diff --git a/SDK/C/TitanEngine.h b/SDK/C/TitanEngine.h index 94e21ee..974439a 100644 --- a/SDK/C/TitanEngine.h +++ b/SDK/C/TitanEngine.h @@ -297,7 +297,22 @@ #define UE_x87_ST5 84 #define UE_x87_ST6 85 #define UE_x87_ST7 86 - +#define UE_YMM0 87 +#define UE_YMM1 88 +#define UE_YMM2 89 +#define UE_YMM3 90 +#define UE_YMM4 91 +#define UE_YMM5 92 +#define UE_YMM6 93 +#define UE_YMM7 94 +#define UE_YMM8 95 +#define UE_YMM9 96 +#define UE_YMM10 97 +#define UE_YMM11 98 +#define UE_YMM12 99 +#define UE_YMM13 100 +#define UE_YMM14 101 +#define UE_YMM15 102 #ifndef CONTEXT_EXTENDED_REGISTERS #define CONTEXT_EXTENDED_REGISTERS 0 @@ -361,8 +376,10 @@ typedef struct DWORD MxCsr; #ifdef _WIN64 M128A XmmRegisters[16]; + BYTE YmmRegisters[32 * 16]; #else // x86 M128A XmmRegisters[8]; + BYTE YmmRegisters[32 * 8]; #endif } TITAN_ENGINE_CONTEXT_t; @@ -817,6 +834,7 @@ __declspec(dllexport) ULONG_PTR TITCALL GetContextData(DWORD IndexOfRegister); __declspec(dllexport) bool TITCALL SetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea); __declspec(dllexport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue); __declspec(dllexport) bool TITCALL SetContextData(DWORD IndexOfRegister, ULONG_PTR NewRegisterValue); +__declspec(dllexport) bool TITCALL GetAVXContext(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext); __declspec(dllexport) void TITCALL ClearExceptionNumber(); __declspec(dllexport) long TITCALL CurrentExceptionNumber(); __declspec(dllexport) bool TITCALL MatchPatternEx(HANDLE hProcess, void* MemoryToCheck, int SizeOfMemoryToCheck, void* PatternToMatch, int SizeOfPatternToMatch, PBYTE WildCard); diff --git a/TitanEngine/TitanEngine.Debugger.Context.cpp b/TitanEngine/TitanEngine.Debugger.Context.cpp index bcc4084..92aa296 100644 --- a/TitanEngine/TitanEngine.Debugger.Context.cpp +++ b/TitanEngine/TitanEngine.Debugger.Context.cpp @@ -273,6 +273,8 @@ __declspec(dllexport) bool TITCALL _GetFullContextDataEx(HANDLE hActiveThread, T memcpy(&(titcontext->XmmRegisters[i]), & DBGContext.ExtendedRegisters[(10 + i) * 16], 16); #endif + GetAVXContext(hActiveThread, titcontext); + return true; } @@ -1020,6 +1022,38 @@ __declspec(dllexport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD memcpy(((uint64_t*) GetRegisterAreaOf87register(titcontext.RegisterArea, x87r0_position, 7)), (char*) NewRegisterValue, 10); } + else if(IndexOfRegister == UE_YMM0) + memcpy(& (titcontext.YmmRegisters[32 * 0]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM1) + memcpy(& (titcontext.YmmRegisters[32 * 1]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM2) + memcpy(& (titcontext.YmmRegisters[32 * 2]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM3) + memcpy(& (titcontext.YmmRegisters[32 * 3]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM4) + memcpy(& (titcontext.YmmRegisters[32 * 4]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM5) + memcpy(& (titcontext.YmmRegisters[32 * 5]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM6) + memcpy(& (titcontext.YmmRegisters[32 * 6]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM7) + memcpy(& (titcontext.YmmRegisters[32 * 7]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM8) + memcpy(& (titcontext.YmmRegisters[32 * 8]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM9) + memcpy(& (titcontext.YmmRegisters[32 * 9]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM10) + memcpy(& (titcontext.YmmRegisters[32 * 10]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM11) + memcpy(& (titcontext.YmmRegisters[32 * 11]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM12) + memcpy(& (titcontext.YmmRegisters[32 * 12]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM13) + memcpy(& (titcontext.YmmRegisters[32 * 13]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM14) + memcpy(& (titcontext.YmmRegisters[32 * 14]), (void*) NewRegisterValue, 32); + else if(IndexOfRegister == UE_YMM15) + memcpy(& (titcontext.YmmRegisters[32 * 15]), (void*) NewRegisterValue, 32); else { ResumeThread(hActiveThread); @@ -1040,3 +1074,144 @@ __declspec(dllexport) bool TITCALL SetContextData(DWORD IndexOfRegister, ULONG_P EngineCloseHandle(hActiveThread); return ContextReturn; } + +#undef CONTEXT_XSTATE + +#if defined(_M_X64) +#define CONTEXT_XSTATE (0x00100040) +#else +#define CONTEXT_XSTATE (0x00010040) +#endif + + +#define XSTATE_AVX (XSTATE_GSSE) +#define XSTATE_MASK_AVX (XSTATE_MASK_GSSE) + +typedef DWORD64(WINAPI* PGETENABLEDXSTATEFEATURES)(); +PGETENABLEDXSTATEFEATURES pfnGetEnabledXStateFeatures = NULL; + +typedef BOOL (WINAPI* PINITIALIZECONTEXT)(PVOID Buffer, DWORD ContextFlags, PCONTEXT* Context, PDWORD ContextLength); +PINITIALIZECONTEXT pfnInitializeContext = NULL; + +typedef BOOL (WINAPI* PGETXSTATEFEATURESMASK)(PCONTEXT Context, PDWORD64 FeatureMask); +PGETXSTATEFEATURESMASK pfnGetXStateFeaturesMask = NULL; + +typedef PVOID(WINAPI* LOCATEXSTATEFEATURE)(PCONTEXT Context, DWORD FeatureId, PDWORD Length); +LOCATEXSTATEFEATURE pfnLocateXStateFeature = NULL; + +typedef BOOL (WINAPI* SETXSTATEFEATURESMASK)(PCONTEXT Context, DWORD64 FeatureMask); +SETXSTATEFEATURESMASK pfnSetXStateFeaturesMask = NULL; + +bool InitXState(void) +{ + bool returnf = false; + static bool init = false; + + if(init) + return true; + + HMODULE hm = GetModuleHandleA("kernel32.dll"); + if(hm == NULL) + { + return returnf; + } + pfnGetEnabledXStateFeatures = (PGETENABLEDXSTATEFEATURES)GetProcAddress(hm, "GetEnabledXStateFeatures"); + pfnInitializeContext = (PINITIALIZECONTEXT)GetProcAddress(hm, "InitializeContext"); + pfnGetXStateFeaturesMask = (PGETXSTATEFEATURESMASK)GetProcAddress(hm, "GetXStateFeaturesMask"); + pfnLocateXStateFeature = (LOCATEXSTATEFEATURE)GetProcAddress(hm, "LocateXStateFeature"); + pfnSetXStateFeaturesMask = (SETXSTATEFEATURESMASK)GetProcAddress(hm, "SetXStateFeaturesMask"); + + if + ( + pfnGetEnabledXStateFeatures == NULL + || pfnInitializeContext == NULL + || pfnGetXStateFeaturesMask == NULL + || pfnLocateXStateFeature == NULL + || pfnSetXStateFeaturesMask == NULL + ) + { + return returnf; + } + init = true; + + return true; +} + +__declspec(dllexport) bool TITCALL GetAVXContext(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext) +{ + PVOID Buffer; + PCONTEXT Context; + DWORD ContextSize; + DWORD FeatureLength; + ULONG Index; + BOOL Success; + PM128A Ymm; + DWORD64 FeatureMask; + bool returnf = false; + + if(InitXState() == false) + return