[NTOS:KE] Add IRQL checks and fix KiInitiateUserApc

ntoskrnl/ke/amd64/trap.S

@@ -782,6 +782,14 @@ PUBLIC KiSystemCallEntry64
     mov ds, ax
     mov es, ax
 
+#if DBG
+    /* Check IRQL */
+    mov rax, cr8
+    test eax, eax
+    jz KiSystemCall64Again
+    int HEX(2C)
+#endif
+
 GLOBAL_LABEL KiSystemCall64Again
 
     /* Call the C-handler (will enable interrupts) */
@@ -875,6 +883,27 @@ PUBLIC KiServiceExit2
 .PROC KiServiceExit2
     .ENDPROLOG
 
+#if DBG
+    /* Get the current IRQL and compare it to the trap frame */
+    mov rax, cr8
+    cmp byte ptr [rcx + KTRAP_FRAME_PreviousIrql], al
+    je KiServiceExit2_ok1
+    int HEX(2C)
+
+KiServiceExit2_ok1:
+    /* Check if this is a user mode exit */
+    mov ah, byte ptr [rcx + KTRAP_FRAME_SegCs]
+    test ah, 1
+    jz KiServiceExit2_kernel
+
+    /* Validate that we are at PASSIVE_LEVEL */
+    test al, al
+    jz KiServiceExit2_kernel
+    int HEX(2C)
+
+KiServiceExit2_kernel:
+#endif
+
     mov rbp, rcx
     mov rsp, rcx
 
@@ -1055,6 +1084,10 @@ PUBLIC KiInitiateUserApc
     /* Disable interrupts again */
     cli
 
+    /* Go back to PASSIVE_LEVEL */
+    mov rax, PASSIVE_LEVEL
+    mov cr8, rax
+
     /* Restore the registers from the KEXCEPTION_FRAME */
     RESTORE_EXCEPTION_STATE
 

sdk/include/asm/trapamd64.inc

@@ -116,6 +116,14 @@ MACRO(EnterTrap, Flags)
     mov es, ax
     swapgs
 
+#if DBG
+    /* Check IRQL */
+    mov rax, cr8
+    test rax, rax
+    jz kernel_mode_entry
+    int HEX(2c)
+#endif
+
 kernel_mode_entry:
 
 //    if (Flags AND TF_IRQL)
@@ -151,6 +159,7 @@ MACRO(ExitTrap, Flags)
     LOCAL kernel_mode_return
     LOCAL IntsEnabled
     LOCAL NoUserApc
+    LOCAL IrqlPassive
 
 #if DBG
         /* Check previous irql */
@@ -201,6 +210,14 @@ MACRO(ExitTrap, Flags)
     jnz IntsEnabled
     int HEX(2c)
 IntsEnabled:
+
+    /* Make sure we are at passive level */
+    mov rax, cr8
+    test rax, rax
+    jz IrqlPassive
+    int HEX(2C)
+
+IrqlPassive:
 #endif
 
     cli