIZE 2 + +/* Dummy LDT, matches what I see on Windows and Linux */ +#define UMIP_DUMMY_LDT 0 + +/* Dummy task register, matches what I see on Windows and Linux */ +#define UMIP_DUMMY_TR 0x40 + +/* Dummy MSW is same value used by kernel, defined as: + * (X86_CR0_PE | X86_CR0_MP | X86_CR0_ET | + * X86_CR0_NE | X86_CR0_WP | X86_CR0_AM | + * X86_CR0_PG) + */ +#define UMIP_DUMMY_MSW 0x33 + +#if defined(__i386__) && defined(linux) + +static DWORD *get_reg_address( CONTEXT *context, BYTE rm ) +{ + switch (rm & 7) + { + case 0: return &context->Eax; + case 1: return &context->Ecx; + case 2: return &context->Edx; + case 3: return &context->Ebx; + case 4: return &context->Esp; + case 5: return &context->Ebp; + case 6: return &context->Esi; + case 7: return &context->Edi; + } + return NULL; +} + + +/*********************************************************************** + * INSTR_GetOperandAddr + * + * Return the address of an instruction operand (from the mod/rm byte). + */ +static void *INSTR_GetOperandAddr( CONTEXT *context, BYTE *instr, + int long_addr, int segprefix, int *len ) +{ + int mod, rm, base = 0, index = 0, ss = 0, off; + +#define GET_VAL(val,type) \ + { *val = *(type *)instr; instr += sizeof(type); *len += sizeof(type); } + + *len = 0; + GET_VAL( &mod, BYTE ); + rm = mod & 7; + mod >>= 6; + + if (mod == 3) return get_reg_address( context, rm ); + + if (long_addr) + { + if (rm == 4) + { + BYTE sib; + GET_VAL( &sib, BYTE ); + rm = sib & 7; + ss = sib >> 6; + switch((sib >> 3) & 7) + { + case 0: index = context->Eax; break; + case 1: index = context->Ecx; break; + case 2: index = context->Edx; break; + case 3: index = context->Ebx; break; + case 4: index = 0; break; + case 5: index = context->Ebp; break; + case 6: index = context->Esi; break; + case 7: index = context->Edi; break; + } + } + + switch(rm) + { + case 0: base = context->Eax; break; + case 1: base = context->Ecx; break; + case 2: base = context->Edx; break; + case 3: base = context->Ebx; break; + case 4: base = context->Esp; break; + case 5: base = context->Ebp; break; + case 6: base = context->Esi; break; + case 7: base = context->Edi; break; + } + switch (mod) + { + case 0: + if (rm == 5) /* special case: ds:(disp32) */ + { + GET_VAL( &base, DWORD ); + } + break; + + case 1: /* 8-bit disp */ + GET_VAL( &off, BYTE ); + base += (signed char)off; + break; + + case 2: /* 32-bit disp */ + GET_VAL( &off, DWORD ); + base += (signed long)off; + break; + } + } + else /* short address */ + { + switch(rm) + { + case 0: /* ds:(bx,si) */ + base = LOWORD(context->Ebx) + LOWORD(context->Esi); + break; + case 1: /* ds:(bx,di) */ + base = LOWORD(context->Ebx) + LOWORD(context->Edi); + break; + case 2: /* ss:(bp,si) */ + base = LOWORD(context->Ebp) + LOWORD(context->Esi); + break; + case 3: /* ss:(bp,di) */ + base = LOWORD(context->Ebp) + LOWORD(context->Edi); + break; + case 4: /* ds:(si) */ + base = LOWORD(context->Esi); + break; + case 5: /* ds:(di) */ + base = LOWORD(context->Edi); + break; + case 6: /* ss:(bp) */ + base = LOWORD(context->Ebp); + break; + case 7: /* ds:(bx) */ + base = LOWORD(context->Ebx); + break; + } + + switch(mod) + { + case 0: + if (rm == 6) /* special case: ds:(disp16) */ + { + GET_VAL( &base, WORD ); + } + break; + + case 1: /* 8-bit disp */ + GET_VAL( &off, BYTE ); + base += (signed char)off; + break; + + case 2: /* 16-bit disp */ + GET_VAL( &off, WORD ); + base += (signed short)off; + break; + } + base &= 0xffff; + } + /* FIXME: we