Rev 427 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 427 | Rev 430 | ||
---|---|---|---|
Line 121... | Line 121... | ||
121 | pop ebx |
121 | pop ebx |
122 | dec eax |
122 | dec eax |
123 | jnz .ret |
123 | jnz .ret |
124 | call get_debuggee_slot |
124 | call get_debuggee_slot |
125 | jc .ret |
125 | jc .ret |
126 | imul eax, tss_step/32 |
126 | ; imul eax, tss_step/32 |
127 | add eax, tss_data |
127 | ; add eax, tss_data |
128 | mov edi, edx |
128 | mov edi, edx |
129 | cmp [eax+TSS._cs], app_code |
129 | ; cmp [eax+TSS._cs], app_code |
130 | jnz .ring0 |
130 | ; jnz .ring0 |
131 | lea esi, [eax+TSS._eip] |
131 | ; lea esi, [eax+TSS._eip] |
132 | shr ecx, 2 |
132 | ; shr ecx, 2 |
133 | rep movsd |
133 | ; rep movsd |
134 | jmp .ret |
134 | ; jmp .ret |
135 | .ring0: |
135 | .ring0: |
136 | ; note that following code assumes that all interrupt/exception handlers |
136 | ; note that following code assumes that all interrupt/exception handlers |
137 | ; saves ring-3 context by pushad in this order |
137 | ; saves ring-3 context by pushad in this order |
138 | mov esi, [eax+TSS._esp0] |
138 | mov esi, [tss._esp0] |
139 | ; top of ring0 stack: ring3 stack ptr (ss+esp), iret data (cs+eip+eflags), pushad |
139 | ; top of ring0 stack: ring3 stack ptr (ss+esp), iret data (cs+eip+eflags), pushad |
140 | sub esi, 8+12+20h |
140 | sub esi, 8+12+20h |
141 | lodsd ;edi |
141 | lodsd ;edi |
142 | mov [edi+24h], eax |
142 | mov [edi+24h], eax |
143 | lodsd ;esi |
143 | lodsd ;esi |
Line 180... | Line 180... | ||
180 | pop ebx |
180 | pop ebx |
181 | dec eax |
181 | dec eax |
182 | jnz .ret |
182 | jnz .ret |
183 | call get_debuggee_slot |
183 | call get_debuggee_slot |
184 | jc .stiret |
184 | jc .stiret |
185 | imul eax, tss_step/32 |
185 | ; imul eax, tss_step/32 |
186 | add eax, tss_data |
186 | ; add eax, tss_data |
187 | mov esi, edx |
187 | mov esi, edx |
188 | cmp [eax+TSS._cs], app_code |
188 | ; cmp [eax+TSS._cs], app_code |
189 | jnz .ring0 |
189 | ; jnz .ring0 |
190 | lea edi, [eax+TSS._eip] |
190 | ; lea edi, [eax+TSS._eip] |
191 | shr ecx, 2 |
191 | ; shr ecx, 2 |
192 | rep movsd |
192 | ; rep movsd |
193 | jmp .stiret |
193 | ; jmp .stiret |
194 | .ring0: |
194 | .ring0: |
195 | mov edi, [eax+TSS._esp0] |
195 | mov edi, [tss._esp0] |
196 | sub edi, 8+12+20h |
196 | sub edi, 8+12+20h |
197 | mov eax, [esi+24h] ;edi |
197 | mov eax, [esi+24h] ;edi |
198 | stosd |
198 | stosd |
199 | mov eax, [esi+20h] ;esi |
199 | mov eax, [esi+20h] ;esi |
200 | stosd |
200 | stosd |
Line 245... | Line 245... | ||
245 | add ecx, ecx |
245 | add ecx, ecx |
246 | and dword [eax+ecx*2], 0 ; clear DR |
246 | and dword [eax+ecx*2], 0 ; clear DR |
247 | btr dword [eax+10h], ecx ; clear L bit |
247 | btr dword [eax+10h], ecx ; clear L bit |
248 | test byte [eax+10h], 55h |
248 | test byte [eax+10h], 55h |
249 | jnz .okret |
249 | jnz .okret |
250 | imul eax, ebp, tss_step/32 |
250 | ; imul eax, ebp, tss_step/32 |
251 | and byte [eax + tss_data + TSS._trap], not 1 |
251 | ; and byte [eax + tss_data + TSS._trap], not 1 |
252 | .okret: |
252 | .okret: |
253 | and dword [esp+36], 0 |
253 | and dword [esp+36], 0 |
254 | sti |
254 | sti |
255 | ret |
255 | ret |
256 | .errret: |
256 | .errret: |
Line 287... | Line 287... | ||
287 | mov edx, 0xF |
287 | mov edx, 0xF |
288 | shl edx, cl |
288 | shl edx, cl |
289 | not edx |
289 | not edx |
290 | and [eax+10h+2], dx |
290 | and [eax+10h+2], dx |
291 | or [eax+10h+2], bx ; set R/W and LEN fields |
291 | or [eax+10h+2], bx ; set R/W and LEN fields |
292 | imul eax, ebp, tss_step/32 |
292 | ; imul eax, ebp, tss_step/32 |
293 | or byte [eax + tss_data + TSS._trap], 1 |
293 | ; or byte [eax + tss_data + TSS._trap], 1 |
294 | jmp .okret |
294 | jmp .okret |
Line 295... | Line 295... | ||
295 | 295 | ||
296 | debug_read_process_memory: |
296 | debug_read_process_memory: |
297 | ; in: |
297 | ; in: |