[ros-diffs] [reactos] 01/02: [NTOS:KD64] kdx86.c: Fix Dr7 check to verify whether debugger disabling is allowed (#7538)

[Hermès Bélusca-Maïto]

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=61feb649d188f6a998477240cfe27712e5e72ac6

commit 61feb649d188f6a998477240cfe27712e5e72ac6
Author:     Hermès Bélusca-Maïto <hermes.belusca-ma...@reactos.org>
AuthorDate: Fri Nov 22 16:19:41 2024 +0100
Commit:     Hermès Bélusca-Maïto <hermes.belusca-ma...@reactos.org>
CommitDate: Tue Dec 3 19:02:21 2024 +0100

    [NTOS:KD64] kdx86.c: Fix Dr7 check to verify whether debugger disabling is 
allowed (#7538)
    
    Don't check the whole Dr7 value, but only the first 8 bits that
    correspond to the local/global enable breakpoints.
    
    We cannot check the whole value because some of the Dr7 bits are
    reserved always set to 1 (bit 10), or describe other debug state.
    
    References:
    
    - https://en.wikipedia.org/wiki/X86_debug_register#DR7_-_Debug_control
    
    - Intel® 64 and IA-32 Architectures Software Developer’s Manual,
      Volume 3 (3A, 3B, 3C, & 3D): System Programming Guide
      
https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html
      Section "19.2.4 Debug Control Register (DR7)" (pgs. 644-646)
---
 ntoskrnl/kd64/i386/kdx86.c | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/ntoskrnl/kd64/i386/kdx86.c b/ntoskrnl/kd64/i386/kdx86.c
index a70eb464103..843f6e88b0d 100644
--- a/ntoskrnl/kd64/i386/kdx86.c
+++ b/ntoskrnl/kd64/i386/kdx86.c
@@ -426,23 +426,19 @@ NTSTATUS
 NTAPI
 KdpAllowDisable(VOID)
 {
-    LONG i;
-    ULONG Dr7;
+    ULONG i;
 
     /* Loop every processor */
     for (i = 0; i < KeNumberProcessors; i++)
     {
-        /* Get its DR7 */
-        Dr7 =  KiProcessorBlock[i]->ProcessorState.SpecialRegisters.KernelDr7;
+        PKPROCESSOR_STATE ProcessorState = 
&KiProcessorBlock[i]->ProcessorState;
 
-        /* Check if any processor breakpoints are active */
-        if (Dr7 != 0)
-        {
-            /* We can't allow running without a debugger then */
+        /* If any processor breakpoints are active,
+         * we can't allow running without a debugger */
+        if (ProcessorState->SpecialRegisters.KernelDr7 & 0xFF)
             return STATUS_ACCESS_DENIED;
-        }
     }
 
-    /* No processor breakpoints; allow disabling the debugger */
+    /* No processor breakpoints, allow disabling the debugger */
     return STATUS_SUCCESS;
 }