assume that all segments have a base of 0 */ + return (void *)(base + (index << ss)); +#undef GET_VAL +} + + +/*********************************************************************** + * emulate_instruction + * + * Emulate a privileged instruction. + * Returns exception continuation status. + */ +static DWORD emulate_instruction( EXCEPTION_RECORD *rec, CONTEXT *context ) +{ + int prefix, segprefix, prefixlen, len, long_op, long_addr; + BYTE *instr; + + long_op = long_addr = 1; + instr = (BYTE *)context->Eip; + if (!instr) return ExceptionContinueSearch; + + /* First handle any possible prefix */ + + segprefix = -1; /* no prefix */ + prefix = 1; + prefixlen = 0; + while(prefix) + { + switch(*instr) + { + case 0x2e: + segprefix = context->SegCs; + break; + case 0x36: + segprefix = context->SegSs; + break; + case 0x3e: + segprefix = context->SegDs; + break; + case 0x26: + segprefix = context->SegEs; + break; + case 0x64: + segprefix = context->SegFs; + break; + case 0x65: + segprefix = context->SegGs; + break; + case 0x66: + long_op = !long_op; /* opcode size prefix */ + break; + case 0x67: + long_addr = !long_addr; /* addr size prefix */ + break; + case 0xf0: /* lock */ + break; + case 0xf2: /* repne */ + break; + case 0xf3: /* repe */ + break; + default: + prefix = 0; /* no more prefixes */ + break; + } + if (prefix) + { + instr++; + prefixlen++; + } + } + + /* Now look at the actual instruction */ + + switch(*instr) + { + case 0x0f: /* extended instruction */ + switch(instr[1]) + { + case 0x00: /* sldt/str */ + { + int reg = (instr[2] >> 3) & 7; + switch (reg) + { + case 0: /* sldt */ + case 1: /* str */ + { + BYTE *data = INSTR_GetOperandAddr( context, instr + 2, long_addr, + segprefix, &len ); + int mod = instr[2] >> 6; + UINT16 dummy_value; + + if (reg == 0) + { + /* sldt */ + dummy_value = UMIP_DUMMY_LDT; + TRACE( "sldt at 0x%08x\n", context->Eip ); + } + else + { + /* str */ + dummy_value = UMIP_DUMMY_TR; + TRACE( "str at 0x%08x\n", context->Eip ); + } + + if (mod == 3) + { + /* Destination operand is a register. + * Zero-extend the dummy value and store to the register. */ + UINT32 dummy_value_32 = dummy_value; + memcpy( data, &dummy_value_32, long_op ? 4 : 2 ); + } + else + { + /* Destination operand is a memory location. + * Only copy 16 bits regardless of operand size. */ + memcpy( data, &dummy_value, sizeof(dummy_value) ); + } + context->Eip += prefixlen + len + 2; + return ExceptionContinueExecution; + } + } + } + case 0x01: /* sgdt/sidt/smsw */ + { + /* The Linux kernel already emulates these instructions for 32-bit processes, + * Wine should never get an exception for them. + * However, it may be necessary in the future to emulate these instructions + * for other OSes if they don't do any emulation. + */ + break; + } + } + break; + } + return ExceptionContinueSearch; /* Unable to emulate it */ +} + + +/*********************************************************************** + * vectored_handler + * + * Vectored exception handler used to emulate protected instructions + * from 32-bit code. + */ +static LONG CALLBACK vectored_handler( EXCEPTION_POINTERS *ptrs ) +{ + EXCEPTION_RECORD *record = ptrs->ExceptionRecord; + CONTEXT *context = ptrs->ContextRecord; + + if (record->ExceptionCode == EXCEPTION_ACCESS_VIOLATION && + record->ExceptionInformation[0] == 0 && + record->ExceptionInformation[1] == 0xffffffff) + { + if (emulate_instruction( record, context ) == ExceptionContinueExecution) + return EXCEPTION_CONTINUE_EXECUTION; + } + return EXCEPTION_CONTINUE_SEARCH; +} + +#elif defined(__x86_64__) && defined(linux) /* __i386__ && linux */ + +#define REX_B 1 +#define REX_X 2 +#define REX_R 4 +#define REX_W 8 + +#define REGMODRM_MOD( regmodrm, rex ) ((regmodrm) >> 6) +#define REGMODRM_REG( regmodrm, rex ) (((regmodrm) >> 3) & 7) | (((rex) & REX_R) ? 