diff options
| author | Alexander Potapenko <glider@google.com> | 2025-09-11 18:34:16 +0200 |
|---|---|---|
| committer | Alexander Potapenko <glider@google.com> | 2025-09-19 08:38:14 +0000 |
| commit | dd232cacbbd407c55bf26299264db0a2c3f0cfcf (patch) | |
| tree | e45a9746d8b238aed553b54d8ca2ffef78b0a33b /executor/common_kvm_amd64_syzos.h | |
| parent | 184fe589c4e27b7e7dcc12a43900b1c2d363e200 (diff) | |
sys/linux: executor: implement SYZOS_API_WR_DRN on x86
Add a SYZOS call to write to one of the debug registers
(DR0-DR7).
Diffstat (limited to 'executor/common_kvm_amd64_syzos.h')
| -rw-r--r-- | executor/common_kvm_amd64_syzos.h | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/executor/common_kvm_amd64_syzos.h b/executor/common_kvm_amd64_syzos.h index 655e83ce3..0e777872d 100644 --- a/executor/common_kvm_amd64_syzos.h +++ b/executor/common_kvm_amd64_syzos.h @@ -19,6 +19,7 @@ typedef enum { SYZOS_API_WRMSR = 30, SYZOS_API_RDMSR = 50, SYZOS_API_WR_CRN = 70, + SYZOS_API_WR_DRN = 110, SYZOS_API_STOP, // Must be the last one } syzos_api_id; @@ -59,6 +60,7 @@ static void guest_handle_cpuid(uint32 eax, uint32 ecx); static void guest_handle_wrmsr(uint64 reg, uint64 val); static void guest_handle_rdmsr(uint64 reg); static void guest_handle_wr_crn(struct api_call_2* cmd); +static void guest_handle_wr_drn(struct api_call_2* cmd); typedef enum { UEXIT_END = (uint64)-1, @@ -110,6 +112,10 @@ guest_main(uint64 size, uint64 cpu) guest_handle_wr_crn((struct api_call_2*)cmd); break; } + case SYZOS_API_WR_DRN: { + guest_handle_wr_drn((struct api_call_2*)cmd); + break; + } } addr += cmd->size; size -= cmd->size; @@ -203,3 +209,42 @@ GUEST_CODE static noinline void guest_handle_wr_crn(struct api_call_2* cmd) return; } } + +// Write to DRn debug register. +GUEST_CODE static noinline void guest_handle_wr_drn(struct api_call_2* cmd) +{ + uint64 value = cmd->args[1]; + volatile uint64 reg = cmd->args[0]; + if (reg == 0) { + asm volatile("movq %0, %%dr0" ::"r"(value) : "memory"); + return; + } + if (reg == 1) { + asm volatile("movq %0, %%dr1" ::"r"(value) : "memory"); + return; + } + if (reg == 2) { + asm volatile("movq %0, %%dr2" ::"r"(value) : "memory"); + return; + } + if (reg == 3) { + asm volatile("movq %0, %%dr3" ::"r"(value) : "memory"); + return; + } + if (reg == 4) { + asm volatile("movq %0, %%dr4" ::"r"(value) : "memory"); + return; + } + if (reg == 5) { + asm volatile("movq %0, %%dr5" ::"r"(value) : "memory"); + return; + } + if (reg == 6) { + asm volatile("movq %0, %%dr6" ::"r"(value) : "memory"); + return; + } + if (reg == 7) { + asm volatile("movq %0, %%dr7" ::"r"(value) : "memory"); + return; + } +} |