returnf; + + FeatureMask = pfnGetEnabledXStateFeatures(); + if((FeatureMask & XSTATE_MASK_AVX) == 0) + return returnf; + + ContextSize = 0; + Success = pfnInitializeContext(NULL, + CONTEXT_ALL | CONTEXT_XSTATE, + NULL, + &ContextSize); + + if((Success == TRUE) || (GetLastError() != ERROR_INSUFFICIENT_BUFFER)) + return returnf; + + Buffer = calloc(1, ContextSize); + if(Buffer == NULL) + return returnf; + + Success = pfnInitializeContext(Buffer, + CONTEXT_ALL | CONTEXT_XSTATE, + &Context, + &ContextSize); + + if(Success == FALSE) + goto Cleanup; + + Success = pfnSetXStateFeaturesMask(Context, XSTATE_MASK_AVX); + if(Success == FALSE) + goto Cleanup; + + Success = GetThreadContext(hActiveThread, Context); + if(Success == FALSE) + goto Cleanup; + + Success = pfnGetXStateFeaturesMask(Context, &FeatureMask); + if(Success == FALSE) + goto Cleanup; + + Ymm = (PM128A)pfnLocateXStateFeature(Context, XSTATE_AVX, &FeatureLength); + + for(Index = 0; Index < FeatureLength / sizeof(* Ymm); Index += 1) + { + memcpy + ( + (char*) & (titcontext->YmmRegisters[32 * Index]), + &titcontext->XmmRegisters[Index], + sizeof(titcontext->XmmRegisters[Index]) + ); + memcpy + ( + ((char*) & (titcontext->YmmRegisters[32 * Index])) + sizeof(titcontext->XmmRegisters[Index]), + &Ymm[Index], + sizeof(Ymm[Index]) + ); + } + + returnf = true; + +Cleanup: + free(Buffer); + + return returnf; +} + diff --git a/TitanEngine/definitions.h b/TitanEngine/definitions.h index 7c2d1c9..65d2790 100644 --- a/TitanEngine/definitions.h +++ b/TitanEngine/definitions.h @@ -184,6 +184,7 @@ __declspec(dllexport) void TITCALL Getx87FPURegisters(x87FPURegister_t x87FPUReg __declspec(dllexport) void TITCALL GetMMXRegisters(uint64_t mmx[8], TITAN_ENGINE_CONTEXT_t* titcontext); __declspec(dllexport) ULONG_PTR TITCALL GetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister); __declspec(dllexport) ULONG_PTR TITCALL GetContextData(DWORD IndexOfRegister); +__declspec(dllexport) bool TITCALL GetAVXContext(HANDLE hActiveThread, TITAN_ENGINE_CONTEXT_t* titcontext); __declspec(dllexport) bool TITCALL SetContextFPUDataEx(HANDLE hActiveThread, void* FPUSaveArea); __declspec(dllexport) bool TITCALL SetContextDataEx(HANDLE hActiveThread, DWORD IndexOfRegister, ULONG_PTR NewRegisterValue); __declspec(dllexport) bool TITCALL SetContextData(DWORD IndexOfRegister, ULONG_PTR NewRegisterValue); diff --git a/TitanEngine/stdafx.h b/TitanEngine/stdafx.h index 2c2cceb..ddb238f 100644 --- a/TitanEngine/stdafx.h +++ b/TitanEngine/stdafx.h @@ -148,8 +148,10 @@ typedef struct DWORD MxCsr; #ifdef _WIN64 M128A XmmRegisters[16]; + BYTE YmmRegisters[32 * 16]; #else // x86 M128A XmmRegisters[8]; + BYTE YmmRegisters[32 * 8]; #endif } TITAN_ENGINE_CONTEXT_t; @@ -663,6 +665,22 @@ typedef struct #define UE_x87_ST5 84 #define UE_x87_ST6 85 #define UE_x87_ST7 86 +#define UE_YMM0 87 +#define UE_YMM1 88 +#define UE_YMM2 89 +#define UE_YMM3 90 +#define UE_YMM4 91 +#define UE_YMM5 92 +#define UE_YMM6 93 +#define UE_YMM7 94 +#define UE_YMM8 95 +#define UE_YMM9 96 +#define UE_YMM10 97 +#define UE_YMM11 98 +#define UE_YMM12 99 +#define UE_YMM13 100 +#define UE_YMM14 101 +#define UE_YMM15 102 typedef struct {