Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multiple issues with debug register access handling #5

Closed
tandasat opened this issue Aug 26, 2018 · 2 comments
Closed

Multiple issues with debug register access handling #5

tandasat opened this issue Aug 26, 2018 · 2 comments

Comments

@tandasat
Copy link
Contributor

  1. DR7.general_detect (GD) should be cleared

hvpp does not clear the DR7.GD bit in the VMCS up on #DB. This causes an unintended #DB when the processor attempt to access debug registers and likely to cause a bug check. As 17.2.4 Debug Control Register (DR7) states (The processor clears the GD flag upon entering to the debug exception handler (...)), the processor automatically the DR7.GD bit on #DB. Since hvpp does not emulate this behaviour and leaves that bit set in the VMCS, any DR access results in #DB, while it should have been allowed if GD is properly cleared. The proper fix will be to add such a #DB handler, though clearing it within handle_mov_dr when #DB is injected can be an lazy option too.

  1. Access to DR4 and 5 should be treated in the same manner as DR6 and 7 access are

hvpp behaves differently when DR4,5 and DR6,7 are accessed, resulting in setting to or getting of incorrect values. For example, write to DR5 is emulated with just the mov instruction while it should be handled in the same manner as write to DR7, which needs writes to VMCS with the upper bits check. This issue only manifests when CR4.DE is cleared, which is not the default case on Windows as far as I can tell.

  1. Always 1 and 0 bits in the DR6 and 7 should be emulated

The processor appears to ignore writes to the bits described as 0 or 1 in Figure 17-1. Debug Registers on the non-root mode. It is, however, the processor can indeed modify those bits on the root-mode, and so, the current hpvv's emulate that behaviour. I was unable to find a description about this behaviour in the Intel SDM, but VMware and KVM(Link) emulate this too.

If you would like to have three separated issues, let me know. I will do so.
@tandasat
Copy link
Contributor Author

Those were found while I was fixing the other issue in HyperPlatform. Here is a fix I made for them.
tandasat/HyperPlatform#28 (comment)

@wbenny wbenny closed this as completed in ca561fa Aug 26, 2018
@wbenny
Copy link
Owner

wbenny commented Aug 26, 2018

Thank you! Hopefully commit ca561fa fixes all listed issues. I've tested it with provided driver in Issue28.zip and everything should be working as expected. If you spot anything else related to this issue, feel free to reopen it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tandasat @wbenny