8 : 0) +#define REGMODRM_RM( regmodrm, rex ) (((regmodrm) & 7) | (((rex) & REX_B) ? 8 : 0)) + +#define SIB_SS( sib, rex ) ((sib) >> 6) +#define SIB_INDEX( sib, rex ) (((sib) >> 3) & 7) | (((rex) & REX_X) ? 8 : 0) +#define SIB_BASE( sib, rex ) (((sib) & 7) | (((rex) & REX_B) ? 8 : 0)) + +static inline DWORD64 *get_int_reg( CONTEXT *context, int index ) +{ + return &context->Rax + index; /* index should be in range 0 .. 15 */ +} + +static inline int get_op_size( int long_op, int rex ) +{ + if (rex & REX_W) + return sizeof(DWORD64); + else if (long_op) + return sizeof(DWORD); + else + return sizeof(WORD); +} + +/*********************************************************************** + * INSTR_GetOperandAddr + * + * Return the address of an instruction operand (from the mod/rm byte). + */ +static BYTE *INSTR_GetOperandAddr( CONTEXT *context, BYTE *instr, + int long_addr, int rex, int segprefix, int *len ) +{ + int mod, rm, ss = 0, off, have_sib = 0; + DWORD64 base = 0, index = 0; + +#define GET_VAL( val, type ) \ + { *val = *(type *)instr; instr += sizeof(type); *len += sizeof(type); } + + *len = 0; + GET_VAL( &mod, BYTE ); + rm = REGMODRM_RM( mod, rex ); + mod = REGMODRM_MOD( mod, rex ); + + if (mod == 3) + return (BYTE *)get_int_reg( context, rm ); + + if ((rm & 7) == 4) + { + BYTE sib; + int id; + + GET_VAL( &sib, BYTE ); + rm = SIB_BASE( sib, rex ); + id = SIB_INDEX( sib, rex ); + ss = SIB_SS( sib, rex ); + + index = (id != 4) ? *get_int_reg( context, id ) : 0; + if (!long_addr) index &= 0xffffffff; + have_sib = 1; + } + + base = *get_int_reg( context, rm ); + if (!long_addr) base &= 0xffffffff; + + switch (mod) + { + case 0: + if (rm == 5) /* special case */ + { + base = have_sib ? 0 : context->Rip; + if (!long_addr) base &= 0xffffffff; + GET_VAL( &off, DWORD ); + base += (signed long)off; + } + break; + + case 1: /* 8-bit disp */ + GET_VAL( &off, BYTE ); + base += (signed char)off; + break; + + case 2: /* 32-bit disp */ + GET_VAL( &off, DWORD ); + base += (signed long)off; + break; + } + + /* FIXME: we assume that all segments have a base of 0 */ + return (BYTE *)(base + (index << ss)); +#undef GET_VAL +} + + +/*********************************************************************** + * emulate_instruction + * + * Emulate a privileged instruction. + * Returns exception continuation status. + */ +static DWORD emulate_instruction( EXCEPTION_RECORD *rec, CONTEXT *context ) +{ + int prefix, segprefix, prefixlen, len, long_op, long_addr, rex; + BYTE *instr; + + long_op = long_addr = 1; + instr = (BYTE *)context->Rip; + if (!instr) return ExceptionContinueSearch; + + /* First handle any possible prefix */ + + segprefix = -1; /* no seg prefix */ + rex = 0; /* no rex prefix */ + prefix = 1; + prefixlen = 0; + while(prefix) + { + switch(*instr) + { + case 0x2e: + segprefix = context->SegCs; + break; + case 0x36: + segprefix = context->SegSs; + break; + case 0x3e: + segprefix = context->SegDs; + break; + case 0x26: + segprefix = context->SegEs; + break; + case 0x64: + segprefix = context->SegFs; + break; + case 0x65: + segprefix = context->SegGs; + break; + case 0x66: + long_op = !long_op; /* opcode size prefix */ + break; + case 0x67: + long_addr = !long_addr; /* addr size prefix */ + break; + case 0x40: /* rex */ + case 0x41: + case 0x42: + case 0x43: + case 0x44: + case 0x45: + case 0x46: + case 0x47: + case 0x48: + case 0x49: + case 0x4a: + case 0x4b: + case 0x4c: + case 0x4d: + case 0x4e: + case 0x4f: + rex = *instr; + break; + case 0xf0: /* lock */ + break; + case 0xf2: /* repne */ + break; + case 0xf3: /* repe */ + break; + default: + prefix = 0; /* no more prefixes */ + break; + } + if (prefix) + { + instr++; + prefixlen++; + } + } + + /* Now look at the actual instruction */ + + switch(*instr) + { + case 0x0f: /* extended instruction */ + switch(instr[1]) + { + case 0x00: /* sldt/str */ + { + int reg = REGMODRM_REG( instr[2], rex ); + switch (reg) + { + case 0: /* sldt */ + case 1: /* str */ + { + BYTE *data = INSTR_GetOperandAddr( context, instr + 2, long_addr, + rex, segprefix, &len ); + int rm = REGMODRM_RM( instr[2], rex ); + UINT16 dummy_value; + + if (reg == 0) + { + /* sldt */ + dummy_value = UMIP_DUMMY_LDT; + TRACE( "sldt at 0x%lx\n", context->Rip ); + } + else + { + /* str */ + dummy_value = UMIP_DUMMY_TR; + TRACE( "str at 0x%lx\n", context->Rip ); + } + + if (REGMODRM_MOD( instr[2], rex ) == 3) + { + /* Destination operand is a register. + * Zero-extend the dummy LDT and store to the register. */ + UINT64 dummy_value_64 = dummy_value; + memcpy( data, &dummy_value, get_op_size( long_op, rex ) ); + } + else + { + /* Destination operand is a memory location. + * Only copy 16 bits regardless of operand size. */ + memcpy( data, &dummy_value, sizeof(dummy_value) ); + } + context->Rip += prefixlen + len + 2; + return ExceptionContinueExecution; + } + default: break; + } + } + case 0x01: /* sgdt/sidt/smsw */ + { + int reg = REGMODRM_REG( instr[2], rex ); + switch (reg) + { + case 0: /* sgdt */ + case 1: /* sidt */ + { + BYTE *data; + UINT16 dummy_limit = UMIP_DUMMY_GDT_IDT_LIMIT; + UINT64 dummy_base_addr; + + /* sgdt/sidt cannot use a register as the destination operand */ + if (REGMODRM_MOD( instr[2], rex ) == 3) + return ExceptionContinueSearch; + + data = INSTR_GetOperandAddr( context, instr + 2, long_addr, + rex, segprefix, &len ); + + if (reg == 0) + { + /* sgdt */ + dummy_base_addr = UMIP_DUMMY_GDT_BASE; + TRACE( "sgdt at %lx\n", context->Rip ); + } + else if (reg == 1) + { + /* sidt */ + dummy_base_addr = UMIP_DUMMY_IDT_BASE; + TRACE( "sidt at %lx\n", context->Rip ); + } + memcpy( data, &dummy_limit, UMIP_GDT_IDT_LIMIT_SIZE ); + memcpy( data + UMIP_GDT_IDT_LIMIT_SIZE, &dummy_base_addr, UMIP_GDT_IDT_BASE_SIZE_64BIT ); + + context->Rip += prefixlen + len + 2; + return ExceptionContinueExecution; + } + case 4: /* smsw */ + { + BYTE *data = INSTR_GetOperandAddr( context, instr + 2, long_addr, + rex, segprefix, &len ); + int rm = REGMODRM_RM( instr[2], rex ); + + if (REGMODRM_MOD( instr[2], rex ) == 3) + { + /* Destination operand is a register. + * Zero-extend the dummy MSW and store to the register. */ + UINT64 dummy_msw = UMIP_DUMMY_MSW; + TRACE( "smsw at %lx\n", context->Rip ); + memcpy( data, &dummy_msw, get_op_size( long_op, rex ) ); + } + else + { + /* Destination operand is a memory location. + * Only copy 16 bits regardless of operand size. */ + UINT16 dummy_msw = UMIP_DUMMY_MSW; + TRACE( "smsw at %lx\n", context->Rip ); + memcpy( data, &dummy_msw, sizeof(dummy_msw) ); + } + context->Rip += prefixlen + len + 2; + return ExceptionContinueExecution; + } + default: