From 2995806a449cdadaff3ab3c1f2bee3c972543f3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herm=C3=A8s=20B=C3=A9lusca-Ma=C3=AFto?= Date: Fri, 22 Nov 2024 16:35:19 +0100 Subject: [PATCH] [NTOS:KD64] kdx64.c: Implement KdpAllowDisable() the same as in x86 (#7538) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit AMD64 has the same DR7 register as x86 with the same bits meanings, thus the same implementation can be used. References: - https://en.wikipedia.org/wiki/X86_debug_register#DR7_-_Debug_control - AMD64 Architecture Programmer’s Manual, Volume 2: System Programming https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/programmer-references/24593.pdf Section "13.1.1.4 Debug-Control Register (DR7)" pgs. 393-396 (pgs. 455-458 of the PDF) - Intel® 64 and IA-32 Architectures Software Developer’s Manual, Volume 3 (3A, 3B, 3C, & 3D): System Programming Guide https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html Section "19.2.4 Debug Control Register (DR7)" (pgs. 644-646) Section "19.2.6 Debug Registers and Intel® 64 Processors" (pg. 647) --- ntoskrnl/kd64/amd64/kdx64.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/ntoskrnl/kd64/amd64/kdx64.c b/ntoskrnl/kd64/amd64/kdx64.c index 3bb2745d2c4..5c6871d3a9e 100644 --- a/ntoskrnl/kd64/amd64/kdx64.c +++ b/ntoskrnl/kd64/amd64/kdx64.c @@ -363,8 +363,21 @@ NTSTATUS NTAPI KdpAllowDisable(VOID) { - UNIMPLEMENTED; - return STATUS_ACCESS_DENIED; + ULONG i; + + /* Loop every processor */ + for (i = 0; i < KeNumberProcessors; i++) + { + PKPROCESSOR_STATE ProcessorState = &KiProcessorBlock[i]->ProcessorState; + + /* If any processor breakpoints are active, + * we can't allow running without a debugger */ + if (ProcessorState->SpecialRegisters.KernelDr7 & 0xFF) + return STATUS_ACCESS_DENIED; + } + + /* No processor breakpoints, allow disabling the debugger */ + return STATUS_SUCCESS; } /* EOF */