break; + } + } + } + break; /* Unable to emulate it */ + } + return ExceptionContinueSearch; /* Unable to emulate it */ +} + + +/*********************************************************************** + * vectored_handler + * + * Vectored exception handler used to emulate UMIP instructions + * from 64-bit code. + */ +static LONG CALLBACK vectored_handler( EXCEPTION_POINTERS *ptrs ) +{ + EXCEPTION_RECORD *record = ptrs->ExceptionRecord; + CONTEXT *context = ptrs->ContextRecord; + + if (record->ExceptionCode == EXCEPTION_ACCESS_VIOLATION && + record->ExceptionInformation[0] == 0 && + record->ExceptionInformation[1] == 0xffffffffffffffff) + { + if (emulate_instruction( record, context ) == ExceptionContinueExecution) + { + TRACE( "next instruction rip=%lx\n", context->Rip ); + TRACE( " rax=%016lx rbx=%016lx rcx=%016lx rdx=%016lx\n", + context->Rax, context->Rbx, context->Rcx, context->Rdx ); + TRACE( " rsi=%016lx rdi=%016lx rbp=%016lx rsp=%016lx\n", + context->Rsi, context->Rdi, context->Rbp, context->Rsp ); + TRACE( " r8=%016lx r9=%016lx r10=%016lx r11=%016lx\n", + context->R8, context->R9, context->R10, context->R11 ); + TRACE( " r12=%016lx r13=%016lx r14=%016lx r15=%016lx\n", + context->R12, context->R13, context->R14, context->R15 ); + + return EXCEPTION_CONTINUE_EXECUTION; + } + } + return EXCEPTION_CONTINUE_SEARCH; +} +#endif /* __x86_64 && linux */ + +#if (defined(__i386__) || defined(__x86_64__)) && defined(linux) +extern int have_cpuid (void ); + +extern void do_cpuid_cx( unsigned int ax, unsigned int cx, unsigned int *p ); +#ifdef __i386__ +__ASM_GLOBAL_FUNC( do_cpuid_cx, + "pushl %esi\n\t" + "pushl %ebx\n\t" + "movl 12(%esp),%eax\n\t" + "movl 16(%esp),%ecx\n\t" + "movl 20(%esp),%esi\n\t" + "cpuid\n\t" + "movl %eax,(%esi)\n\t" + "movl %ebx,4(%esi)\n\t" + "movl %ecx,8(%esi)\n\t" + "movl %edx,12(%esi)\n\t" + "popl %ebx\n\t" + "popl %esi\n\t" + "ret" ) +#else +__ASM_GLOBAL_FUNC( do_cpuid_cx, + "pushq %rbx\n\t" + "movq %rdx,%r8\n\t" + "movl %edi,%eax\n\t" + "movl %esi,%ecx\n\t" + "cpuid\n\t" + "movl %eax,(%r8)\n\t" + "movl %ebx,4(%r8)\n\t" + "movl %ecx,8(%r8)\n\t" + "movl %edx,12(%r8)\n\t" + "popq %rbx\n\t" + "ret" ) +#endif + +static int umip_enabled( void ) +{ + /* Check cpuid to see if UMIP is supported. + * UMIP bit is EAX=0x07,ECX=0x0, ECX bit 2 + * (CPUID.07H.0H:ECX:UMIP[bit 2] in Intel syntax) + * + * It would be preferable to check if UMIP is actually enabled + * (CR4.UMIP), but that can't be done from userspace. + */ + unsigned int regs[4]; + +#ifdef __i386__ + if (!have_cpuid()) return 0; +#endif + + do_cpuid_cx( 0x00000000, 0, regs ); /* get standard cpuid level and vendor name */ + if (regs[0]>=0x00000007) /* Check for supported cpuid version */ + { + do_cpuid_cx( 0x00000007, 0, regs ); + if (regs[2] & (1 << 2)) + return 1; + } + + return 0; +} +#endif /* (__i386__ || __x86_64__) && linux */ + +void umip_add_handler( void ) +{ +#if (defined(__i386__) || defined(__x86_64__)) && defined(linux) + if (umip_enabled()) + RtlAddVectoredExceptionHandler( TRUE, vectored_handler ); +#endif +} diff --git a/dlls/ntdll/umip.h b/dlls/ntdll/umip.h new file mode 100644 index 0000000000..704d0a25d5 --- /dev/null +++ b/dlls/ntdll/umip.h @@ -0,0 +1,21 @@ +/* + * Emulation for instructions covered by User-Mode Instruction Prevention + * + * Copyright (C) 2019 Brendan Shanks for CodeWeavers + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA + */ + +extern void umip_add_handler(void) DECLSPEC_HIDDEN;